335 Hitrust Jobs - Page 8

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

About Us Decisions is a software development company headquartered in Virginia Beach, Virginia, USA, and it provides a no-code automation platform for all types of business processes. With the no-code automation platform, you can fix the customer experience, modernize legacy systems, ensure regulatory compliance, and automate anything in your business. We help people who know what to do, get it done, and change their world. Role Summary As a Compliance/Security Analyst, your daily work ensures organizational operations meet industry compliance standards to increase customer confidence in Decisions' platform, people, and processes. This role is directly responsible for collaborating with leadership, training employees on industry standards, developing policies, evaluating compliance, and communicating the security posture of Decisions with customers and Decisions leadership. You will strive to elevate the security of customer data as well as internal systems and tools by fighting the status quo of “security theater” to extend our culture of safety and security as a lifestyle in all facets of our business. Key Objectives Objective #1: Bolster Public Brand Trust Support Customer Growth Eliminate internal and external threats to our business Manage vulnerability scanning, reporting, and mitigation activities Identify and understand current organizational policies and practices Communicate with prospects, customers, and team members to continually increase confidence Contribute to the timely completion of accurate customer security questionnaires Observe and act as needed to advance our mission and who we are as an Organization Objective #2: Drive Business Alignment Steward a shared company culture of data security awareness Serve as Incident Response Coordinator during threat events Administer quarterly phish tests and implement remediation strategies Partner with IT to maintain principle of account least privilege Contribute to the org-wide Risk Register to proactively monitor, manage, and resolve business threats Advise on developing and implementing new compliance policies and procedures as required Collaborate with security champions within each department Complete timely and accurate Cloud Cost reporting and SLA reporting requests Objective #3: Maintain Regulatory Adherence Support real-time, collaborative audit readiness Complete internal and external security and privacy audits (ex: SOC2, HITRUST, PCI DSS, ISO27001, etc) Communicate with auditors and follow up on action items in a timely manner Contribute to internal audits to assess operational and procedural compliance Research industry regulations and policies Required Specialized Experience or Skills Technical adeptness and proficiency (if you’ve never used a computer, this is not the role for you) Experience prioritizing and completing multiple tasks on tight timelines Strong problem-solving skills as well as excellent process discipline, milestone management, and time management skills Ability to take in information and summarize the most important content Ability to listen attentively to others and communicate effectively both verbally and in writing Experience working on teams that require high levels of cooperation, flexibility, cross-group collaboration, and real-time response Ability to independently seek and find answers to complete tasks under narrow deadlines Attention to detail without losing sight of the big picture Preferred IT (Helpdesk, Technical Support, SysAdmin) and/or Customer Service Experience COMPTIA A+, Network+, and/or Security+ Exposure to performing key Information Security operational activities Experience with EDR/XDR, IDS/IPS systems Experience contributing to internal and external audits (ex: SOC2, ISO 27000, PCI DSS, HITRUST, FEDRAMP, etc) Experience using Public Clouds (bonus points for Azure or AWS certifications) Linux experience Other Industry certifications: CAP, CCSK, CISA, CCSP, CRISC, Linux+ Show more Show less

Job Title: Consultant Company: Veave Technologies Pvt. Ltd. Location: Jayanagar, Bangalore We're Hiring: Consultant Are you ready to take your career global? Join Veave Technologies as a Consultant and work on high-impact compliance projects across 20+ offices internationally! What You'll Do: * Be part of global projects involving various GRC frameworks, including ISO, CMMi, SOC PCIDSS, HIPAA, GDPR, SMETA, TISAX, HiTrust, HACCP, FSSC, NABL, NABH, and TQM. * Develop and implement robust GRC systems and ensure global regulatory compliance. * Deliver training, conduct incident investigations, and maintain documentation * Analyze legislative changes and prepare compliance reports * Collaborate with regulators and cross-cultural teams * Travel frequently for on-site project deliveryperfect for travel enthusiasts! Why Join Us: * Global Exposure: Work on diverse, international projectsfrom APAC to EMEA, LATAM, NA. *Professional Growth: Get sponsored for various training & certification for industry applicable frameworks. *Cultural Fit: Thrive in a Westernized, inclusive, and innovative corporate environment *Mentorship: Learn from global experts and accelerate your consulting career *Lifestyle Perks: Flexible working policies designed for a balanced global life What We Are Looking For: * 3+ years in GRC consulting, auditing, or management system implementation * Strong knowledge in any of the frameworks such as ISO, CMMi, SOC PCIDSS, HIPAA, GDPR, SMETA, TISAX, HiTrust, HACCP, FSSC, NABL, NABH, and TQM. * Communication excellence and cross-functional collaboration skills * Willingness to travel globally for audit and project delivery * Aspiring or certified Lead Auditor for GRC standards Interview Process: Round 1: Virtual Interview Round 2: Face-to-Face Interview at our Bangalore office Ready to elevate your career and explore the world? Apply now! Send your resume and a brief cover letter to hr@veave.in or recruiter04@topcertifier.com / +91 9035507154 IMMEDIATE JOINER's PREFERRED Lets build your futuretogethe r

Greetings from Access Healthcare" We are hiring for Senior Client Partner - Corporate Quality Experience: - 3-5 years Designation: - Senior Client Partner Location:- Chennai Shift : - General shift Competency Requirement (Technical & Behavioral): To upkeep audit related quality documents. To ensure Internal audits are as per the plan from the centralized team and execute them accordingly. Conduct Business Impact Analysis / Risk Assessment with respective stakeholders to perform the risk evaluation and review of risk treatment on a periodical basis. Coordinate with internal stakeholders to get the audit data during the internal and external audits. Support during the Integrated Management System documentation preparation and sharing the consolidated documents with the Corporate Quality team for review on a periodical basis. Support during external audits. To drive the BCP/DR execution for the site. Defining and maintaining the BCMS framework as authorized and directed by the Head of BCM. Facilitating effective BCM implementation across locations globally. Conduct awareness and training on Information Security & Business continuity Eligibility Criteria : Overall, 3-5 years of experience in a BPO/KPO/Health care services or IT industry with Minimum of 3 year's experience in Corporate Quality (ISMS/SOC/PCI-DSS/HITRUST Certification) • ISO 27001, ISO 22301, ISO 9001:2015, SOC, HITRUST. If interested to apply, email your resume to snithin.sai@accesshealthcare.com or Whatsapp : 9962389886.

