690 Cissp Jobs - Page 20

What you bring Education and Qualifications/Skills and Competencies Bachelors or Master s degree in: Information Systems, Engineering, Computer Science or similar degree. Must be able to work as a team player, yet can work independently. Analytical, results-driven and have a solution oriented approach. Possess exceptional interpersonal and communication skills including verbal, written presentation and listening. Must be open to travel. Must be willing to relocate to Bangalore / Gurgaon. Certifications in SAP (Security Professional, GRC or a combination of either of them) Vendor Neutral Security certifications (Like ISO 27001/31000,CISSP, CISM, CISA, GSEC, CEH, Security+) will be a big plus Technical Skills Strong foundation on S/4HANA Security is a prerequisite. Should be able to identify and build portfolios in S/4HANA Security implementation and Conversion topics Strong in Technology security fundamentals and hands on experience on SAP specific products and solutions like SAP GRC suite of products including Access Control, Process Control, Risk Management, Audit Management, Business Integrity Screening, SAP Single Sign-On, SAP Identity Management Technical Knowledge and experience in SAP Business Technology Platform and related solutions like SAP Business Technology Platform Identity Authentication, Identity Access Governance, m Identity Provisioning is a big plus Technical Knowledge and Experience in working with SAP Application security including SAP SaaS and On-premise products Working knowledge of Operating Systems security and Database Security Secure Coding practices and Security Testing knowledge and experience in any capacity will be a big plus Technical coding skills in SQL, JavaScript and any one of programming language like JAVA or Python

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

Key Responsibilities • Coordinate and ensure that PenTests are conducted on schedule. • Work with Technical Security Consultants to get an approved pen test scope in place. • Collaborate with third-party penetration testers to facilitate the testing process. • Drive post-test remediation efforts to address identified vulnerabilities. • Develop and produce monthly Key Performance Indicator (KPI) and Key Risk Indicator (KRI) decks. • Work with the Risk team to log unresolved vulnerabilities as risks. • Communicate effectively with business stakeholders to manage expectations and provide updates. • Maintain comprehensive documentation of PenTest activities and outcomes. • Identify and mitigate potential risks associated with the PenTest process. • Stay updated with the latest trends and best practices in the security industry. • Provide support and expertise to improve the overall PenTest process and outcomes. Qualifications and Experience • 7-10 years of experience in the security industry. • Strong understanding of the end-to-end PenTest process. • Experience in business stakeholder management. • Familiarity with coordinating with third-party vendors and managing external relationships. • Proficiency in developing KPI and KRI reports. • Excellent communication and interpersonal skills. • Strong organizational and time-management abilities. • Detail-oriented with a focus on continuous improvement. • Ability to work independently and as part of a team. • Certifications such as CISSP, CEH, or equivalent are a plus.

Looking for a candidate with 5+ years of experience in IT Audit, Risk Management, and Compliance within Banking/NBFCs. Must have expertise in COBIT, NIST, RBI guidelines, ISO standards, IT systems and risk assessments. CISA certification is must.

Job Title: Cyber Organization alignment Compliance Location: Remote Experience: 10 -15 Years Job Description: The Information Security Cyber Organization Alignment role is focused on the strategic alignment of information security practices with the bank s overall risk management strategy, compliance requirements, and governance frameworks. The role focuses on driving Information Security Governance, Risk, and Compliance (GRC) initiatives to strengthen the bank s security posture while ensuring alignment with regulatory and business objectives. through effective processes i.e., risk tracking, compliance monitoring, RCSA, evaluating exceptions, and ensuring accurate reporting. The role ensures the right level of governance is in place and drives continuous improvement in risk management processes. The role leverages automation to streamline processes and enhance risk visibility across Information Security Group through managing GRC solutions Key Responsibilites: Essential knowledge Have around 10+ years of experience in a Banking environment and over 3 years of experience in information security. Familiarity with information security technologies, risk, threat and vulnerability assessments, and security measures. Experience with governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, GDPR, PDPL). Hold professional certifications (e.g., CISA, CISM, CISSP, CRISC) Skills and Application Strong communication and interpersonal skills. Ability to manage multiple projects and priorities. Proficiency in security tools and technologies. Strategic Insight Foster a culture of security awareness and compliance within the organization. Continuously improve the information security posture of the organization. Ensure that information security risks are effectively managed and mitigated

