10 Cybersecurity Frameworks Jobs

As a Principal Cybersecurity Engineer at Medtronic, you will serve as the Principal OT Risk Governance Analyst, leading the development, implementation, and oversight of robust risk management and governance frameworks for our Operational Technology (OT) environments in manufacturing. Your expertise will ensure that OT security controls align with corporate policies, industry regulations, and cybersecurity best practices, playing a critical role in Medtronic's mission to champion healthcare access and innovation. A Day in the Life You will drive cybersecurity excellence within our OT environments by: Leading OT risk assessments , identifying and rating risks based on the established risk matrix. Maintaining the risk register and tracking risks specifically related to manufacturing environments. Ensuring compliance with NIST CSF, NIS 2, and other relevant cybersecurity frameworks and regulations. Collaborating with IT, OT, and compliance teams to align cybersecurity policies with operational requirements. Establishing and maintaining OT security governance frameworks, policies, and procedures. Defining roles and responsibilities for OT security within manufacturing operations. Developing tailored security awareness programs for OT personnel, engineers, and plant operators. Providing guidance on secure architecture, network segmentation, and access controls for OT systems. Supporting the cybersecurity incident response process , including detection, response, and recovery planning. Collaborating with IT security teams, SOC analysts, and plant personnel to investigate and mitigate security incidents. Ensuring disaster recovery plans incorporate IT and OT system resilience and recovery. Assisting manufacturing teams with initial documentation of disaster recovery plans, tabletop exercises, and tracking updates. Acting as a key advisor for manufacturing operations teams and cybersecurity stakeholders. Developing training on IT and OT security risks, governance frameworks, and compliance expectations. Facilitating security awareness sessions for IT and OT engineering teams. Required Qualifications and Experience Bachelor's degree in Cybersecurity, Information Technology, Engineering, or a related field with 14+ years of overall experience. 5+ years of experience in OT security, risk management, or governance in manufacturing, energy, or critical infrastructure. Strong knowledge of ICS/SCADA systems , industrial protocols (Modbus, OPC, DNP3, etc.), and IT and OT asset management. Experience with risk assessment methodologies , audit frameworks, and regulatory compliance. Familiarity with frameworks like NIST 800-82, IEC 62443, ISO 27001, and the Purdue Model for ICS Security. Strong communication and leadership skills for cross-functional collaboration. Preferred Qualifications Industry certifications: CISM, CISSP, CRISC, GICSP, ISA 62443, or equivalent. Experience with vulnerability management, threat modeling, and incident response in manufacturing environments. Knowledge of firewalls, network segmentation, and endpoint protection for ICS environments. Benefits & Compensation Medtronic offers a competitive Salary and flexible Benefits Package. We are committed to our employees, recognizing their contributions and providing resources to support you at every career and life stage. About Medtronic Medtronic leads global healthcare technology, boldly attacking the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people. We are engineers at heart, putting ambitious ideas to work to generate real solutions for real people, leveraging talent, diverse perspectives, and courage to engineer the extraordinary.

Job Title: Cyber Security Architect No. of years of experience: 8+ years Job Type: Contract Contract Duration: 12 months (potential to extend) Location: Hyderabad Work Type: Hybrid Start Date: Immediate (Notice period/joining within 1-2 weeks) Disaster Recovery Strategy: Develop and maintain the organization's disaster recovery plans, ensuring immediate and efficient recovery of critical systems in the event of cyber incidents or natural disasters. Business Continuity Planning: Assess and design business continuity frameworks, ensuring minimal disruption to operations and rapid restoration of services. Risk Assessment: Evaluate potential threats, vulnerabilities, and risks to the organizations infrastructure and recommend mitigation strategies. Architect Secure Systems: Design and implement secure systems and protocols to protect digital assets and sensitive information. Compliance and Standards: Ensure adherence to regulatory standards, such as ISO 22301, NIST SP 800-34, and other frameworks related to DR/BCP and cybersecurity. Testing and Exercises: Conduct regular tests and simulations of DR and BCP plans to identify gaps and improve recovery strategies. Incident Response: Collaborate with incident response teams to ensure proper handling of security breaches and align recovery efforts with continuity strategies. Vendor Management: Oversee and evaluate third-party disaster recovery services and tools to ensure alignment with organizational requirements. Training and Awareness: Provide training and guidance to employees and stakeholders on DR and BCP roles and responsibilities. Documentation: Maintain detailed documentation for all DR and BCP processes and procedures for audit and operational purposes. If you are interested for above role please share your updated cv to mounika.t@intuition-it.com