Company Description Inovaare Corporation combines innovation with AI-powered health cloud platforms and healthcare SaaS solutions to streamline operations, enhance compliance, and improve member satisfaction. Their HIPAA-compliant, HITRUST-certified platform integrates seamlessly with operations and offers low-code/no-code app building, real-time analytics, and integrated AI for advanced compliance monitoring. Paired with SaaS products like Usher AI, Member Experience Tools, Regulatory Compliance Management, and Healthcare Data Scrubbers, Inovaare Corporation drives measurable results in healthcare organizations. Role Description This is a full-time on-site Email Marketing Specialist role located in Bhubaneswar. The Email Marketing Specialist will be responsible for day-to-day tasks such as marketing analytics, communication, lead generation, marketing automation, and email marketing software management. Qualifications Marketing Analytics and Communication skills Lead Generation and Marketing Automation expertise Email Marketing Software proficiency Strong analytical and problem-solving skills Experience in healthcare industry marketing is a plus Master's degree in Marketing, Communications, or related field Show more Show less

Description Cybersecurity Solutions Architect Syneos Health® is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities. Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life®. Discover what our 29,000 employees, across 110 countries already know. WORK HERE MATTERS EVERYWHERE Why Syneos Health We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program. We are committed to our Total Self culture – where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people. We are continuously building the company we all want to work for and our customers want to work with. Why? Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives – we’re able to create a place where everyone feels like they belong. Job Responsibilities JOB SUMMARY The Cyber Security Solution Architect will be responsible for transforming the way Syneos Health protects applications, software and code that it uses to support the company to accelerate patient therapies to market and thereby increase cyber threat resiliency. This role will be a member of the Office of the CISO and a member of enterprise security architects. As a key subject matter expert and leader within the team, this role will use a data and risk-based approach to driving enterprise initiatives, formulating requirements, patterns, and solutions to achieve risk mitigation. To be successful, this role will act as a technical influencer, build cross-functional and organizational partnerships to deliver modern security engineering and operational solutions. As an architect you will partner with the software engineering organization to design software security solutions, participate in proof of concepts and enable the engineering organization to deliver secure, operational solutions. The role will own the software security program and initiatives and be responsible for reporting on progress to leadership and stakeholders. The scope of responsibility includes but not limited to supporting the transformation of security engineering into the early phases of enterprise delivery through defined Secure SDLC, Source code management, application security, and the transformation of DevSecOps across the enterprise. The role will bring an everything-as-code security mindset to be applied across applications, API’s and platform engineering. To be successful, the role will need to define and identify technical and business risks along with enterprise requirements that can be consumed by a shared-responsibility model for engineering and operational controls. Be a transformation agent by advocating for modern secure engineering principles and automation. Excellent oral and written communication skills, as well as effective organizational abilities, are essential due to the detailed and time-bound nature of the work and the extensive collaboration with others. Job Responsibilities Mature and modernize the enterprise software security program and initiatives to manage risks and enable technology solutions: Use a data-driven approach to identifying areas of risk Publish metrics and KPI’s Set enterprise requirements for secure software development based on common cyber security frameworks such as NIST, Hitrust, CSF. SafeCode, OWASP etc Contribute to enterprise security policies and standards. Evolve Secure SDLC standards and processes Define, own, and drive the company's software security strategy and roadmap, acting as the key security voice for software security Partner with software and platform engineering teams to: Promote DevSecOps solutions and culture Establish secure code management practices Improve automated CI/CD pipelines with appropriate security services Automate enterprise security requirements into backlogs Champion cloud application and platform security engineering practices. Delivery enterprise security patterns for software engineering Participate in Proof of Concepts with the software engineering organization . Educate and drive engagement of modern secure software principles within the organization by: Being a strategic advisor in software security. Being a transformation agent in promoting a modern security engineering mindset. Performing design reviews to identify security architecture flaws. Qualification Requirements What we are looking for: 5–7 years of experience in software security or related roles. Proven track record building and transforming secure software and platform engineering practices Building road maps and creating initiatives to address enterprise goals. Experience partnering with engineering teams to achieve security goals. Strong familiarity with source code management Strong familiarity software exploitation techniques and Mitre @ttack framework. Strong knowledge of cloud platform security (AWS, Azure, Oracle Infrastructure Cloud) Someone with strong engineering mindset that software engineering experience Experience implementing pipeline automation and source code management Additional Standout Skills Hands-on experience with modern engineering technologies such as Kubernetes and Containers Experience with securing Terraform or other IaC platforms Delivered secure coding practices to large engineering teams Familiar with API Security Enabling DevSecOps within large organizations Education. Security Architecture TOGAF/SABSA Cloud security certifications for OCI, AWS or Azure (Azure preferred) Get to know Syneos Health Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients. No matter what your role is, you’ll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health. http://www.syneoshealth.com Additional Information Tasks, duties, and responsibilities as listed in this job description are not exhaustive. The Company, at its sole discretion and with no prior notice, may assign other tasks, duties, and job responsibilities. Equivalent experience, skills, and/or education will also be considered so qualifications of incumbents may differ from those listed in the Job Description. The Company, at its sole discretion, will determine what constitutes as equivalent to the qualifications described above. Further, nothing contained herein should be construed to create an employment contract. Occasionally, required skills/experiences for jobs are expressed in brief terms. Any language contained herein is intended to fully comply with all obligations imposed by the legislation of each country in which it operates, including the implementation of the EU Equality Directive, in relation to the recruitment and employment of its employees. The Company is committed to compliance with the Americans with Disabilities Act, including the provision of reasonable accommodations, when appropriate, to assist employees or applicants to perform the essential functions of the job. Summary JOB SUMMARY The Cyber Security Solution Architect will be responsible for transforming the way Syneos Health protects applications, software and code that it uses to support the company to accelerate patient therapies to market and thereby increase cyber threat resiliency. This role will be a member of the Office of the CISO and a member of enterprise security architects. As a key subject matter expert and leader within the team, this role will use a data and risk-based approach to driving enterprise initiatives, formulating requirements, patterns, and solutions to achieve risk mitigation. To be successful, this role will act as a technical influencer, build cross-functional and organizational partnerships to deliver modern security engineering and operational solutions. As an architect you will partner with the software engineering organization to design software security solutions, participate in proof of concepts and enable the engineering organization to deliver secure, operational solutions. The role will own the software security program and initiatives and be responsible for reporting on progress to leadership and stakeholders. The scope of responsibility includes but not limited to supporting the transformation of security engineering into the early phases of enterprise delivery through defined Secure SDLC, Source code management, application security, and the transformation of DevSecOps across the enterprise. The role will bring an everything-as-code security mindset to be applied across applications, API’s and platform engineering. To be successful, the role will need to define and identify technical and business risks along with enterprise requirements that can be consumed by a shared-responsibility model for engineering and operational controls. Be a transformation agent by advocating for modern secure engineering principles and automation. Excellent oral and written communication skills, as well as effective organizational abilities, are essential due to the detailed and time-bound nature of the work and the extensive collaboration with others. Show more Show less

