512 Grc Jobs - Page 11

Solution DesignCollaborate with stakeholders to understand business requirements and design SAP GRC Access Control and Security solutions that meet regulatory compliance and risk management objectives. Access Control ImplementationImplement and configure SAP GRC Access Control module, including role management, user provisioning, access request management, and access risk analysis. Segregation of Duties (SoD) ManagementDesign and implement SoD rules and controls within SAP GRC Access Control. Perform SoD analysis to identify and remediate conflicts in user access and ensure compliance with regulatory requirements. Security AdministrationManage security administration activities, including user account management, role management, and access provisioning within SAP S/4HANA systems. Risk Assessment and MitigationPerform risk assessments to identify potential security risks and vulnerabilities within the SAP landscape. Develop and implement mitigation strategies to address identified risks. Compliance and Audit SupportEnsure compliance with relevant regulations, such as GDPR, SOX, and industry-specific requirements. Support internal and external audits by providing necessary documentation and evidence of compliance. Security Monitoring and Incident ResponseImplement security monitoring tools and processes to detect and respond to security incidents. Define incident response procedures and coordinate with relevant stakeholders in incident management activities. Training and AwarenessDevelop and deliver training programs to educate users and stakeholders about SAP GRC Access Control and Security best practices, policies, and procedures Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise QualificationsBachelor’s degree in engineering, Computer Science, Information Systems, or a related field with 5-8 years rich working experience and strong understanding of SAP S/4HANA GRC (Governance, Risk, and Compliance) Access Control and Security module for overseeing the implementation, configuration, and management of SAP GRC Access Control and Security solutions within the SAP S/4HANA environment. Ensure the organization's access control and security processes align with regulatory requirements and industry best practices SAP S/4HANA GRC Access Control, Security Lead; SAP GRC Access ControlIn-depth knowledge and hands-on experience with SAP GRC Access Control module, including role management, user provisioning, access request management, and access risk analysis. Segregation of Duties (SoD)Expertise in SoD concepts, methodologies, and tools. Ability to design and implement SoD rules and controls within SAP GRC Access Control. Regulatory ComplianceUnderstanding of regulatory requirements and standards, such as GDPR, SOX, and industry-specific regulations. Knowledge of controls and processes to ensure compliance with these requirements. Security AdministrationProficiency in SAP S/4HANA security administration activities, including user account management, role management, and access provisioning Preferred technical and professional experience Risk ManagementExperience in conducting risk assessments, identifying security risks, and developing risk mitigation strategies within the SAP landscape. Security MonitoringFamiliarity with security monitoring tools and techniques to detect and respond to security incidents. Knowledge of SAP Security Information and Event Management (SIEM) solutions is beneficial. Problem-Solving and Troubleshooting, communication, analytical and problem-solving skills.

1. With an experience of 5+ years. 2. Proven track record of success in enterprise sales within the cybersecurity or technology sector, with a focus on SIEM, SOAR, MDR and related security solutions. 3. In-depth understanding of cybersecurity principles, technologies, and best practices, particularly in the areas of threat detection, incident response, and compliance. 4. Demonstrated experience working with large enterprises, and a strong understanding of their security challenges and regulatory requirements. 5. Excellent communication and interpersonal skills, with the ability to build rapport and credibility with diverse stakeholders, including technical and non-technical audiences. 6. Strategic thinker with a results-driven mindset and a passion for driving business growth and exceeding sales targets. 7. Strong negotiation and closing skills, with the ability to navigate complex sales cycles and influence decision-making at all levels of an organization. 8. Self-motivated and proactive with a high degree of initiative and resourcefulness in pursuing opportunities and overcoming obstacles. 9. Ability to thrive in a fast-paced, dynamic environment and adapt quickly to changing market conditions and customer needs. 10. Willingness to travel as needed to meet with clients, attend industry events, and participate in sales meetings and conferences.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SAP GRC - Governance-Risk-Compliance.

