5028 Information Security Jobs - Page 15

The Advanced Cybersecurity Architect is responsible for providing application and system level security expertise and mentoring to Aerospace products. As an integral member of our global product security community, support product security activities aligned to the Secure Development Lifecycle process across Aero products. Key Responsibilities: Good understanding of Design Objectives DO-178B/C, DO-326A, DO-355, and DO-356A to support continuous Airworthiness of an aircraft from safety and security aspects. Experience in Certifying and meeting the compliance for the Embedded products that run in an Aircraft cockpit with Certifying Authorities like FAA, and EASA. Lead efforts with the development teams to manage product risk and apply the appropriate security controls. Experience in driving secure architecture by design, security risk assessment, defense-in-depth approach, multilayer security controls, identifying the gaps, and defining the remediation approach by using the security controls during the risk assessment. Expert in threat modeling of both Embedded products as well as web applications and effectively communicating the security risks to the program teams in advance. Experience in providing security architecture guidance and support to a large development organization to support security by design principles. Good understanding of Cryptographic principles, Hashing, Certificate Management, Symmetric, and Asymmetric algorithms. Drive best in class security requirements into product and service offerings. Provide architecture and best practices guidance in building secure Honeywell products. Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for Aerospace applications. Must have product architecture and development background with Secure software development lifecycle experience. Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Have experience in developing, securing, and driving security requirements recommendations for, Embedded & IIOT based Avionics Products, on RTOS platforms such as VxWorks, Deos. , Experience with securing Commercial Cloud, Hybrid and private cloud deployed applications, Containers, and VMs, through secure configurations and performing periodic security reviews. Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice Lead new initiatives that add value to SDL processes and procedures YOU MUST HAVE: Bachelor s degree or equivalent work experience in Cyber Security or Information Technology Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders 6+ years Cyber Security or Information Technology experience WE VALUE: Understanding of Agile software development practices. Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Developing secure systems, web application penetration testing or application security consultant Azure, AWS or GCP Security or Solutions Architecture certifications Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools Sound understanding of Cryptography, encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. An effective communicator with excellent relationship management skills and strong analytical, leadership, decision-making, and problem-solving skills. Ability to lead, motivate and direct a workgroup. Strong leadership and team-building skills. Manage stakeholders across business verticals & regions. Must be a Firm believer in continuous learning, upskilling the team competency on new-age skills and developing the capabilities of new technologies. WE VALUE: Understanding of Agile software development practices. Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Developing secure systems, web application penetration testing or application security consultant Azure, AWS or GCP Security or Solutions Architecture certifications Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools Sound understanding of Cryptography, encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. An effective communicator with excellent relationship management skills and strong analytical, leadership, decision-making, and problem-solving skills. Ability to lead, motivate and direct a workgroup. Strong leadership and team-building skills. Manage stakeholders across business verticals & regions. Must be a Firm believer in continuous learning, upskilling the team competency on new-age skills and developing the capabilities of new technologies.

The Product Security Architect is responsible for providing application and system level security expertise and mentoring to IA products. As an integral member of our global product security community, support product security activities aligned to the Secure Development Lifecycle process across Aero products. YOU MUST HAVE: Bachelor s degree or equivalent work experience in Cyber Security or Information Technology 6+ years experience in Cyber Security. Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders Knowledge of secure software development lifecycle Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment Product architecture and development background Software engineering or development experience Secure software development lifecycle experience Knowledge of penetration testing Familiarity of security regulations and standards Understanding of Agile software development practices. WE VALUE: Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools YOU MUST HAVE: Bachelor s degree or equivalent work experience in Cyber Security or Information Technology 6+ years experience in Cyber Security. Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders Knowledge of secure software development lifecycle Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment Product architecture and development background Software engineering or development experience Secure software development lifecycle experience Knowledge of penetration testing Familiarity of security regulations and standards Understanding of Agile software development practices. WE VALUE: Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools Lead efforts with the development teams to manage product risk and apply the appropriate security controls Drive best in class security requirements into product and service offerings. Provide architecture and best practices guidance in building secure Honeywell products. Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for IA applications. Must have product architecture and development background with Secure software development lifecycle experience. Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Containers, and VMs, through secure configurations and performing periodic security reviews. Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice Lead new initiatives that add value to SDL processes and procedures Lead efforts with the development teams to manage product risk and apply the appropriate security controls Drive best in class security requirements into product and service offerings. Provide architecture and best practices guidance in building secure Honeywell products. Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for IA applications. Must have product architecture and development background with Secure software development lifecycle experience. Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Containers, and VMs, through secure configurations and performing periodic security reviews. Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice Lead new initiatives that add value to SDL processes and procedures

