197 Hitrust Jobs

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

About The Role We at Innovaccer are looking for an Security Engineer-II who will be responsible for Risk Assessment role in our Cyber Security Team for customer & internal activities including proprietary & public data. This role will encompass the use of a broad range of security domains (Security Questionnaires, Vendor Risk Assessment, Internal and External Audits, Writing Policies & Procedures etc.).This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains across multiple cloud platforms at a single time. A Day in the Life Responding to RFPs & Security Questionnaires Coordinating with RFP team and Legal team on reviewing security questionnaires/exhibits, BAA/MSA queries and respond to follow-ups and customer queries Analyzing and updating existing compliance policies, procedures and related documentations Implementing privacy controls & policies Drive Vendor Risk Assessment & Risk Management programme Maintaining communication and coordinating with corporate, legal and IT teams Implement audit controls for external audits like SOC2 Type2, HiTrusHIPAA,t, ISO27701, etc. Perform third party risk assessments and work on remediation of findings Familiar with Regulations in United States HealthCare & Middle-East Coordinating with internal teams for gathering evidences and presenting it to auditor Identify control gaps/weaknesses and formulate action plans to address What You Need Understanding of different Privacy & Compliance controls of Federal & State Regulation's Bachelors degree in Information Technology, Computer Science Engineering preferred Minimum of 3-5 years of prior experience in Information Security Risk & Compliance Hands-on experience on HIPAA, SOCII, ISO27001:2022, HiTrust etc. Familiarity of compliances like GDPR, NISTSP800-53, HiTech, FedRamp, AzRamp, MARSE, etc Vendor Risk Assessment, Respond to RFPs & Legal Review of Security Exhibits Work with Corporate compliance Team for Audits Good to have CISSP/CISA or other relevant certifications Hands-on skills in Data security controls Ready to take up more responsibilities along-with existing role Understanding of Security Architecture and proficient in immediately of data security control Able to work independently, being a team player, ability to work well under pressure Familiarization with cloud like AWS, Azure & GCP Able to multi task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Readily available to work with teams and clients outside India in USA & Middle-East

Summary/Objective Reveleer is a healthcare data and analytics company that uses Artificial Intelligence to give health plans across all business lines greater control over their Quality Improvement, Risk Adjustment, and Member Management programs. With one transformative solution, the Reveleer platform enables plans to independently execute and manage every aspect of enrolment, provider outreach and data retrieval, coding, abstraction, reporting, and submissions. Leveraging proprietary technology, robust data sets, and subject matter expertise, Reveleer provides complete record retrieval and review services so health plans can confidently plan and execute risk, quality, and member management programs to deliver more value and improved outcomes. Job Overview We are looking for a highly skilled Database Administrator (DBA) to manage, maintain, and optimize our databases across multiple platforms. The ideal candidate will have extensive experience with AWS RDS, Microsoft SQL Server, and MongoDB , along with a strong understanding of database security, performance tuning, and high-availability architectures . This role is crucial in ensuring data integrity, security, and efficiency for our SaaS applications while meeting HIPAA and other healthcare compliance requirements . Key Responsibilities Database Management & Administration Design, configure, and maintain AWS RDS (PostgreSQL, MySQL, SQL Server), Microsoft SQL Server, and MongoDB databases. Ensure high availability, performance, and scalability of all databases Implement backup and disaster recovery strategies, including point-in-time recovery (PITR) and failover mechanisms. Monitor and optimize database performance using tools like AWS CloudWatch, SQL Profiler, and MongoDB Atlas Performance Advisor Manage database provisioning, patching, and version upgrades in production and non-production environments Security & Compliance Enforce data security best practices , including encryption, access controls (IAM, RBAC), and compliance with HIPAA and other healthcare regulations Perform regular security audits and vulnerability assessments using tools like AWS Security Hub and Tenable Implement and maintain database auditing, logging, and monitoring to detect and prevent unauthorized access Optimization & Automation Analyze and optimize query performance, indexing strategies, and database schema design. Automate database maintenance tasks using Terraform, AWS Lambda, PowerShell, or Python scripts. Work with DevOps to integrate CI/CD pipelines for database changes (e.g., Flyway, Liquibase). Optimize storage and resource utilization in AWS to reduce costs while maintaining performance Collaboration & Support Work closely with DevOps, Engineering, and Security teams to ensure database reliability and security. Provide guidance and best practices to developers on database design, indexing, and query performance tuning. Support application teams with troubleshooting, query optimization, and data modeling. Participate in on-call rotation for database-related incidents and outages. Required Qualifications & Experience 5+ years of experience as a Database Administrator in a SaaS or cloud environment. Strong expertise in AWS RDS (PostgreSQL, MySQL, or SQL Server). Proficient in Microsoft SQL Server, including T-SQL, SSMS, and high-availability configurations. Experience with NoSQL databases like MongoDB (Atlas preferred). Deep understanding of performance tuning, query optimization, indexing strategies, and partitioning. Familiarity with Terraform, AWS CloudFormation, or other Infrastructure-as-Code (IaC) tools. Experience with backup and disaster recovery strategies in AWS and on-prem environments. Knowledge of database replication, clustering, and high-availability architectures. Proficiency in scripting (Python, PowerShell, Bash) for automation. Strong knowledge of security best practices (IAM, RBAC, data encryption, audit logging). Familiarity with healthcare compliance requirements (HIPAA, HITRUST) is a plus. Preferred Skills & Certifications AWS Certified Database – Specialty Microsoft Certified: Azure Database Administrator Associate MongoDB Certified DBA Associate Experience with AI/ML-driven database performance optimization tools Exposure to data warehousing and analytics (Redshift, Snowflake, or BigQuery) Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without advance notice. Any changes may be for an indeterminate time frame. EEO Statement Reveleer provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristics protected by federal, state, or local laws.