1.Governance and Policy Development oDevelop and implement governance frameworks, policies, and procedures to ensure alignment with industry standards and organizational objectives. oRegularly review and update GRC policies based on regulatory changes, client requirements, and industry best practices. oCreate and maintain documentation for governance, risk, and compliance initiatives, ensuring accessibility and adherence across the organization. 2.Client Due Diligence and Risk Assessment oManage and respond to client due diligence and security assessments, providing accurate, timely information about the organization's risk management, security posture, and compliance practices. oCoordinate with relevant teams to compile necessary documentation and evidence to address client inquiries regarding data protection, privacy practices, and information security controls. oConduct risk assessments based on client requirements, identifying and addressing potential gaps to ensure continued alignment with client security expectations. 3.Vendor Risk Assessment and Management oConduct thorough vendor risk assessments to evaluate the security posture and compliance of third-party vendors. oCollaborate with the procurement and legal teams to review vendor agreements, ensuring they meet the organizations GRC and security standards. oMonitor and maintain the vendor risk register, tracking vendor compliance, and conducting periodic reassessments for critical vendors. 4.Risk Assessment and Mitigation oLead and conduct internal risk assessments, identifying and analysing potential risks to the organizations assets and operations. oDevelop and implement risk treatment plans in collaboration with stakeholders, tracking and reporting on risk mitigation efforts. oMaintain the organizational risk register and work with cross-functional teams to ensure continuous monitoring and timely response to emerging risks. 5.Compliance Management and Regulatory Oversight oEnsure compliance with relevant standards and regulations, such as ISO 27001 (ISMS), ISO 27701 (PIMS), ISO 27017, ISO 27018, ISO 42001 (AI oManagement Framework), CCPA, NIST, GDPR, PCI-DSS, CIS Benchmarks. oSupport internal and external compliance audits, control testing, and regulatory assessments, and coordinate with departments to gather required documentation. oStay updated on regulatory requirements and communicate changes in compliance obligations to relevant stakeholders. 6.Control Implementation and Monitoring oDesign, implement, and assess controls to ensure they align with GRC policies and regulatory requirements. oConduct regular control testing and monitor control effectiveness, identifying and remediating any deficiencies. oCollaborate with teams to improve and strengthen internal controls across the organization. 7.Incident Response and Analysis oSupport the incident response process by providing guidance during incidents and conducting post-incident reviews to ensure alignment with GRC frameworks. oRegularly review and update incident response plans and playbooks, incorporating lessons learned from security incidents to enhance future response efforts. 8.Training, Awareness, and Stakeholder Engagement oDevelop and deliver training sessions on GRC-related topics, increasing organizational awareness of risk, compliance, and security responsibilities. oCollaborate with Legal, IT, HR, and other departments to ensure integrated and effective GRC practices. oCommunicate risk assessment results, policy updates, and compliance requirements to stakeholders and senior management. 9.Documentation, Reporting, and Metrics oMaintain comprehensive documentation for all GRC activities, including client and vendor assessments, internal audits, risk assessments, and compliance reviews. oCreate and present reports, metrics, and dashboards to communicate GRC status, control effectiveness, and compliance progress to senior management. oDocument and track risk assessment outcomes, client inquiries, and remediation actions to ensure transparent and effective risk management practices.

Assist in the development, review, and maintenance of IT security policies, procedures, and documentation. Support internal audits and assessments aligned with frameworks such as ISO 27001, NIST, SOC 2, and GDPR. Participate in risk assessments to identify and track remediation efforts for security and compliance risks. Help maintain compliance registers, risk logs, and GRC tools. Work with cross-functional teams to collect evidence for compliance and audit activities. Monitor changes in regulatory and compliance requirements relevant to the organization. Assist with third-party vendor risk management and due diligence reviews. Contribute to awareness programs to promote a culture of compliance and security.

Role Overview We are seeking a highly capable and visionary Technical Manager Cybersecurity Solutions to lead the planning, execution, and delivery of advanced security programs across our enterprise. This role demands deep technical expertise, strategic thinking, and the ability to lead cross-functional teams to secure complex IT environments. Key Responsibilities Drive the design, implementation, and lifecycle management of advanced cybersecurity tools and platforms. Lead end-to-end delivery for key technologies including: Data Discovery & Classification File Upload Security Attack Surface Management (ASM) Breach and Attack Simulation (BAS) and Red Teaming Decoy/Honeypot Solutions Secure Data Backup & Ransomware Protection Oversee the deployment and optimization of Phishing Simulation, MDM, AD Security, and NAC. Provide technical leadership and mentorship to security engineering and L3 teams. Collaborate with GRC, IT Ops, and Risk teams to align security initiatives with compliance standards. Evaluate vendor solutions and manage third-party security integrations. Represent the security function in internal and external audits, assessments, and executive briefings. Required Skills & Experience 8+ years of experience in cybersecurity, including leadership of technical teams. Proven expertise in deploying and managing enterprise-grade security solutions (as listed above). Strong understanding of regulatory frameworks (ISO 27001, NIST, GDPR, etc.). Experience in red teaming, threat simulation, or adversary emulation is a strong plus. Exceptional communication, project management, and stakeholder engagement skills. Bachelors or Master's degree in Computer Science, Information Security, or related field. Relevant certifications (e.g., CISSP, CISM, OSCP) preferred.

The candidate should be proficient in the following activities of ServiceNow. ServiceNow application customization Application UI Configuration Workflow Configuration Maintain business services and configuration item relationships in Service-Nowtool. Implement and configure ServiceNow discovery tool. Develop clear and concise technical process documentation. Communicate Service-Now process, operations and capability information to alllevels of management effectively. Maintain the integrity of the ServiceNow tool across production andnon-production environments. Perform installation and testing of vendor-provided updates and new releases Work with business users to identify and refine business requirements andworkflows. Identify and define business solutions for ITIL users. Experience in ServiceNow support and enhancement. Ability to configure and provide solution to ServiceNow issues Utilize out-of-the-box or value-added administrative features to fulfillbusiness requests and initiatives ServiceNow, ServiceNow - GRC, Agile management experience. The candidate should be proficient in the following activities of ServiceNow. ServiceNow application customization Application UI Configuration Workflow Configuration Maintain business services and configuration item relationships in Service-Now tool. Implement and configure ServiceNow discovery tool. Develop clear and concise technical process documentation. Communicate Service-Now process, operations and capability information to all levels of management effectively. Maintain the integrity of the ServiceNow tool across production and non-production environments. Perform installation and testing of vendor-provided updates and new releases Work with business users to identify and refine business requirements and workflows. Identify and define business solutions for ITIL users. Experience in ServiceNow support and enhancement. Ability to configure and provide solution to ServiceNow issues Utilize out-of-the-box or value-added administrative features to fulfill business requests and initiatives

