690 Cissp Jobs - Page 9

Open Source COE Security Architect This role has been designed as Onsite with an expectation that you will primarily work from an HPE partner/customer office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: HPE Operations is our innovative IT services organization. It provides the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. Our teams collaborate to transform insight into innovation. In today’s fast paced, hybrid IT world, being at business speed means overcoming IT complexity to match the speed of actions to the speed of opportunities. Deploy the right technology to respond quickly to market possibilities. Join us and redefine what’s next for you. What you will do: Expert in IT/Cyber Security field. Should be CISSP/CISM/CCSP and CCSK and ISO27001 Certification are desired. Should have good knowledge of security assessment against different global Frameworks like NIST, MITRE and cloud security alliance etc. Should have good understanding of Compliance and regulatory requirements. Working with information security and DevSecOps teams in a CI/CD environment as well as comprehensive understanding of cloud security systems. Programming experience in C/C++, Python, JavaScript, Bash & PowerShell Scripting is desired. Hands-on expertise, Linux, Kernel, threads, processes, API etc. is desired. Provide Security Vision & Strategy to the Organization, strategic direction, development, and implementation of information security programs and projects to address risks relevant to the attainment of organizational strategic security goals based on open source tool/framework. Experience in advising leadership team regarding evolving of open source Security Technology landscape, product issues, security mitigations for identified risks and possible improvements Expertise in providing executive roadmaps for continual improvement in teams, technology, and processes, process across various security & DevSecOps teams based on open source tool/framework. Experienced in Information Security Risk Management, gap analysis, Audits. Hands-on Experience in formulating Cyber Security Policies, design and implementation of Security Technologies, DevSecOps. Working Knowledge in implementation of Cyber Security Solution in Open Source, Open Stack environment. Ability to provide strategies to increase the ability to withstand cyber-attacks, as measured by annual sophisticated attack simulations. Experience in upgrading, troubleshooting and tuning of Cyber Security Solutions. Thorough understanding and good knowledge of latest Cyber Security technologies, security Architectures, vulnerabilities, security threats. Ability to setup PoC for latest open source security solutions. Good understanding of Open-Source Technologies, Cloud security technologies. What you need to bring: BE/B.Tech with 10+ years of experience in the IT industry and 6+ years of experience in Information Security / Cyber Security field. Expert-level knowledge in the IT/Cyber Security field, with a thorough understanding of the latest security technologies, architectures, vulnerabilities, and threats. Desired certifications include CISSP, CISM, CCSP, CCSK, or ISO 27001. Strong knowledge of global security assessment frameworks like NIST, MITRE, and the Cloud Security Alliance (CSA). A deep understanding of compliance and various industry regulatory requirements. Proven experience in developing security vision, strategy, and executive roadmaps for an organization based on open-source tools. Hands-on experience in Information Security Risk Management, conducting gap analysis, managing audits, and formulating Cyber Security Policies. Comprehensive understanding of cloud security systems and working with DevSecOps teams in a CI/CD environment. Working knowledge of implementing, upgrading, troubleshooting, and tuning Cyber Security Solutions, particularly in Open Source and OpenStack environments. Desired programming and scripting experience in C/C++, Python, JavaScript, Bash, and PowerShell. Hands-on expertise with the Linux operating system, including its Kernel, threads, processes, and APIs. Experience advising leadership teams regarding the evolving security landscape, product issues, and risk mitigation strategies. Ability to provide strategies to withstand sophisticated cyber-attacks and experience with annual attack simulations. Proven ability to set up Proof of Concepts (PoCs) for new and emerging open-source security solutions. Additional Skills: Accountability, Accountability, Active Learning (Inactive), Active Listening, Bias, Business Growth, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Customer Relationship Management (CRM), Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more} What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #operations Job: Services Job Level: TCP_04 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Role Name: Sr. Project Manager Job Description : Airtel Business is looking for Sr. Project Manager (Project Director), for managing the Cybersecurity & Managed Security Services to keep our fast-growing MSS portfolio on track. Location : Gurgaon Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of Information security professionals responsible for managing Own 812 concurrent security projects, covering SIEM, SOAR, XDR, firewall management, and cloud security. This position is to be part of a global team, reporting to the Program Head. Be the face of delivery for CXOstranslate tech into business impact, run QBRs, and make renewals feel obvious. Keep us audit-ready (ISO 27001, PCI-DSS, RBI, IRDAI, GDPR, etc.) and drive root-cause fixes. Champion automation and shift-left security, bagging at least two efficiency wins every quarter. Responsibilities: An information security director is responsible for leading and overseeing the information security function. They are entrusted with protecting the confidentiality, integrity, and availability of the Customer information assets. The information security director develops and implements comprehensive strategies, policies, and procedures to identify and mitigate risks, ensure compliance with industry regulations, and respond effectively to security incidents. They work closely with stakeholders across the organization to promote a culture of security and to align information security practices with Client business objectives. Security operations director is responsible for managing the day-to-day activities of the security operations center (SOC) or incident response team. He/She oversee the monitoring of security events, investigations of security incidents, and coordination of incident response efforts. He/She work closely with other Bank teams to ensure timely detection, response, and resolution of security issues. In addition to strategic planning and risk management, the information security director plays a vital role in establishing governance frameworks and ensuring regulatory compliance. Some Common duties and responsibilities include: Strategic Planning: Develop and implement the organization's information security strategy, aligning it with business objectives and risk tolerance. Identify and prioritize security initiatives, establish security goals, and create a roadmap for their implementation. Risk Management: Conduct regular risk assessments to identify and evaluate potential security threats and vulnerabilities. Develop and implement risk mitigation strategies, including security controls, policies, and procedures. Monitor and manage security risks through ongoing assessments and the implementation of appropriate safeguards. Stakeholder Management – Sync with Sales, Pre-Sales, Finance, HR, and tech partners so everyone’s rowing in the same direction. Policy and Procedure Development: Establish and enforce information security policies, standards, guidelines, and procedures. Ensure that they align with industry best practices and regulatory requirements. Communicate and educate employees on security policies, promoting a culture of security awareness and compliance. Compliance and Regulatory Requirements: Stay abreast of relevant laws, regulations, and industry standards pertaining to information security. Ensure that the organization's security practices and controls are in compliance with applicable requirements. Liaise with regulatory bodies, auditors, and stakeholders to address compliance issues and maintain regulatory alignment. Incident Response and Management: Develop and maintain an incident response plan to address and manage security incidents effectively. Establish protocols for detecting, responding to, and recovering from security breaches or other security-related incidents. Coordinate with relevant teams to investigate incidents, implement remediation measures, and report on the outcomes. Security Awareness and Training: Develop and deliver security awareness and training programs for employees at all levels of the organization. Ensure that employees understand their role in maintaining information security and are equipped with the knowledge to identify and respond to security risks. Vendor Management: Assess and manage the security risks associated with third-party vendors and suppliers. Establish security requirements and standards for vendor contracts, conduct security assessments of vendors, and monitor ongoing compliance. Security Governance: Establish and maintain security governance frameworks and structures to ensure effective oversight and accountability. Participate in security committees and provide regular updates to executive leadership and the board of directors on the organization's security posture, risks, and compliance status. Security Incident Reporting and Communication: Develop and implement processes for reporting and communicating security incidents to appropriate stakeholders, including executives, legal counsel, and regulatory bodies. Ensure that incident reports are timely, accurate, and comprehensive. Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and technologies in the information security field. Continuously evaluate and enhance the organization's security posture, controls, and processes through regular reviews, audits, and testing. Travel – Up to 10 % across India Technical Skills: 15+ years in IT services with 8+ steering large, multi-tower security or ITOM programs; PMP or Agile cert helps. Strong knowledge in network & Information security Fundamentals. Deep, hands-on exposure to SIEM, SOAR, EDR/XDR, firewall and IPS/IDS stacks. Solid experience with AWS, Azure, or GCP controls, logging, and compliance tooling. Experience in handling large team of Information Security Professionals (>25 nos.) OT/ICS security, GenAI in SOC workflows, or experience with Scaled Agile frameworks. Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Comfortable running ITIL-aligned ops, SLAs, and continual-service-improvement cycles. Good extensive Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS, SOX, CMMi etc.) Mandatory Security Certification (either of CISA, CISM, CISSP, CIPP/R etc.)