Skills Needed: Ability to analyse an organisations enterprise information technology architecture Ability to apply secure network architectures and security controls into proposed solutions Ability to identify cybersecurity or privacy issues in external or partner connections Ability to design systems and apply security architecture guidelines across On-Premises and Hybrid Cloud environments Ability to partner with Infrastructure, Cloud and Application architects to perform user needs analysis and requirements gathering for large-scale projects. Ability to develop a cyber security strategy and input into detail-oriented operational planning including capability development (People, Processes, Technology, Data). Ability to perform Controls Assurance / Attestation and deliver comprehensive risk treatment plans. Technical depth and sound knowledge in networking, cloud, desktop, server, storage, software-defined-networking, virtualization and application domains Proven communication skills, able to write and verbally communicate complex concepts Proven collaboration skills and can adapt to changing organization changing business needs, technological advances and agile methodology Self-starter and shows empathy towards business requirements and able to influence changes to facilitate security Health Insurance or Health Care Industry experience is a plus Travel required, approximately 10% Qualifications: Bachelors or Masters in Cybersecurity, Computer Science, or Information Security. Qualified candidates will typically have 13+ of professional IT experience work experience, with 8+ years of experience in a security design and development role CISSP, CISM, CCSP, CRISC or similar certifications required Expertise in encryption, network security, cloud security, application security and endpoint protection. Deep knowledge of security risks, data privacy laws, and fraud prevention techniques relevant to Financial Services, FinTech and Health sectors. Experience in data security standards and best practices for Personally Identifiable Information (PII) and Personal Health Information (PHI)Experience and working knowledge of NIST, HIPPA, PCI DSS & ISO 27001 certification is a plus Strong written and spoken English skills, demonstrated ability to communicate at high levels, both verbally and in reporting Strong work ethic, high drive and ability to focus. High stamina. Shows optimism and determination when facing challenges Ability to work successfully with a minimum of supervision in a fast paced and sometimes pressured environment

Experience in a combination of risk management, information security & and IT jobs. At least 8 years in a senior management role in an information security function. – (Added information security certification if any) (CISSP, CISM, etc.). Required Candidate profile Extensive knowledge and experience in information security and IT risk management. Strong leadership skills and the ability to work effectively with Department Head, IT engineering

Exp: 5+ yrs Industry: only Fintech or Financial Institute Job Description: Cybersecurity Officer BB Bharat Pvt. Ltd. is an aspiring global financial services firm with presence in the Gift City in Gujarat, India. The entity is able to leverage the expertise of Policies, Brand, Expertise and clientele from other related on-going financial services entities head-quartered in Singapore. We facilitate the opening of bank accounts, enable their ongoing management, and ensure their reliable, secure, and efficient cross-border fund flows. We achieve this through an extensive network of global partner banks, a robust in-house open banking platform, and our competent team that delivers knowledgeable private banking experience of proactive, high quality customer service across time zones. We are looking for an experienced and enterprising Cybersecurity Officer to join an international team of experts in banking, compliance, and corporate account management to drive our growing operations. Job description and responsibilities: Key Responsibilities: * Develop, maintain, and enforce cybersecurity policies, procedures, and protocols. * Monitor systems, investigate threats, and manage incident response and recovery. * Conduct audits, vulnerability assessments, and penetration testing. * Implement and maintain firewalls, antivirus, encryption, and other security tools. * Collaborate with cross-functional teams to ensure organization-wide security. * Lead employee training and awareness on cybersecurity best practices. * Stay updated on emerging threats and evolving technologies. * Ensure compliance with frameworks (ISO 27001, NIST, GDPR, etc.). * Support risk assessments and business continuity planning. Required Skills & Qualifications: * Strong knowledge of NIST, GDPR, AWS Well-Architected Framework, CIS Benchmarks, ISO 27001, PCI-DSS, BCP/DR, MAS TRM, MAS Cyber Hygiene, and BNM-RMIT. * Certifications: CISSP, CISO, CEH, CISA, or CISM. * Experience in developing and reviewing IS policies, procedures, guidelines, and SOPs. * Over 5 years of experience in cybersecurity or IT security roles, including 2+ years focused on Information Security or Enterprise Risk (preferably within the financial services sector). * Background in IT Security, Cybersecurity, Governance, Risk, or Audit is a plus. * Familiarity with secure-by-design implementations. * Proficient in network/system security, firewalls, IDS, and encryption. * Strong analytical, communication, and project management skills. * Able to manage multiple priorities in high-pressure environments. * Experience with ISO 20022 (optional).