ECMS Requirement Format Number of Openings 1 ECMS ID in sourcing stage Demand 406461Y25 / ECMS ID 534093 Assignment Duration 12 Months Total Yrs. of Experience 12+ Relevant Yrs. of experience 5+ Detailed JD (Roles and Responsibilities) Senior Engineer Customer IAM Work on the end-to-end Customer IAM vision and strategy in alignment with the firms strategic technical direction, the Technology Services Strategy, and the Organisation Cyber Information Security Strategy and overall Identity & Access Management Lead engineering in CIAM. Managing the technical design, overseeing senior engineers and vendor consultants and coordinating engineering delivery in a POD in CIAM Contribute to the CIAM technical vision and strategy and support the development of architecture and engineering skills within the team Mandatory skills You must have hands on experience with a few Enterprise IAM Products from vendors such as Ping Identity, ForgeRock, IBM, Okta, Transmit Security, RSA, biometrics, identity proofing, ideally in Customer IAM scenarios Working knowledge with Internet Facing Applications (Application Firewalls, DMZ, proxies) and solid understanding of Security Architecture and enterprise architecture practices, strategies, processes and methodologies, bringing a passion for strategy, architecture and software engineering excellence Confident, assertive, and effective communicator with strong influencing skills and able to prepare high quality presentation materials and deliver professional presentations to senior level audience Ability to drive architecture good practice and encouraging creative or forward-thinking in matrix organisation with strong interpersonal skills that enable you to quickly gain trust and build up efficient relationships to collaborate with internal partners on global & regional initiatives Experience working in the financial industry (or regulated industry) in a similar role is an advantage Security certification is an advantage: CISSP, CISA, CSSLP, TOGAF Knowledge and experience working with Agile practices and practical experience with DevOps and SRE would be beneficial Desired/ Secondary skills Domain FS Max Vendor Rate in Per Day (Currency in relevance to work location) 17000 INR / day Work Location given in ECMS ID Pune WFO/WFH/Hybrid WFO WFO BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO NO

ECMS Requirement Format Number of Openings 1 ECMS ID in sourcing stage Demand 406407Y25 / ECMS ID 534111 Assignment Duration 12 Months Total Yrs. of Experience 7 Relevant Yrs. of experience 4 Detailed JD (Roles and Responsibilities) Firewall Risk & Cloud Security Analyst Mandatory skills At least 3-5 years of IT Security / Information Security experience, ideally in a Network Operations Center (NOC) or Security Operations Center (SOC) of a large organization. Experience in network security, firewall policy configuration. Knowledge of security processes in a large organization, including the definition and follow-up of standard operational procedures, incident and problem management and change requests. Ability to communicate IT security issues to other business areas in technical and non-technical language. Knowledge of Tufin SecureTrack and SecureChange is an advantage Knowledge of ServiceNow is an advantage. Knowledge of Azure and NSGs would be an advantage Desired/ Secondary skills Domain FS Max Vendor Rate in Per Day (Currency in relevance to work location) 16000 INR / day Work Location given in ECMS ID Pune / Hyderabad WFO/WFH/Hybrid WFO WFO BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO NO

