702 Cissp Jobs - Page 24

We are seeking an experienced IT Infrastructure Solution Architect to lead the design, implementation, and optimization of robust and scalable IT infrastructure solutions. This role demands deep expertise in server virtualization, storage technologies, cloud integration , and advanced network architectures including ACI, SDN, and SD-WAN . The ideal candidate will have a strong background in modern data center environments, hybrid cloud adoption, and secure infrastructure design to support mission-critical financial systems. Experience: Minimum post-qualification experience of 15 -20 years, in the relevant areas Educational Qualification: BE/B.Tech (CSE, ECE/IT) or M.E/M.Tech or MCA/MSc (CS) with Science background. Location: Chennai/Hyderabad Key Responsibilities: 1. Infrastructure Architecture & Design Server Virtualization & Platforms: Design server and compute solutions using VMware vSphere/ESXi/vCenter, OpenStack, OpenShift, and KVM. Architect hybrid cloud-ready platforms integrating containers, orchestration, and bare-metal servers. Storage Systems: Architect and manage storage environments including SAN, NAS, object storage, and software-defined storage. Technologies may include NetApp, EMC/PowerMax/Isilon, HPE 3PAR/Nimble, Dell PowerStore, Ceph, etc. Backup & DR Infrastructure: Implement enterprise backup, recovery, and disaster recovery (DR) solutions using tools like Commvault, Veeam, Veritas NetBackup, ensuring high availability (HA) and business continuity. Hybrid Cloud Infrastructure: Design and implement hybrid IT infrastructure that integrates on-premises systems with public clouds (AWS, Azure, GCP) including cloud VPN, Direct Connect, and ExpressRoute. 2. Network Architecture Data Center Networking: Architect and manage data center networks with Cisco ACI, Software Defined Networking (SDN), and network fabric technologies to provide secure, scalable, and automated connectivity. SD-WAN & WAN Optimization: Design and deploy SD-WAN solutions for secure, optimized branch-to-DC/cloud connectivity, using platforms like Cisco Viptela, Fortinet SD-WAN, or Silver Peak. Cloud Connectivity: Ensure secure and resilient cloud interconnectivity (e.g., VPN/IPSec, MPLS extensions, cloud load balancers) across hybrid environments. Network Security & Segmentation: Implement secure segmentation, micro-segmentation, firewalls (e.g., Palo Alto, FortiGate), and zero trust architectures within enterprise infrastructure. 3. Project Execution & Technical Leadership Lead infrastructure design and execution for data center refreshes, cloud migration, branch network upgrades, and infrastructure transformation initiatives. Provide hands-on guidance and support during critical deployments, performance tuning, failover simulations, and capacity planning. Ensure all infrastructure projects follow security and compliance guidelines, including PCI-DSS, ISO 27001, and internal IT governance. 4. Collaboration & Stakeholder Communication Collaborate with application, DevOps, cybersecurity, and compliance teams to align infrastructure to business and regulatory requirements. Convert high-level business and application requirements into scalable, robust technical infrastructure designs. Produce detailed architecture documentation, HLD/LLDs, SOPs, and knowledge transfer material. 5. Vendor & Technology Management Evaluate, select, and manage vendors for server, storage, networking, and cloud integration solutions. Engage with OEMs and partners (e.g., Cisco, Dell, NetApp, VMware, Red Hat, HPE, AWS, Microsoft) for technology roadmaps, licensing, and PoCs. Essential Skills & Technologies: Server & Virtualization: VMware vSphere/ESXi, vCenter, OpenStack, Red Hat OpenShift, KVM, Linux (RHEL/CentOS/Ubuntu), Windows Server, Bare-metal provisioning, Ansible/Automation Storage Technologies: SAN/NAS/Object Storage (e.g., NetApp, EMC, Dell PowerStore, HPE, Ceph, GlusterFS), Backup & DR: Veeam, Commvault, NetBackup, DR replication tools Network Technologies: Cisco ACI, SDN solutions (e.g., VMware NSX, OpenFlow), SD-WAN (e.g., Cisco Viptela, Fortinet, Silver Peak) Firewalls & Security: FortiGate, Palo Alto, Cisco ASA, Cloud Connectivity: Direct Connect, ExpressRoute, VPN, Load Balancers Cloud Platforms: Integration with AWS, Azure, GCP Familiarity with Terraform, CloudFormation, Infrastructure-as-Code (IaC) preferred Tools & Monitoring: Monitoring & NMS: SolarWinds, Zabbix, Nagios, PRTG, Configuration Management: Ansible, Puppet, ITSM Tools: ServiceNow, BMC Remedy Preferred Certifications: VMware Certified Professional (VCP) Red Hat Certified Specialist in OpenShift or OpenStack Cisco Certified Network Professional (CCNP) or Cisco ACI Specialist AWS/Azure Certified Solutions Architect Associate/Professional ITIL Foundation CISSP or CISM (preferred for security understanding) Key Competencies: Infrastructure Design & Execution : Proven ability to design, implement and maintain large-scale IT infrastructure. Problem-Solving & Optimization : Troubleshooting complex performance and availability issues across IT stack. Cross-Functional Collaboration : Excellent coordination across infra, dev, sec, and cloud teams. Stakeholder Communication: Clear technical communication with non-technical stakeholders. Documentation & Standards : High-quality documentation and adherence to best practices. Interested candidate can share their CV at seema.dixit@npci.org.in