Purpose of the role Yum! Brands Cybersecurity Division is looking for a dynamic candidate to provide Identity and Access Management leadership for our global business enterprise to provide access to digital assets, while mitigating risk to a business acceptable level. We are a company that thrives on innovation, so to be successful youll have a great degree of curiosity, as well as deep knowledge of Identity and Access Management systems (primary ISAM and ISIM), Single-Sign-On, Web Services, and Authentication Protocols (SAML, OAuth, OpenID). This role provides significant visibility; not only will you work closely with the corporate IT team, but you will also interact with the Security Architects, the Yum Senior Leadership Team; Global IT Directors and Managers; Yum Infrastructure Leaders, Yum Legal, and various vendors and service providers. Role & responsibilities Youll lead a team of 3+ engineers, and act as a mentor to experienced team members, so prior leadership experience is crucial. You are someone who can operate with minimal supervision in a complex environment and has the ability to support global IAM operations to the business. Additional responsibilities include: Developing strategic plans for securing Yums global business operations including new technology research/development/implementation Creating global IAM policies and standards, and updating the rolling 3-year global IAM operation roadmap Working with cross functional teams to ensure the confidentiality, integrity, and availability of Yums digital assets and systems Oversee IAM operations, incidence investigation, problem resolution and technical consultation. Provide technical oversight of IAM team to grow their knowhow through mentoring and coaching. Develop operation specifications for new IAM services, applications and service offerings Work with IAM architecture (integrated process, applications, data and technology) team to solve business problems in alignment with the current standards Work with IAM architecture and development Team to build enterprise-wide custom integration solutions w/ applications, services and processes that drive business results ensuring all Yum Security Standards. Participate in cross functional project planning activities to ensure project success and security and recovery of critical systems. Lead research of Identity and Access Management (IAM) Systems, Single-Sign-On and Authentication Technologies which lead to higher productivity and easier secure access to Yum’s global digital assets. Assets include information, desktops, servers, web services, applications, contracts and mobile devices. Develop a global 1-3 year road map for Identity and Access Management for in-store, above store, and consumer facing technologies. Ensure development of secure application and authentication standards to enable Yum’s digital growth initiatives in both web based and mobile platforms. Research and evaluate new security solutions, including lab tests, proof of concepts and pilots. Make operational and technology recommendations which influence Yum’s global operations. Provide leadership to brand and Cybersecurity division- IAM Preferred candidate profile Minimum Requirements: EDUCATION: BE/B Tech degree, graduate degree a plus, Certified Information Systems Security Professional (CISSP) a plus. EXPERIENCE (and other qualifications): IAM Subject Matter Expertise with at least 10-12 years on operations, implementation and development experience integrating security solution w/ business application and processes. Minimum of 5 years leading technical teams with responsibility for Global IAM operations A deep understanding of Identity and Access Management Architecture and Operations is required. Proven experience with IBM Security (or comparable IAM solutions) and Active Directory required. Knowledge of Web Services Architecture required. Knowledge of SSO and Federation required. Knowledge of security and Java J2EE specification, Struts, WSDL, Web 2.0/WSRP. Detailed familiarity with ISIM Customization: Advance Workflow customization, Workflow Extensions, LCR customization, ID policy customization, advance provisioning, and custom UI, custom Adapter Development Detailed familiarity with ISAM and Ping Federation Concepts: Web security, Authentication, Authorization, Kerberos, Session Management, Web Proxy, Risk-Based Access A solid understanding of Information Security Architecture technologies and concepts required: Firewalls, intrusion detection, monitoring tools, encryption, certificate authority, reverse proxy, etc. Strong knowledge of Internet technologies and XML integration, including XML-Schema, XML-RPC, XML-SOAP, and/or Web Services/SOA Detailed familiarity with JSP/Servlets, SPML, DAML, JNDI, DSMLv2, LDIF, LDAP, ODBC, JDBC, JMS, JAAS, ISIM APIs Excellent written and oral communication skills with experience influencing Sr. Leaders and C-level executives. Preferred (but not required): ISIM Certified Deployment Professional ISAM Certified Deployment Professional Experience dealing with international locations and cultures is a plus.