locationsBangalore, Indiaposted onPosted 14 Days Ago job requisition id30476 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity " The Security Engineer is a highly visible and critical role, collaborating on complex cloud and corporate service edge protection technologies and oversight. With your proven history of technical knowledge of identity and access management systems and services you will be working on a variety of different challenges facing the organization. You will provide both guidance and direct input to help ensure a secure, well-protected environment that complies with all applicable security standards ". Director, Cyber Security. What Youll Contribute Assist with implementation of security tools and services to enhance the oversight and governance of all company identities. Assist with implementation of identity governance and administration (IGA) solutions for the company. Implement identity security detections using next-gen Identity Threat Detection and Response (ITDR) and Non-Human Identity (NHI) platforms and tools. Create automated tooling to test identity systems to ensure detections work as designed. Create automation to produce automated policy and posture collection and reporting, to allow for identity-specific proofs managed within Infrastructure as Code. Create pipelines to deploy and manage IAM solutions and tooling. Provide engineering and technical guidance for supporting the automation of interacting with security tools and services that support the IAM program within the company. Keep current on emerging security technologies and tools and provide recommendations. Support our compliance and certification initiatives and design with those in mind. Collaborate with other engineers on design, analysis, architecture, implementation, pen-testing, security reviews and process enhancements. What Were Seeking 2-4 years in a security role, preferably in financial services or technology. Experience in securing hybrid network infrastructure services. Expertise in security, identity, architecture, and design. Hands-on experience with AWS, Azure, or other cloud platforms and IAM best practices. 2-4 years of experience with privileged access management tools (CyberArk, SailPoint, Delinea). Experience with Okta preferred. Proficiency in identity-related technologies and protocols (LDAP, SAML, OAuth, OIDC). Experience with identity provider services (Active Directory, AWS IAM, Okta). Familiarity with Zero Trust security models (Zscaler, AWS networking). Knowledge of Identity Governance Administration services. Experience with automation scripting and API integrations. Familiarity with DevOps concepts, IaC tools, and CI/CD pipelines. Proficiency in at least one high-level language (e.g., Python). Understanding of compliance frameworks (PCI-DSS, ISO 27001, NIST). Certifications like CISSP, AWS Security Specialty, or Azure SC-300 preferred. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

locationsBangalore, Indiaposted onPosted 14 Days Ago job requisition id30672 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity We are seeking a skilled and proactive Cybersecurity Engineer/Analyst to join our Product Security Testing Team. This team helps ensure that our products and clients are protected and maintain trust in our security processes. We protect the FICO brand and our products by engaging with development teams at every step of the product development lifecycle. We assess and influence product design, analyze applications for flaws that may lead to security issues, and provide security testing to help ensure our products are secure. We seek candidates who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work. This role focuses on validating secure coding practices, conduct and coordinate security testing/pen testing .- Sr Manager, Cyber Security What You'll Contribute Collaborate with engineers, consultants and leadership to identify security risks and recommend mitigations within the Secure Development Lifecycle (SDLC). Perform activities such as secure code reviews, security testing and vulnerability triage across various applications. Regularly interact with internal and external customers on security-related projects and operational tasks. Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks. Analyse test results, draw conclusions from results, and develop targeted exploit examples. Clearly and professionally document root cause and risk analysis of findings. Consult with operations and software development teams to help ensure potential weaknesses are tracked and addressed. Collaborate with other teams to improve the overall security posture of applications/infrastructure. Stay current on security best practices, vulnerabilities, and attacker tactics, techniques, and procedures. Develop and test effective functional security testing strategies for new/emerging product security requirements. Suggest improvements to existing processes/tooling; ideate and implement automation where possible. What We're Seeking Bachelor's degree in computer science, Cybersecurity, or a related field. Relevant cyber security certifications (e.g., CEH, CCSP, CISSP, OSCP etc) are highly desirable. Proven experience of at least 3 years in a similar role within Cybersecurity. Strong understanding of AWS infrastructure and cloud security principles. In-depth knowledge of cybersecurity principles, methodologies, frameworks and best practices. (OSI, NIST, OWASP, SANS, PCI etc) Knowledge of secure coding principles and experience with code review processes and tools. Experience with Pen testing, infrastructure as a code scan reviews and dynamic application security testing (DAST) methodologies and tools. Knowledge and experience in CI/CD, shift left security. Strong analytical and problem-solving skills with a keen attention to detail. Strong written and oral communication skills with the ability to convey complex security concepts to non-technical stakeholders. Strong organizational and interpersonal skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