Period :Immediate. Type Contract Description Minimum of 5 years of technical cyber Security Consultant experience and IT audit/compliance . Experience integrating Cyber Security technologies with existing technologies Proficient understanding of experience with audit, regulatory requirements, and standards (SOC2, ISO, HITRUST), and other related standards and certification processes. Must be passionate about contributing to an organization focused on continuously improving consumer experiences Willing to work in Eastern Time/Humana business hours .Preferred Qualifications Knowledge of key compliance and IT frameworks . such asSSAE16 SOC2, HITRUST, SOX, etc. CISA, CISSP, HCISPP, CCSP, CISM, CTPRP or similar certification

About Leegality: We're India's very first Document Infrastructure Platform. Our mission? To completely transform how businesses handle paperwork, contracts, and getting digital consent. We make critical paperwork flows faster, way more innovative, and completely compliant for Indian businesses. Over 2,000 companies, from huge players like HDFC and SBI Cards to super fast-growing ones like Razorpay and Cars24, trust us with their document workflows. Beyond our core platform, we've launched "Deal Collaboration" (making contract negotiation a breeze) and "ConsentIn" (for easy, DPDP-compliant consent collection). Basically, we're building the go-to execution layer for all modern paperwork. If that sounds exciting, come join us! Curious about our impact? Check out our customer success stories here: https://www.leegality.com/case-studies Our Culture: At Leegality, we're all about trust, owning our work, transparency, and having a blast while building something meaningful. These aren't just buzzwords; our team proved it by giving us an amazing 97 on the eNPS survey for FY 2023-24 (that's the highest among over 175 startups!). We're always working to help our team grow and stay motivated. We offer cool perks like flexible hours, hybrid work, and bi-annual appraisals to make sure everyone has an awesome work environment. If our culture vibes with you, keep reading the job description below and hit that apply button! Location: Mumbai/Gurugram/Bangalore (Hybrid ) Responsibilities: As a Senior Privacy Implementaiton Lead, your role would be to solve DPDP Compliance Challenges for Businesses by using and implementing Leegality Consent Infrastructure and allied solutions. You will be entrusted with the following key responsibilities: Evaluate and assess our clients' operations and systems and identify the gaps in DPDP Complaince. Create an implementation plan to use Leegality Consent Infrastructure and allied tools to solve for these gaps. Identify the correct processes and systems where Consent, Third Party Management, Incident Management and Data Subject Rights systems can be implemented. Work with CISOs, DPOs, Compliance Teams and Digital Operations teams to frame their requirements. Demonstrate expertise in various standards and frameworks, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide practical guidance and support to clients in adhering to national and international data protection regimes and privacy laws. Conduct thorough audits of Privacy controls to monitor effectiveness and compliance, ensuring data protection is at its optimal level. Identify improvements required in the Leegality’s Consent Infrastructure suite of products baed on privacy standards and client requirements and work with the product and technical teams to implement those improvements. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Requirements : To be considered for this role, the candidate must be a privacy professional with a technical background or experience in implementing privacy solutions in large enterprises. The candidate must meet the following requirements: Have 2-3 years of relevant experience in the privacy field. Exhibit a good understanding of DPDP, GDPR, CCPA, or other privacy laws. Demonstrate having worked with implementing privacy solutions like One Trust, Big Id and others in a large enterprise. Demostrate a solutions bent of mind and a practical approach to compliance. Possess a sound knowledge of fundamentals of information security systems and processes. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Recruitment Process: To effectively evaluate your application, it is important that we get to know you better. It is necessary that you complete the job-based assessment. Please answer all questions in the assessment thoroughly. You will be shortlisted based on your profile and answers to the job - based assessment. On being shortlisted, you would be contacted for the interview process. We further have 3 rounds of interviews. Your final CTC would be decided on the basis of your skills, experience and final assessment. Apply directly through our career page: https://careers.leegality.com/jobs/Careers For more information about us please visit our: Website: https://www.leegality.com/ LinkedIn: https://www.linkedin.com/company/leegality/ Our Company and Culture: https://www.leegality.com/culture