Roles and Responsibilities Assist the IT Audit manager in audit engagement planning activities for IT SOX Assessment. Lead a team of 2-3 IT auditors for executing tests of design and operating effectiveness. Monitor audit task assignments and drive completion. Lead conversations with stakeholders and auditees during process walkthroughs. Identify control gaps and accordingly provide recommendations in areas requiring improvement based on tests conducted. Conduct reviews of audit workpapers and provide constructive feedback to team members. Monitor status of audit documentation requests and perform timely escalations, as needed. Work closely with stakeholders to communicate audit status, follow-up requests and audit findings. Provide necessary support to external auditors. Qualifications: Bachelor's degree in Accounting, Computer Science, Information Systems or related field. 5+ years of strong experience in testing IT General Controls, preferably from Big4 account firms. Sound understanding of IT processes such as access management, change management, SDLC, Computer operations. Demonstrated technical knowledge of SAP security. Experience in auditing various infrastructure platforms such as Unix, Linux, Windows, SQL. Sound knowledge and understanding of audit methodologies and tools that support audit processes. Excellent verbal, written, and interpersonal communication skills. Demonstrated ability to prioritize work, meet deadlines, and effectively manage multiple priorities. Works well in a team environment, fostering inclusion and building effective relationships with both team members and stakeholders. Desire to stay current on new and changing technologies. Enthusiastic, self-motivated, willing to be challenged. CISA, CISSP, CIA, CPA, or other certifications technology driven certifications.

The Security Operation Specialist has the end-to-end responsibility for the physical and logical security of the Network/Services, OSS/SQM, and Infrastructure in accordance with the security policy technically manage and operate components of security services provided to end users of Nokia customers, within service levels agreed with those customers. You have: 10+ years of extensive relevant experience and a graduate / postgraduate equivalent degree. Exposure to telecom technologies Security analytics and working knowledge of SOC technologies like SIEM, SOAR, etc. Scripting capabilities Industry certifications like CISSP/CEH/CISM/CISA It would be nice if you also had: Understanding of hacking techniques Understanding of 3GPP security requirements, ITU-T x.805, ISO27001, NIST, Mitre attack framework Build and maintain a library of threat hunting or analytics use cases for non-signature-based threat detection Build and maintain a library of pre-developed connectors to integrate leading SIEMs with diverse network elements Build and maintain a customizable library of remediation workflows or cyber playbooks Use cases should cover the entire kill chain, starting from reconnaissance, weaponization, delivery, exploitation, installation, C2, exfiltration, remediation, etc. Provide SME support to the delivery organization Testing and PoC of use cases in a lab environment Support in building use case demos. Work with different product lines to validate and test the feasibility of security use cases Build risk-driven cyber attack scenarios by clearly identifying threats, vulnerabilities, business impact, likelihood, approach, use case, scenarios, rules, remediation workflows, or a cyber playbook.

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Approx 5 years' experience as a Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWSSecondary Skills: SAST and DASTSolid diplomatic and communication skills in EnglishThe candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Preferred Skills: Technology-Enterprise Architecture-Data / Information Architecture

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNowMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security solutions for cloud environments- Conduct security assessments and audits to identify vulnerabilities- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ- Good To Have Skills: Experience with SailPoint IdentityNow- Strong understanding of identity and access management- Knowledge of cloud security best practices- Experience in designing and implementing security controls for cloud environments Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities:- Expected to be an SME in Security Architecture Design.- Collaborate and manage the team to perform effectively.- Responsible for team decisions and ensuring adherence to security best practices.- Engage with multiple teams and contribute to key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Ensure the implementation of robust security controls.- Conduct risk assessments and vulnerability testing.- Develop and maintain security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST).- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Architecture Design.- This position is based in Mumbai.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, designing robust security solutions, and documenting the implementation of cloud security controls. You will also oversee the transition to cloud security-managed operations, ensuring that all processes align with industry standards and best practices. Engaging in continuous improvement initiatives will be a key part of your role, as you strive to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure security requirements are integrated into all phases of project development. Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with security compliance standards and regulations.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 3 years of experience in Okta Identity Management.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your role will play a crucial part in safeguarding the organization's data and infrastructure in the cloud environment. Roles & Responsibilities:- Expected to be an SME in Okta Identity Management- Collaborate and manage the team to perform effectively- Responsible for team decisions and ensuring adherence to security best practices- Engage with multiple teams and contribute to key decisions- Expected to provide solutions to problems that apply across multiple teams- Ensure the implementation of cloud security controls align with the defined framework- Document the cloud security architecture and ensure it meets business requirements- Transition to cloud security-managed operations Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management- Strong understanding of cloud security frameworks and best practices- Experience in designing and implementing secure cloud architectures- Knowledge of identity and access management principles- Experience with cloud security tools and technologies Additional Information:- The candidate should have a minimum of 12 years of experience in Okta Identity Management- This position is based in Noida- A 15 years full-time education is required Qualification 15 years full time education