Sr. Network & Security Engineer Location : Chennai - Taramani (Work From Office) Notice : Short Period / Immediate Full time role RESPONSIBILITIES Design, deploy, and manage scalable enterprise network infrastructures focusing on Cisco switches and routing technologies. Configure and maintain next-generation firewalls, including Palo Alto, FortiGate, and Cisco Firepower NGFW. Administer F5 Load Balancers (LTM, ASM) to ensure high availability and secure application delivery. Manage the full SSL certificates and domain services lifecycle, including DNS configuration and domain registration. Implement, monitor, and support endpoint security platforms such as Symantec Endpoint Protection Manager (SEPM), Trend Micro, and CrowdStrike. Perform ongoing threat monitoring, vulnerability remediation and incident response related to endpoints and network devices. Troubleshoot & resolve complex issues across network and endpoint layers, focusing on minimising downtime. Define/enforce network & endpoint security policies in alignment with compliance & organisational needs. Maintain detailed documentation of all infrastructure components, including network architecture, firewall configurations, SSL/DNS records, domain configurations, and endpoint security deployments. Collaborate with internal IT teams and business stakeholders to align security and infrastructure strategies with organisational objectives. Stay current on emerging threats, security technologies, and industry best practices. DESIRED SKILLS Experience in network and security engineering, including endpoint protection management. Expertise with Cisco Switches, routing protocols, and network design. Proven experience with Palo Alto, FortiGate, and Cisco Firepower firewalls. Strong operational knowledge of F5 Load Balancers (LTM, ASM). In-depth understanding of SSL/TLS certificate management and DNS/domain services. Hands-on experience with SEPM, Trend Micro, and CrowdStrike for endpoint protection. Solid knowledge of TCP/IP, VPNs, VLANs, NAT, ACLs, and network segmentation techniques. Familiarity with cybersecurity frameworks, threat intelligence, and incident response methodologies. Strong troubleshooting and analytical skills with a proactive mindset Experience in license management, procurement, purchase, contracts and vendor management for security and network infrastructure. Ability to work independently, manage multiple priorities, and provide off-hours/on-call support as needed. Excellent verbal and written communication skills. QUALIFICATIONS Bachelors or Masters degree in a related field. CCNP, PCNSE, Fortinet NSE Certifications, F5 Certified Administrator Interested can forward your latest resumes to John.s@zirlen.com

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level:8 + years. Location: Hyderabad / Bengaluru Required skills: 6 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level:5 + years. Location: Hyderabad / Bengaluru Required skills: 4 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level: 3+ years. Location: Hyderabad / Bengaluru Required skills: 3 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your role and responsibilities The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution. In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise. This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Should have experience in any of the query language i.eAQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation. Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model. Should have understanding of regular expression writing and custom parsing Preferred technical and professional experience Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs. Create technical documentation around the content deployed to the SIEM. Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats

In this vital role, you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. You will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, you will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. As the Security Automation Engineer, you must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and best practices with the team to continually enhance the organization's security posture. Roles & Responsibilities Create playbooks using a low-code platform to streamline security operations. Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as an escalation resource for developers as they reduce issues. Basic Qualifications Education and Experience:Master's degree and 1 to 3 years of directly related experience; OR Bachelor's degree and 3 to 5 years of directly related experience; OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills Proficiency in Python scripting and automation. Experience with REST API technology. Experience with Linux is a MUST. Experience with Security Orchestration Automation and Response (SOAR) tools (e.g., Swimlane, Cortex XSOAR, etc.). Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness. Preferred Qualifications Knowledge of cybersecurity frameworks, technologies, and best practices. Experience in risk management, incident response, and security governance. Knowledge of security architecture frameworks and principles. Professional Certifications CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams. High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals. Strong presentation and public speaking skills.

