12 Giac Jobs

As the IT Auditor at Navi, you will be responsible for overseeing Navis strategic Risk-based IT Audit Plan and managing the Group IT Audit Function in alignment with Navis Internal Audit Charter and industry standards set by ISACA, ISO, COBIT, IIA, and other relevant professional bodies. Your role will involve directing IT audit operations and strategies at the group level, auditing information systems, platforms, and operating procedures of Navi to ensure the effectiveness of the organizations risk management and internal controls. Your major responsibilities will include developing and implementing risk-based annual IT audit plans, evaluating IT infrastructure, identifying areas of risk or non-compliance, and ensuring proper resourcing for plan implementation. You will also be responsible for updating audit tools, informing senior management of significant risks, providing feedback on IT & data risks, maintaining relationships with key stakeholders, overseeing Internal Audits participation in business initiatives, and serving as a thought leader in IT risk management and internal control best practices. In addition, you will continuously inspect and assess various elements of the companys information systems, identify IT risk exposure, recommend remediation strategies, review security measures, coordinate with external auditors and regulators, track issues and actions management process, and provide early warning signals in IT areas for potential fraud scenarios. You will also be responsible for issuing clear and concise IT Audit reports, delivering MIS and reports to assist the Function Head, and making presentations to the audit committee and management independently. The ideal candidate for this role should possess IT audits related qualifications such as CISSP, CISA, CISM, GIAC, PPM, PMP, DISA, or equivalent, along with 7 or more years of experience in IT audits preferably with 2-3 years in a team management role. Strong knowledge of IT security and infrastructure, experience in agile product management environments, and 3 to 5 years of Fintech or NBFC industry experience are preferred qualifications for this role.,

We are seeking a highly skilled and proactive Cybersecurity Engineer with 68 years of experience in securing enterprise environments. The candidate will be responsible for implementing and maintaining cybersecurity solutions, detecting vulnerabilities, monitoring threats, and ensuring regulatory compliance. This role requires hands-on expertise in security tools, threat intelligence, incident response, and security architecture. Key Responsibilities: Design, implement, and maintain security infrastructure, tools, and policies. Monitor security alerts and conduct threat detection , analysis , and response . Perform vulnerability assessments and penetration testing ; recommend and implement mitigation strategies. Manage and maintain security technologies such as: Firewalls, IDS/IPS SIEM tools (e.g., Splunk, QRadar, LogRhythm) Endpoint Detection and Response (EDR) DLP, IAM, and PAM solutions Conduct incident response , including containment, eradication, and post-incident analysis. Implement and manage network segmentation , encryption protocols , and secure configurations . Participate in security audits , risk assessments , and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA). Create and maintain security documentation, runbooks, and reports. Stay updated on the latest threats, vulnerabilities, and regulatory requirements. Collaborate with IT, DevOps, and compliance teams to embed security in the development and operations lifecycle (DevSecOps). Conduct internal security training and awareness sessions. Required Skills & Qualifications: 68 years of hands-on experience in cybersecurity engineering or information security roles. Strong knowledge of network security , cloud security , application security , and endpoint protection . Experience with tools such as: SIEM (Splunk, IBM QRadar, ELK) EDR (CrowdStrike, SentinelOne, Carbon Black) Firewalls (Palo Alto, Fortinet, Check Point) Vulnerability scanners (Qualys, Nessus, Rapid7) Solid understanding of TCP/IP , DNS , VPNs , TLS/SSL , and encryption techniques . Strong scripting or automation skills (Python, PowerShell, Bash) for security automation. Familiarity with cloud security practices on AWS, Azure, or GCP. In-depth knowledge of security frameworks like NIST, MITRE ATT&CK, CIS Controls. Preferred Skills (Good to Have): Professional certifications such as: CISSP , CEH , CISM , GIAC , or CompTIA Security+ Experience in DevSecOps or working with CI/CD pipelines . Exposure to zero-trust architectures , SASE , and identity governance tools. Previous experience in SOC , MSSP , or large enterprise security operations.

