343 Hitrust Jobs - Page 7

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Risk Compliance and Resilience – Associate Director As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Associate Director who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 18 years of overall experience At least 15 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About New Relic New Relic is a leader in observability, empowering engineers with real-time insights to build better software, faster. We are deeply committed to fostering an environment of innovation and collaboration, where our technology and people thrive. Our mission is to be the observability platform of choice & the system of intelligence for customers. Your opportunity As the Lead Product Security & Compliance Manager at New Relic, you will play a critical role in ensuring our innovative products meet global compliance standards and customer expectations. You will be a key partner to our product, engineering, legal, and security teams, providing guidance and oversight on a wide range of compliance and regulatory matters. This is an exciting opportunity to build and scale a product compliance program in a fast-paced, high-growth SaaS environment at the forefront of the observability and AI-powered analytics space. This role requires a deep understanding of the evolving regulatory landscape, a strong technical foundation, and proven experience in partnering with engineering teams to embed compliance into the software development lifecycle. What you’ll do Serve as the central point of contact for product compliance, working closely with Product Management, Engineering, Legal, Security, and Sales to integrate compliance requirements into the entire product lifecycle, from design to launch and beyond. Shape product capabilities to proactively balance compliance requirements with speed-to-market. Review product features and internal architecture to assess against compliance requirements. Identify and evaluate risks, including oversight and monitoring of our risk program in relation to product features. Stay abreast of global regulatory trends and translate them into actionable insights and requirements for product teams. Identify automation opportunities to enhance the review process in partnership with security and legal teams, incorporating minimum requirements that all capabilities must meet. This role requires: Bachelor's degree in Computer Science, Information Security, or related field. Minimum of 8 years of experience as a Security & Compliance Product Manager, Security and Compliance manager, audit experience, FedRAMP experience. Strong knowledge of and experience in security risk management and with frameworks including related regulatory compliance requirements (e.g., SOC 2, ISO 27001, HITRUST, HIPAA, PCI-DSS, and NIST). Knowledge of or experience working with, Cloud technologies/environments, AWS, Azure, GCP, or other related cloud experience. Use creative and critical-thinking skills and, through the development of automation and implementation of procedures that minimize operational overhead, help your stakeholders meet the spirit of security controls. Minimum of 8 years of experience as a Security & Compliance Product Manager, Security and Compliance manager, technical/engineering product manager, audit experience, FedRAMP experience Bonus points if you have List “nice-to-have” criteria, such as attributes/behavioral values, strongly desired qualifications, and working conditions. Experience with compliance in the context of AI/ML-powered products. Knowledge of government compliance standards such as FedRAMP. Knowledge of/experience working in heavily regulated software or software as a service industry. Familiarity with the observability and application performance monitoring (APM) market. Familiarity with New Relic products and capabilities Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other relevant certifications. Fostering a diverse, welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best, most authentic selves to work every day. We celebrate our talented Relics’ different backgrounds and abilities, and recognize the different paths they took to reach us – including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. We’re looking for people who feel connected to our mission and values, not just candidates who check off all the boxes. If you require a reasonable accommodation to complete any part of the application or recruiting process, please reach out to resume@newrelic.com. We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success, including fully office-based, fully remote, or hybrid. Our hiring process In compliance with applicable law, all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers’ means that a criminal background check is required to join New Relic. We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including, but not limited to, the San Francisco Fair Chance Ordinance. Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic. Candidates are evaluated based on qualifications, regardless of race, religion, ethnicity, national origin, sex, sexual orientation, gender expression or identity, age, disability, neurodiversity, veteran or marital status, political viewpoint, or other legally protected characteristics. Review our Applicant Privacy Notice at https://newrelic.com/termsandconditions/applicant-privacy-policy

Role & responsibilities We have a great opportunity for the role of Advisor- Information Security Assurance| HITRUST| for our reputed client. Relevant Exp: Min 6 years Mandatory Skills: HITRUST Immediate Joiners to 15 days Preferred Job location- Remote If you are interested, please share your profile at shatagale@iitjobs.com