ServiceNow application customization Application UI Configuration Workflow Configuration Maintain business services and configuration item relationships in Service-Nowtool. Implement and configure ServiceNow discovery tool. Develop clear and concise technical process documentation. Communicate Service-Now process, operations and capability information to alllevels of management effectively. Maintain the integrity of the ServiceNow tool across production andnon-production environments. Perform installation and testing of vendor-provided updates and new releases Work with business users to identify and refine business requirements andworkflows. Identify and define business solutions for ITIL users. Experience in ServiceNow support and enhancement. Ability to configure and provide solution to ServiceNow issues Utilize out-of-the-box or value-added administrative features to fulfillbusiness requests and initiatives ServiceNow, ServiceNow - GRC, Agile management experience. The candidate should be proficient in the following activities of ServiceNow. ServiceNow application customization Application UI Configuration Workflow Configuration Maintain business services and configuration item relationships in Service-Now tool. Implement and configure ServiceNow discovery tool. Develop clear and concise technical process documentation. Communicate Service-Now process, operations and capability information to all levels of management effectively. Maintain the integrity of the ServiceNow tool across production and non-production environments.Perform installation and testing of vendor-provided updates and new releases Work with business users to identify and refine business requirements and workflows. Identify and define business solutions for ITIL users. Experience in ServiceNow support and enhancement. Ability to configure and provide solution to ServiceNow issues Utilize out-of-the-box or value-added administrative features to fulfill business requests and initiatives

We are seeking an experienced and motivated Product Owner to join our dynamic team. This individual will play a critical role in driving the success of our Governance, Risk, and Compliance (GRC) product by balancing strategic thinking with tactical execution. The ideal candidate is adept at managing multiple priorities, working in Agile and SAFe (Scaled Agile Framework) environments, and delivering value-driven outcomes through iterative development (MVP approach). This role requires strong collaboration with stakeholders, excellent communication skills, and the ability to mentor junior Product Owners while ensuring alignment between business goals and technical execution. The Product Owner must also be comfortable working with cross-functional teams across multiple time zones and cultures , demonstrating flexibility and adaptability to accommodate varying schedules and work styles. Key Responsibilities: Strategic Leadership: Develop and communicate a clear product vision and roadmap that aligns with business objectives and customer needs. Collaborate with stakeholders to define and prioritize features, ensuring alignment with business value and market demand. Act as a thought leader within the organization, bridging the gap between strategy and execution. Tactical Execution: Translate high-level business requirements into detailed user stories, acceptance criteria, and product documentation. Partner with UI/UX designers to ensure requirements are translated into intuitive and user-friendly designs. Lead backlog refinement sessions, prioritize tasks, and ensure clarity for the development team. Create and maintain process flows, personas, and other documentation to support product development. Agile and SAFe Practices: Work in Agile and Scaled Agile Framework environments, facilitating sprint planning, retrospectives, and daily stand-ups. Drive an MVP approach to deliver value quickly while iterating on solutions to meet business needs. Adapt and pivot based on stakeholder feedback, market trends, and changing business priorities. Team Collaboration and Mentorship: Mentor and guide junior Product Owners, fostering their growth and development within the organization. Foster a collaborative environment across cross-functional teams, ensuring alignment and clear communication. Communicate risks, issues, and dependencies to relevant stakeholders in a timely manner. Global Collaboration: Work effectively with teams and stakeholders across multiple time zones and diverse cultures , demonstrating flexibility in scheduling and collaboration styles. Adapt to varying communication preferences and work cultures to ensure alignment and team cohesion. Actively foster inclusivity and respect for cultural diversity within the team. Stakeholder and Communication Excellence: Serve as the primary point of contact for internal and external stakeholders, ensuring clear and concise communication of requirements and project updates. Collaborate with stakeholders to identify opportunities, resolve conflicts, and deliver high-quality outcomes. Provide timely updates on progress, risks, and resolution strategies to all levels of management. Analytical Problem-Solving: Leverage data analytics to inform decisions, track key metrics, and evaluate product success. Perform gap analysis to identify opportunities for improvement and innovation. Continuously monitor the competitive landscape and market trends to ensure the product remains relevant and valuable. Education and Experience: Bachelor's degree in Business Administration, Computer Science, or related field; Master's degree preferred. 8+ years of experience as a Product Owner, Business Analyst, or similar role in Agile environments. Experience working on GRC products or similar enterprise solutions is highly desirable. Skills and Competencies: Strategic Thinking and Tactical Execution: Ability to connect the long-term vision with day-to-day deliverables. Agile Expertise: Hands-on experience with Agile and SAFe methodologies, including creating user stories and leading ceremonies. Documentation Skills: Proficient in creating detailed user stories, process flows, personas, and other technical documentation. Communication: Exceptional verbal and written communication skills, with the ability to convey complex ideas to diverse audiences. Collaboration: Proven ability to work effectively with cross-functional teams, stakeholders, and leadership at all levels. Global Flexibility: Ability to work across time zones and cultures with a focus on adaptability and inclusivity. Analytical Thinking: Strong problem-solving skills with the ability to use data to inform decisions. UI/UX Familiarity: Experience working closely with UI/UX teams to ensure product requirements translate into user-centric designs. Mentorship: Ability to guide and develop junior Product Owners, fostering a collaborative and growth-focused team culture. Technical Tools: Experience with tools such as Jira, Confluence, Figma (for UI/UX collaboration), and analytics platforms. Familiarity with GRC tools and concepts is a strong advantage. Desired Characteristics: Adaptable: Comfortable working in fast-paced, high-pressure environments with shifting priorities. Team Player: Collaborative mindset with a focus on team success and shared goals. Detail-Oriented: Able to manage complex dependencies and maintain focus on the finer details of product delivery. Proactive: Takes initiative to identify opportunities and resolve challenges before they escalate.