As a candidate for this position, you should hold a Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field, with a preference for a Masters degree. Your role will involve leading and mentoring the SOC team to promote a culture of continuous improvement and collaboration. Overseeing the day-to-day operations of the SOC is crucial, ensuring efficient incident detection, response, and recovery processes. Collaboration with IT and business units is essential to integrate cybersecurity measures into existing and new technology deployments. Your responsibilities will also include managing cybersecurity projects, selecting and implementing cutting-edge security tools and technologies. Regular security assessments, penetration testing, and proactive threat hunting are key tasks to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC are desired, along with at least 10 years of experience in cybersecurity, including a minimum of 3 years in a leadership role within an SOC environment. In-depth knowledge and experience with cybersecurity regulations and standards are expected. Proficiency in managing and configuring security technologies such as SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools is required. You should have a demonstrated ability to lead and develop high-performing teams. Additional responsibilities include preparing lab/demo environments, conducting research and development on security tools and best practices, and being flexible to work in US Shift. Excellent problem-solving, communication, and presentation skills are necessary for this role.,

About The Role Exciting opportunity for an experienced Security Incident Responder to join our IT Security team in Pune. Take a key role in driving success by enabling a seamless, global security incident response capability. This is a full-time, on-site position based in our Baner office. About You You have a curious mindset and are highly passionate about security engineering and the evolving role of AI in this domain. You also have: - Experience between 2 to 5 years working as a SOC Analyst, Incident Responder or Detection Engineer. - Knowledge applications of security frameworks DFIR, Cyber Kill Chain, MITRE ATT&CK. - Confidence and the ability to remain calm under pressure. It would be beneficial if you possess: - Understanding of software development practices, DevSecOps, enterprise security tools. - Knowledge Artificial Intelligence utilization within the Incident management process. - Awareness of regulatory environment and requirements (e.g. GDPR) - Experience securing cloud-based services (preferably hosted in AWS or Microsoft Azure cloud environments), combined with insight into vulnerability management and scanning tools. - Knowledge of techniques to tune SIEMs, threat hunting, and implementing security best practices. - Security qualifications e.g. GIAC Certifications, AWS, Azure, CEH, OSCP. Key Responsibilities - Act as Incident Commander, coordinating security incident response across teams and time zones, ensuring seamless handoffs. - Collaborate with in-house analysts and MDR partners for timely detection, alerting, and monitoring of security events. - Manage and triage security alerts, document incidents, and maintain detailed reports. - Develop, maintain, and test Incident Response playbooks while driving process and capability improvements. - Design use cases for automation and AI to enhance incident management speed and efficiency. - Review and optimize security platform configurations, ensuring compliance, stability, and alignment with IT best practices. Benefits and Perks Join us for a rewarding career with competitive compensation, leave entitlements, health coverage, and financial security. Enjoy work-life balance, growth, and recognition for your exceptional performance. Our team will unveil the intricacies of our benefit package during the selection process. Company Overview Hansen Technologies (ASX: HSN) is a global software and services provider, serving energy, water/utilities, and telecommunications industries. With customers in 80+ countries, we foster collaboration across 36 global offices. From 5G advancements to renewable energy transitions, we empower customers to overcome challenges, innovate, and drive new business models.