About the Company: VISO TRUST is the only SaaS third party cyber risk management platform that delivers the security intelligence needed for modern companies to make critical risk decisions at the speed of business. Assessing the risk of data breach third party relationships pose to their customers is a traditionally complex and labor intensive process that slows business, frustrates stakeholders and leaves security teams branded: the department of “no.” With VISO’s AI-based system, practitioners can instantly and continually assess any number of third parties while achieving on average a 90% boost in operational efficiency. At VISO, we are excited to be enabling customers to reduce risk and accelerate business at the same time. VISO TRUST is a venture-backed startup with a fully remote workforce based in North America. When hiring, we look for signs that a candidate will thrive in our culture, where we put people first and value ownership, curiosity, honesty and humility in the pursuit of excellence. We also value our differences, employing a team rich in diverse perspectives and experiences. We are dedicated to equal employment opportunities regardless of status or membership in a protected class or lack thereof. About the Job As a Third Party Risk Auditor at VISO TRUST, you will be responsible for analyzing security documents, conducting third-party risk assessments, and ensuring the accuracy of our AI-driven platform’s automated due diligence. You’ll collaborate with Product, Engineering, and Machine Learning teams to improve risk assessments and enhance platform efficiency. This role is ideal for someone with strong analytical skills and experience in cybersecurity frameworks, excited to work with AI to streamline third-party risk management. Key Responsibilities Analyzing security program related language and documents, recording text annotations for the training of machine learning models and ensuring quality assurance on the conclusions drawn by automated assessments Conducting domestic and global third party risk assessments including coordinating intake of new third parties and new engagements, third party security reviews, interacting with internal and external stakeholders, reporting on assessment outcomes and tracking remediation efforts Working closely with Product, Engineering, Customer Success and Machine Learning teams to contribute to automation logic and model training and ensure the success of reviews performed on the platform Apply VISO TRUST methodology to to evaluate control presence and determine risk Document assessment procedures for subsequent automation Review business and technical assessments, questionnaires and related documentation Schedule and conduct review calls with third parties: ensure and track questionnaires sent to third parties, track and report on abandoned third parties, receive and review questionnaires responses and finalize reports Coordinate other due diligence that needs to be done in addition to security questionnaire when needed Collaborate with VISO Audit, Product, Engineering and Machine Learning personnel to develop continued program process and platform improvements Report on assessment outcomes, risk levels, and remediation progress Key Skills, Qualifications & Experience Strong analytical/critical thinking skills Excellent written, verbal communication and organizational skills Ability to perform policy and standard gap analyses based on leading security frameworks Knowledge of common control and policy taxonomies and hierarchies and related language Knowledge of common third party assurance related documents, their structure and analysis, such as AICPA SOC reports, PCI DSS ROC, HiTrust, ISO 27001 Statements of Applicability, etc. Deep knowledge and experience with regard to the VISO TRUST technology platform and it’s unique approach to text extraction and automated risk determination Bachelor’s degree with a major in Information Security or equivalent combination of education and experience, ie. CISSP, CISA, CIPP, CRISC, CEH, and/or CISM 3-7 years of experience with third party cyber risk management Have performed IT risk assessments against OWASP, PCI, GLBA, NIST, ISO, SIG/AUP or other standards Strong knowledge base in information security, risk management, privacy, operations, enterprise networking, systems evaluation, and architecture Ability to discern business relevant risk associated with technology control deficiencies, and to identify the corresponding remediation which is required to mitigate the business impact Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary. Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (Strategy, Risk, Compliance and Resilience) – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Hello!You've landed on this page, which means you're interested in working with us. Let's take a sneak peek at what it's like to work at Innovaccer. Engineering at Innovaccer With every line of code, we accelerate our customers' success, turning complex challenges into innovative solutions. Collaboratively, we transform each data point we gather into valuable insights for our customers. Join us and be part of a team that's turning dreams of better healthcare into reality, one line of code at a time. Together, we’re shaping the future and making a meaningful impact on the world. About The Role We at Innovaccer are looking for an Security Engineer-II who will be responsible for Risk Assessment role in our Cyber Security Team for customer & internal activities including proprietary & public data. This role will encompass the use of a broad range of security domains (Security Questionnaires, Vendor Risk Assessment, Internal and External Audits, Writing Policies & Procedures etc.).This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains across multiple cloud platforms at a single time. A Day in the Life Responding to RFPs & Security Questionnaires Coordinating with RFP team and Legal team on reviewing security questionnaires/exhibits, BAA/MSA queries and respond to follow-ups and customer queries Analyzing and updating existing compliance policies, procedures and related documentations Implementing privacy controls & policies Drive Vendor Risk Assessment & Risk Management programme Maintaining communication and coordinating with corporate, legal and IT teams Implement audit controls for external audits like SOC2 Type2, HiTrusHIPAA,t, ISO27701, etc. Perform third party risk assessments and work on remediation of findings Familiar with Regulations in United States HealthCare & Middle-East Coordinating with internal teams for gathering evidences and presenting it to auditor Identify control gaps/weaknesses and formulate action plans to address What You Need Understanding of different Privacy & Compliance controls of Federal & State Regulation's Bachelor’s degree in Information Technology, Computer Science Engineering preferred Minimum of 3-5 years of prior experience in Information Security Risk & Compliance Hands-on experience on HIPAA, SOCII, ISO27001:2022, HiTrust etc. Familiarity of compliances like GDPR, NISTSP800-53, HiTech, FedRamp, AzRamp, MARSE, etc Vendor Risk Assessment, Respond to RFPs & Legal Review of Security Exhibits Work with Corporate compliance Team for Audits Good to have CISSP/CISA or other relevant certifications Hands-on skills in Data security controls Ready to take up more responsibilities along-with existing role Understanding of Security Architecture and proficient in immediately of data security control Able to work independently, being a team player, ability to work well under pressure Familiarization with cloud like AWS, Azure & GCP Able to multi task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Readily available to work with teams and clients outside India in USA & Middle-East We offer competitive benefits to set you up for success in and outside of work. Here’s What We Offer Generous Leave Benefits: Enjoy generous leave benefits of up to 40 days. Parental Leave: Experience one of the industry's best parental leave policies to spend time with your new addition. Sabbatical Leave Policy: Want to focus on skill development, pursue an academic career, or just take a break? We've got you covered. Health Insurance: We offer health benefits and insurance to you and your family for medically related expenses related to illness, disease, or injury. Pet-Friendly Office*: Spend more time with your treasured friends, even when you're away from home. Bring your furry friends with you to the office and let your colleagues become their friends, too. *Noida office only Creche Facility for children*: Say goodbye to worries and hello to a convenient and reliable creche facility that puts your child's well-being first. *India offices Where and how we work Our Noida office is situated in a posh techspace, equipped with various amenities to support our work environment. Here, we follow a five-day work schedule, allowing us to efficiently carry out our tasks and collaborate effectively within our team. Innovaccer is an equal-opportunity employer. We celebrate diversity, and we are committed to fostering an inclusive and diverse workplace where all employees, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, or veteran status, feel valued and empowered. Disclaimer: Innovaccer does not charge fees or require payment from individuals or agencies for securing employment with us. We do not guarantee job spots or engage in any financial transactions related to employment. If you encounter any posts or requests asking for payment or personal information, we strongly advise you to report them immediately to our HR department at px@innovaccer.com. Additionally, please exercise caution and verify the authenticity of any requests before disclosing personal and confidential information, including bank account details.