We are seeking a ServiceNow GRC Specialist to design, implement, and manage Governance, Risk, and Compliance (GRC) solutions within the ServiceNow platform. The ideal candidate will work closely with stakeholders to enhance risk management, compliance automation, and policy frameworks using ServiceNow GRC modules. Key Responsibilities : ServiceNow GRC Implementation & Configuration : Design and implement GRC modules (Risk Management, Audit, Policy & Compliance, Vendor Risk, etc.). Configure workflows, forms, and dashboards to optimize risk and compliance processes. Integrate ServiceNow GRC with other enterprise systems. Strong Scripting hands-on is a must Risk & Compliance Management : Automate compliance monitoring for frameworks like ISO 27001, NIST, GDPR, SOX, and HIPAA. Conduct risk assessments and provide solutions for mitigation. Implement continuous control monitoring for compliance adherence. Stakeholder Collaboration : Work with CISOs, risk managers, and compliance teams to align GRC strategies. Provide training and documentation to ensure successful adoption. Support audits and regulatory reporting using ServiceNow dashboards. Customization & Development : Utilize ServiceNow scripting (JavaScript, Glide API) for advanced configurations. Develop custom applications and enhancements based on business needs. Support & Maintenance : Troubleshoot issues and ensure smooth operation of the GRC platform. Stay updated with ServiceNow releases and implement upgrades. Required Qualifications & Experience : Experience : 4-10 years in ServiceNow GRC/IRM implementation and support. Technical Skills : ServiceNow configuration, scripting (JavaScript, Glide), integration (REST/SOAP). Certifications (Preferred) : ServiceNow Certified Implementation Specialist Risk and Compliance ServiceNow Certified System Administrator ITIL or CISSP (bonus) Domain Knowledge : Strong understanding of risk management, SecOps, compliance, and audit frameworks. Soft Skills : Strong analytical skills, stakeholder management, and problem-solving mindset.

Overview We have an exciting opportunity for an Data Privacy Specialist. This role is dedicated to protecting data and operational integrity across the Omnicom global footprint, enhancing client trust, and reducing enterprise risk. The Data Privacy Specialist will manage data protection and privacy components of the broader security program. Working across Legal, IT, client, and partner ecosystems, this role ensures the implementation and enforcement of global data privacy standards in a business-centric manner. You will help enable safe and compliant services across Omnicom’s network by embedding privacy principles into processes and technologies. Responsibilities Oversee and implement global data privacy and protection standards across Omnicom’s operations. Lead or support cross-functional efforts with Legal, IT, vendors, and clients to manage data protection initiatives. Provide subject matter guidance on global privacy laws and frameworks (e.g., GDPR, CCPA, DPDP). Ensure privacy-by-design practices are embedded into systems, products, and operations. Support data privacy risk assessments, data subject access requests, privacy incidents, audits, and gap analyses to improve the control environment. Manage operational privacy program elements such as consent, access rights, and data lifecycle governance. Drive an enterprise-wide rollout of a centralized privacy management system Apply information security and data privacy policies, procedures, and practices to support the application of published industry standards at Omnicom Monitor regulatory developments and recommend updates to policies or controls as needed. Qualifications 3–5 years of experience in data privacy or data protection. Strong knowledge of global privacy frameworks such as GDPR, CCPA, and emerging data protection laws. Experience in applying privacy principles in a business and client-facing context. Demonstrated ability to coordinate across multiple departments and stakeholders. Excellent analytical and communication skills; ability to translate legal/privacy requirements into business-friendly solutions. Understanding of privacy risk, impact assessments, and data lifecycle management. A self-starter with strong organizational skills Demonstrated ability to manage multiple projects under strict timelines independently, as well as the ability to work well in a demanding, dynamic environment and meet program objectives Preferred Qualifications Certifications such as CIPP/E, CIPM, or equivalent. Experience working in marketing, media, or digital services industries. Familiarity with data discovery, mapping, or GRC tools supporting privacy programs.