GE Healthcare Healthcare Science & Technology Organization Category Digital Technology / IT Senior Level Job Id R4025620 Relocation Assistance No Location Bengaluru, Karnataka, India, 560066 Job Description Summary As a Sr. Staff Software Engineer, you will be responsible for defining and implementing the observability strategy across our next-generation cloud-native healthcare services. You will lead the design of scalable, secure, and innovative observability frameworks that empower engineering teams to build resilient, performant, and diagnosable systems. This role is critical to ensuring our platform meets the highest standards of reliability, compliance, and operational excellence. GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Job Description Roles and Responsibilities: In this role, you will: Define and evolve the observability vision and roadmap for our cloud-native healthcare platform. Architect and implement standardized observability frameworks (metrics, logs, traces, events, profiling) across services. Collaborate with platform, SRE, and product teams to instrument services using OpenTelemetry and other modern observability tooling. Build and maintain dashboards, alerts, and SLOs that reflect both technical and business health indicators. Evaluate, integrate, and optimize observability tools (e.g., Datadog, Prometheus, Grafana, Tempo, Loki, Elastic). Lead incident analysis and postmortem reviews , driving improvements in system resilience and observability coverage. Ensure observability practices align with healthcare compliance standards (e.g., HIPAA, HITRUST). Mentor engineers and promote a culture of observability-first development . Educational Qualifications: Bachelor’s or Master’ s degree in Computer Science, Engineering, or a related technical field. Required Qualifications: 12+ years of experience in software engineering, SRE - Site Reliability Engineering or platform engineering roles. 6+ years of experience architecting observability solutions in cloud-native environments (Kubernetes, microservices, serverless). Deep expertise in observability pillars (metrics, logs, traces) and tools like Open Telemetry, Prometheus, Grafana, Datadog, etc. Strong programming/scripting skills (e.g., Go, Python, Bash, Terraform). Experience with distributed tracing , SLO/SLI frameworks , and incident response workflows . Familiarity with cloud platforms (AWS, GCP, or Azure) and CI/CD pipelines. Excellent communication and collaboration skills. Desired Qualifications: Experience in healthcare or regulated industries . Knowledge of data privacy and compliance (HIPAA, HITRUST). Experience with cost optimization and telemetry data governance . Contributions to open-source observability projects. Passion for building developer-friendly tools and frameworks. Business Acumen: Adept at navigating the organizational matrix; understanding people's roles, can foresee obstacles, identify workarounds, leverage resources and rally teammates. Understand how internal and/or external business model works and facilitate active customer engagement Able to articulate the value of what is most important to the business/customer to achieve outcomes Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts. Leadership: Demonstrated working knowledge of internal organization Foresee obstacles, identify workarounds, leverage resources, rally teammates. Demonstrated ability to work with and/or lead blended teams, including 3rd party partners and customer personnel. Demonstrated Change Management /Acceleration capabilities Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate and influence across all organizational levels Proven analytical and problem resolution skills Ability to influence and build consensus with other Information Technology (IT) teams and leadership. Inclusion and Diversity GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity. Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support. #Everyroleisvital #LI-Hybrid #LI-SM1 Additional Information Relocation Assistance Provided: No