About Workato Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration, Workato helps businesses globally streamline operations by connecting data, processes, applications, and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time, driving efficiency and agility. Trusted by a community of 400, 000 global customers, Workato empowers organizations of every size to unlock new value and lead in today s fast-changing world. Learn how Workato helps businesses of all sizes achieve more at workato. com . Ultimately, Workato believes in fostering a flexible, trust-oriented culture that empowers everyone to take full ownership of their roles . We are driven by innovation and looking for team players who want to actively build our company. But, we also believe in balancing productivity with self-care . That s why we offer all of our employees a vibrant and dynamic work environment along with a multitude of benefits they can enjoy inside and outside of their work lives. If this sounds right up your alley, please submit an application. We look forward to getting to know you! Also, feel free to check out why: Business Insider named us an enterprise startup to bet your career on Forbes Cloud 100 recognized us as one of the top 100 private cloud companies in the world Deloitte Tech Fast 500 ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America Quartz ranked us the #1 best company for remote workers Responsibilities We are looking for an exceptional Security Engineer to join our growing team. In this role, y ou will also be responsible to: Responsible for incident management and response within Security Operations. Investigate security alerts and perform deep analysis on security incidents. Develop and implement detections and mitigation strategies for security threats. Automate detection and response workflows using SOAR/SIEM platforms Implement custom security automation using scripting (Python, Bash) or Workato recipes . Collaborate with Product Engineering, DevOps, and Business Technology teams to align security initiatives with business objectives. Familiarity with Infrastructure as Code (IaC) tools like Terraform and CloudFormation, including integration with IaC scanning tools. Participate in on-call rotation to provide coverage for security incidents. Contribute to the development and enhancement of Workato s AI-driven security automation initiatives . Requirements Qualifications / Experience / Technical Skills 2-4 years of experience in similar SOC related roles, explicitly in responding to and actioning on security incidents or Security operations . Deep understanding of cloud security principles with hands-on experience in AWS (preferred), Azure, or GCP. Experience analyzing, triaging, and remediating common information security incidents. Understanding of common attacker tactics, tools, and techniques. Experience responding to security incidents on Kubernetes. Skilled in scripting (Python, PowerShell) for automating security workflows. Experience integrating SIEM, SOAR, EDR, and CASB tools for end-to-end threat detection and response. Familiar with cloud governance tools (e. g. , Cloud Custodian, Stacklet). Hands-on experience in crafting custom policies as code tailored to the company security landscape is a plus. Familiarity with security Iac tools. Hands-on experience with IaC security , including scanning tools and CI/CD security best practices is a plus. Strong communication and documentation skills with a collaborative approach to cross-functional engagement. Comfortable working with Mac OS, Linux, and Windows environments. Familiarity with AI-driven security automation , including use of LLMs or AI workflows for automated threat detection and response. Relevant certifications such as Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC) or Computing Technology Industry Association Security (CompTIA Sec+), AWS Certified Security Specialty (preferred), Azure Security Engineer, or GCP Professional Cloud Security Engineer are preferred Soft Skills / Personal Characteristics Strong problem-solving and analytical skills with an automation-first mindset. Excellent communication and collaboration skills to work across teams. Ability to work autonomously in a fast-paced, cross-functional environment and comfortable with ambiguity (REQ ID: 2192)

Its fun to work in a company where people truly BELIEVE in what theyre doing! Job Description Summary: As a Network Engineer with Rocket Software, you are part of a global, fast-paced IT organization with a primary mission to provide world class service to software development labs and internal departments ensuring our employees have access and communication systems to perform as the highest level. You will implement equipment installation plans based on specifications, maintain each component of the network and troubleshoot issues. You are responsible for monitoring and maintaining Rocket Software s corporate network and voice components, assessing the functionality of the network routers, switches and related equipment ensuring all network and voice equipment is maintained to corporate and industry standard best practices. You will participate on teams to design and deliver complex network infrastructure and mentor junior team members. Essential Duties and Responsibilities : Maintain and monitor network infrastructure for availability and performance. Maintain the company phone system and work closely with telecom service providers to ensure circuit availability and reliability. Respond to network and voice related incidents, troubleshoot and assess and provide remediation plans. Maintain network and voice standard operating procedures, diagrams and maintenance plans. Collaborate with third-party support and service vendors to ensure the network stays operational. Required Qualifications: 3+ year of experience with Voice Systems, Cloud Voice environments, AWS, and Call Manager. 2+ year of experience with MS Teams. Working knowledge of networking, routing, and switching. Excellent customer service-oriented attitude and desire to support end users with issues of varying degrees of complexity. Excellent interpersonal skills. Thorough understanding of troubleshooting voice systems Ability and motivation to learn new technologies quickly and with minimal support and guidance. Ability and motivation to mentor staff members and share knowledge. Effective written and verbal communication skills. Desire and ability to document configurations in support of a larger team. Preferred Qualifications: 3+ years of experience in building and managing enterprise voice systems in a global environment. Education: Bachelor s Degree in Information Technology preferred. Travel Requirements: Minimal Information Security: Information security is everyone s responsibility. A fundamental principle of information security at Rocket Software is that all individuals in the organization have a responsibility for the security and protection of company information and IT Resources over which they have control, according to their role. Diversity, Inclusion & Equity: At Rocket we are committed to an inclusive workplace environment, where every Rocketeer can thrive by bringing their full selves to work. Being a Rocketeer means you are part of our movement to continually drive inclusivity, diversity and equity in our workforce. . Rocket is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. If you need special assistance or an accommodation while seeking employment, please call: 781-577-4321 or send an email to people@rocketsoftware. com. We will make a determination on your request for reasonable accommodation on a case-by-case basis. If you like wild growth and working with happy, enthusiastic over-achievers, youll enjoy your career with us!