# Design & implement data privacy programs, conduct audits, manage compliance with GDPR & global laws, and support ISO 27001/27701 implementation. # Collaborate with clients to enhance privacy frameworks and handle incidents & data subject requests Required Candidate profile # Minimum 3 yrs exp in data privacy/security #Strong knowledge of ISO 27001, 27701, NIST, GDPR, CCPA. #Hands-on with assessments, audits, and ISMS. Preferred: CIPM, CIPT, or CIPP/E.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Risk Compliance and Resilience – Associate Director As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Associate Director who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 18 years of overall experience At least 15 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Risk Compliance and Resilience – Associate Director As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Associate Director who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 18 years of overall experience At least 15 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About The Role We are seeking a Security Analyst with an experience of 6 to 8 years. The ideal candidate should have a strong background as a Technical IT Auditor. The incumbent will be responsible for evaluating and assessing the effectiveness of the organization’s information systems, security protocols, internal controls and compliance with relevant regulations. This role involves conducting in-depth technical reviews of IT infrastructure, applications, databases and networks to ensure the confidentiality, integrity, and availability of data and systems. Requirements Plan and execute end-to-end IT audits, including risk assessments, scoping, testing, and reporting. Evaluate IT general controls, application controls and system development lifecycle processes. Assess network infrastructure, databases and cloud environments for vulnerabilities and compliance. Conduct audits on cybersecurity controls, data privacy mechanisms and incident response preparedness. Review and assess controls related to identity and access management, change management, and backup/recovery. Utilize automated tools and scripts for vulnerability scans and data analysis. Ensure compliance with frameworks such as ISO 27001, HITRUST, GDPR, HIPPA, SOC and SOX. Collaborate with IT, security, and business stakeholders to identify risks and recommend mitigation strategies. Develop corporate Information Security policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape. Providing ISMS awareness trainings. Responding to the Client SIG questionnaires.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Risk Compliance and Resilience – Associate Director As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Associate Director who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 18 years of overall experience At least 15 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About New Relic New Relic is a leader in observability, empowering engineers with real-time insights to build better software, faster. We are deeply committed to fostering an environment of innovation and collaboration, where our technology and people thrive. Our mission is to be the observability platform of choice & the system of intelligence for customers. Your opportunity As the Lead Product Security & Compliance Manager at New Relic, you will play a critical role in ensuring our innovative products meet global compliance standards and customer expectations. You will be a key partner to our product, engineering, legal, and security teams, providing guidance and oversight on a wide range of compliance and regulatory matters. This is an exciting opportunity to build and scale a product compliance program in a fast-paced, high-growth SaaS environment at the forefront of the observability and AI-powered analytics space. This role requires a deep understanding of the evolving regulatory landscape, a strong technical foundation, and proven experience in partnering with engineering teams to embed compliance into the software development lifecycle. What you’ll do Serve as the central point of contact for product compliance, working closely with Product Management, Engineering, Legal, Security, and Sales to integrate compliance requirements into the entire product lifecycle, from design to launch and beyond. Shape product capabilities to proactively balance compliance requirements with speed-to-market. Review product features and internal architecture to assess against compliance requirements. Identify and evaluate risks, including oversight and monitoring of our risk program in relation to product features. Stay abreast of global regulatory trends and translate them into actionable insights and requirements for product teams. Identify automation opportunities to enhance the review process in partnership with security and legal teams, incorporating minimum requirements that all capabilities must meet. This role requires: Bachelor's degree in Computer Science, Information Security, or related field. Minimum of 8 years of experience as a Security & Compliance Product Manager, Security and Compliance manager, audit experience, FedRAMP experience. Strong knowledge of and experience in security risk management and with frameworks including related regulatory compliance requirements (e.g., SOC 2, ISO 27001, HITRUST, HIPAA, PCI-DSS, and NIST). Knowledge of or experience working with, Cloud technologies/environments, AWS, Azure, GCP, or other related cloud experience. Use creative and critical-thinking skills and, through the development of automation and implementation of procedures that minimize operational overhead, help your stakeholders meet the spirit of security controls. Minimum of 8 years of experience as a Security & Compliance Product Manager, Security and Compliance manager, technical/engineering product manager, audit experience, FedRAMP experience Bonus points if you have List “nice-to-have” criteria, such as attributes/behavioral values, strongly desired qualifications, and working conditions. Experience with compliance in the context of AI/ML-powered products. Knowledge of government compliance standards such as FedRAMP. Knowledge of/experience working in heavily regulated software or software as a service industry. Familiarity with the observability and application performance monitoring (APM) market. Familiarity with New Relic products and capabilities Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other relevant certifications. Fostering a diverse, welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best, most authentic selves to work every day. We celebrate our talented Relics’ different backgrounds and abilities, and recognize the different paths they took to reach us – including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. We’re looking for people who feel connected to our mission and values, not just candidates who check off all the boxes. If you require a reasonable accommodation to complete any part of the application or recruiting process, please reach out to resume@newrelic.com. We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success, including fully office-based, fully remote, or hybrid. Our hiring process In compliance with applicable law, all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers’ means that a criminal background check is required to join New Relic. We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including, but not limited to, the San Francisco Fair Chance Ordinance. Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic. Candidates are evaluated based on qualifications, regardless of race, religion, ethnicity, national origin, sex, sexual orientation, gender expression or identity, age, disability, neurodiversity, veteran or marital status, political viewpoint, or other legally protected characteristics. Review our Applicant Privacy Notice at https://newrelic.com/termsandconditions/applicant-privacy-policy

Role & responsibilities We have a great opportunity for the role of Advisor- Information Security Assurance| HITRUST| for our reputed client. Relevant Exp: Min 6 years Mandatory Skills: HITRUST Immediate Joiners to 15 days Preferred Job location- Remote If you are interested, please share your profile at shatagale@iitjobs.com