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description ORACLE: As the provider of the world’s most complete, open and integrated business software and hardware systems, Oracle is dedicated to unleashing innovation by simplifying IT. With more than 30 years of information technology innovation, Oracle is the recognized industry leader in enterprise application and technology solutions. ORACLE CLOUD: Oracle Cloud is a Generation 2 enterprise cloud that delivers powerful compute and networking performance, a comprehensive portfolio of infrastructure and platform cloud services, and the world’s only self-driving autonomous database. Built from the ground up to meet the needs of mission-critical applications, Oracle Cloud supports all legacy workloads while delivering modern cloud development tools—so enterprises can bring their past and build their future. The comprehensive nature of Oracle Cloud is a key selection consideration for customers. Oracle has the broadest cloud portfolio in the industry, delivering a complete range of production-level, cross-functional business applications for each part of an organization with information and data shared seamlessly across Oracle Cloud Applications and other systems. Business users have the latest innovations at their fingertips across sales and marketing, customer service, finance and accounting, supply chain management, human capital and talent management—all enriched with social engagement and collaboration tools and an intuitive user interface that works on any mobile device. These applications have been architected on a modern and open cloud platform and infrastructure to simplify integration needs and lower an organization’s total cost of ownership. With such extensive functionality across business processes, customers can solve their business problems with complete solutions that give them end-to-end execution and complete visibility. Oracle IaaS is clearly differentiated, being far more performant, more secure, more reliable and cost efficient as compared to others in the market. Oracle has fundamentally innovated in the IaaS space and continues to gain market share aggressively. Oracle PaaS is anchored by Oracle Autonomous Database (ADB), which offers the most innovative “self-driving” capabilities in the data tier in the marketplace. Combine with ADB, Oracle cloud also offers a complete application development platform that includes app dev, security, integration, identity management, analytics, big data and AI/ML amongst other far broader capabilities. Partners with customers, sales, engineering and product teams to design, demonstrate and deploy Oracle Cloud architectures that address customer business problems. Drives Oracle Cloud customer consumption by accelerating the adoption of Oracle cloud services including discovery, design and deployment. Engages with strategic customers, builds leadership relationships at multiple levels within organizations in order to design and implement solutions. Works directly with customers to gather requirements, develop architectures and translates business needs into solutions. May implement solutions and ensure successful deployments through code development and scripting. Displays product/application understanding through highly customized presentation demonstrations to customers, and at conferences, and events. Supports customer from Proof of Concept (POC) through production deployment of services via resource configuration, planning, and customer education/training. Creates and distributes technical assets (white papers, solution code, blog posts, and video demonstrations). Serves as a leading contributor for customers and sales on technical cloud solutions and customer success. Identifies gaps and enhancements to influence engineering roadmaps for customer driven features. Leading contributor, may provide direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. May interact with C level. Maintains expertise by staying current on emerging technologies. Minimum qualifications include: 8 years experience with computer applications and tools required. Ability to travel 50% international and domestic. Preferred but not required qualifications include: Bachelor of Science-level university degree in Computer Science, Math, Engineering from accredited university; and/or relevant 8 years technical experience. Advanced degree in relevant field of studies highly desirable. Expertise in and an in depth and thorough knowledge of competitive and industry knowledge in the field of computer applications and tools; System and application design; Implementation of advanced product features; Project management; Solving technical problems with customers in technical environments; Written and verbal communication and interpersonal skills; Needs analysis, positioning, and business justification. 8 years experience and expertise in the clear communication of technical information to others through presentations, demonstrations, written communication and consultative solutioning experience. Career Level - IC4 Responsibilities The SecDevOPS team is focused on delivering secure OCI service delivery and helping customers establish operational controls through deep knowledge of cloud-native application development, event-driven architectures, microservices, DevOps, Infrastructure-as-code, continuous integration, and automated deployment. This role is a mix of being a developer, a technical delivery architect, and an evangelist. In this role, you will actively engage with customers and deliver architecture to support secure design standards, industry-specific compliance requirements, implementation of cloud-native technologies, serverless application development, integrations with OCI or third party software around logging, monitoring, threat management, asset management solutions, write technical blogs, presentation to customers. The qualified candidate will have deep technical knowledge of cloud-native technologies, and the ability to translate complex technical requirements into architecture & service delivery. Additionally, the ideal candidate will have software development, evangelism, instructional design, and cloud security experience. Above all, you will have a passion for learning new technologies and sharing them with a wider audience, and developing automation for repeatable patterns across customers. While much of the focus of this role will revolve around the delivery of security and operations related to cloud security technologies, a large portion of the work will also involve adjacencies including securing and configuring tenancies, networking, encryption, and key or Certificate Management, Web Application Firewalls, SIEM technologies, vulnerability scanning, monitoring & observability, etc. While also interacting directly with customers the role involves regular work with the development organization to drive product improvements and innovations. This is a senior technical Cloud Delivery role, so the Cloud technical experience is the higher priority. A Cloud Engineer in our team is responsible for the successful implementation of non-routine and complex business solutions ensuring high quality and timely delivery within budget to the customers’ happiness. Analyze business needs to help ensure Oracle’s solution meets the customer’s objectives by combining industry-standard methodologies and product knowledge. Effectively applies Oracle’s methodologies and policies while adhering to contractual obligations, thereby minimizing Oracle’s risk and exposure. Exercises judgment and business acumen in selecting methods and techniques for effective project delivery on small to medium engagements. Provides direction and mentoring to junior resources on the delivery team. Ensures deliverables are acceptable and work closely with the Project Management Team to understand and manage project expectations. Collaborates with the consulting/delivery sales team by providing domain credibility. Helps with Technical solution scoping of project Comfortable working in a matrix management environment. Good communication skills to deal with internal collaborators, customers, and vendors. This individual should have a solid technical background and excellent problem-solving skills. Minimum Qualifications Minimum of 8 years of experience in progressively responsible information technology including. 5+ years of experience in developing, implementing, or architecting cloud solutions. 3+ years of technical architecture experience integrating software into cloud infrastructure with hands on programming experience using one of popular programming languages such as in JAVA or Python. Bachelor’s degree in Computer Science, related technical field or equivalent practical experience. Service delivery experience in a cloud-related environment. Ability to speak and write in English fluently Preferred Qualifications Deep technical domain knowledge in one or more of the following: cloud-native application development, event-driven architectures, SecDevOps, Infrastructure-as-code, continuous integration and deployment, container technologies such as Docker and Kubernetes, Observability Experience with continuous integration tools (e.g. Jenkins) Hands-on familiarity with Infrastructure-as-code technologies (e.g. Terraform) Experience with configuration management platforms (e.g. Chef, Puppet, or Ansible) Strong scripting skills (e.g. PowerShell, Python, Bash, Ruby, Go, etc.) Strong practical application development experience on Linux and Windows-based systems Knowledge and/or hands-on experience with OCI, including current OCI Certification (Developer, Solutions Architect, Operations) Coding experience in one or more of the following languages, Java, .Net, Python, or PHP Knowledge and hands-on experience with AWS, Azure, or Google Cloud preferred. knowledge of industry-specific compliance such as PCI, HIPAA, ISO 27001, HITRUST, CIS preferred. Delivery experience with leading security frameworks such as CIS, NIST, Zero Trust, etc. Experience with REST APIs and related development. Self-motivated, team-oriented, and focused on exceeding customer expectations About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description The Role is to work as a Senior Analyst on the GRC – Third Party Risk Assessment, Cybersecurity team and is a Tier / L2 support role for Vendor Risk Management (Cyber). The Cyber vendor team conducts the cyber diligence on all firm vendors and works closely with the Vendor Risk Team (Non-Cyber ͏ The individual will be responsible for managing portions of the operational work for VRM (Cyber) Kickoff of reviews, touchpoints with vendors to follow up on review status, collecting evidence, and following up on any action items. Updating tracking tools and drafting reports for stakeholders The ideal individual also has cybersecurity and risk management proficiency and can review questionnaires that vendors provide, identify control deficiencies, ask to follow up questions and know when to escalate control gaps to Tier / L3 Training on our proprietary system will be given, however knowledge of frameworks such as the SIG, CAIQ, NIST, ISO and SOC1/2 will be ideal. Having specific vendor risk experience is not a requirement, but knowledge of cybersecurity is If they understand risk management and vendor risk that’s a plus, but I can teach them more about our risk management approach, but reviewing and understanding technical controls is important. Understanding of cybersecurity domain like Application security, threat management, incident response, network security, infrastructure security, cloud security, end point security, vulnerability managemen Knowledge of industry regulations and standards such as NIST, ISO, GDPR, SOC is also useful. Good to have working experience on: Mandatory Skill: Use of Tools Microsoft Office, Word, PowerPoint, Excel Familiarity with Jira, Confluence, Kanban Board, ServiceNo Familiarity with ISO 27001, ISO 27002, ISAE 3402, SOC 1 and 2, SOX, CMMC, HITRUST, HIPAA, CRBF, Solvency, etc Familiarity with cybersecurity domains such as domains Compliance of the company’s user access rights and respond with reports to auditors. Good to have Handson experience in assessing GRC tools (e.g. ProcessUnity, Hyperproof etc.) Good Communication and audit report writing Skill ͏ Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA’s (90-95%), response time and resolution time TAT ͏ ͏ Mandatory Skills: GRC Consulting. Experience: 3-5 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Required Skill: Bachelor's degree with 6 year minimum experience in SOC audit. Experience in SOC2, HITRUST is mandate. External Audit experience is must have. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Requisition Id : 1569844 As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we don't just focus on who you are now, but who you can become. We believe that it’s your career and ‘It’s yours to build’ which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. The opportunity : Manager-TMT-Assurance-ASU - TR - Technology Risk - Gurgaon TMT : Industry convergence offers TMT (Technology, Media & Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth. We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of M&A strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future – building a better working world for all. ASU - TR - Technology Risk : Assurance’s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by: Ensuring their accounts comply with the requisite audit standards Providing a robust and clear perspective to audit committees and Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities Technical Excellence Key skill sets required: Experience of working on IT Audits and advisory work such as FAIT, SOCR (SOC1, SOC2), SOX 404, ISO 27001, etc. Should have an understanding of what are the typical risks/challenges we encounter in these audits. Should have Understanding of Manage Change, Manage Access and Manage IT Operations Should have experience of working on ERP systems like SAP, Oracle etc so that they can conduct the IT audit on these systems Should be able to manage multiple clients independently at the same time and also provide regular status updates to both client and EY management. Ability to work on tight schedules and deadlines. Excellent written and verbal communication, interpersonal, networking, teaming and problem-solving skills. Initiative in keeping abreast of changing industry practices, analysis and design methods, tools and techniques and emerging technologies. Be highly flexible, adaptable, and creative. Willingness to work in different time-zones as required. Willingness to travel is an added benefit tentative countries of travel are Saudi, UAE, Bahrain. Skills and attributes To qualify for the role you must have Qualification To qualify for the role you must have: Sc. in Computers, B. Tech/ B.E. in Computers, BCA in Computers MCA in Computers, MS/ Sc. (Science) in Computers, M. Tech in Computers Charted Accountant with experience in handling technology risk related engagement Addon Skills & Certification: Beneficial if they have done CISA, CCSFP or any relevant certification Hands-on experience on SAP/ Oracle/ DevOps like environment Cyber Security Professional with hands on experience in implementing and reviewing cyber security security related solutions to identify and manage the cyber security risks (VA, PT, Secure configuration review, OWASP Top 10, IT Infrastructure Assessments, etc. Beneficial if have hands on experience on Generative AI related solutions in technology risk domain Experience Experience: 6+ years of experience of working on IT Audits and advisory work such as FAIT, SOCR (SOC1, SOC2), SOX 404, ISO 27001, etc. Should have experience of working and testing IT Application Controls and ITGCs and also understand how to prepare risk and control matrix’s. How to report issues/findings in an audit and ability to lead client meetings. Should have experience of drafting controls and report for Third-Party reporting, for example - SOC1/ SOC2 reports. Experience on HITRUST control testing will be an added advantage. Expectation is to manage the client and also the reporting manager vis a vis should have understanding of preparing Data Request Lists, Status Trackers etc. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Big 4 Experience Preferred What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach. What we offer With more than 200,000 clients, 300,000 people globally and 33,000 people in India, EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. EY is equally committed to being an inclusive employer and we strive to achieve the right balance for our people - enabling us to deliver excellent client service whilst allowing our people to build their career as well as focus on their wellbeing. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Position: Backend Engineer (Python) Experience: 6+ Years Work Mode: Hybrid Location: Hyderabad Job Responsibilities: Work closely with Cloud Engineering team members in architecting and designing cloud- based solutions. Ultrasound DICOM and Electronic Medical Record (EMR) interfaces. OAuth and Single Sign-on (SSO) interfaces with cloud applications. Workflow engine that automates and manages workflows in the applications. Assist in the architecture, design, and deployment of the full stack product. Build software that meets HIPAA and Cybersecurity requirements for medical products. Be part of a small, cross-functional product team working alongside product managers, design engineers, clinical engineers and software engineers. Meet all Quality Management System (QMS) requirements for design, development, testing and product release. Required Experience: 6+ years of software development experience with Python, Django and TypeScript/JavaScript. Experience with Terraform, CI/CD and AWS. Familiarity with medical imaging and interface protocols used in healthcare including DICOM, HL7, FIHR, LDAP and Single Sign-on (SSO) if preferable. Experience in architecting interaction with services and application deployments on AWS or other cloud platforms. Familiarity with containerization technologies such as Docker and Kubernetes. Experience with databases (SQL) and RESTful app frameworks. Desirable Experience: Familiarity with IEC 62304. Designing software that meets HIPAA, Cybersecurity and HITRUST requirements. Familiarity and experience with code level, unit level and system level test methodologies. Familiarity with the design control process for developing medical products. Additional Considerations (Shifts, Physical Requirements, etc.): Self-starter that is highly motivated and able to work in a fast-paced environment. Good business communication skills. Available to work with US teams with some overlap in PST hours. Job Type: Permanent Pay: ₹1,800,000.00 - ₹2,400,000.00 per year Location Type: In-person Experience: Python: 6 years (Required) Django: 4 years (Required) AWS: 5 years (Required) Terraform: 4 years (Required) Work Location: In person