Security Response Coordinator Role Overview As a Security Response Coordinator you will play a critical role in ensuring the effective management and response to security incidents within our organization You will collaborate with cross functional teams and stakeholders to develop and implement incident response plans coordinate incident investigations and drive the resolution of security incidents in a timely manner The ideal candidate will possess excellent communication skills strong problemsolving abilities and a deep understanding of security incident management Responsibilities Collaborate with key stakeholders to identify potential security threats and vulnerabilities Regularly review and refine incident response procedures based on industry best practices and lessons learned Perform initial triage and analysis of security incidents Escalate incidents to Level 2 or Level 3 as necessary Document and track incidents in the incident management system Coordinate incident response efforts Serve as the primary point of contact for all security incidents ensuring timely response and resolution Establish and maintain communication channels with internal teams and external partners to facilitate incident response activities Coordinate and lead cross functional incident response teams providing clear guidance and direction Investigate security incidents Conduct thorough investigations into security incidents including data breaches system intrusions and policy violations Collect and analyze evidence identify the root cause of incidents and provide recommendations to prevent future occurrences Document incident details actions taken and lessons learned for post incident analysis and reporting Incident escalation and reporting Assess the severity and impact of security incidents and escalate as necessary to senior management or executive leadership Prepare comprehensive incident reports and communicate findings to relevant stakeholders Provide regular updates on incident response activities metrics and key performance indicators KPIs to management Continuous improvement Stay abreast of the latest security trends emerging threats and industry best practices Contribute to the enhancement of security policies procedures and guidelines Participate in tabletop exercises drills and simulations to test and improve incident response capabilities Participate in regular training and awareness programs Requirements Bachelors degree in computer science Information Security or a related field Relevant certifications eg CISSP CISM GIAC are a plus Proven experience in security incident management preferably in a fast paced and complex environment Strong understanding of security frameworks standards and regulations eg GDPR Familiarity with incident response tools technologies and forensic techniques Excellent communication skills both written and verbal with the ability to convey complex technical concepts to nontechnical stakeholders Strong analytical and problemsolving abilities with a keen attention to detail Ethical mindset and commitment to maintaining the confidentiality integrity and availability of sensitive information if interetsed send your resume on payal.banchare@ltimindtree.com

Role & responsibilities Position Summary: We are seeking an experienced and proactive Threat Intelligence & IR Lead to oversee our SOC threat intelligence and ensure the security of our organizations assets. The ideal candidate will have a minimum of 7 years of experience in cybersecurity, with a strong focus on threat intelligence, threat hunting, analysis & incident response. You will be responsible for identifying, analyzing, and mitigating threats to protect the organization's infrastructure, data, and operations. Key Responsibilities: Threat Intelligence & Incident Response : Develop, implement, and manage the organizations threat intelligence strategy and program. Lead a team of threat SOC analysts and ensure timely identification of emerging threats. Threat Identification and Analysis: Monitor and analyze cyber threat data, including data banks , data lakes , API access controls , threat feeds, and intelligence platforms. Identify trends, techniques, tactics, and procedures (TTPs) of threat actors and provide actionable insights. Collaboration and Reporting: Collaborate with internal teams (e.g., SOC, incident response, and risk management) to share threat intelligence insights. Prepare detailed threat reports and brief senior management on the organizations threat landscape. Threat Hunting and Mitigation: Conduct proactive threat-hunting activities to identify vulnerabilities and weaknesses in the organization’s systems. Recommend and implement mitigation strategies to address identified threats. Tool and Technology Management: Evaluate, implement, and maintain tools and technologies to support the threat intelligence program. Automate threat detection processes and maintain integrations with security operations platforms. Industry Engagement: Participate in threat intelligence sharing forums and build relationships with external organizations to stay updated on evolving threats. Qualifications and Experience: Minimum of 7 years of experience in cybersecurity, with at least 3 years in a threat intelligence or similar role. Strong knowledge of cyber threat landscapes, attack vectors, and defensive strategies. Hands-on experience with threat intelligence platforms (TIPs), SIEMs, and other security tools. Familiarity with frameworks such as MITRE ATT&CK, NIST, and Cyber Kill Chain. Experience in analyzing threat data, including malware, indicators of compromise (IoCs), and vulnerabilities. Excellent analytical, communication, and problem-solving skills. Relevant certifications (e.g., CISSP, CEH, GIAC, GCTI) are preferred. Educational Requirements: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master’s degree preferred. Key Competencies: Strong leadership and team management skills. Ability to work under pressure in fast-paced, high-stakes environments. Detail-oriented with a focus on continuous learning and staying ahead of emerging threats. This role offers the opportunity to lead a critical function within our cybersecurity operations and make a tangible impact on the organization's security posture. If you are passionate about staying ahead of cyber threats and have a proven track record in threat intelligence, we encourage you to apply.