Position : Information Security Risk and Compliance Grade : E2 Shift : 1st & 2nd shift Location : Chennai/Bangalore Position Summary: The Security Architecture and Design Assessment Lead is responsible for ensuring the security of cloud infrastructure(GCP and AWS) and applications through meticulous assessment and implementation of robust security measures. The role needs to have a strong understanding of security requirement in industry such healthcare, Pharma, patient services and life sciences and good understanding of ISO 27001 , HIPAA and HITRUST . Job Description: Ensure the security posture of cloud environments (GCP and AWS) by identifying and mitigating risks. Conduct security assessments of GCP and other cloud environments (AWS), including applications and infrastructure. Collaborate with cloud application architects/developers, system/network administrators, and stakeholders to ensure secure cloud design. Review changes in Application Design and assess security controls , provide recommendations and validate the implementation of security controls across IAM , Network Security , Data Security and Infrastructure Security . Provide guidance on cloud security controls and ensure adherence to secure cloud practices. Work with key stakeholders across engineering groups to align architecture decisions with security requirements. Profile Description: Strong expertise in cybersecurity principles and best practices Thorough understanding of various security standards, framework, and certifications/attestations e.g., ISO 27001, HIPAA, HITRUST. 10-12 years of experience in Information Security, specializing in reviewing cloud infrastructure and applications. Proficiency in Cyber Security Risk Assessment, Cloud Security Assessment, Defense in Depth, and Security Architecture patterns. Hands-on experience with Threat Modelling techniques such as STRIDE, PASTA, and familiarity with IAM, App Sec, SDLC, Data Security, Network Security, Encryption, Logging & Monitoring. Experience with Okta and Entra ID is preferable Strong experience in assessing and implementing security controls for GCP & AWS cloud platforms and resources Strong experience assessing and recommending security controls for Container based applications. Experience in Assessing and Recommending Security controls for Data Analytics , Data Warehouse and AI based applications Familiarity with GCP Command Center, AWS Security Hub and mitigating vulnerabilities. Experience with Cloud Access Security Broker, CSPM, CWPP, PaaS, and IaaS security requirements in Azure, GCP, AWS, and AKS. Individual handling of design/solution reviews across cloud and SaaS providers, ensuring security due diligence. Understanding of Cloud Security Alliance Cloud Control Matrix (CSM) and CSA Security guidance. Management of security projects and technical assessments across multiple geographies. Strong analytical and troubleshooting skills, along with excellent communication and interpersonal abilities. Experience with cloud infrastructure like GCP and AWS and familiarity with concepts like Zero Trust Architecture, Cloud Security, Firewall rule reviews, and Conditional Access. Scripting knowledge (e.g., Powershell) is advantageous, and CISSP and CCSP certifications are a plus. We are Mindsprint! A leading-edge technology and business services firm that provides impact driven solutions to businesses, enabling them to outpace speed of change. For over three decades we have been accelerating technology transformation for the Olam Group and their large base of global clients. Working with leading technologies and empowered with the freedom to create new solutions and better existing ones, we have been inspiring businesses with pioneering initiatives. Awards bagged in the recent years: Best Shared Services in India Award by Shared Services Forum 2019 Asias No.1 Shared Services in Process Improvement and Value Creation by Shared Services and Outsourcing Network Forum 2019 International Innovation Award for Best Services and Solutions 2019 Kincentric Best Employer India 2020 Creative Talent Management Impact Award SSON Impact Awards 2021 The Economic Times Best Workplaces for Women 2021 & 2022 #SSFExcellenceAward for Delivering Business Impact through Innovative People Practices 2022 For more info: https://www.mindsprint.org/ Follow us in LinkedIn: Mindsprint Required abilities Physical: Other: Work Environment Details: Specific requirements Travel: Vehicle: Work Permit: Other details Pay Rate: Contract Types: Time Constraints: Compliance Related: Union Affiliation:

Hello!You've landed on this page, which means you're interested in working with us. Let's take a sneak peek at what it's like to work at Innovaccer. Engineering at Innovaccer With every line of code, we accelerate our customers' success, turning complex challenges into innovative solutions. Collaboratively, we transform each data point we gather into valuable insights for our customers. Join us and be part of a team that's turning dreams of better healthcare into reality, one line of code at a time. Together, we're shaping the future and making a meaningful impact on the world. About The Role We at Innovaccer are looking for an Security Engineer-II who will be responsible for Risk Assessment role in our Cyber Security Team for customer & internal activities including proprietary & public data. This role will encompass the use of a broad range of security domains (Security Questionnaires, Vendor Risk Assessment, Internal and External Audits, Writing Policies & Procedures etc.).This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains across multiple cloud platforms at a single time. A Day in the Life Responding to RFPs & Security Questionnaires Coordinating with RFP team and Legal team on reviewing security questionnaires/exhibits, BAA/MSA queries and respond to follow-ups and customer queries Analyzing and updating existing compliance policies, procedures and related documentations Implementing privacy controls & policies Drive Vendor Risk Assessment & Risk Management programme Maintaining communication and coordinating with corporate, legal and IT teams Implement audit controls for external audits like SOC2 Type2, HiTrusHIPAA,t, ISO27701, etc Perform third party risk assessments and work on remediation of findings Familiar with Regulations in United States HealthCare & Middle-East Coordinating with internal teams for gathering evidences and presenting it to auditor Identify control gaps/weaknesses and formulate action plans to address What You Need Understanding of different Privacy & Compliance controls of Federal & State Regulation's Bachelor's degree in Information Technology, Computer Science Engineering preferred Minimum of 3-5 years of prior experience in Information Security Risk & Compliance Hands-on experience on HIPAA, SOCII, ISO27001:2022, HiTrust etc Familiarity of compliances like GDPR, NISTSP800-53, HiTech, FedRamp, AzRamp, MARSE, etc Vendor Risk Assessment, Respond to RFPs & Legal Review of Security Exhibits Work with Corporate compliance Team for Audits Good to have CISSP/CISA or other relevant certifications Hands-on skills in Data security controls Ready to take up more responsibilities along-with existing role Understanding of Security Architecture and proficient in immediately of data security control Able to work independently, being a team player, ability to work well under pressure Familiarization with cloud like AWS, Azure & GCP Able to multi task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Readily available to work with teams and clients outside India in USA & Middle-East We offer competitive benefits to set you up for success in and outside of work. Here's What We Offer Generous Leave Benefits: Enjoy generous leave benefits of up to 40 days Parental Leave: Experience one of the industry's best parental leave policies to spend time with your new addition Sabbatical Leave Policy: Want to focus on skill development, pursue an academic career, or just take a break? We've got you covered Health Insurance: We offer health benefits and insurance to you and your family for medically related expenses related to illness, disease, or injury Pet-Friendly Office*: Spend more time with your treasured friends, even when you're away from home. Bring your furry friends with you to the office and let your colleagues become their friends, too. *Noida office only Creche Facility for children*: Say goodbye to worries and hello to a convenient and reliable creche facility that puts your child's well-being first. *India offices Where And How We Work Our Noida office is situated in a posh techspace, equipped with various amenities to support our work environment. Here, we follow a five-day work schedule, allowing us to efficiently carry out our tasks and collaborate effectively within our team. Innovaccer is an equal-opportunity employer. We celebrate diversity, and we are committed to fostering an inclusive and diverse workplace where all employees, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, or veteran status, feel valued and empowered. Disclaimer: Innovaccer does not charge fees or require payment from individuals or agencies for securing employment with us. We do not guarantee job spots or engage in any financial transactions related to employment. If you encounter any posts or requests asking for payment or personal information, we strongly advise you to report them immediately to our HR department at px@innovaccer.com. Additionally, please exercise caution and verify the authenticity of any requests before disclosing personal and confidential information, including bank account details.