Title: Lead QA Engineer Reporting to: Director, Product Development Location: Bengaluru (Bangalore) Get Well is seeking an experienced Lead QA Engineer to guide and mentor our QA team, champion best practices, and ensure the delivery of high-quality software solutions. You will serve as the key point of contact for all QA aspects of releases, coordinating QA resources and activities, and building robust test strategies and frameworks. This position reports directly to the Director, Product Development, collaborating with cross-functional teams to implement testing and automation strategies that ensure Get Well products and solutions have world class quality. Responsibilities Lead Get Well's global Quality Assurance team to ensure timely and stable releases Lead the testing efforts for all Get Well products Maintain release checklists/matrixes to ensure transparency of testing efforts Oversee, maintain, evaluate, and build upon our automated testing pipelines that run a few times a week overnight Continue to grow and improve automated testing technology and infrastructure Evaluate all production defects and enhance test scripts and automation to prevent future failures. Requirements 5+ years of experience testing SaaS products in a fast-paced, high growth environment, including both products at early stages as well as products that have gone through the full product lifecycle 2+ years experience in testing service oriented architectures that include decoupled, event based communication as well as API use 2+ year experience testing application delivered on AWS ecosystem technologies Deep knowledge and experience with testing automation frameworks and tools: Cypress, Playwright, Katalon, and pytest Experience in scripting with Python Experience in API contract testing Proven successful track record in juggling competing cross functional priorities simultaneously Both B2B and B2C SaaS experience and/or Healthcare Tech experience preferred; familiarity and experience with EMRs, health tech (e.g. FHIR, HITRUST, etc.), and other industry-specific domains Outstanding communication skills, both written and verbal Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations About Get Well: Now part of the SAI Group family, Get Well is redefining digital patient engagement by putting patients in control of their personalized healthcare journeys, both inside and outside the hospital. Get Well is combining high-tech AI navigation with high-touch care experiences driving patient activation, loyalty, and outcomes while reducing the cost of care. For almost 25 years, Get Well has served more than 10 million patients per year across over 1,000 hospitals and clinical partner sites, working to use longitudinal data analytics to better serve patients and clinicians. AI innovator SAI Group led by Chairman Romesh Wadhwani is the lead growth investor in Get Well. Get Well's award-winning solutions were recognized again in 2024 by KLAS Research and AVIA Marketplace. Learn more at Get Well and follow-us on LinkedIn and Twitter. Get Well is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. About SAI Group: SAIGroup commits to $1 Billion capital, an advanced AI platform that currently processes 300M+ patients, and 4000+ global employee base to solve enterprise AI and high priority healthcare problems. SAIGroup - Growing companies with advanced AI; https://www.cnbc.com/2023/12/08/75-year-old-tech-mogul-betting-1-billion-of-his-fortune-on-ai-future.html Bio of our Chairman Dr. Romesh Wadhwani: Team - SAIGroup (Informal at Romesh Wadhwani - Wikipedia) TIME Magazine recently recognized Chairman Romesh Wadhwani as one of the Top 100 AI leaders in the world - Romesh and Sunil Wadhwani: The 100 Most Influential People in AI 2023 | TIME Show more Show less