About the Company: VISO TRUST is the only SaaS third party cyber risk management platform that delivers the security intelligence needed for modern companies to make critical risk decisions at the speed of business. Assessing the risk of data breach third party relationships pose to their customers is a traditionally complex and labor intensive process that slows business, frustrates stakeholders and leaves security teams branded: the department of “no.” With VISO’s AI-based system, practitioners can instantly and continually assess any number of third parties while achieving on average a 90% boost in operational efficiency. At VISO, we are excited to be enabling customers to reduce risk and accelerate business at the same time. VISO TRUST is a venture-backed startup with a fully remote workforce based in North America. When hiring, we look for signs that a candidate will thrive in our culture, where we put people first and value ownership, curiosity, honesty and humility in the pursuit of excellence. We also value our differences, employing a team rich in diverse perspectives and experiences. We are dedicated to equal employment opportunities regardless of status or membership in a protected class or lack thereof. About the Job As a Third Party Risk Auditor at VISO TRUST, you will be responsible for analyzing security documents, conducting third-party risk assessments, and ensuring the accuracy of our AI-driven platform’s automated due diligence. You’ll collaborate with Product, Engineering, and Machine Learning teams to improve risk assessments and enhance platform efficiency. This role is ideal for someone with strong analytical skills and experience in cybersecurity frameworks, excited to work with AI to streamline third-party risk management. Key Responsibilities Analyzing security program related language and documents, recording text annotations for the training of machine learning models and ensuring quality assurance on the conclusions drawn by automated assessments Conducting domestic and global third party risk assessments including coordinating intake of new third parties and new engagements, third party security reviews, interacting with internal and external stakeholders, reporting on assessment outcomes and tracking remediation efforts Working closely with Product, Engineering, Customer Success and Machine Learning teams to contribute to automation logic and model training and ensure the success of reviews performed on the platform Apply VISO TRUST methodology to to evaluate control presence and determine risk Document assessment procedures for subsequent automation Review business and technical assessments, questionnaires and related documentation Schedule and conduct review calls with third parties: ensure and track questionnaires sent to third parties, track and report on abandoned third parties, receive and review questionnaires responses and finalize reports Coordinate other due diligence that needs to be done in addition to security questionnaire when needed Collaborate with VISO Audit, Product, Engineering and Machine Learning personnel to develop continued program process and platform improvements Report on assessment outcomes, risk levels, and remediation progress Key Skills, Qualifications & Experience Strong analytical/critical thinking skills Excellent written, verbal communication and organizational skills Ability to perform policy and standard gap analyses based on leading security frameworks Knowledge of common control and policy taxonomies and hierarchies and related language Knowledge of common third party assurance related documents, their structure and analysis, such as AICPA SOC reports, PCI DSS ROC, HiTrust, ISO 27001 Statements of Applicability, etc. Deep knowledge and experience with regard to the VISO TRUST technology platform and it’s unique approach to text extraction and automated risk determination Bachelor’s degree with a major in Information Security or equivalent combination of education and experience, ie. CISSP, CISA, CIPP, CRISC, CEH, and/or CISM 3-7 years of experience with third party cyber risk management Have performed IT risk assessments against OWASP, PCI, GLBA, NIST, ISO, SIG/AUP or other standards Strong knowledge base in information security, risk management, privacy, operations, enterprise networking, systems evaluation, and architecture Ability to discern business relevant risk associated with technology control deficiencies, and to identify the corresponding remediation which is required to mitigate the business impact Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary. Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (Strategy, Risk, Compliance and Resilience) – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Hello!You've landed on this page, which means you're interested in working with us. Let's take a sneak peek at what it's like to work at Innovaccer. Engineering at Innovaccer With every line of code, we accelerate our customers' success, turning complex challenges into innovative solutions. Collaboratively, we transform each data point we gather into valuable insights for our customers. Join us and be part of a team that's turning dreams of better healthcare into reality, one line of code at a time. Together, we’re shaping the future and making a meaningful impact on the world. About The Role We at Innovaccer are looking for an Security Engineer-II who will be responsible for Risk Assessment role in our Cyber Security Team for customer & internal activities including proprietary & public data. This role will encompass the use of a broad range of security domains (Security Questionnaires, Vendor Risk Assessment, Internal and External Audits, Writing Policies & Procedures etc.).This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains across multiple cloud platforms at a single time. A Day in the Life Responding to RFPs & Security Questionnaires Coordinating with RFP team and Legal team on reviewing security questionnaires/exhibits, BAA/MSA queries and respond to follow-ups and customer queries Analyzing and updating existing compliance policies, procedures and related documentations Implementing privacy controls & policies Drive Vendor Risk Assessment & Risk Management programme Maintaining communication and coordinating with corporate, legal and IT teams Implement audit controls for external audits like SOC2 Type2, HiTrusHIPAA,t, ISO27701, etc. Perform third party risk assessments and work on remediation of findings Familiar with Regulations in United States HealthCare & Middle-East Coordinating with internal teams for gathering evidences and presenting it to auditor Identify control gaps/weaknesses and formulate action plans to address What You Need Understanding of different Privacy & Compliance controls of Federal & State Regulation's Bachelor’s degree in Information Technology, Computer Science Engineering preferred Minimum of 3-5 years of prior experience in Information Security Risk & Compliance Hands-on experience on HIPAA, SOCII, ISO27001:2022, HiTrust etc. Familiarity of compliances like GDPR, NISTSP800-53, HiTech, FedRamp, AzRamp, MARSE, etc Vendor Risk Assessment, Respond to RFPs & Legal Review of Security Exhibits Work with Corporate compliance Team for Audits Good to have CISSP/CISA or other relevant certifications Hands-on skills in Data security controls Ready to take up more responsibilities along-with existing role Understanding of Security Architecture and proficient in immediately of data security control Able to work independently, being a team player, ability to work well under pressure Familiarization with cloud like AWS, Azure & GCP Able to multi task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Readily available to work with teams and clients outside India in USA & Middle-East We offer competitive benefits to set you up for success in and outside of work. Here’s What We Offer Generous Leave Benefits: Enjoy generous leave benefits of up to 40 days. Parental Leave: Experience one of the industry's best parental leave policies to spend time with your new addition. Sabbatical Leave Policy: Want to focus on skill development, pursue an academic career, or just take a break? We've got you covered. Health Insurance: We offer health benefits and insurance to you and your family for medically related expenses related to illness, disease, or injury. Pet-Friendly Office*: Spend more time with your treasured friends, even when you're away from home. Bring your furry friends with you to the office and let your colleagues become their friends, too. *Noida office only Creche Facility for children*: Say goodbye to worries and hello to a convenient and reliable creche facility that puts your child's well-being first. *India offices Where and how we work Our Noida office is situated in a posh techspace, equipped with various amenities to support our work environment. Here, we follow a five-day work schedule, allowing us to efficiently carry out our tasks and collaborate effectively within our team. Innovaccer is an equal-opportunity employer. We celebrate diversity, and we are committed to fostering an inclusive and diverse workplace where all employees, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, or veteran status, feel valued and empowered. Disclaimer: Innovaccer does not charge fees or require payment from individuals or agencies for securing employment with us. We do not guarantee job spots or engage in any financial transactions related to employment. If you encounter any posts or requests asking for payment or personal information, we strongly advise you to report them immediately to our HR department at px@innovaccer.com. Additionally, please exercise caution and verify the authenticity of any requests before disclosing personal and confidential information, including bank account details.