What you will do Role Description: In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and standard processes with the team to continually enhance the organizations security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Masters degree and 1 to 3 years of directly related experience OR Bachelors degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills: Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e.g. Swimlane, Cortex XSOAR, etc.) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Preferred Qualifications: Knowledge of cybersecurity frameworks, technologies, and standard methodologies Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills

ABOUT THE ROLE The Senior Manager Information Security is responsible for leading the security automation product team and driving the development, integration and continuous improvement of a security automation platform. This role combines strong leadership, technical acuity, and product ownership skills to supervise a growing team responsible for automating security workflows, integrating tools, improving operational efficiency, and strengthening the overall cybersecurity posture. As the product owner of the security automation platform and service, the Senior Manager Information Security collaborates with collaborators to deliver impactful automations and maintain a scalable, secure, and resilient automation infrastructure. Key aspects of the role include aligning automation projects with organizational security goals, fostering innovation in machine learning applications, and ensuring the adoption of industry-leading practices by staying ahead of with evolving threats and trends. Roles & Responsibilities: Lead and mentor a team of security automation engineers, data engineers, and data scientists, fostering a collaborative and high-performance culture Oversee the security automation service, ensuring effective operations, prioritization, and continuous alignment with business and security goals Oversee the security automation product team to ensure adherence to SAFe/Agile methodologies and definitions of done, maintaining high-quality standards in deliverables Oversee the seamless operation, scalability, and efficiency of a cloud-based security automation solution, ensuring continuous enhancement of security controls and automation capabilities Develop strategies to streamline incident response, threat detection, and remediation processes using automation capabilities Drive and manage the seamless integration of new and existing security tools, platforms, and workflows to ensure a cohesive and optimized automation ecosystem Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST) Collaborate with collaborators to establish and supervise critical metrics related to SAFe implementation Generate and maintain security reports, metrics, and dashboards for management review Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations Build and deliver knowledge sharing presentations and documentation to educate developers and operations teams on application security standard methodologies and secure coding techniques Triage and assess findings from tools, external reports, and tests to determine real risks and prioritize remediation efforts Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues What we expect of you We are all different, yet we all use our unique contributions to serve patients. The professional we seek is a senior manager with these qualifications. Basic Qualifications: Masters degree and 8 to 10 years of Scrum teams management or related field experience OR Bachelors degree and 8 to 10 years of in Scrum teams management or related field experience OR Diploma and 12 to 14 years of in Scrum teams management or related field experience. Preferred Qualifications: Experience managing and scaling security automation platforms and tools (e.g., SOAR) Demonstrated success in leading high-performing technical teams in an agile environment Strong understanding of integrating security tools and data platforms (SIEM, EDR, IAM, etc.) In-depth knowledge of cybersecurity frameworks, technologies, and best practices Experience in risk management, incident response, and security governance Strong knowledge of security architecture frameworks and principles Strong understanding of common software and web application security vulnerabilities Excellent communication, stakeholder management, and analytical skills. Good-to-Have Skills: Experience with network security, endpoint protection, and incident response Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) CISSP (preferred) TOGAF (preferred) Certified Scrum Product Owner (CSPO), or equivalent (preferred) Soft Skills: Initiative to explore alternate technology and approaches to solving problems Skilled in breaking down problems, documenting problem statements, and estimating efforts Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team-oriented, with a focus on achieving team goals