Opportunity: As the Director of Software Engineering at Get Well, you will lead the software engineering team in developing and scaling innovative healthcare solutions that improve patient care, optimize healthcare operations, and support cutting-edge technologies in a rapidly evolving industry. This leadership role requires a strategic thinker, hands-on technical expertise, and a passion for driving software innovation in the healthcare space. You will work closely with cross-functional teams to ensure software systems are secure, scalable, and comply with healthcare regulations. The Director of Ambulatory Software Engineering reports to the VP, Product Development, overseen by the SVP of Product Development Responsibilities : Software Development Strategy: Execute on the strategic direction for software architecture and development practices, ensuring that they meet business requirements and customer needs in the healthcare space. Drive the development and implementation of scalable and secure software systems. Manage software development life cycle (SDLC) from planning through deployment and ongoing maintenance. Collaboration & Stakeholder Management: Work closely with product management, operations, sales and customer success teams to define project requirements and deliver on timelines and performance expectations. Ensure alignment between engineering efforts and business priorities, ensuring that the team is focused on building impactful and high-value products. Interface with senior leadership to provide updates on engineering performance, project progress, and resource needs. Leadership & Team Management: Build and maintain a team of high-performing software engineers Lead, mentor, and manage software engineers, ensuring alignment with company goals and engineering best practices. Provide guidance in career development, performance reviews, and professional growth for direct reports. Foster a collaborative, innovative, and inclusive engineering culture that drives continuous improvement and technical excellence. Innovation & Continuous Improvement: Stay up to date with the latest technology trends, healthcare regulations, and software development methodologies to ensure the organization remains at the forefront of healthcare Technology. Encourage a culture of experimentation and innovation, exploring new technologies that can drive value in healthcare applications. Identify and lead initiatives to improve development processes, software quality, and operational efficiency. Regulatory Compliance & Security: Ensure all software products adhere to relevant regulatory standards such as HIPAA, Hitrust, SOC2, FedRAMP, FDA guidelines, and other healthcare compliance requirements. Lead security initiatives to ensure the protection of sensitive healthcare data and privacy for users, following best practices in data encryption and cybersecurity. Requirements: Bachelor's or Master's degree in Computer Science, Engineering, or a related field. 7+ years of experience in software engineering with at least 4 years in a leadership or managerial role, preferably within the healthcare technology sector. Proven track record of leading software engineering teams to deliver complex, large-scale healthcare software solutions. Experience working with healthcare data systems, EHR/EMR software, telemedicine, or health analytics platforms is highly desirable. Strong technical expertise in software engineering, including expertise with cloud technologies (AWS, Azure), backend systems, databases, and frontend development. Deep understanding of healthcare regulations, data privacy laws (HIPAA, HITECH), and industry standards. Experience in developing within a SOA or microservice architecture. Understanding of serverless and containerized services. Proficient in Agile development methodologies (Scrum, Kanban), with experience managing teams using Agile frameworks. Exceptional problem-solving skills with the ability to communicate complex technical concepts to non-technical stakeholders. Strong leadership and mentoring skills with a focus on building a high-performing engineering team. Excellent communication and interpersonal skills, with the ability to work collaboratively across departments. Strategic mindset with a passion for solving problems in the healthcare technology space. A proactive and results-oriented leader, able to thrive in a fast-paced, rapidly evolving environment. Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations About Get Well Technology: Excellent candidates have familiarity with the following technologies: Languages: Enterprise Java, Python, NodeJS, Javascript, SQL Modern Javascript frameworks, e.g. React, VueJS, Angular Single page applications AWS Core Technologies: ECS, EC2, Lambda, SQS, MSK, Bedrock, SES/Pinpoint, RDS/Aurora, API Gateway, Step Functions Relational and document DBMS US Healthcare interoperability technologies: HL7, FHIR, SMART EHR technology: Epic, Oracle Health Cerner US Healthcare coding systems: ICD-10, HCPCS, SNOMED, CPT, etc. About Get Well: Now part of the SAI Group family, Get Well is redefining digital patient engagement by putting patients in control of their personalized healthcare journeys, both inside and outside the hospital. Get Well is combining high-tech AI navigation with high-touch care experiences driving patient activation, loyalty, and outcomes while reducing the cost of care. For almost 25 years, Get Well has served more than 10 million patients per year across over 1,000 hospitals and clinical partner sites, working to use longitudinal data analytics to better serve patients and clinicians. AI innovator SAI Group led by Chairman Romesh Wadhwani is the lead growth investor in Get Well. Get Well's award-winning solutions were recognized again in 2024 by KLAS Research and AVIA Marketplace. Learn more at Get Well and follow-us on LinkedIn and Twitter. Get Well is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. About SAI Group: SAIGroup commits to $1 Billion capital, an advanced AI platform that currently processes 300M+ patients, and 4000+ global employee base to solve enterprise AI and high priority healthcare problems. SAIGroup - Growing companies with advanced AI; https://www.cnbc.com/2023/12/08/75-year-old-tech-mogul-betting-1-billion-of-his-fortune-on-ai-future.html Bio of our Chairman Dr. Romesh Wadhwani: Team - SAIGroup (Informal at Romesh Wadhwani - Wikipedia) TIME Magazine recently recognized Chairman Romesh Wadhwani as one of the Top 100 AI leaders in the world - Romesh and Sunil Wadhwani: The 100 Most Influential People in AI 2023 | TIME Show more Show less