Position : Information Security Risk and Compliance Grade : E2 Shift : 1st & 2nd shift Location : Chennai/Bangalore Position Summary: The Security Architecture and Design Assessment Lead is responsible for ensuring the security of cloud infrastructure(GCP and AWS) and applications through meticulous assessment and implementation of robust security measures. The role needs to have a strong understanding of security requirement in industry such healthcare, Pharma, patient services and life sciences and good understanding of ISO 27001 , HIPAA and HITRUST . Job Description: Ensure the security posture of cloud environments (GCP and AWS) by identifying and mitigating risks. Conduct security assessments of GCP and other cloud environments (AWS), including applications and infrastructure. Collaborate with cloud application architects/developers, system/network administrators, and stakeholders to ensure secure cloud design. Review changes in Application Design and assess security controls , provide recommendations and validate the implementation of security controls across IAM , Network Security , Data Security and Infrastructure Security . Provide guidance on cloud security controls and ensure adherence to secure cloud practices. Work with key stakeholders across engineering groups to align architecture decisions with security requirements. Profile Description: Strong expertise in cybersecurity principles and best practices Thorough understanding of various security standards, framework, and certifications/attestations e.g., ISO 27001, HIPAA, HITRUST. 10-12 years of experience in Information Security, specializing in reviewing cloud infrastructure and applications. Proficiency in Cyber Security Risk Assessment, Cloud Security Assessment, Defense in Depth, and Security Architecture patterns. Hands-on experience with Threat Modelling techniques such as STRIDE, PASTA, and familiarity with IAM, App Sec, SDLC, Data Security, Network Security, Encryption, Logging & Monitoring. Experience with Okta and Entra ID is preferable Strong experience in assessing and implementing security controls for GCP & AWS cloud platforms and resources Strong experience assessing and recommending security controls for Container based applications. Experience in Assessing and Recommending Security controls for Data Analytics , Data Warehouse and AI based applications Familiarity with GCP Command Center, AWS Security Hub and mitigating vulnerabilities. Experience with Cloud Access Security Broker, CSPM, CWPP, PaaS, and IaaS security requirements in Azure, GCP, AWS, and AKS. Individual handling of design/solution reviews across cloud and SaaS providers, ensuring security due diligence. Understanding of Cloud Security Alliance Cloud Control Matrix (CSM) and CSA Security guidance. Management of security projects and technical assessments across multiple geographies. Strong analytical and troubleshooting skills, along with excellent communication and interpersonal abilities. Experience with cloud infrastructure like GCP and AWS and familiarity with concepts like Zero Trust Architecture, Cloud Security, Firewall rule reviews, and Conditional Access. Scripting knowledge (e.g., Powershell) is advantageous, and CISSP and CCSP certifications are a plus. We are Mindsprint! A leading-edge technology and business services firm that provides impact driven solutions to businesses, enabling them to outpace speed of change. For over three decades we have been accelerating technology transformation for the Olam Group and their large base of global clients. Working with leading technologies and empowered with the freedom to create new solutions and better existing ones, we have been inspiring businesses with pioneering initiatives. Awards bagged in the recent years: Best Shared Services in India Award by Shared Services Forum 2019 Asias No.1 Shared Services in Process Improvement and Value Creation by Shared Services and Outsourcing Network Forum 2019 International Innovation Award for Best Services and Solutions 2019 Kincentric Best Employer India 2020 Creative Talent Management Impact Award SSON Impact Awards 2021 The Economic Times Best Workplaces for Women 2021 & 2022 #SSFExcellenceAward for Delivering Business Impact through Innovative People Practices 2022 For more info: https://www.mindsprint.org/ Follow us in LinkedIn: Mindsprint Required abilities Physical: Other: Work Environment Details: Specific requirements Travel: Vehicle: Work Permit: Other details Pay Rate: Contract Types: Time Constraints: Compliance Related: Union Affiliation:

Hello!You've landed on this page, which means you're interested in working with us. Let's take a sneak peek at what it's like to work at Innovaccer. Engineering at Innovaccer With every line of code, we accelerate our customers' success, turning complex challenges into innovative solutions. Collaboratively, we transform each data point we gather into valuable insights for our customers. Join us and be part of a team that's turning dreams of better healthcare into reality, one line of code at a time. Together, we're shaping the future and making a meaningful impact on the world. About The Role We at Innovaccer are looking for an Security Engineer-II who will be responsible for Risk Assessment role in our Cyber Security Team for customer & internal activities including proprietary & public data. This role will encompass the use of a broad range of security domains (Security Questionnaires, Vendor Risk Assessment, Internal and External Audits, Writing Policies & Procedures etc.).This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains across multiple cloud platforms at a single time. A Day in the Life Responding to RFPs & Security Questionnaires Coordinating with RFP team and Legal team on reviewing security questionnaires/exhibits, BAA/MSA queries and respond to follow-ups and customer queries Analyzing and updating existing compliance policies, procedures and related documentations Implementing privacy controls & policies Drive Vendor Risk Assessment & Risk Management programme Maintaining communication and coordinating with corporate, legal and IT teams Implement audit controls for external audits like SOC2 Type2, HiTrusHIPAA,t, ISO27701, etc Perform third party risk assessments and work on remediation of findings Familiar with Regulations in United States HealthCare & Middle-East Coordinating with internal teams for gathering evidences and presenting it to auditor Identify control gaps/weaknesses and formulate action plans to address What You Need Understanding of different Privacy & Compliance controls of Federal & State Regulation's Bachelor's degree in Information Technology, Computer Science Engineering preferred Minimum of 3-5 years of prior experience in Information Security Risk & Compliance Hands-on experience on HIPAA, SOCII, ISO27001:2022, HiTrust etc Familiarity of compliances like GDPR, NISTSP800-53, HiTech, FedRamp, AzRamp, MARSE, etc Vendor Risk Assessment, Respond to RFPs & Legal Review of Security Exhibits Work with Corporate compliance Team for Audits Good to have CISSP/CISA or other relevant certifications Hands-on skills in Data security controls Ready to take up more responsibilities along-with existing role Understanding of Security Architecture and proficient in immediately of data security control Able to work independently, being a team player, ability to work well under pressure Familiarization with cloud like AWS, Azure & GCP Able to multi task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Readily available to work with teams and clients outside India in USA & Middle-East We offer competitive benefits to set you up for success in and outside of work. Here's What We Offer Generous Leave Benefits: Enjoy generous leave benefits of up to 40 days Parental Leave: Experience one of the industry's best parental leave policies to spend time with your new addition Sabbatical Leave Policy: Want to focus on skill development, pursue an academic career, or just take a break? We've got you covered Health Insurance: We offer health benefits and insurance to you and your family for medically related expenses related to illness, disease, or injury Pet-Friendly Office*: Spend more time with your treasured friends, even when you're away from home. Bring your furry friends with you to the office and let your colleagues become their friends, too. *Noida office only Creche Facility for children*: Say goodbye to worries and hello to a convenient and reliable creche facility that puts your child's well-being first. *India offices Where And How We Work Our Noida office is situated in a posh techspace, equipped with various amenities to support our work environment. Here, we follow a five-day work schedule, allowing us to efficiently carry out our tasks and collaborate effectively within our team. Innovaccer is an equal-opportunity employer. We celebrate diversity, and we are committed to fostering an inclusive and diverse workplace where all employees, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, or veteran status, feel valued and empowered. Disclaimer: Innovaccer does not charge fees or require payment from individuals or agencies for securing employment with us. We do not guarantee job spots or engage in any financial transactions related to employment. If you encounter any posts or requests asking for payment or personal information, we strongly advise you to report them immediately to our HR department at px@innovaccer.com. Additionally, please exercise caution and verify the authenticity of any requests before disclosing personal and confidential information, including bank account details.