Omega Healthcare Management Services Private Limited KARNATAKA Posted On 24 Jun 2025 End Date 08 Jul 2025 Required Experience 14 - 18 Years Basic Section No. Of Openings 1 Grade 4B Designation General Manager - IT Infrastructure Closing Date 08 Jul 2025 Organisational Country IN State KARNATAKA City BENGALURU Location Bengaluru-I Skills Skill VENDOR MANAGEMENT ITIL IT SERVICE MANAGEMENT PROJECT MANAGEMENT DATA CENTER IT OPERATIONS SOLUTION ARCHITECTURE IT STRATEGY BUSINESS DEVELOPMENT IT MANAGEMENT Education Qualification No data available CERTIFICATION No data available Job Description Job Summary: 20+ years’ total experience, including 8+ years in a production 24/7 high-availability multi-site enterprise ERP environment, including application hosting, voice and data networks, security and information protection. Demonstrating a deep technical and strategic understanding of the IT Services and Operations delivered by Sterling. Develop and implement comprehensive IT infrastructure strategies to support business goals and operations. Oversee all IT infrastructure activities, including network management, system administration, and IT security. Experience in leading overall infrastructure for a complex organization and network, including multicounty setup, VLAN setup for regulatory requirements, managing data protection, etc. Managing the day-to-day operational tasks within the IT Infrastructure team. Overseeing the annual IT budget and ensuring cost-effectiveness. Monitoring daily operations, including server hardware, software, and operating systems. Coordinating technology installations, upgrades, and maintenance. Coordinating with the central procurement team for purchase follow-ups, invoice submissions, and vendor follow-ups to complete the tasks. Generating performance reports for operating systems and the Service Desk function. Ensuring all IT activities are performed within the parameters of defined KRA’s and KPI’s. Solving complex and diverse problems by continually re-evaluating new and/or conflicting factors. Managing internal and external communications and being the primary contact of escalation for business issues. Assisting with the management of relationships with external organizations and suppliers. Implement and maintain IT security measures as recommended by Security Teams Ensure compliance with relevant regulations and standards, such as HiTrust, HIPAA, and ISO/IEC 27001. Collaborate with other departments such as IT operations, software development, and customer support to align IT infrastructure efforts with business objectives. Work closely with senior executives to provide IT infrastructure insights and recommendations. Lead and mentor the IT infrastructure team, fostering a culture of high performance and technical excellence. Ensure the IT infrastructure team has the skills and resources necessary to support the company’s objectives. Ability to develop and implement strategic IT infrastructure plans aligned with business objectives. Experience in providing strategic recommendations to senior management. Strong leadership skills with the ability to inspire and lead a high-performing IT infrastructure team. Experience in managing cross-functional teams and working collaboratively with other senior executives. Communication and Interpersonal Skills: Excellent communication skills with the ability to effectively present technical information to various stakeholders including the board of directors, employees, and external partners. Strong interpersonal skills with the ability to build and maintain relationships with internal and external stakeholders. Education: Min 20 years of Experience in servers, endpoints, and other Infra applications. A bachelor’s degree in Information Technology, Computer Science, or a related field is typically required. Professional certifications such as Certified Information Systems Security Professional (CISSP) or Cisco Certified Internetwork Expert (CCIE) can enhance a candidate’s credentials. Exposure to ITIL concepts and adoption.

Job Description #KGS Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Preferred Technical & Functional Skills Flair to be abreast with emerging Technology / innovations like Cloud computing, Agile, Blockchain, AI etc. Proficient with MS Office suite of applications [MS Word, MS Exec, MS PowerPoint, Power BI]. Certifications like CISA, CISSP, HITRUST,ISO etc. Key behavioral attributes/requirements Critical thinking and analytical ability. Excellent written and verbal communication skills. Flexibility to adapt to a variety of situations and multitask. Ability to work both independently and as part of a team. Personal drive and positive work ethic. Innovative mindset. Collaborate and build rapport with onshore and offshore teams Uphold the firm’s code of ethics and business conduct Responsibilities Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Qualifications This role is for you if you have the below Education Qualification: BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA, M.Tech, CA. Work Experience: The candidate must have 3-6 years of relevant experience in a similar role, preferably with a Big 4 firm.