Key Skills & Competencies: Strong interpersonal, communication and presentation skills across all levels of the organization. Strong understanding of IT systems architecture, enterprise applications, and infrastructure . In-depth knowledge of information security principles, frameworks, and technologies . Ability to manage multiple projects and teams simultaneously . Stay updated on industry trends, emerging technologies, and cybersecurity threats. Experience with risk assessment, security audits and regulatory compliance. Leadership in vendor management, IT budgeting and proc Mandatory Certification (Any one) • Certified Information Systems Auditor (CISA) or • Certified Chief Information Security Officer (CCISO) or Certified Information Systems Security Professional (CISSP) IT Management: Act as a Subject Matter Expert (SME) in IT projects and guide teams on application/system level impacts. Monitor daily IT operations, provide production support, and troubleshoot complex technical issues within TAT. Evaluate, procure, and manage cost-effective IT infrastructure, software, and technology services. Ensure effective IT asset lifecycle management. Analyse business requirements and assess technical solutions for stability, scalability, and integration. Information Security Establish and enforce information security policies, standards, and procedures. Proactively identify, assess, and mitigate cybersecurity risks. Monitor for internal and external security threats; respond to incidents effectively. Lead incident response planning, security breach drills, and cyber audits. Ensure compliance with regulatory standards (e.g., ISO 27001, GDPR) and ensure closure of critical findings. Oversee identity and access management, data loss prevention, and threat intelligence initiatives. Regularly report cybersecurity posture to senior management and the board. Vendor and Stakeholder Management: Work with external vendors and technical support teams to resolve issues and implement improvements. Select and negotiate with vendors for IT services, procurement, and security-related solutions. Manage vendor performance and ensure adherence to SLAs. If interested, please share your updated resume in strict confidence to pallavi@vertexcorp.com

Tata Elxsi is a global design and technology services leader for Automotive, Media, Communications and Healthcare. The Company helps customers reimagine their products and services through design thinking and application of digital technologies such as IoT (Internet of Things), Cloud, Mobility, Virtual Reality, and Artificial Intelligence. Roles and Responsibilities: Overseeing the 24x7x365 Security Operation Centers processes, technology and people who monitor security tools, assess threats, and risks involving client infrastructure and orchestration Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity with In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.). Responsible for ensuring that all Managed Service deliverables are produced on time and within strict SLA time frames, while maintaining an innovative growth culture within SOC team. Expected to act as the escalation point for the SOC technical team Managing priorities, providing recommendations and implementing changes to methods/processes. Handle client meetings, point of contact for client requirements, onboard new clients. Manage relationships with our customers in-house operations teams and lead operational interactions/cadence with client management. Provide direction and vision to improve SOCs effectiveness, including motivating people to perform, listening to the team, providing feedback, recognizing strengths, identifying automation opportunities, reducing alert fatigue and providing adequate challenges to staff to maintain innovative growth culture. Oversee the management of our existing Managed Security Operations managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents. Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection. Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities. Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities. Taking a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats. Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends. Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements. Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness. Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC. Proven expertise in MDR and Managed SIEM, with a strong preference for experience with Leading Market vendors. Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc. Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks. Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products Experience with Opensource Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment Strong background and expertise on various security technologies including end point security, perimeter security, Advanced threat protection, Security monitoring and security Certifications: CISSP,CISM, CEH, OSCP, or equivalent are highly desirable., ITIL or equivalent

Role detail 4 to 8 years of experience in assurance, information security, vendor/ supplier/ third party risk assessment Expertise in cyber security including standards such as ISO27001, PCI-DSS, ISO22301, privacy etc. Knowledge of technical domains such as network security, cloud security, application security, control testing Knowledge of concepts such as vendor risk profiling, country risk assessment, outsourcing/ technology regulations Experience in assessing emerging technologies such as robotics, IOT, DLT, Social, Mobile etc., Exposure to TPRM specific regulations (FED, MAS, OCC, etc.), Exposure in assessing different third parties e.g. Brokers, Exchanges, etc., Worked with TPRM tools, platforms & utilities such as KY3P, TruSight, ServiceNow, OneTrust, CyberGRX, Coupa etc, Strong Auditing skills is desired, experience in IT Compliance, ITGC testing, and Assurance is a plus Strong problem solving and logical approach skills Excellent written and verbal communication skills Consistent display of technical proficiency Ability to work well in teams Willingness to travel within India or abroad for project/assignments. Demonstrate integrity, values, principles, and work ethic and lead by example CISA/ CISSP/ CISM/ISO27001 LA / LI / Cloud security certificates Prior exp in IT Audit, SOC 1, SOC 2 Qualifications: Bachelors degree in computer science or related field Excellent communication and team collaboration skills