Omega Healthcare Management Services Private Limited KARNATAKA Posted On 24 Jun 2025 End Date 08 Jul 2025 Required Experience 14 - 18 Years Basic Section No. Of Openings 1 Grade 4B Designation General Manager - IT Infrastructure Closing Date 08 Jul 2025 Organisational Country IN State KARNATAKA City BENGALURU Location Bengaluru-I Skills Skill VENDOR MANAGEMENT ITIL IT SERVICE MANAGEMENT PROJECT MANAGEMENT DATA CENTER IT OPERATIONS SOLUTION ARCHITECTURE IT STRATEGY BUSINESS DEVELOPMENT IT MANAGEMENT Education Qualification No data available CERTIFICATION No data available Job Description Job Summary: 20+ years’ total experience, including 8+ years in a production 24/7 high-availability multi-site enterprise ERP environment, including application hosting, voice and data networks, security and information protection. Demonstrating a deep technical and strategic understanding of the IT Services and Operations delivered by Sterling. Develop and implement comprehensive IT infrastructure strategies to support business goals and operations. Oversee all IT infrastructure activities, including network management, system administration, and IT security. Experience in leading overall infrastructure for a complex organization and network, including multicounty setup, VLAN setup for regulatory requirements, managing data protection, etc. Managing the day-to-day operational tasks within the IT Infrastructure team. Overseeing the annual IT budget and ensuring cost-effectiveness. Monitoring daily operations, including server hardware, software, and operating systems. Coordinating technology installations, upgrades, and maintenance. Coordinating with the central procurement team for purchase follow-ups, invoice submissions, and vendor follow-ups to complete the tasks. Generating performance reports for operating systems and the Service Desk function. Ensuring all IT activities are performed within the parameters of defined KRA’s and KPI’s. Solving complex and diverse problems by continually re-evaluating new and/or conflicting factors. Managing internal and external communications and being the primary contact of escalation for business issues. Assisting with the management of relationships with external organizations and suppliers. Implement and maintain IT security measures as recommended by Security Teams Ensure compliance with relevant regulations and standards, such as HiTrust, HIPAA, and ISO/IEC 27001. Collaborate with other departments such as IT operations, software development, and customer support to align IT infrastructure efforts with business objectives. Work closely with senior executives to provide IT infrastructure insights and recommendations. Lead and mentor the IT infrastructure team, fostering a culture of high performance and technical excellence. Ensure the IT infrastructure team has the skills and resources necessary to support the company’s objectives. Ability to develop and implement strategic IT infrastructure plans aligned with business objectives. Experience in providing strategic recommendations to senior management. Strong leadership skills with the ability to inspire and lead a high-performing IT infrastructure team. Experience in managing cross-functional teams and working collaboratively with other senior executives. Communication and Interpersonal Skills: Excellent communication skills with the ability to effectively present technical information to various stakeholders including the board of directors, employees, and external partners. Strong interpersonal skills with the ability to build and maintain relationships with internal and external stakeholders. Education: Min 20 years of Experience in servers, endpoints, and other Infra applications. A bachelor’s degree in Information Technology, Computer Science, or a related field is typically required. Professional certifications such as Certified Information Systems Security Professional (CISSP) or Cisco Certified Internetwork Expert (CCIE) can enhance a candidate’s credentials. Exposure to ITIL concepts and adoption.

Job Description #KGS Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Preferred Technical & Functional Skills Flair to be abreast with emerging Technology / innovations like Cloud computing, Agile, Blockchain, AI etc. Proficient with MS Office suite of applications [MS Word, MS Exec, MS PowerPoint, Power BI]. Certifications like CISA, CISSP, HITRUST,ISO etc. Key behavioral attributes/requirements Critical thinking and analytical ability. Excellent written and verbal communication skills. Flexibility to adapt to a variety of situations and multitask. Ability to work both independently and as part of a team. Personal drive and positive work ethic. Innovative mindset. Collaborate and build rapport with onshore and offshore teams Uphold the firm’s code of ethics and business conduct Responsibilities Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Qualifications This role is for you if you have the below Education Qualification: BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA, M.Tech, CA. Work Experience: The candidate must have 3-6 years of relevant experience in a similar role, preferably with a Big 4 firm.