Job Overview We are seeking a skilled and dynamic Security & Privacy Architect and SDL Coach to join our team and help strengthen the security posture of our software development lifecycle. This role combines a strong foundation in code analysis, security architecture, and coaching teams on security best practices. The ideal candidate will work closely with development teams, conducting security assessments, guiding secure coding practices, and ensuring compliance with industry standards. As a Security & Privacy Architect , you will be responsible for identifying vulnerabilities and providing actionable recommendations to reduce security risks. As an SDL Coach , you will help application teams adopt security-focused practices into their software development lifecycle (SDLC) while ensuring compliance with regulatory standards like PCI-DSS. Key Responsibilities Code Analysis, Scanning, and Remediation Security Tool Configuration : Configure and operate security scanning tools (e.g., Snyk, Grit, Checkmarx, Coverity, Mend etc.) to scan applications and interpret results to identify potential security flaws. Static and Dynamic Code Analysis : Perform static and dynamic code analysis to identify vulnerabilities in the source code. Help App teams in adopting best practices. Vulnerability Remediation : Work directly with development teams to guide them in resolving identified vulnerabilities and promote secure coding practices. Issue Prioritization : Prioritize critical security issues and escalate them for immediate remediation when necessary. Security & Privacy Architecture Security Assessments : Conduct in-depth security assessments to identify potential attack vectors, vulnerabilities, and risks in the application architecture and source code. Recommendations : Provide actionable recommendations to development and architecture teams to address security gaps and ensure compliance with security standards. Security Design : Assist in the design of secure application architectures that meet both business and security requirements. SDL Coaching and Best Practices SDL Awareness : Conduct Security Development Lifecycle (SDL) Coaching and Assessments with development teams to raise awareness of security practices and ensure they align with best security practices. Security Best Practices Adoption : Guide teams in adopting and integrating Security practices into their SDLC, focusing on secure coding, testing, and deployment. Coaching & Mentoring : Provide ongoing coaching and mentoring to developers to help them understand the importance of security throughout the development process. Compliance Lead (CGA, PCI, CPP) Regulatory Compliance : Participate in security risk assessments and ensure that applications comply with relevant industry standards and regulations (e.g., PCI-DSS, CGA, CPP). Audit Preparation : Assist application teams with preparation for security audits, providing guidance before and after audits to address any issues. Documentation : Ensure that all security compliance requirements are well documented and tracked. Research and Continuous Improvement Threat Intelligence : Stay updated on the latest security threats, vulnerabilities, and emerging trends in application security to proactively mitigate risks. Tool & Framework Evaluation : Evaluate new security tools, frameworks, and technologies that can improve the effectiveness of security code scanning and remediation. Conduct comparative analysis and provide recommendations. Process Improvement : Continually assess and improve security processes within the development lifecycle to enhance overall security posture. Required Qualifications Experience : 8+ years of experience in application security, including hands-on experience with code analysis, security testing, and risk assessments. Technical Skills : Strong understanding of secure software development practices. Familiarity with security tools such as Snyk, Grit, Checkmarx, Mend and other static/dynamic code analysis tools. Knowledge of security vulnerabilities (e.g., OWASP Top 10, CVEs) and remediation techniques. Experience with common security frameworks and methodologies (e.g., OWASP, NIST, CIS, PCI-DSS). Proficient in at least one programming/scripting language (e.g., Python, Java, C#, JavaScript). Compliance Knowledge : In-depth understanding of industry compliance standards such as PCI-DSS, CGA, and CPP. Communication Skills : Excellent written and verbal communication skills with the ability to interact with technical and non-technical teams alike. Preferred Qualifications Certifications : CISSP, CISM, CISA, or equivalent security certification is highly preferred. Experience with Cloud Security : Knowledge of security best practices in cloud environments (AWS, Azure, GCP). Experience with DevSecOps : Experience with integrating security practices into DevOps pipelines and workflows.

Key Responsibilities Act as a subject matter expert (SME) for BeyondTrusts product suite, including Password Safe, Privilege Management, and Remote Support. Understand client business needs and map them to appropriate BeyondTrust solutions. Design and present customized solution architectures, configurations, and integration models. Lead product demonstrations, Proof of Concepts (PoCs), and technical deep-dives. Articulate technical features and business benefits to both technical and non-technical stakeholders. Prepare responses to RFIs/RFPs and develop technical proposals. Collaborate with internal teams to ensure proposals are technically viable and costeffective. Work with delivery, support, and engineering teams to ensure seamless handovers and implementations. Personnel skill set Bachelors degree in Computer Science, Information Security, or related field. 4+ years of presales or solution engineering experience in the cybersecurity domain. Hands-on experience with BeyondTrust products is strongly preferred. Knowledge of PAM, IAM, and enterprise IT environments (AD, LDAP, SIEM, etc.). Excellent communication, presentation, and stakeholder management skills. Ability to manage multiple engagements and prioritize effectively. Preferred Certifications: BeyondTrust Certified Implementation Engineer (BT-CIE) or similar CISSP, CISM, or other cybersecurity certifications (advantageous) *Availability – in a month’s time

We are looking for Role: Consultant (Hitrust) Experience: 2-6 yrs Company Location: Bavdhan, Pune Work Mode: Remote RESPONSIBILITIES Lead the client audits/assessments and Interface with clients to review and analyze complex systems (Applications, Operating systems, Databases, and Networking devices), or Cloud technologies (AWS, Azure, GCP) to identify security gaps and missing security controls within the client environments as per the requirements defined in the security standards and regulations. Work with client to understand their business processes, analyze sensitive data flows (business and application data flows), network architecture, and define the proper audit/assessment scope. Perform reviews for client organizations information security policies and procedures against various industry standards and regulations, including HITRUST, HIPAA, and ISO 27001 Work on drafting information security policies and procedure documentation for clients as part of the consulting engagement Perform detailed risk assessment for the client environment, including their business processes and infrastructure, using risk management frameworks (ISO, NIST) Wherever possible, provide the audit/assessment scope reduction guidance to the client. Work independently with the client to perform audit interviews, collect, consolidate, and analyze evidence for the compliance assessment, and meet the internal quality assurance requirements throughout the assessment. Provide consulting guidance and recommendations to clients to help them meet the compliance requirements and improve their security posture in accordance with applicable security controls. Establish and maintain positive collaborative relationships with clients and stakeholders. Produce final reports on compliance to detail the controls observed during security assessments in accordance with various security standards and regulations. Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue. Collaborates with project managers, internal quality assurance group, sales, and other delivery team members to drive customer satisfaction and meet project deliverables. Work on continuous professional development in maintaining industry-specific certifications and strong depth of knowledge in the practice area. Travel to client sites as needed. DESIRED SKILLS Bachelors degree. A specialization in information assurance is preferred. At least 2-6 years of information security assessment experience, including for HITRUST, HIPAA, and ISO 27001 Ability to analyse network architectures and review the network device (Firewalls/ Switches/ Routers/ IDS/IPS/ Load Balancers etc.) and Servers/ Virtualization Devices configurations. Good understanding and audit experience for cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform) In-depth knowledge in IT Security Policies and Procedures that govern clients Information Security and Privacy programs. In-depth knowledge and experience in IT Security, including access controls, network security, logging/monitoring, vulnerability assessments, system hardening, secure software development, application security, encryption, and key management best practices etc. In-depth knowledge and experience with the HITRUST framework, HIPAA law, and Risk Management Standards (NIST/ISO) At least one certification from each group is preferred: Group 1- CISSP, CISA, CISM Group 2- ISO27001 Lead Implementer, ISO27001 Lead Auditor Good knowledge of common office tools Strong written and verbal communication skills Demonstrated ability to structure and lead projects successfully. Good project management and time management skills Strong technical research skills -- Muugddha Vanjarii 7822804824 mugdha.vanjari@sunbrilotechnologies.com