We are looking for someone who has good hands on experience in VAPT. This role is with one of the government department of Maharashtra. Education: B.E/B. Tech / M.Sc. (Comp. Sci) / MCA / MBA/ M. Tech degree or equivalent. Should be a certified auditor. 6 or more years of overall experience with at least 6 years of relevant experience in Vulnerability Analysis, Penetration Testing and/or forensics. Must have experience in managing at least 3 projects for large, enterprise scale Clients. should have at least two industry certifications as mentioned below: 1. Licensed Penetration Tester (LPT) 2. Certified Penetration Testing Professional (CPENT) 3. Certified Expert Penetration Tester (CEPT) 4. GIAC Penetration Tester (GPEN) 5. CompTIA PenTest+ 6. Certified Ethical Hacker (CEH) 7. Certified Mobile and Web App Penetration Tester (CMWAPT) 8. Computer Hacking Forensic Investigator (CHFI) 9. Certified Information System Auditor (CISA) 10. Certified Information Security Manager (CISM) 11. Other acceptable industry related certification in VAPT. 12. OSCP

At least two-year experience in a similar Information Security position Vulnerability research skills Experience in security assessments, pentesting web applications and infrastructure. Experience developing security tools and open source projects Attention to detail and good problem solving skills Very good knowledge of the technical foundations behind networking, operating systems and applications (TCP/IP, Linux, Windows, Web Technologies) Good understanding of Information Security processes and theory Good communication skills and customer-facing experience Experience in the following areas: Vulnerability management Risk management Qualifications Desired Security Certification (GIAC, OSCP, etc.) or similar qualification Experience integrating systems and tools via API's (programming, automation) Online Gaming security experience Experience in Application Security Regulatory and industry standards work: ISO27001, PCI-DSS, etc. Additional Information Additional information With the capacity to display initiative as part of a very strong Technology Governance team, this position plays a key role in ensuring the continued alignment of our Technology department with business objectives. The Candidate should be able to think laterally; suggest process improvements; drive results; Confident with other team members and able to engage with Vendor third parties to ensure Entain's data and confidentiality is maintained to the highest of security standards. Qualification Criteria Qualifications Security Certification (GIAC, OSCP, etc.) or similar qualification Experience integrating systems and tools via API's (programming, automation) Online Gaming security experience Experience in Application Security Regulatory and industry standards work: ISO27001, PCI-DSS, etc. Other relevant professional qualifications will be considered, although not a requirement, e.g. CISA, CISM, CISSP, GIAC, etc.

Description We are seeking a skilled SOC L2/L3 Professional to join our security operations team in India. The ideal candidate will be responsible for monitoring security incidents, conducting in-depth investigations, and implementing effective security measures to protect our organization from cyber threats. Responsibilities Monitor security alerts and incidents, analyze security breaches, and respond to security incidents. Conduct thorough investigations of security events and provide detailed reports to management. Collaborate with other teams to implement security measures and enhance overall security posture. Maintain and update documentation related to incident response and security processes. Provide mentorship and training to junior SOC team members. Skills and Qualifications 4-6 years of experience in a Security Operations Center (SOC) environment. Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent. Able to work shifts on a rotating basis for 24/7 support of clients. Experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc. Knowledge of Advanced Persistent Threats (APT) tactics, technics and procedures. Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc. Understanding of common network infrastructure devices such as routers and switches. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP. Basic knowledge in system security architecture and security solutions. Relevant certifications such as CISSP, CEH, CISM, or CompTIA Security+ are preferred.