Job Summary: We are seeking a skilled SAP Security & GRC Process Control (PC) Consultant to support our organization in managing governance, risk, and compliance processes within the SAP landscape. The ideal candidate will have deep expertise in SAP GRC Process Control, SAP Security, and SOX/internal control frameworks, enabling strong risk mitigation and policy enforcement across the enterprise systems. Key Responsibilities: Design, configure, and maintain SAP GRC Process Control (PC) solutions. Implement and manage automated and manual controls within GRC PC. Support periodic risk assessments, control testing, and remediation processes. Coordinate with business process owners and internal audit teams to ensure compliance with SOX and internal control requirements. Manage and maintain user access controls, roles, authorizations, and segregation of duties (SoD) in SAP systems. Perform regular security and control reviews to ensure alignment with corporate compliance policies. Integrate GRC PC with other GRC modules (Access Control, Risk Management) and SAP backend systems. Support audits and respond to security/compliance-related findings and queries. Monitor and tune system performance related to GRC and security functionalities. Required Skills and Qualifications: 5+ years of experience in SAP Security and GRC, with at least 2 years in GRC Process Control (PC). Strong understanding of internal controls, risk management, compliance, and audit principles. Hands-on experience with: Control design and assessment workflows. Automated control monitoring. Continuous Control Monitoring (CCM) configuration. Master data management in GRC PC. Proficient in SAP roles & authorizations concept (ECC, S/4HANA, Fiori, etc.). Knowledge of SOX, GDPR, and other regulatory frameworks. Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities.

The GRC (Governance, Risk, and Compliance) Cyber Security Consultant is responsible for providing expert guidance and support in the areas of cyber security risk management, compliance, and governance. This role involves working closely with clients to assess their current cyber security posture, identify vulnerabilities and risks, and develop strategies to mitigate those risks. Responsibilities: 1. Assess clients' cyber security framework and identify gaps in compliance 2. Develop and implement comprehensive cyber security policies and procedures 3. Conduct risk assessments to identify potential threats and vulnerabilities 4. Create risk mitigation plans and provide recommendations for improvement 5. Assist clients in achieving compliance with relevant industry standards and regulations 6. Stay up-to-date with the latest cyber security threats, trends, and best practices 7. Provide training and awareness sessions to educate clients on cyber security measures 8. Collaborate with cross-functional teams to ensure alignment on cyber security initiatives 9. Prepare detailed reports on findings, recommendations, and progress updates for clients 10. Participate in client meetings to present findings and provide guidance on cyber security matters

Overview Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Conduct cybersecurity and privacy risk assessments in alignment with internal frameworks and regulatory requirements. Engage with risk owners and business stakeholders to manage and mitigate identified risks. Develop and present risk reports to senior leaders and governance forums. Advise on cybersecurity architecture and leading practices to strengthen the enterprise risk posture. Assist global agency teams and networks with compliance to cybersecurity regulations and requirements. Monitor the global threat landscape and identify emerging risks; implement proactive control measures. Contribute to the maintenance and effectiveness of the Information Security Management System (ISMS). Participate in risk governance, compliance programs, and strategic risk reduction initiatives. Qualifications 3–5 years of experience in information risk management, cybersecurity, or GRC domains. Proficiency in risk assessment methodologies, threat modelling, and risk mitigation practices. Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST, CIS, GDPR). Experience preparing risk reports and dashboards for leadership audiences. Excellent collaboration and stakeholder engagement skills across global teams. Analytical mindset with the ability to evaluate and prioritize risks effectively. Preferred Qualifications Industry certifications such as CRISC, CISM, CISSP, ISO 27001 Lead Implementer, or similar. Exposure to cloud security risk and compliance monitoring tools. Experience working within enterprise ISMS or regulatory compliance programs .

Overview Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Let’s build this together! Responsibilities Operate day-to-day Information Security Governance, Risk, and Compliance (GRC) activities across the organization. Support alignment and implementation of security standards including ISO 27001, PCI, NIST, and TISAX. Assist in the execution of Information Security Risk Management policies and procedures. Collaborate on internal and external audit activities, and track remediation efforts to closure. Support documentation, reporting, and evidence gathering for compliance and regulatory assessments. Contribute to the continuous improvement of governance processes, control effectiveness, and risk posture. Coordinate with business units and IT teams to ensure governance standards are understood and adhered to. Qualifications 3–5 years of experience in information security governance, risk, compliance, or audit. Working knowledge of ISO 27001, PCI-DSS, NIST, TISAX, or other major regulatory frameworks. Experience with policy implementation, risk assessment methodologies, and audit coordination. Ability to evaluate and articulate compliance requirements to technical and non-technical teams. Strong documentation, analytical, and reporting skills with attention to detail. Excellent interpersonal and communication skills to work cross-functionally. Preferred Qualifications Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar. Experience with GRC platforms and tools. Exposure to vendor risk management and compliance monitoring.

Looking for Immediate Joiners only !!! Job Title: Con/Assistant Manager/Manager Role: Cyber Location: Gurgaon & Noida Job Description: Have in-depth knowledge of governance, risk, and compliance, including internal auditing, audit standard, risk and compliance, cyber security review, policy review, ISO 27001, ISMS etc. Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery. Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding projects progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status

Role: ServiceNow Senior Developer Shift Timing: 3 PM IST to 12 AM IST, Monday to Friday Overview Hexaware is seeking a highly skilled ServiceNow Developer to assist in the implementation of Vulnerability Response,