etermine the design and workout strategy for new projects. Lead the Project lifecycle closely following Governance models. • Identify and resolve issues reported within defines SLAs part of routine maintenance of existing applications built in SharePoint online. • Report extraction and automations to support different metrics, that are maintained in the applications. • Work with Stakeholders on the enhancements in the existing applications. Project Planning, Tracking, & Reporting • Workout budgetary estimates during kick off, after understanding the high-level requirements. • Support the team in project planning activities, identify risks proactively, escalating thru appropriate channels as required and responsible for closely tracking the actual efforts • Communicate regularly the status of Projects, risks that creeps, impediments if any. Design • Familiar with Microsoft Visio, Word to create HLD, LLD, DLD in various stages of SharePoint site development and maintenance. Provide tier two operational support, leading team efforts in resolution of incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies: Ensuring team's adherence to SOPs, training and performance monitoring for team members, and continuous process improvement for efficiency, including automation, wherever applicable and conduct recurring assessments of all the key SOC workflows to highlight process deficiencies as well as improvement opportunities for staff. o Malware Analysis o SIEM (Splunk) o Software-defined (Cloud) Network Security o Endpoint Security Protection o Data Loss Prevention Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis and providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards Execute daily security technology administration functions Perform Root Cause Analysis (RCA) on applicable technology Validate quality of dashboards and alerts and suggest updates to reflect new threats and changes in the monitored environment Support the Security Operations team in its efforts on various technology projects and operational initiatives Work as a part of a team to ensure that Guardian customers' data, technology platforms, and infrastructure are available and safeguarded from cyber threats Follow ITIL practices regarding incident, problem, and change management Stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements Required Qualifications Being curious and desire to analyze anomalies Desire and passion to learn and grow in Cybersecurity Customer-focused demeanor Minimum 4-6 years of proven experience in building and operating security controls in at least two of the following domains: o Network/Perimeter Security, including Next-Gen firewalls, intrusion prevention systems, proxies, and Web Application firewalls (WAFs) o Enterprise Endpoint (host-based) Security o DLP and Secure Data Transmission, Storage, and Access o Identity and Access Management / User Behavior Analytics Understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems SIEM management: Senior SOC Engineers must have extensive experience in managing SIEM systems, including configuring, tuning, and optimizing them for maximum efficiency. Endpoint security: They must have a deep understanding of endpoint security solutions, including antivirus, anti-malware, and intrusion prevention systems. Security incident handling: Senior SOC Engineers must have experience in handling security incidents, including identifying the source of the threat, containing it, and preventing further damage. Data Loss Prevention (DLP): They must have experience in implementing and managing DLP solutions to prevent data breaches. Threat intelligence: They must stay up-to-date with the latest security threats and trends, and use this information to improve the organization's security posture. Team management: Senior SOC Engineers must lead and manage the security operations center team, including hiring, training, and mentoring team members. Documentation: They must ensure that all security events, incidents, and responses are properly documented for future reference and analysis. Collaboration: Senior SOC Engineers must work closely with other IT teams, including network engineers, system administrators, and application developers, to ensure that all systems are secure. Continuous improvement: They must continuously evaluate and improve the organization's security posture by implementing new technologies, processes, and procedures. Requirements for a Senior SOC Engineer typically include a bachelor's degree in computer science or a related field, along with relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH). Strong leadership skills, analytical skills, attention to detail, and the ability to work well under pressure are also essential. Ability to effectively work in a team, as well as to be an independent contributor on select projects Preferred Qualifications Recognized Security Industry and Public Cloud IaaS certifications Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.) Familiarity with ITIL; experience with incident, problem, change, and risk management Location: This position can be based in any of the following locations: Gurgaon For internal use only: R000106800

Hi all, We are hiring for the role Information Security Risk Specialist Experience: 6 -9 Years Location: Bangalore Notice Period: Immediate - 15 Days Skills: Experience: • 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: • Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. • Proven analytical expertise in evaluating and prioritizing risks effectively. • Advanced proficiency in utilizing security tools for risk assessment and mitigation. • Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. • Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. • Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. • Skilled in leading security initiatives and managing projects across global teams. • A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. • An effective team player with exceptional interpersonal and collaboration skills. Qualifications: Education: • Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. • Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. If you are interested drop your resume at mojesh.p@acesoftlabs.com Call: 9701971793

Meet the Team You will be part of an outstanding technical pre-sales team in our Global Security Sales Organization (GSSO), responsible for driving the success of Ciscos Security Portfolio and focusing on protecting Customer Application Environments across on-prem and cloud platforms. Our mission is to democratize security by making it easy and effective for everyone. Your Impact As a key player in the team, you will have the opportunity to influence the security landscape by crafting tailored solutions that address specific customer needs. This role offers the excitement of working with cutting-edge technology and the fulfillment of building long-lasting relationships with customers. You will: Provide guidance and assist account teams in building solutions to address specific customer security needs. Understand business requirements and translate them into technical solutions. Create, present, and document technical solutions to customers, partners, and prospects. Lead technical consulting and upper-level management presentations. Drive major account opportunities while enabling local account teams to maintain long-term ownership. Minimum Qualifications Minimum of 5 years of technical sales or pre-sales experience with 2+ years in Security specialization (Email Security, IDS/IPS, AV, Firewall, Advanced Malware Protection). Bachelor's degree in Cybersecurity, Computer Science, or a related field. Proven track record of successful quota achievement. Strong knowledge of cybersecurity concepts, technologies, and best practices. Industry certifications such as CISSP, CISM, or CCSP are preferred.. Preferred Qualifications Excellent presentation and interpersonal skills. Commercial awareness and strong communication skills. Highly motivated self-starter who excels without day-to-day management. Experience with Cisco security technologies and programming languages such as UNIX shell, Perl, or C. Willingness to travel and work from a home office.