Seeking an experienced Enterprise Security Architect with 8+ years in cybersecurity and cloud security (AWS/Azure/GCP). Must have expertise in EDR, SIEM, IAM, firewalls, compliance (NIST, GDPR, PCI), and security architecture design. Required Candidate profile Strong in DevSecOps, CI/CD, and SDLC integration. Certifications like CISSP, CISM, ISO 27001 preferred.

Job Title: Cybersecurity Analyst - IT Risk and Control Analyst Location: Chennai Experience: 9 - 15 years Notice Period: 0 - 30 Days Work Mode: Hybrid Interview Mode: 1st round is Virtual interview & 2nd round is F2F is Must Position Purpose: The IT Risk and Control Analyst plays a critical role in strengthening the risk culture within WMIS by driving the adoption of IT Risk frameworks, ensuring regulatory compliance, and reducing IT-related risk exposure. This role exists to proactively identify, assess, and monitor IT risks, perform IT control assessments, and report risk metrics to senior stakeholders. The position directly supports the APAC region and contributes to global risk visibility and risk mitigation initiatives. Responsibilities: Direct Responsibilities: IT Risk Management Identify, assess, and monitor IT risks related to WMIS activities. Record and maintain risk registers; provide regular reporting. Oversee the execution and monitoring of risk mitigation plans. Assess IT risks across the project lifecycle and track until resolution. IT Control Conduct IT control testing aligned with the Groups internal control framework. Monitor corrective action plans arising from control deficiencies. Ensure compliance with group-wide control standards. Shadow IT Governance Maintain and assess the Shadow IT inventory for the APAC region. Coordinate assessments to ensure non-compliant IT assets are identified and managed. Operational Incident Risk Management Evaluate operational risks from production and project-related incidents. Ensure proper recording, escalation, and handling of incidents. Maintain historical records for risk measurement and trending analysis. Contribute to lessons learned and prevention measures. Reporting Generate timely and accurate IT Key Risk Indicator (KRI) reports for regional and global management. Contribute to management dashboards and executive summaries of IT risk posture. Technical & Behavioral Competencies: Deep understanding of IT Risk Management principles and practices. Familiarity with IT System Development Life Cycle (SDLC) methodologies. Strong knowledge of banking industry IT systems and compliance requirements. Proficiency in Microsoft Office Suite , especially Excel and PowerPoint. Experience with ServiceNow GRC or other GRC platforms (preferred). Excellent communication skills in English (both written and verbal). Strong interpersonal, coordination, and analytical abilities. Team-oriented with a collaborative mindset. Value-added Competencies High integrity and confidentiality in handling sensitive information. Awareness of data governance , data protection , and relevant regulatory frameworks (e.g., MAS, GDPR). Strong management reporting capabilities. Ability to respond to ad hoc executive requests with agility and precision. Understanding of risk measurement metrics and dashboards. Qualifications Bachelors Degree in Information Technology , Computer Science, or related field. 10 to 15 years of relevant experience in IT Risk Management, IT Audit , or IT Security , preferably in a banking environment . Risk Management certifications such as CRISC , ISO 31000 , CISA , or equivalent are preferred. Experience with project management is a plus.