Information Security GxP Specialist What you will do Let’s do this. Let’s change the world. In this lead role you will support the GRC Governance / Policy & Audit team working closely with Technology teams to help ensure that GxP controls are in place, GxP deviations are managed and monitored, and security standards are met. The GxP Specialist will assist in owning and maintaining GxP deviation records, performing GxP assessments, managing controlled documents, and supporting regulatory compliance efforts. Roles & Responsibilities: GxP Governance Leadership: Support the GRC organization in leading a team of GxP and/or policy analysts performing tasks related to governance, GxP deviation management, document management, and policy exception processes. GxP Deviation and CAPA Management : Manage and own technology related GxP deviations, CAPA, and CAPA-EV records Manage GxP reporting and monitoring metrics for Technology/IT records Collaborate with record owners and QA to ensure timely record resolution Assist in the identification and evaluation of risks associated with GxP deviation records. Identify and support new record owners across IT/Technology (e.g. office hours, ad-hoc meetings, document management support). Attend enterprise network meetings as needed to represent the Technology / IT function. GxP Deviation Monitoring and Improvements: Recommend deviation management improvement strategies across Technology/IT. Collaborate with Quality, IT application, cybersecurity, and business teams to supervise and resolve identified risks and vulnerabilities associated with deviations and CAPA’s. Assist in conducting CAPA applicability assessments, time studies, and related initiatives to identify impacts and improvement opportunities in IT systems, processes, and policies. Supervise, monitor, and report on the efficiency of existing GxP records, trends, and recommend improvements as needed. Governance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GxP, GDPR, SOX, NIST). Assist in proactive measures to facilitate compliance, such as collaborating with stakeholders to initiate periodic reviews Assist in the preparation for audits and inspections by internal and external parties, providing documentation and evidence of IT GxP deviation management practices. Support the development and implementation of IT governance, risk, and compliance frameworks and continuous improvements. Support the development and implementation of IT governance, risk, and compliance policies as well as supporting documentation, and their continuous improvements. Track and monitor document reviews, and support document owners to ensure timely periodic review completion. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The GxP security professional we seek is collaborative and action-oriented with these qualifications. Basic Qualifications: 5+ years of experience in IT GxP deviation management, IT quality management, IT auditing, or information security. Hands-on experience with deviation management tools and associated frameworks (e.g., ISO 27001, NIST, COBIT). Master’s degree and 4 to 6 years of information technology, Cybersecurity, Risk Management, or a related field experience OR Bachelor’s degree and 6 to 8 years of information technology, Cybersecurity, Risk Management, or a related field experience OR Diploma and 10 to 12 years of information technology, Cybersecurity, Risk Management, or a related field experience Preferred Qualifications: Good understanding of GxP deviation management, controlled document management, IT infrastructure & systems, and security standard methodologies. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex GxP and risk concepts to non-technical collaborators. Familiarity with regulatory frameworks and compliance standards (e.g., GxP, GDPR, HIPAA, SOX). Technical Knowledge : Proficiency with GxP deviation management tools, GRC (Governance, Risk, and Compliance) software, controlled document management tools, enterprise change management tools, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

What you will do In this vital role you will support the analysis, design, and implementation of information systems solutions to meet business requirements. You will collaborate with multi-functional teams to gather and document system requirements, perform system testing, solve issues, and provide end-user support. Your attention to detail, analytical skills, and deep technical competence will contribute to the successful delivery of IT projects and the continuous improvement of business processes. Role Description: The Sr. Associate is a vital part of the Governance, Risk and Compliance (GRC) team within Cybersecurity and Digital Trust (CDT). This team is part of Amgen's Technology team. In this position you are responsible for enabling Information Technology Sarbanes-Oxley (SOX) Compliance. You are required to collaborate with the IT SOX Compliance Manager, service owners, engineers, and other Amgen internal partners such as Finance, Compliance, Corporate Audit and Law department to develop, maintain, and improve Amgens Information Compliance. Roles & Responsibilities: You will bring forth out of the box thinking, an agile mentality and proven domain expertise and innate understanding of IS controls to empower IS process and product owners to build and maintain IT solutions with compliance, by design. You will perform the following activities, and any additional tasks required to attest that our systems, applications and infrastructures subjected to different aspects of compliance are able to verify adherence efficiently and effectively. Support the IS SOX Controls Management and Compliance function Coordinate, collaborate, and communicate with IT personnel across the organization to ensure that our IS SOX process is followed as required by our organization Ability to demonstrate solid sense of ownership, detail orientation, keen focus on quality and setting clear expectations In charge of working with process owners, internal, and external auditors in support of our quarterly certification process Collaborate and support any SOX evidence request efforts made by Internal and External Audit teams Develop and promote educational mentorship resources that will help facilitate new owners understanding of the Sarbanes-Oxley Act and their responsibilities Prepare documentation to identify control gaps Create and author documentation and training materials Participate in walkthroughs with system, service, and process owners Review and analyze SOX systems and applications showing in Configuration Management Database (CMDB) for SOX applicability and ensure all components are collected and accounted for Deep understanding of IT infrastructure and hands on experience in Information Technology Infrastructure Library (ITIL) and System Development Life Cycle (SDLC) Assess the risks of IT audit findings, identify mitigating controls and incorporate in IT process framework continual improvement Map regulatory requirements across functions to identify compliance and audit response efficiencies while liaising with internal auditors and IT service owners to ensure information assurance processes are mature, and outcomes are effective by appropriately addressing and raising relevant risks to policy and regulatory compliance Maintain awareness of changing technology environments, implementation methodologies and frameworks used to support responsible functions (e.g., AI, machine learning, Dev Ops, etc.) Ensure quality of work and timeliness across different functional deliverables and take ownership of issues and coordinate through to completion What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Masters degree in information technology or Cybersecurity OR Bachelors degree with 2+ years of experience in regulatory compliance and IT auditing Preferred Qualifications: Functional Skills: Must-Have Skills: 3+ years of IT audit, Information Technology / Security control assurance or enterprise IT compliance experience Working knowledge of Information Governance principles and Information Security principles: confidentiality, integrity, and availability Knowledge of international standards for Information Technology and Information Governance Experience working with various technologies, IT frameworks and methodologies Demonstrable ability to understand the concepts of new cloud technologies and other paradigms such as emerging Big Data technologies, lean methodologies to propose appropriate controls and compliance mentorship Strong written and verbal communication, including the ability to explain technical matters to a non-technical audience Possess strong organizational and collaboration skills Strong written and verbal communication, including the ability to explain technical matters to a non-technical audience Possess strong organizational and collaboration skills Working in large / global corporate environments involving multiple businesses Good-to-Have Skills: Working experience with Governance, Risk and Compliance (GRC) tools. Exceptional teamwork encompassing multi-functional teams, peer relationships, informing, understanding and appreciating differences Good ability to convey and influence complex information compliance, risk and security issues in a manner that is easily understood and actionable Ability to effectively facilitate and inspire change within the organization. Developing / delivering presentations to large audiences and at all levels within the organization Professional Certifications: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) SANS Global Information Assurance Certifications (GIAC) Soft Skills: Good communication and collaboration skills, particularly when working with global teams. Ability to manage and prioritize tasks effectively in a high-pressure environment. Critical thinking and problem-solving abilities, especially in incident response situations. A commitment to continuous learning and knowledge sharing.