Opportunity: As the Director of Software Engineering at Get Well, you will lead the software engineering team in developing and scaling innovative healthcare solutions that improve patient care, optimize healthcare operations, and support cutting-edge technologies in a rapidly evolving industry. This leadership role requires a tactical thinker, hands-on technical expertise, and a passion for driving software innovation in the healthcare space. You will work closely with cross-functional teams to ensure software systems are secure, scalable, and comply with healthcare regulations. Responsibilities: Software Development Strategy: Execute on the strategic direction for software architecture and development practices, ensuring that they meet business requirements and customer needs in the healthcare space. Drive the development and implementation of scalable and secure software systems. Manage software development life cycle (SDLC) from planning through deployment and ongoing maintenance. Collaboration & Stakeholder Management: Work closely with product management to define project requirements and deliver on timelines and performance expectations. Ensure alignment between engineering efforts and business priorities, ensuring that the team is focused on building impactful and high-value products. Interface with senior leadership to provide updates on engineering performance, project progress, and resource needs. Leadership & Team Management: Build and maintain a team of high-performing software engineers Lead, mentor, and manage software engineers, ensuring alignment with company goals and engineering best practices. Provide guidance in career development, performance reviews, and professional growth for direct reports. Foster a collaborative, innovative, and inclusive engineering culture that drives continuous improvement and technical excellence. Innovation & Continuous Improvement: Stay up to date with the latest technology trends, healthcare regulations, and software development methodologies to ensure the organization remains at the forefront of healthcare technology. Encourage a culture of experimentation and innovation, exploring new technologies that can drive value in healthcare applications. Identify and lead initiatives to improve development processes, software quality, and operational efficiency. Regulatory Compliance & Security: Ensure all software products adhere to relevant regulatory standards such as HIPAA, Hitrust, SOC2, FedRAMP, FDA guidelines, and other healthcare compliance requirements. Lead security initiatives to ensure the protection of sensitive healthcare data and privacy for users, following best practices in data encryption and cybersecurity. Requirements: Bachelor's or Master's degree in Computer Science, Engineering, or a related field. 7+ years of experience in software engineering with at least 4 years in a leadership or managerial role, preferably within the healthcare technology sector. Proven track record of leading software engineering teams to deliver complex, large-scale healthcare software solutions. Experience working with healthcare data systems, EHR/EMR software, telemedicine, or health analytics platforms is highly desirable. Strong technical expertise in software engineering, including expertise with AWS cloud technologies, backend systems, databases, and frontend development. Deep understanding of healthcare regulations, data privacy laws (HIPAA, HITECH), and industry standards. Proficient in Agile development methodologies (Scrum, Kanban), with experience managing teams using Agile frameworks. Exceptional problem-solving skills with the ability to communicate complex technical concepts to non-technical stakeholders. Strong leadership and mentoring skills with a focus on building a high-performing engineering team. Excellent communication and interpersonal skills, with the ability to work collaboratively across departments. Strategic mindset with a passion for solving problems in the healthcare technology space. A proactive and results-oriented leader, able to thrive in a fast-paced, rapidly evolving environment. Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations About Get Well Technology: Excellent candidates have familiarity with the following technologies: Languages: Enterprise Java, Python, NodeJS, Javascript, SQL Modern Javascript frameworks, e.g. React, VueJS (Preferred), Angular Single page applications Experience with Mobile Application Development / Deployment AWS Core Technologies: ECS, EC2, Lambda, SQS, MSK, Bedrock, SES/Pinpoint, RDS/Aurora, API Gateway, Step Functions Relational and document DBMS - Postgres, MariaDB, MongoDB US Healthcare interoperability technologies: HL7, FHIR, SMART EHR technology: Epic, Oracle Health Cerner About Get Well: Now part of the SAI Group family, Get Well is redefining digital patient engagement by putting patients in control of their personalized healthcare journeys, both inside and outside the hospital. Get Well is combining high-tech AI navigation with high-touch care experiences driving patient activation, loyalty, and outcomes while reducing the cost of care. For almost 25 years, Get Well has served more than 10 million patients per year across over 1,000 hospitals and clinical partner sites, working to use longitudinal data analytics to better serve patients and clinicians. AI innovator SAI Group led by Chairman Romesh Wadhwani is the lead growth investor in Get Well. Get Well's award-winning solutions were recognized again in 2024 by KLAS Research and AVIA Marketplace. Learn more at Get Well and follow-us on LinkedIn and Twitter. Get Well is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. About SAI Group: SAIGroup commits to $1 Billion capital, an advanced AI platform that currently processes 300M+ patients, and 4000+ global employee base to solve enterprise AI and high priority healthcare problems. SAIGroup - Growing companies with advanced AI; https://www.cnbc.com/2023/12/08/75-year-old-tech-mogul-betting-1-billion-of-his-fortune-on-ai-future.html Bio of our Chairman Dr. Romesh Wadhwani: Team - SAIGroup (Informal at Romesh Wadhwani - Wikipedia) TIME Magazine recently recognized Chairman Romesh Wadhwani as one of the Top 100 AI leaders in the world - Romesh and Sunil Wadhwani: The 100 Most Influential People in AI 2023 | TIME Show more Show less