locationsBangalore, Indiaposted onPosted 11 Days Ago job requisition id30648 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". Cyber Security - Director What Youll Contribute A pplicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What Were Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflectingourcore valuesAct Like an Owner, DelightOurCustomers and Earn the Respect of Others. The opportunitytomake an impact and develop professionally by leveraging yourunique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourageyoutobring yourbest every day and be recognized for doing so. An engaging, people-first work environmentoffering work/life balance, employee resource groups, and social eventstopromote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

The position will be primarily responsible for implementation and / or assessment of ISO 27001:2022, 27002, SOC 2 standard for clients. The position will work independently or with senior consultants for the implementation and management of information security compliance and/or other best practices. Key Performance Indicators Experience in ISO 27001/27002 controls verification and compliance: Assist Clients to get ISO 27001 certification by identification and implementation of appropriate controls in the Audit scope. Conduct Risk assessment of activities and coordinate with stakeholders till closure signoff / risk acceptance. Define, Develop and review information security policies, procedures, guidelines, forms and templates as per best practice Create and review baseline standards for OS, Database, webservers and applications and recommend improvements Support post implementation and continuous audits for ISO 27001:2013 and ensure compliance. Create organizational information security awareness program and conduct awareness. Assist and recommend measures to ensure compliance with Security standards (ISO, NIST, CIS, PCI DSS etc) or any best practices. Skills: Information Technology and/or Cybersecurity skills: Information Technology and/or Cybersecurity skills a solid IT foundation, ability to communicate technical information verbally and through written documentation, Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred Presales skills: Excellent communication, problem-solving, client-facing, ability to work as a team Competence: ISO 27001 / Cybersecurity Certifications. Willingness to obtain the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designations.

Position Description Role Title: Senior Information Security Officer Current Reporting Manager: Head of Information Security Assurance Current Location: Gurgaon Position Purpose The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. Main Activities The position is within the Information Security team. Main activities will include but are not limited to: Responsibility Area Internal Audit & Assurance: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Information Security Risk Management Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience Bachelor'S degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred.

Key Responsibilities: Conduct threat modeling, code reviews, and security assessments of applications and products. Perform vulnerability analysis and collaborate with development teams to remediate issues. Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines. Develop and enforce security policies, guidelines, and standards. Conduct risk assessments for new features, technologies, and vendors. Stay updated on emerging threats, vulnerabilities, and industry best practices. Support incident response efforts and post-mortem analysis when required. Required Skills & Qualifications: 48 years of experience in cybersecurity or product/application security. Strong understanding of OWASP Top 10, secure coding principles, and SDLC. Hands-on experience with static and dynamic analysis tools (e.g., Checkmarx, Veracode, Burp Suite). Familiarity with cloud platforms (AWS, Azure, or GCP) and securing cloud-native applications. Experience with scripting (Python, Bash, etc.) for automation and tooling. Good understanding of authentication/authorization protocols (OAuth, SAML, etc.). Bachelor’s degree in Computer Science, Information Security, or related field. Nice-to-Have (Preferred): Certifications like CEH, OSCP, CISSP, or AWS Security Specialty. Experience with containers and Kubernetes security. Knowledge of threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK). Exposure to DevSecOps practices.