Job Description 1. Lead requirements, architecture for Experion Security, drive multiple subsystems across Experion for strengthening the security, working closely with Architects, Solution experts in delivering top notch quality product. 2. Identify and lead in productivity improvements, automation etc to enable saving and improve Built in Quality 3. Lead the Design, impact analysis and implementation delivery of assigned projects within the planned schedule with good quality. 4. Stabilize owned subsystems, ensure quality and frontend customer interactions, third party vendors 5. Collaborate with geographically distributed teams and varying time zones, strive to enlist support in ensuring quality product delivery 6. Grow expertise in industrial automation domain, be up to date with relevant technology trends and employ them to enable product transition to latest technology 7. Actively participate in team and organizational initiatives, drive performance culture, guide team members. Skills Experience in developing solution architecture for large products with specific focus on security like certificate authority management , Industrial security standards Knowledge of secure communications, data at rest security, windows OS security, virtualization Experience in web based and windows based technologies like .Net, GRPC, windows services, UI. Platform technologies such as OS, SQL and MSFT technologies CISSP or relevant certification is added advantage

Some of your daily responsibilities would be the following: Analyze current asset management workflows and identify areas for automation. Develop and implement automation scripts and tools using programming languages (e.g., Python, PowerShell). Integrate asset management systems with other enterprise applications. Design and develop automation scripts and tools for identity provisioning, de-provisioning, and access management. Integrate identity management systems with other network infrastructure and applications. Create and maintain documentation for automation processes and scripts. Implement security best practices in automation processes. Ensure compliance with regulatory requirements and internal policies Implement automated discovery and inventory processes. Collaborate with internal teams and external auditors on compliance matters. Leverage industry proven tools to identify and reduce Cyber Risks Assist in Crisis Management, Ransomware Recovery and Business Continuity planning. Identify, investigate and resolve global security breaches / incidents Develop and maintain network and infrastructure security reporting dashboards and scorecards used to measure our Cyber Practice. What were looking for... You are passionate about network security and automation as a career. You are self-driven and motivated, with good communication and analytical skills. Youre a sought-after team member that thrives in a dynamic work environment. You will be working with multiple partners from the business groups, so networking and managing effective working relationships should be your top most priority. You have an understanding of industry trends in all areas of Information Security. You'll need to have some of the skills listed below: Bachelors degree or four or more years of work experience. Four or more years of relevant work experience. Four or more years of experience in network / information security, risk and compliance management. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Experience in handling enterprise scale server infrastructure & management Knowledge of Cloud infrastructure and technologies Proficiency in scripting languages (e.g., Python, Bash, PowerShell). Experience with network management tools and protocols (e.g., SNMP, Netconf). Knowledge of database management systems (e.g., SQL, NoSQL). Familiarity with API integrations and web services (REST, SOAP). Excellent analytical and problem-solving skills. Ability to manage multiple tasks and priorities in a fast-paced environment Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Masters degree in Computer Science / Information Technology Engineering Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC, etc Strong expertise in at least one operating system Window or Linux. Cloud relevant certifications CCSP, CCSK

Job Title Security Analyst Role and Responsibilities The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies.The Security analyst will be professional, independent, impartial, and fair in all interactions. The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units\u2019 information, applications, and infrastructure. Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts; change detection (FIM) alerts application firewall alerts; malware alerts rogue wireless network alerts security system health alerts; exploit attempt alerts Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to audits of system security to ensure compliance with Corporate security framework NIS 2, NIST 800-53, ISO 27001/2, PCI-DSS emerging country, state, and Federal privacy laws Primary POC in a vulnerability management program of the account that includes external and internal vulnerability scans of applications and systems external and internal penetration tests of applications and systems documentation and remediation of identified vulnerabilities and exploits routinely monitoring various communication avenues for security vulnerabilities and security patches taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement Acts as the initial point of contact to facilitate the handling of security audits and client requests Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education Requirements CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills Creating and Maintaining NIST 800-53-rev5 based SSP and POAM Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Governance Risk Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with established standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Governance Risk Compliance (GRC).- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of risk assessment methodologies and frameworks.- Experience in developing and implementing security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. Additional Information:- The candidate should have minimum 5 years of experience in Governance Risk Compliance (GRC).- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data ServicesMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities:Design and implement secure, scalable GCP architectures.Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO).Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor.Manage Cloud Security Command Center for visibility, governance, and incident response.Implement Cloud Operations Suite for logging, alerting, and security analytics.Conduct threat modeling, vulnerability assessments, and define remediation paths.Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations.Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles.Support audit preparation, policy compliance, and security documentation efforts.Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset.Strong communicator with cross-functional collaboration experience.Continuously stays updated with evolving cloud threat landscapes.Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement.Experience with Terraform, automated auditing, and log analysis tools.- Additional Information:Bachelors degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; CCSP preferred.- 7+ years in security roles, with 3+ years in hands-on GCP security delivery.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP

Role & Responsibilities The Enterprise Architect Head will lead the Enterprise Architecture function, driving the design and implementation of an integrated technology landscape that aligns with the organizations business strategy and digital transformation goals. This role is responsible for developing a holistic, future-ready architecture roadmap across business, data, application, infrastructure, and security domains to support the organizations growth, agility, and innovation. Enterprise Architecture Strategy and Vision Develop and drive the enterprise architecture vision, strategy, and roadmap to align technology initiatives with business goals. Define and govern architecture principles, frameworks, and standards across business, data, application, infrastructure, and security domains. Lead efforts to modernize and optimize legacy systems, enabling adoption of emerging technologies such as cloud, Industry 4.0, AI/ML, IoT, automation, and composable architecture. Provide strategic guidance for adopting emerging technologies (e.g., AI, cloud, Industry 4.0). Business and IT Alignment Partner with business leaders to understand ELGis strategic goals, challenges, and opportunities, ensuring technology investments deliver measurable business outcomes Translate business strategies into actionable technology roadmaps, ensuring scalability, agility, and cost-effectiveness. Define architecture governance processes to assess and approve technology decisions while balancing innovation and risk. Support enterprise initiatives such as ERP modernization, platform integration, cloud migration, and data-driven transformation. Technology Architecture Leadership Oversee the development of architecture blueprints and reference models across all domains (e.g., business, data, application, and infrastructure). Drive the adoption of cloud-native architectures, microservices, APIs, and event-driven frameworks for modern application design. Partner with data teams to enable enterprise data platforms, master data management, and advanced analytics capabilities. Ensure robust security-by-design practices, collaborating with cybersecurity teams to embed security into the architecture lifecycle. Lead innovation by evaluating emerging technologies, trends, and vendors to assess their applicability to the organizations needs. Develop a future-state technology roadmap aligned with business strategy, considering manufacturing-specific needs like IoT, automation, and supply chain optimization. Monitor technology trends and industry best practices to ensure the architecture evolves with market demands Lead and mentor a team of architects specializing in business, data, application, infra and security domains Advocate for green IT and sustainable technology practices to align with corporate ESG goals. Act as the primary liaison between IT and business stakeholders to drive consensus and manage expectations. Collaborate with external vendors and consultants, as needed, to support the development and implementation of specific aspects of the business architecture. Continuously review and refine the enterprise architecture to ensure its relevance and effectiveness in supporting ELGi'S evolving needs and market dynamics. Lead and support business transformation initiatives driven by changes in the industry, market conditions, or internal strategic shifts. Architecture Governance and Standards Implement architecture governance frameworks and processes to standardize technology adoption across the enterprise. Chair the Enterprise Architecture Review Board (ARB), ensuring alignment of projects with defined architecture principles. Monitor compliance with architecture standards, identifying risks, opportunities, and deviations that require corrective action. Develop metrics and KPIs to measure architecture performance and value delivered to the business. Serve as a strategic advisor to leadership, ensuring technology investments drive innovation, operational efficiency, and business transformation. Establish governance processes to manage architecture compliance and ensure adherence to enterprise-wide standards. Define and oversee the implementation of enterprise-wide architecture standards, frameworks, and guidelines. Leadership and Team Development Lead and mentor a team of domain architects (business, data, applications, infrastructure, and security), fostering collaboration and excellence. Build a high-performing architecture function by upskilling the team and driving the adoption of modern architectural practices. Promote a culture of innovation, experimentation, and continuous learning to stay ahead of technology trends. Collaboration and Stakeholder Engagement Engage with IT leadership, business stakeholders, and external partners to drive alignment on technology strategy and priorities. Collaborate with delivery, operations, and project management teams to ensure seamless execution of technology initiatives. Manage vendor relationships, ensuring technology solutions meet architectural standards and business needs. Preferred Candidate Profile Strong expertise in enterprise architecture frameworks such as TOGAF, Zachman, or equivalent. Experience designing and implementing large-scale enterprise architectures across business, data, application, infrastructure, and security domains. Expertise in cloud architecture (AWS, Azure, or GCP), API management, microservices, and modern application development methodologies. Knowledge of emerging technologies, including AI/ML, IoT, edge computing, composable architecture, and automation. Deep understanding of data platforms, integration strategies, and cybersecurity principles in a modern enterprise landscape. Proven ability to develop enterprise architecture strategies that drive business transformation and operational excellence. Strong leadership skills with experience in managing and developing high-performing architecture teams. Ability to influence senior stakeholders and collaborate with cross-functional teams to achieve enterprise goals. Strong analytical mindset with the ability to assess complex technology environments, identify gaps, and propose innovative solutions. Excellent problem-solving skills with a focus on driving business outcomes through strategic technology initiatives. Exceptional communication, presentation, and interpersonal skills to engage with technical and non-technical stakeholders. Ability to translate complex architectural concepts into clear, actionable insights for business and IT leaders. 15+ of experience in enterprise architecture roles, including at least 5 years in a leadership capacity. Proven track record of driving enterprise-wide technology transformation in a global, complex environment. Experience in large-scale cloud migration, ERP modernization, application modernization, and data-driven initiatives. Exposure to the manufacturing industry or similar domains with diverse and legacy IT landscapes is preferred. Bachelors degree in Computer Science, Information Technology, Engineering or a related field (Masters Degree preferred) Certifications: TOGAF or Zachman certified ITIL Foundation / Expert Certified Information Systems Security Professional (CISSP) or equivalent (preferred) Cloud Certification (AWS, Azure, or GCP Architect) PMP or Agile certifications (e.g., SAFe, Scrum master) will be plus

Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures and systems, including hardware, firmware and software Ensures that IS security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents Investigates and resolves security incidents and recommends enhancements to improve security Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents, What Part Will You Play Proactively monitors complex systems and response to known and emerging threats against the Global Payments network via intrusion detection software Completes detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events, Performs incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities, Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing of third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective Responsible for the design and configuration of security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls, Provides input in assessing and disseminating threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model, Assesses risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online); enhances knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information), and Card personalization, Creates cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software, Performs day-to-day Information Security functions pertaining to computer access control on numerous security software products and processes, Enhance understanding of business objectives and helps providing direction based on risk, Corporate Policy, and association and regulatory guidelines, Participates in developing long term strategies for conducting system penetration, vulnerability and web application testing, risk assessments, policy creation, What Are We Looking For in This Role Minimum Qualifications Bachelor's Degree Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field Or related work experience, Typically Minimum 4 Years Relevant Exp Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs (PCI, SOX, GLBA, etc ) Preferred Qualifications Professional certifications CISSP(Certified Information System Security Professional),CISM(Certified Information Security Manager) ,CISAKnowledge of industry standard security compliance programs (PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)) What Are Our Desired Skills and Capabilities Skills / Knowledge A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways This job is the fully qualified, career-oriented, journey-level position, Job Complexity Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors Demonstrates good judgment in selecting methods and techniques for obtaining solutions Networks with senior internal and external personnel in own area of expertise, Supervision Normally receives little instruction on day-to-day work, general instructions on new assignments, Risk Assessment Ability to identify, communicate, and mitigate risk within technical solution designs Industry Knowledge Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them, Incident Response Knowledge and skills to contribute to all phases of Incident Response,

We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation!? Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers program is called BMC on BMC! We are seeking a highly motivated and detail-oriented Senior Information Security Engineer to join our team. This individual will play a critical role in ensuring the security of our network infrastructure and protecting sensitive data across our systems. The ideal candidate is passionate about cybersecurity, eager to learn, and has excellent problem-solving skills. They will work in a dynamic environment, addressing complex security challenges and continuously staying up to date with new technologies. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Deploy and maintain security tools and systems. Implement security policy, standards, guidelines, processes, and procedures to ensure ongoing security posture. Design and implement secure network architectures: Collaborate with the IT team to design, build, and maintain secure network topologies, ensuring protection from external and internal threats. Automation and scripting: Use Python and other scripting languages to automate security tasks, improve efficiency, and manage security infrastructure. Security incident response: Investigate and respond to security incidents, identifying the root cause and implementing solutions to prevent future incidents. Collaborate with cross-functional teams: Work with network engineers, software developers, and system administrators to implement security best practices across all layers of the organizations technology stack. Stay updated on the latest security trends and technologies: Continuously research and learn new security tools, trends, and technologies, applying them to the organizations environment. To ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in a similar Security Engineering/DevOps role. Curiosity and eagerness to learn new technologies: A passion for exploring new cybersecurity tools, methods, and best practices. Hands-on experience with Linux-based environments, including hardening and securing servers. Proficiency in Python programming for automating tasks and scripting security processes. Excellent troubleshooting and logic skills: Strong analytical and problem-solving capabilities, with the ability to think critically and resolve complex issues. Strong understanding of network architecture and protocols: Ability to design and comprehend complex network topologies, troubleshoot network issues, and optimize security. Ability to work with little supervision as well as being a team player with excellent verbal, written, and interpersonal communication skills. Nice to Have: Experience with firewall configurations, IDS/IPS, and security event monitoring tools. Familiarity with cloud security (AWS, Azure, Google Cloud, OCI) is a plus. Familiarity with cybersecurity frameworks: Experience working with NIST, CIS, ISO 27001, or similar security standards is a plus. Previous experience working with vulnerability management technologies (e.g. Tenable, Rapid7, Qualys) preferred. Security Certifications such as CISSP, CEH, CompTIA Security+, or GIAC.