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech. The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally. Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States. It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment's notice, and mastering consistency in an ever-changing world. What We Offer: At TaskUs, we prioritize our employees' well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First. Security Compliance Analyst Role Description Oversight and implementation of system-wide information security strategies and solutions. A significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings. To manage and improve overall information security, Monitoring and compliance using processes, procedures, and automation. Security Compliance Analyst (SCA) Responsibilities: Security and Privacy : SCA must read, understand, and implement the responsibilities and measures described in the client GOPs. Ownership and Accountability : Is responsible for functional testing and commissioning of security equipment at the site. Completing sets of Owner's Operation and Maintenance Manuals and other information necessary for use and upkeep of the physical security system. Safeguarding people data and assets through validation of the Client's global policy compliance and identification of gaps. Driving accountability through increased awareness and understanding of risks associated with physical security gaps. Employees Awareness and Training : Educate and inspire other key site stakeholders to recognize and own compliance with Client's Global Security Standards. Must complete initial training housed in KNET, and complete annual refresher trainings afterwards. Must complete all other security-oriented training administered by Client's and the GO partner. Should serve as a resource for other employees, and SCA should partner with Learning and Development to ensure all employees complete requisite training. Milestones and Program Performance : Ensure site performance meets and/or exceeds the standards and SLA's set forth by the Client's CS Compliance team, MSA, policies, standards, and this guide. Ensure the on-time completion of all Corrective Action Plans (CAPs), and delivery of requisite support to Client's Compliance as evidence of completion. Proactive notification of Client's Compliance and VM in the event a CAP will not be completed before the assigned due date. Should describe mitigating controls, if any, and communicate a revised timeline agreeable to Client's. Other Compliance Responsibilities Work with technicians throughout the company in implementing, maintaining and constantly improving information security practices, while managing and maintaining efforts in the areas of Information Security, Governance, Risk and Compliance. Support the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001. Responsible for policy assessment of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of internal and external security audits and recommendations. Serve as audit liaison, compiling all evidence/documentation requests and reporting on the progress of audits to InfoSec and IT leadership. Assist in the development and maintenance of security operations procedures and processes and work with the business units outside of InfoSec to formally document policies and procedures Security Compliance Analyst Qualifications Requirements: Bachelor's degree in MIS/Computer Science or Business and/or combination of education and relevant experience Good to have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP, CCIE or CEH. At least 3-5 years of experience, focused on IT security and/or Physical Security Management. Hands-on experience in compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001 Has an IT technical understanding and aptitude for analytical problem-solving; understands enterprise computing environments, distributed applications, and understanding of networks Proficient is the English language, including both in writing and speaking. Previous background working on system hardening processes, tools, guidelines and benchmarks Has good Project Management skills with the ability to self-start projects Can handle sensitive and/or confidential material and information with suitable discretion About TaskUs TaskUs is a leading provider of outsourced digital services and next-generation customer experience to the world's most innovative companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery and ride-sharing, Technology, FinTech and HealthTech. TaskUs had a worldwide headcount of approximately 60000 people across 32 locations in 13 countries, including the United States, the Philippines and India. In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics and circumstances. Inclusive and equitable practices is our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodation in any part of the hiring process, please let us know. "Please take note that TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs." How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs. DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know. We invite you to explore all TaskUs career opportunities and apply through the provided URL https://www.taskus.com/careers/ . Show more Show less

Position: DevOps Engineer Experience Required: 4+ years Employment Type: Full-Time Location: Pune Role Summary: We are seeking skilled DevOps Engineers with at least 4 years of experience in managing cloud infrastructure, automation, and modern CI/CD workflows. This role requires strong hands-on expertise in designing, deploying, and maintaining scalable cloud environments using Infrastructure-as-Code (IaC) principles. Candidates must be comfortable working with container technologies, cloud security, networking, and monitoring tools to ensure system efficiency and reliability in large-scale applications. Key Responsibilities: Design and manage cloud infrastructure using platforms like AWS, Azure , or GCP . Write and maintain Infrastructure-as-Code (IaC) using tools such as Terraform or CloudFormation . Develop and manage CI/CD pipelines with tools like GitHub Actions, Jenkins, GitLab CI/CD, Bitbucket Pipelines , or AWS CodePipeline . Deploy and manage containers using Kubernetes, OpenShift, AWS EKS, AWS ECS , and Docker . Ensure security compliance with frameworks including SOC 2, PCI, HIPAA, GDPR , and HITRUST . Lead and support cloud migration projects from on-premise to cloud infrastructure. Implement and fine-tune monitoring and alerting systems using tools such as Datadog, Dynatrace, CloudWatch, Prometheus, ELK , or Splunk . Automate infrastructure setup and configuration with Ansible, Chef, Puppet , or equivalent tools. Diagnose and resolve complex issues involving cloud performance, networking , and server management . Collaborate across development, security, and operations teams to enhance DevSecOps practices. Required Skills & Experience: 3+ years in a DevOps, cloud infrastructure , or platform engineering role. Strong knowledge and hands-on experience with AWS Cloud . In-depth experience with Kubernetes, ECS, OpenShift , and container orchestration. Skilled in writing IaC using Terraform , CloudFormation , or similar tools. Proficiency in automation using Python, Bash , or PowerShell . Familiar with CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD , or Bitbucket Pipelines . Solid background in Linux distributions (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server environments. Strong grasp of networking concepts : VPCs, subnets, load balancers, firewalls, and security groups. Experience working with monitoring/logging platforms such as Datadog, Prometheus, ELK, Dynatrace, etc. Excellent communication skills and a collaborative mindset. Understanding of cloud security practices including IAM policies, WAF, GuardDuty , and vulnerability management . Preferred/Good-to-Have Skills: Exposure to cloud-native security platforms (e.g., AWS Security Hub, Azure Security Center, Google SCC). Familiarity with regulatory compliance standards like SOC 2, PCI, HIPAA, GDPR , and HITRUST . Experience managing Windows Server environments in tandem with Linux. Understanding of centralized logging tools such as Splunk, Fluentd , or AWS OpenSearch . Knowledge of GitOps methodologies using tools like ArgoCD or Flux . Background in penetration testing, threat detection , and security assessments . Proven experience with cloud cost optimization strategies . A passion for coaching, mentoring , and sharing DevOps best practices within the team. Show more Show less

Role Overview We are looking for experienced DevOps Engineers (4+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices. Skills: gitlab ci/cd,ci/cd,cloud security,infrastructure-as-code (iac),terraform,github actions,windows server,devops,security,cloud infrastructure,linux,puppet,ci,aws,chef,scripting (python, bash, powershell),infrastructure,azure,cloud,networking,gcp,automation,monitoring tools,kubernetes,log management,ansible,cd,jenkins,containerization,monitoring tools (datadog, prometheus, elk) Show more Show less

Job Description About Us : Tsaaro is dedicated to Data Privacy and Security as its core focus. Our team comprises specialized data privacy consultants, information security experts, and penetration testers, all working to empower our clients with seamless and highly efficient security solutions. Our approach is centered around customization, understanding the unique needs of each organization, and finding solutions that align with their budget and resource constraints. At Tsaaro, we adopt a pragmatic, risk-based strategy to deliver practical and effective advice. By providing real-world guidance, support, and actionable recommendations, we confidently equip our clients to address a broad spectrum of security and privacy challenges. Responsibilities As a Senior Data Privacy Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 2-3 years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> Show more Show less