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. Associate Director - Cyber Security Risk Vulnerability Scoring What can you expect To oversee and manage the Cybersecurity Risk Adjusted Vulnerability Scoring (RAVS) Program. This enterprise-level initiative is critical to transforming the measurement, prioritization, and response to cybersecurity vulnerabilities by leveraging integrated systems, threat intelligence, and contextual organizational data We will count on you to: Program Oversight 1. Lead the development, implementation, and ongoing management of the enterprise RAVS program.2. Integrate data form vulnerability scanners, CMDB, threat intel feeds, cybersecurity systems, and internal business systems to generate dynamic risk adjusted vulnerability scores.3. Collaborate with internal teams across cybersecurity, IT, risk, business units, data analytics to continuously refine RAVS logic and scoring models.4. Develop operational playbook and prioritization framework that aligns vulnerabilities response to true business risk. RAVS Day-to- Day Operations and Risk Management 1. Monitor, triage, and escalate enterprise vulnerabilities based on RAVS output and threat indicators. 2. Provide real-time situational awareness and technical direction during vulnerability-related incidents and assessments. 3. Ensure integration and alignment between RAVS and enterprise vulnerability management platforms, SIEM, SOAR, threat intel, and cloud security tools. 4. Track remediation efforts, metrics, SLAs & SLOs adherence, and risk decisions.5. Generate executive-level dashboards and reports to communicate vulnerability risk posture and trends. Platform Management 1. Oversee functionality and data quality for critical systems. 2. Managing the operational health and data flows between vulnerability detection system, threat intelligence sources, asset inventories, and risk engines. 3. Ensuring business context and asset criticality are mapped into RAVS platform to support accurate risk prioritization. 4. Cross coloration with detection engineering and VMED to maintain score calculation logic, rule sets, and automation flows. 5. Maintaining process documentation, operational runbooks, and continuous improvement workflows for all integrated components. Leadership and Collaboration 1. Cross Functional CollaborationSupport and collaborate with development, business CISOs, operations, and cloud teams across the enterprise to ensure effective vulnerability management practices. 2. Support VMED with various project-based initiatives (creation of KPIs, onboarding of new tools, etc.).3. Drive ongoing assessments of RAVS programs effectiveness, identify areas for tuning, optimization, or automation. 4. Collaborate with governance, risk, and compliance teams to align scoring outcomes with organizational risk thresholds and reporting needs.5. Lead training and onboarding of cross-functional stakeholders who interact with RAVS platform and outputs.6. Partner with Security Operations and other Detection & Response Teams (DART) to embed RAVS data into incident response and remediation workflows.7. Support audit and regulatory readiness activities by ensuring RAVS processes and records meet enterprise and compliance standards. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What makes you stand out 10+ Years Experience in Vulnerability Management, incident response, cloud security, or cybersecurity related fields, with at least 3 years experience in a senior technical role. Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Attachments Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon/Noida. This is a hybrid role that has a requirement of working at least three days a week in the office. Senior Manager - Cyber Security Risk Vulnerability Scoring What can you expect Work on Cybersecurity Risk Adjusted Vulnerability Scoring (RAVS) Program. This enterprise-level initiative is critical to transforming the measurement, prioritization, and response to cybersecurity vulnerabilities by leveraging integrated systems, threat intelligence, and contextual organizational data We will count on you to: Program Oversight 1. Lead the development, implementation, and ongoing management of the enterprise RAVS program.2. Integrate data form vulnerability scanners, CMDB, threat intel feeds, cybersecurity systems, and internal business systems to generate dynamic risk adjusted vulnerability scores.3. Collaborate with internal teams across cybersecurity, IT, risk, business units, data analytics to continuously refine RAVS logic and scoring models.4. Develop operational playbook and prioritization framework that aligns vulnerabilities response to true business risk. RAVS Day-to- Day Operations and Risk Management 1. Monitor, triage, and escalate enterprise vulnerabilities based on RAVS output and threat indicators. 2. Provide real-time situational awareness and technical direction during vulnerability-related incidents and assessments. 3. Ensure integration and alignment between RAVS and enterprise vulnerability management platforms, SIEM, SOAR, threat intel, and cloud security tools. 4. Track remediation efforts, metrics, SLAs & SLOs adherence, and risk decisions.5. Generate executive-level dashboards and reports to communicate vulnerability risk posture and trends. Platform Management 1. Oversee functionality and data quality for critical systems. 2. Managing the operational health and data flows between vulnerability detection system, threat intelligence sources, asset inventories, and risk engines. 3. Ensuring business context and asset criticality are mapped into RAVS platform to support accurate risk prioritization. 4. Cross coloration with detection engineering and VMED to maintain score calculation logic, rule sets, and automation flows. 5. Maintaining process documentation, operational runbooks, and continuous improvement workflows for all integrated components. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What makes you stand out 7+ Years Experience in Vulnerability Management, incident response, cloud security, or cybersecurity related fields Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity As a part of FICOs highly modern and innovative analytics and decision platform, the Cyber-Security Engineer will help shape the next generation security for FICOs Platform. You will address cutting edge security challenges in a highly automated, complex, cloud & microservices driven environments inclusive of design challenges and continuous delivery of security functionality and features to the FICO platform as well as the AI/ML capabilities used on top of the FICO platform." VP of Engineering. What Youll Contribute Secure the design of next next-generation FICO Platform, its capabilities, and services. Support full-stack security architecture design from cloud infrastructure to application features for FICO customers. Work closely with product managers, architects, and developers on implementing the security controls within products. Develop and maintain Kyverno policies for enforcing security controls in Kubernetes environments. Collaborate with platform, DevOps, and application teams to define and implement policy-as-code best practices. Contribute to automation efforts for policy deployment, validation, and reporting. Stay current with emerging threats, Kubernetes security features, and cloud-native security tools. Implement required controls and capabilities for the protection of FICO products and environments. Build & validate declarative threat models in a continuous and automated manner. Prepare the product for compliance attestations and ensure adherence to best security practices. Provide expertise as a subject matter expert regarding edge services for public/private cloud information system controls related infrastructure, policy, and decision-making processes. Provide timely resolutions for security configuration or solutions in support of service availability. Work on problems of diverse scope where analysis of situation requires evaluation and troubleshooting including network packet analysis, Linux or Windows DNS, certificates lifecycle, logfile analysis, and related. What Were Seeking Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (optional but a plus). Experience in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit techniques, and methods for their remediation. Hands-on experience with programming languages, such asJava, Python, etc. Experience of deploying services and securing cloud environments, preferably AWS Experience of deploying and securing containers, container orchestration and mesh technologies (such as EKS, K8S, ISTIO). Experience with Crossplane to manage cloud infrastructure declaratively via Kubernetes. Certifications in Kubernetes or cloud security (e.g., CKA, CKAD, CISSP) are desirable Ability to articulate complex architectural challenges with the business leadership and product management teams. Independently drive transformational security projects across teams and organizations. Experience with securing event streaming platforms like Kafka or Pulsar. Experience with ML/AI model security and adversarial techniques within the analytics domains. Hands-on experience with IaC (Such as Terraform, Cloudformation, Helm) and with CI/CD pipelines (such as Github, Jenkins, JFrog). Resourceful problem-solver skilled at navigating ambiguity and change. Customer-focused individual with strong analytical problem-solving skills and solid communication abilities. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at www.fico.com/Careers FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at https://www.fico.com/en/privacy-policy