Role & responsibilities Staff Cyber Security Architect Preferred candidate profile

Position Summary... We are looking for an experienced and versatile Full Stack Developer to join our dynamic team. The ideal candidate will be responsible for designing, developing, and maintaining both the front-end and back-end components of our applications. You will collaborate with cross-functional teams to deliver scalable, high-quality solutions that meet business needs and provide a seamless user experience. What youll do... The platforms you build will be used for creating OMNI pricing platform for Walmart, across both eCommerce & store channel & across multiple countries with each of them being a multi-billion dollar business for Walmart. You will be challenged with unparalleled complex business problems that span across multiple countries and a large number of users, and data. This team enables our stores and eCommerce operations across the world. The platforms that we build are used in most of the markets where Walmart has its presence (US, Canada, Mexico, Chile, Central America). The pricing platform in Walmart focuses on setting EDLP for stores & least price for the eCommerce channel among all the competitors. Minimum Qualifications... Minimum Qualifications:Option 1: Bachelors degree in computer science, information technology, engineering, information systems, cybersecurity, or related area and 2years experience in software engineering or related area at a technology, retail, or data-driven company. Option 2: 4 years experience in software engineering or related area at a technology, retail, or data-driven company. Preferred Qualifications... Certification in Security+, Network+, GISF, GSEC, CISSP, or CCSP, Master s degree in Computer Science, Information Technology, Engineering, Information Systems, Cybersecurity, or related area