Job Description #KGS Roles & responsibilities Conduct external audit in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards. Assist team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes. Assist team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting. Assist team in performing SOC 1 and SOC 2 (System and Organization Controls), SOC 2+ (HITRUST) SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants). Develop self by participating in audit conceptual trainings and actively get involved on business and industry specific knowledge development initiatives including innovation support to help drive usage of new software audit tools Participate in the firm’s strategic initiatives and/or corporate social responsibility programs Being proactive in owning/managing your client allocation & flexible in working arrangements Provide coaching and support to junior team members Assisting Senior team members in reviewing Audit workpapers in line with the KPMG Audit Methodology Help identify performance improvement opportunities for assigned clients / engagements. Identify and communicate IT audit findings to senior management and clients. Communicates effectively with the GTA engagement lead and/or onshore stakeholders on progress through project deliverables. Mandatory technical & functional skills Experience in evaluating and testing Process level manual and automated controls. Experience in testing automated controls and General IT Controls across different domains: Access to Programs and Data, Program Development & Changes and Computer Operations across various platforms (OS, Network, DB, Application). Knowledge / Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Basic Knowledge of Business Process Cycles including Order to Cash, Purchase to Pay etc. Preferred Technical & Functional Skills Flair to be abreast with emerging Technology / innovations like Cloud computing, Agile, Blockchain, AI etc. Proficient with MS Office suite of applications [MS Word, MS Exec, MS PowerPoint, Power BI]. Certifications like CISA, CISSP, HITRUST,ISO etc. Key behavioral attributes/requirements Critical thinking and analytical ability. Excellent written and verbal communication skills. Flexibility to adapt to a variety of situations and multitask. Ability to work both independently and as part of a team. Personal drive and positive work ethic. Innovative mindset. Collaborate and build rapport with onshore and offshore teams Uphold the firm’s code of ethics and business conduct Responsibilities Roles & responsibilities Conduct external audit in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards. Assist team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes. Assist team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting. Assist team in performing SOC 1 and SOC 2 (System and Organization Controls), SOC 2+ (HITRUST) SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants). Develop self by participating in audit conceptual trainings and actively get involved on business and industry specific knowledge development initiatives including innovation support to help drive usage of new software audit tools Participate in the firm’s strategic initiatives and/or corporate social responsibility programs Being proactive in owning/managing your client allocation & flexible in working arrangements Provide coaching and support to junior team members Assisting Senior team members in reviewing Audit workpapers in line with the KPMG Audit Methodology Help identify performance improvement opportunities for assigned clients / engagements. Identify and communicate IT audit findings to senior management and clients. Communicates effectively with the GTA engagement lead and/or onshore stakeholders on progress through project deliverables. Mandatory technical & functional skills Experience in evaluating and testing Process level manual and automated controls. Experience in testing automated controls and General IT Controls across different domains: Access to Programs and Data, Program Development & Changes and Computer Operations across various platforms (OS, Network, DB, Application). Knowledge / Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Basic Knowledge of Business Process Cycles including Order to Cash, Purchase to Pay etc. Qualifications This role is for you if you have the below Education Qualification: BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA, M.Tech, CA. Work Experience: The candidate must have 1-4 years of relevant experience in a similar role, preferably with a Big 4 firm.

Job Summary: Bahwan Cybertek is looking for an experienced Cyber Security Manager to lead and manage external cybersecurity audits and compliance assessments for our clients. The ideal candidate will have deep knowledge of HITRUST (e1, i1, r2) , SOC 2 Type 2 , and other regulatory frameworks, with hands-on experience using the HITRUST MyCSF platform . This role involves directly engaging with client organizations to conduct assessments, identify gaps, recommend controls, and support their certification and compliance goals. Key Responsibilities: Lead external cybersecurity audits and compliance assessments for client organizations across industries. Guide clients through the HITRUST certification lifecycle (e1, i1, r2) and SOC 2 Type 2 readiness and attestation . Utilize the HITRUST MyCSF platform to manage assessments, document controls, track remediation, and ensure compliance alignment. Perform gap assessments , readiness evaluations , and risk analysis for client environments. Coordinate with client stakeholders, auditors, and technical teams to prepare and support certification audits . Provide clients with actionable insights and customized security control recommendations aligned with industry frameworks (ISO 27001, NIST, HIPAA, etc.). Assist clients in developing and improving their information security policies, procedures, and governance structures . Monitor evolving compliance requirements and update client advisory plans accordingly . Prepare detailed reports, dashboards, and executive summaries for client leadership teams. Mentor internal team members and contribute to continuous improvement of audit delivery methodologies. Required Qualifications: Bachelor’s degree in Computer Science, Information Security, or related discipline (Master’s degree or relevant certifications preferred). Minimum 8 years of experience in cybersecurity, with significant exposure to client-facing roles and external audit execution. Proven track record supporting clients in achieving HITRUST (e1, i1, r2) and SOC 2 Type 2 compliance. Expertise in using the HITRUST MyCSF platform for managing audit programs and control mapping. Strong understanding of regulatory and security frameworks including ISO 27001, NIST, HIPAA, GDPR, CCPA . Certifications such as CISSP, CISA, CISM , or HITRUST CCSFP are highly desirable. Exceptional client communication, presentation, and stakeholder management skills. Preferred Skills: Strong project management and client engagement experience. Hands-on knowledge of cloud security tools, vulnerability assessment , and data privacy regulations . Familiarity with third-party risk management programs and vendor compliance. Ability to handle multiple client projects simultaneously with a high level of professionalism. Work Mode: Hybrid / On-site – Chennai Employment Type: Full-time, Permanent

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

(6-8 Years) Role Summary: The manager is responsible for leading and sustaining the team that drives the compliance strategy by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders. He/she should be able to work collaboratively with other departments and stakeholders to achieve company-wide goals and satisfy the client. Mandatory Skill Sets/Expertise: Relevant bachelor’s or master’s degree in computer science/ IT Auditing/ Information Systems/ Privacy. Have at least 6-8 years of relevant information security auditing experience and advanced knowledge of general controls (security, change management, disaster backup recovery, data centre, infrastructure, etc.), IT governance processes (ITIL). Ability to critically review security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards. Good understanding and implementation expertise of industry standards in cybersecurity (ISO, ITIL, NIST, ISF, SOC, HITRUST, PCI DSS, HIPAA) and privacy (GDPR, ISO 27018) is an advantage. Good project management skills with the ability to collaborate with teams across multiple locations and a strong command of the English language. Relevant industry recognized certifications such as CISSP/CISA/CISM. Key Attributes: Leadership: To lead by example, collaborate with the team, and make appropriate decisions when required. effectively communicate the vision and goals of the Accorian. Mentoring: To mentor individuals from graduate to industry qualified, with the aim of motivating and enhancing their personal and professional development. Communication: To communicate effectively both verbally and in writing, with the team and clients, sharing information in a clear and concise manner. Problem-solving: Strong analytical skills to identify and solve complex problems within the GRC domain. Key Responsibilities: Setting strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, & reporting metrics. Interfacing with stakeholders, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment. Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers, senior and executive leaders. Leading small teams by assigning and tracking individual tasks and ensuring the team meets milestones and addresses challenges. Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications. Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks. Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution. Drop your CVs to joinourteam@accorian.com