Cyber and 3rd party risk analyst About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. What you will do Role Description: The role is responsible for identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities: Risk Identification and Assessment : Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring : Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management : Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you Basic Qualifications and Experience: Education : Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience: 2 - 4 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies : Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). This role involves second shifts2pm-11pm IST Technical Knowledge : Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Collaboration across global teams What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Job ID: 199874 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking a highly skilled and experienced Senior Governance, Risk, and Compliance (GRC) Specialist to join our dynamic team. The ideal candidate will have a strong background in GRC, with a proven track record of managing and implementing comprehensive risk management and compliance programs, particularly within the EMEA (Europe, Middle East, and Africa) and IMEA (India, Middle East, and Africa) regions. What will your job look like Develop and maintain governance frameworks, policies, and procedures. Ensure compliance with industry standards, regulations, and contractual obligations. Identify, assess, and prioritize security risks, implementing mitigation strategies. Conduct regular risk assessments, audits, and maintain risk registers. Ensure adherence to GDPR, CRA, and other relevant security regulations. Monitor and enforce security compliance across EMEA and IMEA regions. Develop and deliver compliance training programs for employees. Prepare and present security reports to senior management and stakeholders. Collaborate with internal teams and liaise with external auditors and regulators. Communicate security risks and mitigation strategies effectively to stakeholders. All you need is... Bachelor's degree in Business Administration, or a related field. Professional certification (e.g., CISA, CRISC, CISSP) is preferred. Minimum of 6 years of experience in governance, risk management, and compliance. Strong knowledge of relevant laws, regulations, and industry standards, particularly in the EMEA and IMEA regions. Strong understanding of NIST CSF, CIS, ISO 27001, PCI DSS, and Data Protection frameworks. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with experience in defending and explaining security risks and mitigations to customers and stakeholders. Ability to work independently and as part of a team. Proficiency in GRC software and tools. Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

SAP Basis Sr. Consultant Strong BASIS working experience in SAP HANA DB and SAP application support. Experience in SAP HANA performance tuning, HANA DB upgrade and Refresh. Basis planning & support for projects Transport management systems working knowledge. AMS Support experience Familiar with working Shifts and weekends. Familiar with SAP Products (SAP BW4HANA, PO, GRC and SOLMAN, FIORI) and Administration Expertise in troubleshooting the performance issues and preparing RCA. SAP HANA Database administration and OS/DB migration HA/DR Management (Monitoring and troubleshooting) ABAP and JAVA stack administration (Installation, Upgrades and Maintenance)