Job Description #KGS Roles & responsibilities Conduct external audit in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards. Assist team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes. Assist team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting. Assist team in performing SOC 1 and SOC 2 (System and Organization Controls), SOC 2+ (HITRUST) SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants). Develop self by participating in audit conceptual trainings and actively get involved on business and industry specific knowledge development initiatives including innovation support to help drive usage of new software audit tools Participate in the firm’s strategic initiatives and/or corporate social responsibility programs Being proactive in owning/managing your client allocation & flexible in working arrangements Provide coaching and support to junior team members Assisting Senior team members in reviewing Audit workpapers in line with the KPMG Audit Methodology Help identify performance improvement opportunities for assigned clients / engagements. Identify and communicate IT audit findings to senior management and clients. Communicates effectively with the GTA engagement lead and/or onshore stakeholders on progress through project deliverables. Mandatory technical & functional skills Experience in evaluating and testing Process level manual and automated controls. Experience in testing automated controls and General IT Controls across different domains: Access to Programs and Data, Program Development & Changes and Computer Operations across various platforms (OS, Network, DB, Application). Knowledge / Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Basic Knowledge of Business Process Cycles including Order to Cash, Purchase to Pay etc. Preferred Technical & Functional Skills Flair to be abreast with emerging Technology / innovations like Cloud computing, Agile, Blockchain, AI etc. Proficient with MS Office suite of applications [MS Word, MS Exec, MS PowerPoint, Power BI]. Certifications like CISA, CISSP, HITRUST,ISO etc. Key behavioral attributes/requirements Critical thinking and analytical ability. Excellent written and verbal communication skills. Flexibility to adapt to a variety of situations and multitask. Ability to work both independently and as part of a team. Personal drive and positive work ethic. Innovative mindset. Collaborate and build rapport with onshore and offshore teams Uphold the firm’s code of ethics and business conduct Responsibilities Roles & responsibilities Conduct external audit in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards. Assist team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes. Assist team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting. Assist team in performing SOC 1 and SOC 2 (System and Organization Controls), SOC 2+ (HITRUST) SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants). Develop self by participating in audit conceptual trainings and actively get involved on business and industry specific knowledge development initiatives including innovation support to help drive usage of new software audit tools Participate in the firm’s strategic initiatives and/or corporate social responsibility programs Being proactive in owning/managing your client allocation & flexible in working arrangements Provide coaching and support to junior team members Assisting Senior team members in reviewing Audit workpapers in line with the KPMG Audit Methodology Help identify performance improvement opportunities for assigned clients / engagements. Identify and communicate IT audit findings to senior management and clients. Communicates effectively with the GTA engagement lead and/or onshore stakeholders on progress through project deliverables. Mandatory technical & functional skills Experience in evaluating and testing Process level manual and automated controls. Experience in testing automated controls and General IT Controls across different domains: Access to Programs and Data, Program Development & Changes and Computer Operations across various platforms (OS, Network, DB, Application). Knowledge / Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Basic Knowledge of Business Process Cycles including Order to Cash, Purchase to Pay etc. Qualifications This role is for you if you have the below Education Qualification: BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA, M.Tech, CA. Work Experience: The candidate must have 1-4 years of relevant experience in a similar role, preferably with a Big 4 firm.

Job Summary: Bahwan Cybertek is looking for an experienced Cyber Security Manager to lead and manage external cybersecurity audits and compliance assessments for our clients. The ideal candidate will have deep knowledge of HITRUST (e1, i1, r2) , SOC 2 Type 2 , and other regulatory frameworks, with hands-on experience using the HITRUST MyCSF platform . This role involves directly engaging with client organizations to conduct assessments, identify gaps, recommend controls, and support their certification and compliance goals. Key Responsibilities: Lead external cybersecurity audits and compliance assessments for client organizations across industries. Guide clients through the HITRUST certification lifecycle (e1, i1, r2) and SOC 2 Type 2 readiness and attestation . Utilize the HITRUST MyCSF platform to manage assessments, document controls, track remediation, and ensure compliance alignment. Perform gap assessments , readiness evaluations , and risk analysis for client environments. Coordinate with client stakeholders, auditors, and technical teams to prepare and support certification audits . Provide clients with actionable insights and customized security control recommendations aligned with industry frameworks (ISO 27001, NIST, HIPAA, etc.). Assist clients in developing and improving their information security policies, procedures, and governance structures . Monitor evolving compliance requirements and update client advisory plans accordingly . Prepare detailed reports, dashboards, and executive summaries for client leadership teams. Mentor internal team members and contribute to continuous improvement of audit delivery methodologies. Required Qualifications: Bachelor’s degree in Computer Science, Information Security, or related discipline (Master’s degree or relevant certifications preferred). Minimum 8 years of experience in cybersecurity, with significant exposure to client-facing roles and external audit execution. Proven track record supporting clients in achieving HITRUST (e1, i1, r2) and SOC 2 Type 2 compliance. Expertise in using the HITRUST MyCSF platform for managing audit programs and control mapping. Strong understanding of regulatory and security frameworks including ISO 27001, NIST, HIPAA, GDPR, CCPA . Certifications such as CISSP, CISA, CISM , or HITRUST CCSFP are highly desirable. Exceptional client communication, presentation, and stakeholder management skills. Preferred Skills: Strong project management and client engagement experience. Hands-on knowledge of cloud security tools, vulnerability assessment , and data privacy regulations . Familiarity with third-party risk management programs and vendor compliance. Ability to handle multiple client projects simultaneously with a high level of professionalism. Work Mode: Hybrid / On-site – Chennai Employment Type: Full-time, Permanent