Field Marketing Manager Job Details | Bentley Systems Select how often (in days) to receive an alert: Select how often (in days) to receive an alert: Position Summary: Bentley Systems is a fast-growing company, and we re searching an experienced field marketing manager to join our expanding team. The ideal candidate will have ability to work on the regional Go-to-Market plans, event & campaigns, planning & execution. This includes the end-to-end program management of marketing mix in collaboration with Product Industry Marketing/Digital Marketing across the sales territories within their assigned marketing region. This role is an individual contributor role and reports to the Senior Manager, Field Marketing, Asia South Collaborate with sales teams to identify target accounts and create localized marketing campaigns to engage target audiences, drive demand and accelerate pipeline growth. Identify and execute targeted marketing initiatives focusing on key account development and expansion, using multi-channel tactics, including ABM. Develop and execute comprehensive, multi-layered, marketing campaigns tailored to the Asia South market, ensuring alignment with overall company and regional revenue and business goals. Collaborate with cross-functional teams including sales, product management, and marketing to integrate field marketing strategies with broader marketing and sales initiatives. Lead the planning and execution of Bentley India hosted and 3rd party in-person events, to drive thought leadership, brand awareness and lead generation. This would require end-to-end coordination with internal & external stakeholders and traveling across India regions up to 30%-50%. Develop and oversee the execution of digital campaigns, manage advertising plans, and help maintain media relationships. Provide recommendations for social media plans and align them with overall campaign objectives. Coordinate with corporate communications to execute PR related strategies to raise brand awareness across the region. Ensure the overall cohesiveness and alignment of all marketing channels to reinforce messaging and brand awareness while driving regional business and revenue objectives. Working with regional sales leadership, identify and prioritize regional tradeshows and sponsorships to increase brand visibility and lead generation ensure branding and messaging are aligned with objectives; coordinate with events team on execution of events and ensure lead follow-up. Regularly communicate marketing plans, progress, and results to internal teams. Stay abreast of emerging technologies, best practices, and industry trends/developments/regulations to continuously enhance field marketing strategies and tactics. Build regional understanding of the important media (magazines/websites/blogs, etc.) by Industry, enhance existing, and build up new relationships, and coordinate all local press activities and report coverage with Corporate Marketing and Media Services. Coordinate/manage Bentley Executive visits with local sales leadership and Corporate. Lead the Regional Marketing globally assigned as a partner for tag team with Digital Marketing/Product Industry Marketing to facilitate the Event & Webinar execution. Engage with Digital Marketing for data acquisition, cleanup and requirements for the local region including interfacing with sales management to qualify requests and ensure we have a plan to leverage new names. Ensure Channel management is aware of planned marketing programs in the region to facilitate proper leverage of marketing programs by Channel partners. Support Corporate initiatives like Year in Infrastructure in the region. What You Bring to The Team: Bachelor s degree or equivalent experience in marketing, business, or a related field. 6-8 years of experience in B2B field marketing, with a focus on the Indian market. Background in executing and managing in-region B2B lead gen programs that drive engagement and generate high-quality leads and revenue for both new logo growth and account expansion. Experience planning and executing ABM strategies and tactics. Excellent organization and multitasking skills, with the ability to handle projects autonomously and solve problems proactively. Experience in infrastructure markets including transportation, energy and water is advantageous. Demonstrated experience in managing budgets and overseeing vendors for marketing program execution. Strong project management skills and ability to work in a fast-paced environment. Prior experience with marketing tools, analytics, and technology platforms and associated systems including Marketo, Demand base, SFDC, Google Analytics, etc. This role requires up to 30%-50% travel across India. for a taste of our culture and watch this about how we got our start. An attractive salary and benefits package. Bentley Impact Day: take a day off from work to volunteer with an organization of your choice. Celebrate milestone achievements and moments that matter through our colleague recognition award programs and our Bentley Achievers platform. A commitment to inclusion, belonging and colleague wellbeing through global initiatives and resource groups. Be part of a company committed to making a real difference by advancing the world s infrastructure for better quality of life, where your contributions help build a more sustainable, connected, and resilient world. Discover our latest user success for an insight into our global impact. Bentley Systems (Nasdaq: BSY) is the infrastructure engineering software company. We provide innovative software to advance the world s infrastructure sustaining both the global economy and environment. Our industry-leading software solutions are used by professionals, and organizations of every size, for the design, construction, and operations of roads and bridges, rail and transit, water and wastewater, public works and utilities, buildings and campuses, mining, and industrial facilities. Our offerings, powered by the iTwin Platform for infrastructure digital twins, include MicroStation and Bentley Open applications for modeling and simulation, Seequent s software for geoprofessionals, and Bentley Infrastructure Cloud encompassing ProjectWise for project delivery, SYNCHRO for construction management, and AssetWise for asset operations. Bentley Systems 5,200 colleagues generate annual revenues of more than $1 billion in 194 countries. Bentley is proud to be an equal opportunity employer and considers for employment all qualified applicants without regard to race, color, gender/gender identity, sexual orientation, disability, marital status, religion/belief, national origin, caste, age, or any other characteristic protected by local law or unrelated to job qualifications.