Role Responsibilities: A day in the life of an Infoscion • As part of the Infosys consulting team, your primary role would be to actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation and design and deployment • You will explore the alternatives to the recommended solutions based on research that includes literature surveys, information available in public domains, vendor evaluation information, etc. and build POCs • You will create requirement specifications from the business needs, define the to-be-processes and detailed functional designs based on requirements. • You will support configuring solution requirements on the products; understand if any issues, diagnose the root-cause of such issues, seek clarifications, and then identify and shortlist solution alternatives • You will also contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Work Experience: 2 - 9 years of experience Educational Requirements: Master of Computer Science,MCA,Bachelor Of Computer Science,Bachelor of Engineering,BCA,BTech Additional Responsibilities: Ability to work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data • Awareness of latest technologies and trends • Logical thinking and problem solving skills along with an ability to collaborate • Ability to assess the current processes, identify improvement areas and suggest the technology solutions • One or two industry domain knowledge Technical and Professional Requirements: Technical Requirements: • Primary skills:Domain->Network->Network Security Firewall & Policies,IDAM,IDAM->Cyberark,IDAM->Forgerock,IDAM->Microsoft Identity manager,IDAM->Okta,IDAM->Oracle Access Manager(OAM),IDAM->Oracle Identity Manager(OIM),IDAM->Ping/Federate,IDAM->Sailpoint,IDAM->Saviyant,Technology->Application Security->Application Security - ALL,Technology->Enterprise Mobility Solution->MS Azure AD, MS Azure RMS, MS Intune,Technology->Finacle-Core-Payments->Faster Payment Service->Advance,Technology->Infrastructure Security->Security Incident and Event Management (SIEM),Technology->Network->CISCO technologies,Technology->Network-Firewall_and_Media->Palo Alto Preferred Skills: IDAM,IDAM->Oracle Identity Manager(OIM),IDAM->Oracle Access Manager(OAM),IDAM->Sailpoint,IDAM->Cyberark,IDAM->Ping/Federate,IDAM->Forgerock,IDAM->Microsoft Identity manager,IDAM->Okta,IDAM->Saviyant,Domain->Network->Network Security Firewall & Policies,Technology->Application Security->Application Security - ALL,Technology->Infrastructure Security->Security Incident and Event Management (SIEM)->Splunk,Technology->Network->CISCO technologies,Technology->Enterprise Mobility Solution->MS Azure AD, MS Azure RMS, MS Intune,Technology->Network-Firewall_and_Media->Palo Alto,Technology->Cloud Security->AWS - GRC & responsibilities Preferred candidate profile for HUBLI

Job Title: SAP GRC Security Consultant Location: Hyderabad. Job Type: Full-Time Permanent About the Role We are looking for an experienced SAP GRC Security Consultant to manage security architecture, role design, and compliance across SAP systems. If you have expertise in SAP GRC , security configurations , and risk management , this role is for you. Key Responsibilities Manage SAP security roles and authorizations across ECC, S/4HANA, BW, and Fiori • Configure and administer SAP GRC Access Control modules (ARA, ARM, EAM, BRM) • Conduct risk analysis and mitigation for user roles and access • Oversee secure user provisioning and de-provisioning with identity management • Support audit and compliance requirements • Troubleshoot SAP security incidents and authorization errors • Participate in SAP upgrade and migration security assessments Required Skills Minimum 5 to 12 years of experience in SAP Security and GRC • Strong understanding of SAP authorization concepts and risk analysis • Hands-on experience with SAP GRC Access Control (AC 10.x or higher) • Knowledge of SAP Fiori security and access control • Ability to handle audits, compliance, and risk remediation • Strong problem-solving skills and attention to detail Preferred Certifications SAP Certified Associate SAP Security / Access Control • Certifications in Governance, Risk & Compliance (GRC) or IT Security are a plus

Designation: Information Security Consultant Job Code: JD2208396 Location: Bangalore Number of Vacancies: 1 Total Experience: minimum 1 year Shift: General Reports to: CTO Qualification: BE/B.tech/Bsc/BCA/M.Tech/ME Certification: ISO 27001:2013 Lead Implementer (preferable) Job Description: IT Security Consultant , with overall 3+ years of professional experience with areas of expertise in Governance Risk & Compliance (GRC), Third Party Risk Management (TPRM), Information Systems Audits including ISO 27001, Data privacy, GDPR, ITGC Assessments, Control testing, Information Security, ISO 27001 Implementation, SOX and SOC 2, IT Risk assessments on application and infrastructure. Information Technology and Information Security Governance and Risk Compliance Implementation across various industries including Banking, Retail, Insurance, Energy, and e-commerce. Expertise in Vendor Management, Issue Management, Compliance Management, Policy Management, Business Continuity and Disaster Recovery& Risk management modules/solutions. Detailed knowledge of international regulations and best practices covering ITIL, COBIT, ISO 27000, SOX, COSO, PCI, HIPAA and NIST 800. Have experience in core ISMS, services focused on SOX, ITGC, COBIT, COSO, ISO 270001, specialized in Governance & Compliance and Internal Audits. Good experience in client interaction with global leaders during requirement specifications and project implementation phases. Performed risk assessments based on industry standards, provided recommendations to management on results of analysis and work closely with other team- members to refine and enhance security controls and reduce organizational risk. Managing GRC and Third-Party Risk Management related engagements. Conducting audit to check the security posture of critical vendors. Performing quality checks for third party risk assessment. Facilitating External and Internal audits for ISO 27001. Identify and assessing areas of significant business risk. Plan and evaluate IT-related technical and organizational measures. Managing and reporting compliance breaches and exposures. Conducting Compliance audits by reviewing SOC2 Type II, Hi-Trust, ISO27001, PCI-DSS reports. Supporting various departments by collecting and coordinating internal compliance data with auditors and various departments. Ensuring complete, accurate, and timely audit information is reported to Management and/or Risk Committees. Qualification Bachelor's degree in computer science (B. Tech, BE, BCA, or MCA), ISO 27001 :2013 LA Preferred, Experience in Audits and Assessments preferably covering ISO 27001, SOC 2 Type 2, GDPR, Client Audit and Privacy Regulations (GDPR) Experience in identifying and remediating threat & vulnerabilities. ***the candidate must have a very good communication skill