Some of your daily responsibilities would be the following: Analyze current asset management workflows and identify areas for automation. Develop and implement automation scripts and tools using programming languages (e.g., Python, PowerShell). Integrate asset management systems with other enterprise applications. Design and develop automation scripts and tools for identity provisioning, de-provisioning, and access management. Integrate identity management systems with other network infrastructure and applications. Create and maintain documentation for automation processes and scripts. Implement security best practices in automation processes. Ensure compliance with regulatory requirements and internal policies Implement automated discovery and inventory processes. Collaborate with internal teams and external auditors on compliance matters. Leverage industry proven tools to identify and reduce Cyber Risks Assist in Crisis Management, Ransomware Recovery and Business Continuity planning. Identify, investigate and resolve global security breaches / incidents Develop and maintain network and infrastructure security reporting dashboards and scorecards used to measure our Cyber Practice. What were looking for... You are passionate about network security and automation as a career. You are self-driven and motivated, with good communication and analytical skills. Youre a sought-after team member that thrives in a dynamic work environment. You will be working with multiple partners from the business groups, so networking and managing effective working relationships should be your top most priority. You have an understanding of industry trends in all areas of Information Security. You'll need to have some of the skills listed below: Bachelors degree or four or more years of work experience. Four or more years of relevant work experience. Four or more years of experience in network / information security, risk and compliance management. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Experience in handling enterprise scale server infrastructure & management Knowledge of Cloud infrastructure and technologies Proficiency in scripting languages (e.g., Python, Bash, PowerShell). Experience with network management tools and protocols (e.g., SNMP, Netconf). Knowledge of database management systems (e.g., SQL, NoSQL). Familiarity with API integrations and web services (REST, SOAP). Excellent analytical and problem-solving skills. Ability to manage multiple tasks and priorities in a fast-paced environment Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Masters degree in Computer Science / Information Technology Engineering Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC, etc Strong expertise in at least one operating system Window or Linux. Cloud relevant certifications CCSP, CCSK

working experience with the engineering, risk assessment, implementation, deployment, and securing OT /ICS systems candidates with Globally accepted security certifications such as: GICSP or ISA IEC 62443, GIAC Certified, CICSP.

We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation!? Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers program is called BMC on BMC! We are seeking a highly motivated and detail-oriented Senior Information Security Engineer to join our team. This individual will play a critical role in ensuring the security of our network infrastructure and protecting sensitive data across our systems. The ideal candidate is passionate about cybersecurity, eager to learn, and has excellent problem-solving skills. They will work in a dynamic environment, addressing complex security challenges and continuously staying up to date with new technologies. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Deploy and maintain security tools and systems. Implement security policy, standards, guidelines, processes, and procedures to ensure ongoing security posture. Design and implement secure network architectures: Collaborate with the IT team to design, build, and maintain secure network topologies, ensuring protection from external and internal threats. Automation and scripting: Use Python and other scripting languages to automate security tasks, improve efficiency, and manage security infrastructure. Security incident response: Investigate and respond to security incidents, identifying the root cause and implementing solutions to prevent future incidents. Collaborate with cross-functional teams: Work with network engineers, software developers, and system administrators to implement security best practices across all layers of the organizations technology stack. Stay updated on the latest security trends and technologies: Continuously research and learn new security tools, trends, and technologies, applying them to the organizations environment. To ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in a similar Security Engineering/DevOps role. Curiosity and eagerness to learn new technologies: A passion for exploring new cybersecurity tools, methods, and best practices. Hands-on experience with Linux-based environments, including hardening and securing servers. Proficiency in Python programming for automating tasks and scripting security processes. Excellent troubleshooting and logic skills: Strong analytical and problem-solving capabilities, with the ability to think critically and resolve complex issues. Strong understanding of network architecture and protocols: Ability to design and comprehend complex network topologies, troubleshoot network issues, and optimize security. Ability to work with little supervision as well as being a team player with excellent verbal, written, and interpersonal communication skills. Nice to Have: Experience with firewall configurations, IDS/IPS, and security event monitoring tools. Familiarity with cloud security (AWS, Azure, Google Cloud, OCI) is a plus. Familiarity with cybersecurity frameworks: Experience working with NIST, CIS, ISO 27001, or similar security standards is a plus. Previous experience working with vulnerability management technologies (e.g. Tenable, Rapid7, Qualys) preferred. Security Certifications such as CISSP, CEH, CompTIA Security+, or GIAC.