Position Summary: A Security Officer is responsible for protecting property, assets, and personnel by maintaining a safe and secure environment. Duties include monitoring premises, responding to incidents, and enforcing security protocols. Key Responsibilities: Patrol assigned areas to prevent and detect signs of intrusion. Monitor surveillance equipment and access control systems. Respond promptly to alarms, emergencies, or suspicious activity. Enforce company rules and security policies. Write clear and detailed incident reports. Assist visitors and employees by providing information and directions. Collaborate with law enforcement and emergency personnel as needed. Qualifications: High school diploma or equivalent. Previous experience in security or related field (preferred). Physical fitness and the ability to stand/walk for extended periods. Basic knowledge of first aid and emergency procedures. Strong observational and problem-solving skills. Valid security license or certification (as per local requirements). Warm Regards Lokesh S Contact - 9500549097, 7358273332

Responsibility: Oversee product cyber security in high-complexity development projects from acquisition to start of production (SOP) according to ISO/SAE 21434 or UNECE R-155. Planning & Development: Develop security activities and evaluate development efforts. Evaluation & Approval: Approve security concepts and strategies throughout development phases. QCT Targets: Achieve Quality, Cost, and Time targets related to cyber security work products. Tasks / Areas of Responsibility Planning & Guidance: Independently plan necessary cyber security activities and provide guidance to colleagues. Risk Analysis: Analyze product scope for cyber security risks, considering known weaknesses and vulnerabilities. Coordination: Define a holistic product cyber security concept. Coordinate with customers, suppliers, and subcontractors. Report to customers and obtain information from subcontractors. Support: Assist the development team in selecting security-compliant technologies and cryptographic procedures. Verification Methods: Define verification methods like fuzzing, vulnerability scanning, and penetration testing. Assessments & Training: Prepare cyber security assessments and implement training measures. Communication: Facilitate communication within the global HELLA cyber security network to improve processes. YOUR QUALIFICATIONS Bachelors OR masters degree in engineering ISO-21434 certification OR working experience CISSP certification is preferred Location - Hinjewadi Phase - 1.

Job Description Work with External Auditors as required, including facilitating interactions and documentation requests. Assist with compliance framework assessments including, but not limited to NYDFS, PCI DSS, SOC, SOX, GLBA, CIS, MTL and HIPAA. Coordinate external penetration test(s). Coordinate remediation of observations noted from Audit(s) or Gap Analyses. Conduct Internal Audits each quarter. Conduct New Product Audits. Review and edit policies as necessary, but no less than annually. Develop technical security training programs for application users, site security personnel, IT and HR staff globally. Coordinates audit activities with customers workload and schedule. Maintains the Internal Audit manual and leads updates to audit templates. Conducting investigations on irregularities and errors seen during the Audit. Conduct Table Top exercises including, but not limited to Business Continuity/Disaster Recovery and Incident Response. Update Risk Assessment(s) no less than annually. Complete internal vulnerability scans. Complete new hire training, including but not limited to KnowBe4 and BAI. Work with vendors, banks, partners as required to meet their compliance needs, including but not limited to, Questionnaires, RFPs, and Report Requests. Provide consultation and advisement to the business and project leads around compliance initiatives. Performance of other duties and responsibilities as assigned Comply with and enforce company policies and procedures Provide regular and predictable attendance considering any rights to leaves provided by law or company policy Perform all essential job functions without posing a direct threat of harm to yourself or others Effective written and verbal communication with subordinates, peers and supervisor Preferred candidate profile Demonstrate an ability to work under pressure to meet deliverables accurately and on time Excellent communication, interpersonal, organizational, time management and leadership skills Collaborate effectively with other teams within the Security and Compliance department, IT and the Organization Must be able to resolve problems on a daily basis, handle conflict and make effective decisions under pressure. Determination, Dependability, Integrity, Professionalism

Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / Certification: ISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

FISERV Location: Thane What does a successful Internal Audit- IT professional do at FISERV? • Efficiently conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: • Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) • Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. • Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas • Planning, conducting walkthroughs, drafting process understanding and relevant controls. • Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls • Documenting and Reviewing Test of Designs and Test of Effectiveness controls. • Perform analytical procedures/analysis to test the effectiveness of controls. • Document audit procedures and cross reference working papers. • Create management representation letter comments and recommendations and draft audit reports for management review. • Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., • Validations of audit issues. • Conducting special reviews. What will you need to know: • Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] • Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. • Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. • Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. • Good client interfacing skills, drafting skills, communication, and interpersonal skills. • Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: • Desired certifications: CISA / CISSP / CISM / CCNA certified professionals