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:-Hands and feet support, Procurement of tools will be managed by scout team-Assumed deployment 2 custom policies per month-Service operational reporting-Runbooks-Continuous improvement plans-Experience in Tools-Azure DLP, WIZ CSPM, Microsoft Perview Professional & Technical Skills: - Establish a complete data governance program, expand the scope of the existing Azure DLP capabilities to include non-Microsoft data, Managing DLP tools (Azure DLP)Handling issues related to DLP operationsDefining policies related to DLP alertsIntegration of DLP alerts with SOC console for real time threat monitoringContinues classifying and protecting sensitive data.Management and upgrade if required of Data life Cycle and DLP policies .Monitoring and enforcing governance and compliance with communication policies and regulations.Mitigating insider risks by monitoring user activities , detecting suspicious behavior and implementing appropriate controls.Regular Review and update of data governance Policies.Continues classifying and protecting sensitive data.Management and upgrade if required of Data life Cycle and DLP policies .Monitoring and enforcing governance and compliance with communication policies and regulations. Additional Information:- The candidate should have minimum 3 years of experience in Data Loss Prevention (DLP).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role As a System Administrator at Kyndryl, you’ll solve complex problems and identify potential future issues across the spectrum of platforms and services. You’ll be at the forefront of new technology and modernization, working with some of our biggest clients – which means some of the biggest in the world. There’s never a typical day as a System Administrator at Kyndryl, because no two projects are alike. You’ll be managing systems data for clients and providing day-to-day solutions and security compliance. You’ll oversee a queue of assignments and work directly with technicians, prioritizing tickets to deliver the best solutions to our clients. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You’ll also get the chance to share your expertise by recommending modernization options, identifying new business opportunities, and cultivating relationships with other teams and stakeholders. Does the work get challenging at times? Yes! But you’ll collaborate with a diverse group of talented people and gain invaluable management and organizational skills, which will come in handy as you move forward in your career. Your future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior System Administrator to Architect. We have opportunities for Cloud Hyperscalers that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise • 7+ years of hands on experience in various security and IAM functions (AD, IAM, PAM, etc.) • 5+ years of experience in project delivery • Extensive practical experience with AD/Azure IAM functions e.g. groups, access policies • Some hands-on experience in PAM/IAM tools as well as user lifecycle management • Project experience in proactively identifying, tracking and closing risks and issues • Comfortable in delivering multiple workstreams accurately and within timelines • Familiarity with Zero Trust principles relating to the Identity pillar Strong analytical skills with high attention to detail and accuracy • Risk management, tracking, and resolution cross functionally (e.g Infrastructure, Cloud, Data) • Organize, prioritize and track project and operational activities on a day-to-day basis • Exceptional verbal and written communication skills at all levels of the organization • Working knowledge of large IT organization operations including change management • Hands on ability to work with AD/Azure and underlying technologies (e.g. MS Windows servers) • Implementation level knowledge of IAM principles: PAM, SSO, SOD, RBAC, Least Privilege, etc • Established ability to interface with architecture in creation of connection kits and patterns • Ability to generate reports (e.g. PowerShell) and perform analysis (e.g. Excel and PowerPoint) • Exceptional analytical abilities, providing IAM lifecycle and risk context to recommendations • Produce and update procedural documents to ensure IAM program success/business continuity • Knowledge of local, cloud and hybrid Directory Service architectures • Experience supporting security administration, operations, or security architecture • Proven clarity in documenting complex problems at senior management level Preferred Technical and Professional Experience • Microsoft certifications on AD/Entra (preferred) • IAM product specific certifications such as Delinea, or SailPoint Certifications in Information Security such as CIAM, CIMP, CIST, CISSP, CISM, CRISC, CC Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be responsible for overseeing the implementation and delivery of Security Services projects. A typical day involves coordinating with various teams to ensure that projects are executed efficiently, utilizing global delivery capabilities, and ensuring that all security measures are effectively integrated into the project lifecycle. You will engage with stakeholders to align project goals with organizational objectives, while also providing guidance and support to your team members to foster a collaborative work environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge.- Monitor project progress and implement necessary adjustments to meet deadlines. Professional & Technical Skills: Must Have Skills: - Proficiency in CyberArk Privileged Access Management implementation and component installation and testing.- Proficiency in CyberArk Endpoint Privilege Management implementation, EPM Policy and scope definition, EPM Agent testing, troubleshooting and rollout.- Experience preferred in CyberArk Identity Security Platform Shared Services (ISPSS shared tenant)- Experience leading build or implementation teams for CyberArk PAM and CyberArk EPM.- Minimum CyberArk PAM Sentry or EPM Defender certification is preferred.- Strong understanding of security protocols and best practices.- Experience with identity and access management solutions.- Ability to analyze and mitigate security risks effectively.- Familiarity with compliance standards and regulatory requirements. Additional Information:- The candidate should have minimum 4 years of experience in CyberArk Privileged Access Management and CyberArk Endpoint Privilege Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cyber Threat Intelligence Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cyber Threat Intelligence.- Strong understanding of cloud security principles and frameworks.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze and respond to security incidents effectively. Additional Information:- The candidate should have minimum 3 years of experience in Cyber Threat Intelligence.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services and minimum 2 years of experience in Wiz.IO.- Experience on Microsoft Defender for Cloud, Microsoft Defender.- Strong understanding of cloud security frameworks and best practices on Cloud Security Posture Management (CSPM) and Cloud Access Security Broker (CASB), Container Security- Knowledge on CIS benchmarks - Experience with risk assessment and management in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to design and implement security controls tailored to cloud architectures. Additional Information:- The candidate should have minimum 3 years of experience in Managed Cloud Security Services.- Must be willing to work in 24x7 including rotational night shifts.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security architecture solutions- Conduct risk assessments and provide recommendations- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management- Good To Have Skills: Experience with Security Architecture Design- Strong understanding of security risk management principles- Knowledge of cloud security best practices- Experience in implementing security controls in cloud environments Additional Information:- The candidate should have a minimum of 5 years of experience in Integrated Security Risk Management- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education" Summary :As a Security Lead, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- The candidate will be responsible for implementation of Saviynt IGA architecture- The role requires adherence to best practices in development and integration. The candidate will support timely build delivery by collaborating with the team to ensure efficient progress and on-time completion.- Ensuring quality and efficiency throughout the project lifecycle is key.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team. Professional & Technical Skills: - Must Have Skills: Proficiency in Saviynt IGA.- Strong knowledge of Saviynt IGA architecture, with hands-on experience in application onboarding, connector configurations, and workflow implementation. Ability to troubleshoot and resolve technical issues within the team and in collaboration with Saviynt support.- Familiarity with identity governance processes, role management, and security protocols is essential. Detail-oriented, strong problem-solving abilities, excellent collaboration and communication skills, proactive, and able to work effectively in team-oriented environments. Focused on delivering projects on time and to specification. Additional Information:- The candidate should have a minimum of 2 years of experience in Saviynt IGA. Overall IT work experience should be 3 years or above- A 15 years full time education is required.- Bachelors degree in Computer Science, Information Technology, or a related field. Certifications are a plus." Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 7 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Pune office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team understanding of cloud security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Knowledge of compliance frameworks such as ISO 27001, NIST, or GDPR.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 15 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education