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

(6-8 Years) Role Summary: The manager is responsible for leading and sustaining the team that drives the compliance strategy by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders. He/she should be able to work collaboratively with other departments and stakeholders to achieve company-wide goals and satisfy the client. Mandatory Skill Sets/Expertise: Relevant bachelor’s or master’s degree in computer science/ IT Auditing/ Information Systems/ Privacy. Have at least 6-8 years of relevant information security auditing experience and advanced knowledge of general controls (security, change management, disaster backup recovery, data centre, infrastructure, etc.), IT governance processes (ITIL). Ability to critically review security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards. Good understanding and implementation expertise of industry standards in cybersecurity (ISO, ITIL, NIST, ISF, SOC, HITRUST, PCI DSS, HIPAA) and privacy (GDPR, ISO 27018) is an advantage. Good project management skills with the ability to collaborate with teams across multiple locations and a strong command of the English language. Relevant industry recognized certifications such as CISSP/CISA/CISM. Key Attributes: Leadership: To lead by example, collaborate with the team, and make appropriate decisions when required. effectively communicate the vision and goals of the Accorian. Mentoring: To mentor individuals from graduate to industry qualified, with the aim of motivating and enhancing their personal and professional development. Communication: To communicate effectively both verbally and in writing, with the team and clients, sharing information in a clear and concise manner. Problem-solving: Strong analytical skills to identify and solve complex problems within the GRC domain. Key Responsibilities: Setting strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, & reporting metrics. Interfacing with stakeholders, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment. Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers, senior and executive leaders. Leading small teams by assigning and tracking individual tasks and ensuring the team meets milestones and addresses challenges. Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications. Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks. Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution. Drop your CVs to joinourteam@accorian.com

About TripleLift We're TripleLift, an advertising platform on a mission to elevate digital advertising through beautiful creative, quality publishers, actionable data and smart targeting. Through over 1 trillion monthly ad transactions, we help publishers and platforms monetize their businesses. Our technology is where the world's leading brands find audiences across online video, connected television, display and native ads. Brand and enterprise customers choose us because of our innovative solutions, premium formats, and supportive experts dedicated to maximizing their performance. As part of the Vista Equity Partners portfolio, we are NMSDC certified, qualify for diverse spending goals and are committed to economic inclusion. Find out how TripleLift raises up the programmatic ecosystem at triplelift.com. The Role TripleLift is seeking a Security Engineer to join our team full time. We are an established company in the advertising technology sector, trying to tackle some of the most challenging problems facing the industry. You will be joining a rapidly growing and complex environment and will work as part of a small team that will be responsible for developing, evangelizing, and executing our security roadmap. You’ll help drive improvements in our security operations capability and support critical projects enhancing our detect-and-respond capabilities. Responsibilities Support and enhance the organization's global security compliance efforts aligned with frameworks like NIST CSF and CIS Controls Monitor and triage security alerts and incidents using SIEM, EDR, and other monitoring tools; escalate and support investigations as needed Manage and maintain endpoint security tools (e.g., CrowdStrike, Microsoft Defender, SentinelOne) across corporate devices and servers Coordinate with IT to ensure consistent endpoint hardening, patching, and policy enforcement Contribute to the vulnerability management process by validating, tracking, and helping remediate findings across infrastructure and endpoints Assist in the creation and maintenance of detection rules, security dashboards, and runbooks Perform initial threat-hunting activities and collaborate with senior engineers on deeper investigations Support identity and access management practices (e.g., user provisioning/deprovisioning, privileged access reviews) Participate in incident response, including documentation, coordination, and root cause analysis Create and maintain security documentation, procedures, and knowledge base articles Collaborate cross-functionally with engineering, IT, and compliance teams to support secure operations Desired Skills And Attributes 4+ years of experience in a security engineering or security operations role Proven track record working in information security operations, engineering, architecture, or security consulting Understanding of security fundamentals with relation to various cybersecurity and compliance frameworks, particularly NIST CSF, but any of: PCI, SOC2, HITRUST, ISO 27001/2, or similar Deep understanding of the AWS Cloud, it’s services, technologies and APIs Hands-on experience managing endpoint security platforms (EDR, antivirus, MDM) in a corporate environment Able to design and evaluate general security controls, as well as how to design effective compensating controls where necessary Experience managing tools in a Security Operations Center environment, i.e., monitoring and reacting to SIEM alerts/events Deep understanding of how to securely manage cloud-native environments and ability to deploy tools in these environments Experience with managing identity and access solutions at scale for a large corporation e.g. Okta Practical experience with coding and scripting languages (e.g., Python, Bash, PowerShell) to support automation and tooling Strong communication and documentation skills Strives for continued learning opportunities to build upon craft Holds a Cybersecurity certification, e.g. CISSP, CISA, Security+, etc. Education Requirement A Bachelor’s degree in a technical subject is preferred, although candidates with relevant experience who hold other degrees will be considered. Experience Requirement At least four years of experience working within a security role or related/adjacent role Location Pune Life at TripleLift At TripleLift, we’re a team of great people who like who they work with and want to make everyone around them better. This means being positive, collaborative, and compassionate. We hustle harder than the competition and are continuously innovating. Learn more about TripleLift and our culture by visiting our LinkedIn Life page. Establishing People, Culture and Community Initiatives At TripleLift, we are committed to building a culture where people feel connected, supported, and empowered to do their best work. We invest in our people and foster a workplace that encourages curiosity, celebrates shared values, and promotes meaningful connections across teams and communities. We want to ensure the best talent of every background, viewpoint, and experience has an opportunity to be hired, belong, and develop at TripleLift. Through our People, Culture, and Community initiatives, we aim to create an environment where everyone can thrive and feel a true sense of belonging. Privacy Policy Please see our Privacy Policies on our TripleLift and 1plusX websites. TripleLift does not accept unsolicited resumes from any type of recruitment search firm. Any resume submitted in the absence of a signed agreement will become the property of TripleLift and no fee shall be due.