Security Response Coordinator Role Overview As a Security Response Coordinator you will play a critical role in ensuring the effective management and response to security incidents within our organization You will collaborate with cross functional teams and stakeholders to develop and implement incident response plans coordinate incident investigations and drive the resolution of security incidents in a timely manner The ideal candidate will possess excellent communication skills strong problemsolving abilities and a deep understanding of security incident management Responsibilities Collaborate with key stakeholders to identify potential security threats and vulnerabilities Regularly review and refine incident response procedures based on industry best practices and lessons learned Perform initial triage and analysis of security incidents Escalate incidents to Level 2 or Level 3 as necessary Document and track incidents in the incident management system Coordinate incident response efforts Serve as the primary point of contact for all security incidents ensuring timely response and resolution Establish and maintain communication channels with internal teams and external partners to facilitate incident response activities Coordinate and lead cross functional incident response teams providing clear guidance and direction Investigate security incidents Conduct thorough investigations into security incidents including data breaches system intrusions and policy violations Collect and analyze evidence identify the root cause of incidents and provide recommendations to prevent future occurrences Document incident details actions taken and lessons learned for post incident analysis and reporting Incident escalation and reporting Assess the severity and impact of security incidents and escalate as necessary to senior management or executive leadership Prepare comprehensive incident reports and communicate findings to relevant stakeholders Provide regular updates on incident response activities metrics and key performance indicators KPIs to management Continuous improvement Stay abreast of the latest security trends emerging threats and industry best practices Contribute to the enhancement of security policies procedures and guidelines Participate in tabletop exercises drills and simulations to test and improve incident response capabilities Participate in regular training and awareness programs Requirements Bachelors degree in computer science Information Security or a related field Relevant certifications eg CISSP CISM GIAC are a plus Proven experience in security incident management preferably in a fast paced and complex environment Strong understanding of security frameworks standards and regulations eg GDPR Familiarity with incident response tools technologies and forensic techniques Excellent communication skills both written and verbal with the ability to convey complex technical concepts to nontechnical stakeholders Strong analytical and problemsolving abilities with a keen attention to detail Ethical mindset and commitment to maintaining the confidentiality integrity and availability of sensitive information if interetsed send your resume on payal.banchare@ltimindtree.com

Hi all , we are looking for a role Information Security Risk Specialist experience : 7 -9 years notice period : Immediate - 15 days location : Bengaluru Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Job Summary: We are seeking an experienced Information Security Risk Manager to join our team at Daimler Truck Innovation Center India, Bengaluru. The ideal candidate will lead the risk management and coordination efforts related to the overall security of enterprise systems, ensuring the development, implementation, and oversight of strategies that safeguard the information assets from cybersecurity threats, vulnerabilities, and attacks. This role requires strong collaboration across internal teams, including engineering, IT, legal, and regulatory bodies, as well as with external partners, such as suppliers and industry organizations. The ideal candidate will have a deep understanding of cybersecurity risk management methodologies, and the ability to oversee multiple initiatives aimed at strengthening the risk management practices at Daimler Truck Key Responsibilities: Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

Position Overview: We are seeking a highly experienced and strategic Third-Party Risk Management (TPRM) professional to lead and enhance our enterprise-wide third-party risk program. This role involves overseeing risk assessments, governance, due diligence, monitoring, and issue management for vendors, partners, and service providers across the organization. The ideal candidate will bring 10–12 years of expertise in risk management, information security, compliance, and vendor oversight, with the ability to collaborate across legal, procurement, technology, and business functions to ensure consistent application of third-party risk controls. Roles and Responsibilities Key Responsibilities: Lead the execution and continuous improvement of the Third-Party Risk Management lifecycle, including on boarding assessments, ongoing monitoring, risk reviews, and exit management. Oversee the development and implementation of TPRM policies, frameworks, and procedures, aligned with regulatory standards such as NIST, ISO 27001, SOC 2, GDPR, DORA, and PCI DSS. Conduct and review inherent and residual risk assessments for new and existing vendors across multiple risk domains (information security, compliance, financial, operational, etc.). Collaborate with procurement, legal, IT, business units, and compliance teams to integrate TPRM into sourcing and contract processes. Drive the automation and scalability of the TPRM program through use of GRC platforms (e.g., ServiceNow, Archer, ProcessUnity, OneTrust). Manage third-party due diligence questionnaires (DDQs), control gap analysis, and track remediation efforts for identified issues. Prepare and deliver executive-level reporting and dashboards related to vendor risk posture, risk acceptance, and compliance status. Stay current on emerging regulatory requirements, supply chain risks, and third-party threats to inform program strategy. Support internal/external audits and regulatory reviews involving vendor risk management. Required Qualifications: 10–12 years of professional experience in Third-Party Risk Management, IT Risk, InfoSec, Audit, or related GRC functions. In-depth understanding of third-party risk domains, including cybersecurity, data privacy, business continuity, and compliance. Experience developing or managing TPRM frameworks and governance structures across global enterprises. Hands-on experience with TPRM tools such as ServiceNow GRC, Archer, OneTrust, Prevalent, or ProcessUnity. Strong knowledge of risk and control frameworks including NIST, ISO 27001, SIG, SOC 2, and GDPR. Proven ability to assess and report on third-party risk posture, remediation plans, and contract compliance. Excellent written and verbal communication skills with ability to influence technical and non-technical audiences. Preferred Qualifications: Relevant certifications such as CISA, CRISC, CISSP, CTPRA, CTPRP, or ISO 27001 Lead Auditor. Experience in regulated industries such as financial services, healthcare, or critical infrastructure.

You'll lead and shape the cybersecurity landscape within our projects. Day-to-day, youll work closely with teams across the business (IT, Engineering, Operations), validate security aspects of IT projects, and much more. Youll specifically take care of developing use cases, creating business cases with a thorough TCO analysis, and producing or validating architectural documentation. Additionally, you will engage in stakeholder presentations, conduct security studies, and lead design and build phases with subcontractors. Well look to you for: Identifying project needs and gathering functional and technical requirements Defining use cases and creating an enablement roadmap Developing a business case with TCO analysis Validating or producing Architecture Design Documents (ADD) Presenting solutions and enhancing the service catalog Conducting security studies and implementing infrastructure hardening Providing troubleshooting expertise and operational support All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: A Bachelor's/Master's degree in Engineering/Technology CISSP or CISM certification Experience in the Transport Industry is a plus At least 7 years of work experience in cybersecurity, with a focus on architecture and design A strong grasp of security architecture and infrastructure Proficiency in risk analysis and network security patterns Strong knowledge of cloud solutions and security mechanisms Fluency in English

• Business & governance change projects, providing controls & risks consultancy • Analyze & recommend changes to policies &procedures • Internal audit risk assessment • Contribute to annual plan development &maintenance • Plan, deliver complex audits Required Candidate profile CA / Inter-CA / MBA CIA, CISA etc 5+ years of exp in Process & Risk Audits Exp in Insurance, Banks, FIs Good exp in all areas of Audits related to Risk & Process Audits Good English Communication Perks and benefits Great Opportunity