About TripleLift We're TripleLift, an advertising platform on a mission to elevate digital advertising through beautiful creative, quality publishers, actionable data and smart targeting. Through over 1 trillion monthly ad transactions, we help publishers and platforms monetize their businesses. Our technology is where the world's leading brands find audiences across online video, connected television, display and native ads. Brand and enterprise customers choose us because of our innovative solutions, premium formats, and supportive experts dedicated to maximizing their performance. As part of the Vista Equity Partners portfolio, we are NMSDC certified, qualify for diverse spending goals and are committed to economic inclusion. Find out how TripleLift raises up the programmatic ecosystem at triplelift.com. The Role TripleLift is seeking a Security Engineer to join our team full time. We are an established company in the advertising technology sector, trying to tackle some of the most challenging problems facing the industry. You will be joining a rapidly growing and complex environment and will work as part of a small team that will be responsible for developing, evangelizing, and executing our security roadmap. You’ll help drive improvements in our security operations capability and support critical projects enhancing our detect-and-respond capabilities. Responsibilities Support and enhance the organization's global security compliance efforts aligned with frameworks like NIST CSF and CIS Controls Monitor and triage security alerts and incidents using SIEM, EDR, and other monitoring tools; escalate and support investigations as needed Manage and maintain endpoint security tools (e.g., CrowdStrike, Microsoft Defender, SentinelOne) across corporate devices and servers Coordinate with IT to ensure consistent endpoint hardening, patching, and policy enforcement Contribute to the vulnerability management process by validating, tracking, and helping remediate findings across infrastructure and endpoints Assist in the creation and maintenance of detection rules, security dashboards, and runbooks Perform initial threat-hunting activities and collaborate with senior engineers on deeper investigations Support identity and access management practices (e.g., user provisioning/deprovisioning, privileged access reviews) Participate in incident response, including documentation, coordination, and root cause analysis Create and maintain security documentation, procedures, and knowledge base articles Collaborate cross-functionally with engineering, IT, and compliance teams to support secure operations Desired Skills And Attributes 4+ years of experience in a security engineering or security operations role Proven track record working in information security operations, engineering, architecture, or security consulting Understanding of security fundamentals with relation to various cybersecurity and compliance frameworks, particularly NIST CSF, but any of: PCI, SOC2, HITRUST, ISO 27001/2, or similar Deep understanding of the AWS Cloud, it’s services, technologies and APIs Hands-on experience managing endpoint security platforms (EDR, antivirus, MDM) in a corporate environment Able to design and evaluate general security controls, as well as how to design effective compensating controls where necessary Experience managing tools in a Security Operations Center environment, i.e., monitoring and reacting to SIEM alerts/events Deep understanding of how to securely manage cloud-native environments and ability to deploy tools in these environments Experience with managing identity and access solutions at scale for a large corporation e.g. Okta Practical experience with coding and scripting languages (e.g., Python, Bash, PowerShell) to support automation and tooling Strong communication and documentation skills Strives for continued learning opportunities to build upon craft Holds a Cybersecurity certification, e.g. CISSP, CISA, Security+, etc. Education Requirement A Bachelor’s degree in a technical subject is preferred, although candidates with relevant experience who hold other degrees will be considered. Experience Requirement At least four years of experience working within a security role or related/adjacent role Location Pune Life at TripleLift At TripleLift, we’re a team of great people who like who they work with and want to make everyone around them better. This means being positive, collaborative, and compassionate. We hustle harder than the competition and are continuously innovating. Learn more about TripleLift and our culture by visiting our LinkedIn Life page. Establishing People, Culture and Community Initiatives At TripleLift, we are committed to building a culture where people feel connected, supported, and empowered to do their best work. We invest in our people and foster a workplace that encourages curiosity, celebrates shared values, and promotes meaningful connections across teams and communities. We want to ensure the best talent of every background, viewpoint, and experience has an opportunity to be hired, belong, and develop at TripleLift. Through our People, Culture, and Community initiatives, we aim to create an environment where everyone can thrive and feel a true sense of belonging. Privacy Policy Please see our Privacy Policies on our TripleLift and 1plusX websites. TripleLift does not accept unsolicited resumes from any type of recruitment search firm. Any resume submitted in the absence of a signed agreement will become the property of TripleLift and no fee shall be due.