The Role: The Senior Information Security Engineer is for responsible for implementing industry best security practices, will design, implement, maintain, and document the security measures to protect the organization against cyber threats and attend all ISO audits and requirements. Your Responsibilities: Ensuring that an ISMS system is established, implemented, and maintained in accordance with the ISO 27001:2013 and/or ISO 27001:2022. Lead all ISO and customer security audits/meetings and compliance activity. Contributing to Request for Proposal (RFPs) and supporting IT in CAPA management and Change Controls. Conducting regular internal security audits (Quarterly basis) to assess the effectiveness of security controls and identify areas for improvement. IT tickets handling related to security related incidents. Security Incident Reporting - Generating and presenting regular reports on the organization's security posture(weekly/quarterly/annual), including incidents, vulnerabilities, and risk mitigation efforts. Organization wide Security Awareness - Contributing to and developing security awareness by way of email leaflet/posters on monthly basis and training materials to improve security posture among the organization's staff. Security Policies and Procedures - Developing and implementing security policies, standards, and procedures to safeguard the organization's information assets. Review process documentation to ensure adequacy and consistency is maintained. Risk Assessment - Contribute to the team on regular assessments to identify potential security risks and vulnerabilities in the organization's IT infrastructure. Vulnerability Management - Monitoring and managing vulnerabilities in the organization's systems, including applying patches and updates in a timely manner. Running and automation of vulnerability scans and responsible for closure. Penetration Testing - Gathering penetration test requirements and performing internal pen tests on a scheduled basis. Should be adaptable for 24x7x365 availability for new security related projects/tasks. Preferred Qualifications, Training and Experience: Engineering degree in Computer Science, Information Technology, or a related field. Certifications such as CISSP, CISA/CISM, CEH and ISO 27001 demonstrating expertise in information security management and practices. Minimum of 10 years’ experience in information security roles, with a focus on security architecture, ISO Audits, incident response, and risk management. In-depth knowledge of security technologies such as firewalls, intrusion detection/prevention systems, encryption, and endpoint security solutions. Proficiency in security monitoring tools and techniques for detecting and responding to security incidents in real-time.

Governance: Develop, review, and update information security policies, procedures, and frameworks to align with industry best practices and regulatory requirements. Risk Management: Conduct comprehensive risk assessments, including identifying

We are looking for a highly skilled and experienced Risk Consulting Senior Associate 1 to join our team in Bengaluru. The ideal candidate will have 3-5 years of experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls, and ERP Audits. Roles and Responsibility Develop an understanding of RSM Technology Risk Consulting approach, methodology, and tools. Perform technology risk assessments and review control's design and operating effectiveness. Conduct IT internal audit consulting activities, including audits over ERP systems, IT security, and other IT systems. Execute components of IT audits under offshore delivery models effectively and efficiently. Identify internal control deficiencies, evaluate their risk implications, and draw appropriate conclusions to advise clients. Ensure documentation complies with quality standards and collaborate effectively with RSM consulting professionals, supervisors, and senior management. Manage multiple concurrent engagements and provide timely, high-quality client service that meets or exceeds expectations. Utilize problem-solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw appropriate conclusions to best advise our clients. Exercise professional skepticism, judgment, and adhere to the code of ethics while on engagements. Ensure service excellence through prompt responses to internal and external clients. Understand RSM US and RSM Delivery Center's LOBs and work as a team in providing an integrated service delivery. Ensure professional development through ongoing education. Job Requirements B.Tech/MCA/MBA with 3-5 years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls, and ERP Audits. Intermediate knowledge of financials, operations, and technology and its related risks. Good knowledge of SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security, and risk management frameworks/standards (ISO 27001, NIST, COBIT, ITIL, PCI). Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP). Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word, and PowerPoint. MS Visio skills to develop process and data flow diagrams. Strong multi-tasking and project management skills. Excellent verbal and written communication (English) as this is a client-facing role and requires frequent communications with RSM International clients.

We are looking for a highly skilled and experienced IT Due Diligence Manager to join our team in Bengaluru. The ideal candidate will have 4-7 years of experience in the field. Roles and Responsibility Analyze technology implications for active M&A transactions. Review client investment theses, company profiles, and information on business technology environments. Research niche technologies, regulatory obligations, and latest trends to guide analysis. Participate in discussions with company executives to understand business processes and leverage technology strategy. Evaluate commercial off-the-shelf and custom-developed applications for sufficiency, scalability, and maintainability. Assess a company's IT infrastructure for hosting model adequacy, hardware inventory, network architecture, and business continuity procedures. Analyze technology vendor contracts and compute IT spend through contract reviews and financial documents. Develop workbooks and reports to capture diligence observations/analysis. Manage and develop RSM USI team members. Job Requirements Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 4-7 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft-powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Experience with onshore teams, including data room management, document request list preparation, management meeting preparation, workbook analysis, quality of earnings, due diligence reports, client calls, and engagement team calls. Experience with post-acquisition/carve-out integration and separation-related engagements. Preferred industry experience in manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US-based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain application implementation experience; functional expertise in IT and supporting front/back-office operations preferred. IT and cyber-related certifications (CISSP, CISM, HITECH, PCI DSS QSA, CEH, Azure, AWS). Strong skills in critical thinking, problem-solving, and process improvement. Excellent interpersonal and communication skills to interact effectively with internal team members and external clients. Ability to be a self-starter and drive successful client delivery. Demonstrates willingness to invest time in cross-time zone communication with U.S.-based teams. Evaluated as an exceptional performer in current position.