Job Summary As the Senior Analyst, Security Assurance you will work in a fast-paced environment fostering teamwork and open communication to focus on compliance with security standards and regulatory frameworks at Foundever. Your expertise will be vital in coordinating external audits, gathering evidence, validating compliance, and engaging stakeholders across the organization. Primary Job Responsibilities Maintain a comprehensive understanding of security compliance frameworks (HITRUST, PCI, DSS, SOC, ISO 27001, HIPAA, NIST) and their requirements Coordinate and support external IT audits, collecting, preparing and submitting necessary documentation and evidence in a timely manner Conduct regular risk assessments and gap analyses to identify areas of improvement Document compliance efforts and gaps, audit findings, and remediation plans, ensuring proper tracking and follow-through Prepare and present status updates, audit results, and risk assessments to leadership and stakeholders Utilize advanced data analytics techniques to assess compliance trends, identify potential risks, and uncover actionable insights that inform decision-making and strategic planning Develop and maintain interactive data visualization graphs and dashboards to effectively communicate compliance metrics, audit findings, and risk assessments to stakeholders Utilize Governance, Risk, and Compliance (GRC) tools to streamline compliance workflows and improve visibility Stay informed of industry trends, threats, and regulatory changes affecting information security Skills And Qualifications 5+ years of experience in information security with a focus on security assurance and compliance In-depth knowledge of security frameworks and standards such as HITRUST CSF, SOC 1/2, ISO 27001, NIST, PCI DSS, etc. Experience with data analytics and data visualization Experience with compliance software and external audit portals for evidence posting and collaboration Knowledge of audit cycles and certifications for cloud hosted applications Bachelor's degree in Computer Science, Information Technology, Security Management, or a related field Preferred Skills And Qualifications HIPAA experience Relevant security and framework certifications (e.g., CCSFP, CISM, CISSP, CISA, PCIP) AI experience About Us Foundever™ is a global leader in the customer experience (CX) industry. With 170,000 associates across the globe, we’re the team behind the best experiences for +750 of the world’s leading and digital-first brands. Our innovative CX solutions, technology and expertise are designed to support operational needs for our clients and deliver a seamless experience to customers in the moments that matter.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY GDS Consulting - Non-financial Services – Third-Party Risk Management - NFS TPRM – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our EY- NFS TPRM team. It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Lead the design and implementation of TPRM operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Demonstrate a general knowledge of market trends, competitor activities, EY products, and service lines. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within EY Consulting Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Attend L&D programs and exhibit a thorough knowledge of consulting methodology and consulting attributes. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About Skypoint Skypoint is a HITRUST r2-certified data unification and agentic AI platform that accelerates productivity and efficiency for healthcare organizations. Our platform empowers healthcare providers, payers, and senior care organizations to unify siloed data, model industry-specific ontologies, and deploy AI agents that automate workflows and enhance decision-making. Founded in 2020 in Portland, Oregon, Skypoint has grown to over 75 employees and serves more than 100 customers. We are proud to be ranked #26 on Deloitte’s 2024 Technology Fast 500™ list, recognizing the fastest-growing tech companies across North America, driven by our exceptional revenue growth over the past three years. Location: Global Technology Park, Marathahalli Outer Ring Road, Bellandur, Bengaluru, Karnataka -5 days/week (No hybrid or remote) Responsibilities: Collaborate with stakeholders to identify challenges and deliver tailored DevOps solutions. Design and implement DevOps architectures, roadmaps, and plans in alignment with the Azure Well-Architected Framework. Establish and manage Azure governance through Azure Policies, Azure Active Directory (AAD), and Azure RBAC. Build and maintain CI/CD pipelines using Azure DevOps (YAML or classic) for fully automated deployments. Automate cloud resource provisioning and management using Infrastructure as Code tools such as ARM, Bicep, and Terraform. Assess existing infrastructure and applications, provide optimization recommendations, and generate audit reports. Lead containerization initiatives, including Kubernetes-based architectures and deployment strategies. Ensure compliance with security, performance, and cost-efficiency standards. Stay current on emerging technologies, including DevOps, SecOps, and AI tools, to drive continuous improvement. Communicate technical concepts effectively to technical and non-technical stakeholders alike. Qualifications Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field.8-10 years of hands-on experience in DevOps, Site Reliability Engineering, or a related role. Proven expertise in deploying and managing Azure cloud environments. Strong proficiency in Azure resource management, cost optimization, and monitoring. Deep knowledge of CI/CD tools and Infrastructure as Code (Terraform proficiency is a must).Extensive experience with Kubernetes and containerized workload management. Familiarity with the Azure Well-Architected Framework for building secure and cost-effective solutions. Exceptional analytical, troubleshooting, and problem-solving skills. Excellent communication and leadership abilities. Experience as a foundational engineer in a startup is a plus. Certifications Microsoft Certified: Azure Solutions Architect ExpertMicrosoft Certified: Azure DevOps Engineer Expert Preferred Background: Experience working in healthcare technology, clinical data systems, or regulatory-compliant SaaS environments. Passion for building intelligent systems that have a real-world impact on healthcare outcomes. Life at Skypoint Life at Skypoint is vibrant and forward-thinking, focused on harnessing the power of AI and advanced technologies to innovate and solve real-world challenges. Our culture thrives on creativity, strategic thinking, and a commitment to excellence, offering a collaborative environment where every contribution is valued. We are dedicated to fostering personal and professional growth, ensuring team members have opportunities for advancement through continuous training and a flexible work-life balance. Skypoint offers competitive benefits, including comprehensive health insurance and retirement plans. What We Offer: Competitive compensation with stock options Comprehensive health benefits, including OPD & gym reimbursements and mental wellness support Onsite opportunity Continuous learning and career growth opportunities Join us to be part of a dynamic team that's shaping the future with groundbreaking solutions in AI and technology, all while enjoying a supportive and inclusive workplace

Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management

NationsBenefits is the leading provider of supplemental benefits, flex cards, and member engagement solutions that partners with managed care organizations to provide innovative healthcare solutions designed to drive growth, improve outcomes, reduce costs, and delight members. Our comprehensive suite of innovative supplemental benefits, payments platform, and member engagement solutions help health plans deliver high-quality benefits to their members, addressing social determinants of health and improving member health outcomes and satisfaction. With a compliance-focused infrastructure, proprietary technology systems, and premier service delivery model, we enable our health plan partners to deliver high-quality, valuebased care to millions of members. We offer a fulfilling work environment that attracts top talent and encourages all associates to do their part in delivering premier service to internal and external customers alike. It’s how we’re transforming the healthcare industry for the better. We provide career advancement opportunities within the organization with multiple locations in Florida, California, Pennsylvania, Tennessee, Texas, Utah, and India. You might also like to know that NationsBenefits is also recognized as one of the fastest growing companies in America. We’re proud of how far we’ve come, and a career with us also gives you growth opportunities. Position Overview The Senior Compliance Analyst is responsible for leading the assessment, monitoring, and maintenance of the organization’s internal control environment and compliance efforts related to key regulatory and industry standards, including HITRUST, SOC 2, and PCI DSS. This role will serve as a subject matter expert in audit readiness and compliance reporting, working closely with internal stakeholders, auditors, and assessors to ensure successful certification and audit outcomes. The Senior Compliance Analyst will also play a critical role in control testing, evidence gathering, and issue remediation tracking. Key Responsibilities Regulatory and Framework Compliance Oversight Serve as the internal point of contact for all matters related to HITRUST, SOC 2, and PCI DSS compliance. Coordinate and support the execution of external audits and assessments. Monitor ongoing compliance activities across departments to ensure adherence to regulatory requirements and industry frameworks. Maintain up-to-date knowledge of changes in applicable standards and regulations, proactively updating policies and controls. Internal Controls Monitoring and Testing Conduct routine internal control testing to validate design and operational effectiveness. Document findings, track remediation efforts, and escalate issues where necessary. Collaborate with control owners to ensure proper documentation, process alignment, and control maturity. Manage evidence collection and maintenance for audit readiness throughout the year. Audit Readiness and Execution Own end-to-end preparation for compliance audits including control mapping, pre-audit checks, and facilitating walkthroughs. Partner with internal teams and external auditors to manage audit logistics, request responses, and evidence delivery. Lead corrective action plans in response to audit findings. Policy and Procedure Support Assist in the development, review, and maintenance of compliance-related policies, procedures, and standard operating documents. Ensure controls and practices align with documentation and are consistently applied across the organization. Reporting and Risk Tracking Maintain dashboards and reports tracking control health, audit status, and compliance program KPIs. Support the GRC Director with compliance reporting for internal and external stakeholders. Qualifications Education Bachelor’s degree in information systems, Cybersecurity, Business Administration, or a related field. Master’s degree or equivalent experience preferred. Experience 4–6 years of experience in a compliance, risk, or IT audit role. Hands-on experience supporting HITRUST, SOC 2, or PCI DSS audits. Familiarity with risk assessment, control testing, and remediation tracking processes. Certifications (Preferred) Certified Information Systems Auditor (CISA) HITRUST Certified CSF Practitioner (CCSFP) Certified in Risk and Information Systems Control (CRISC) CompTIA Security+ or similar Skills Strong knowledge of compliance frameworks and internal control principles. Excellent project management and organizational skills. Ability to communicate effectively with both technical and non-technical stakeholders. Comfortable managing multiple priorities in a fast-paced environment. Proficiency with GRC tools and audit management platforms. Key Competencies Attention to Detail: Ability to meticulously validate evidence and control execution. Analytical Skills: Identify compliance gaps and recommend practical solutions. Collaboration: Work cross-functionally to gather evidence and align processes. Accountability: Drive audit preparation and closure of compliance gaps. Adaptability: Stay current with evolving regulatory requirements and apply them effectively

Hi , As per response to your profile which is uploaded in Job portals. Excellent job openings for Enterprise Security Archite ct in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Please Note:-please refer your friends who are looking for job changes. Job Description: Enterprise Security Architect. JD:- Required Experience & Education:- Experience Minimum of 10 years of experience in enterprise architecture. Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management 5. Certification Requirements /any-1. Required Certification in at least one of the common architecture frameworks (TOGAF, Zachman, DODAF, FEAF or FEAC) 2. Preferred Certifications in multiple common architecture frameworks such as TOGAF, Zachman, DODAF, FEAF, FEAC is preferred. Security industry certifications, such as CISSP, CISM etc Those who have relevant experience and Skills, as mentioned above please revert back ur updated resume to - Sreenivasa.k@happiestminds.com. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: Degree: Regards, Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Primary Responsibilities: Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelors degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification: CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.

Job Description 5+ years of experience in Information Security. Ensure compliance to client security requirements. Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc. Collaborate with IT, Finance, HR and other departments for various security related activities. Conduct security research and keep abreast of latest security trends and issues. Develop and maintain Information Security policies, procedures, standards and guidelines. Certification on ISO 27001 Lead Auditor. Skills Required RoleInformation security analyst Industry TypeITES/BPO/KPO Functional AreaITES/BPO/Customer Service Required Education Bachelors degree Employment TypeFull Time, Permanent Key Skills INFORMATION SECURITY ANALYST Other Information Job CodeGO/JC/353/2025 Recruiter NameDivya R Show more Show less

Location: Gurgaon, India (On‑site/Hybrid, Full‑time) Why Join Us? We’re a fast‑growing health‑tech company transforming Revenue Cycle Management (RCM) for hospitals, clinics, and physician groups. Our cloud‑native platform simplifies complex billing and claims workflows so providers can focus on patient care—not paperwork. As a Senior DevOps Engineer, you’ll be the architect behind the highly available, secure, and scalable infrastructure that keeps those mission‑critical systems running smoothly. What You’ll Do Own the Cloud Infrastructure Design and automate Azure environments with Terraform/ARM, delivering self‑service, repeatable deployments Build resilient network topologies and security controls that meet HIPAA & HITRUST standards Tune performance and cost—because every saved rupee goes back into innovation Ship Code Faster & Safer Create end‑to‑end CI/CD pipelines in Jenkins or GitLab that cut release time from hours to minutes Embed automated tests, quality gates, and blue‑green / canary strategies to achieve zero‑downtime releases Containerize microservices with Docker and orchestrate them with Kubernetes Keep the Lights On Roll out observability stacks (Azure Monitor, Log Analytics, Application Insights) with actionable dashboards and alerts Author incident‑response playbooks and join a low‑noise on‑call rotation Conduct regular security scans and vulnerability assessments—security is everyone’s job here Automate Everything Script in Bash, PowerShell, or Python to eliminate toil and empower developers with self‑service tools Advocate for Infrastructure‑as‑Code and GitOps best practices across teams What You Bring 5+ years in DevOps/SRE roles with deep Azure expertise Hands‑on mastery of Terraform or ARM Templates, Docker, Kubernetes, and CI/CD tooling Strong scripting chops (Python, Bash, PowerShell) Solid understanding of networking, IAM, and security hardening Bonus points for: healthcare/RCM experience, Azure certifications (AZ‑400, AZ‑104), database know‑how (SQL Server, MongoDB), and familiarity with microservices and API gateways Soft Skills We Value Relentless problem solver who thrives in high‑stakes production environments Clear communicator—able to translate “yak‑shaving” tech talk into business value for non‑technical stakeholders Collaborative team player who mentors others and welcomes feedback Self‑starter who can juggle multiple priorities and still hit aggressive deadlines Perks & Benefits Comprehensive medical, dental, and vision coverage for you and your family Annual learning budget for conferences, certifications, and courses—grow on our dime Performance bonuses tied to team and company milestones Flexible working hours and generous leave policy Latest MacBook Pro or high‑end Windows laptop—your choice On‑site wellness programs and monthly team‑building events Powered by JazzHR nn4sn5A5AR Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less