Educational Requirements Bachelor of Engineering Service Line Information Systems Responsibilities Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, Business Administration, or related field. Basic understanding of SAP ERP systems (SAP ECC or S/4HANA). Familiarity with concepts of risk, compliance, and internal controls. Strong analytical and problem-solving skills. Good communication and documentation skills. Willingness to learn and grow in the SAP GRC domain. Additional Responsibilities: Career Path:This role offers a clear path to becoming a SAP GRC Consultant, Risk Analyst, or Compliance Specialist with opportunities to specialize in areas like audit. Technical and Professional Requirements: Preferred (Nice to Have): Internship or academic project experience with SAP or GRC tools. Knowledge of IT General Controls (ITGC) and audit frameworks (e.g., SOX, ISO 27001). SAP GRC certification or training. Preferred Skills: Technology-SAP Technical-SAP Security

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

As a PC@IBM Windows Engineer, you will be responsible for designing, managing, configuring, and maintaining PC@IBM’s M365 tenant for managing IBM employee devices. You will ensure the availability, security, and reliability of PC@IBM services while collaborating with various teams to meet their technical requirements. Your responsibilities will include: Implement and manage policies required for IBM security compliance. Monitor Microsoft Intune service health, swiftly addressing issues to maintain system integrity. Implement stringent security measures such as multi-factor authentication. Conduct regular security assessments to strengthen data protection and ensure compliance with regulations. Develop detailed user documentation to facilitate system navigation and troubleshooting. Design and implement backup strategies and disaster recovery plans to safeguard M365 data. Employ PowerShell for monitoring system performance and service metrics, proactively identifying potential issues. Required education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise: Overall 10+ years of experience in security and compliance roles. In-depth knowledge of compliance frameworks such as NIST, CMMC, ITAR/EAR, GDPR, HIPAA, and PCI. Expertise in Intune MDM for device security and management. Strong understanding of Microsoft 365 security and compliance capabilities. Excellent analytical and problem-solving skills. Ability to work in a fast-paced, high-stakes environment. Preferred technical and professional experience Preferred Professional and Technical Expertise: Mastery in PowerShell for automation and system management. Exceptional problem-solving skills and the ability to communicate complex technical concepts clearly.

Job Profile: TheProcurement-SupplierQualification will play a crucial role within the Client Supplier Governance team. This role involves supporting various stages of supplier governance, from initial risk assessments through to ongoing due diligence and reporting. The incumbent will be responsible for facilitating initial supplier risk screenings, conducting initial and ongoing due diligence, providing reporting support, and ensuring adherence to business rules and requirements. Key Responsibilities: Supplier Risk Assessment Support: - Assist business/contract owners in completing the assessment questionnaire. - Guide them through navigating secondary risk teams. - Report the outcomes of the questionnaires. - Repeat assistance as necessary until satisfactory completion. Due Diligence Questionnaire Support: - Distribute the due diligence questionnaire to relevant parties. - Validate that responses align with Telstra's business rules and requirements. - Trigger appropriate actions based on Procurement and Specialist Risk Teams' inputs. - Identify required follow-up actions, track their progress, and report status. Ongoing Supplier Due Diligence: - Monitor contract and supplier risk alerts, triaging and escalating as per business rules. - Maintain currency of questionnaire responses and supplier information. - Track activities needed for remediation of identified gaps in questionnaires. - Provide support in updating and maintaining the Risk Framework. - Offer reporting support for risk-related activities. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise - Relevant degree in Supply Chain Management, Business Administration, or a related field. - Proven experience in supplier governance, risk management, or procurement. - Strong understanding of procurement processes and risk management principles. - Excellent communication skills, with the ability to guide non-expert users. - Strong analytical skills, with the ability to interpret data and make informed decisions. - Proficient in using digital tools and systems for questionnaire distribution, tracking, and reporting. - Ability to work independently and as part of a team, managing multiple tasks simultaneously - Vendor Onboarding, Supplier Risk Governance, Vendor Management, Third Party Risk Management, Supplier Management

As an Associate Developer at IBM, you'll work with clients to co-create solutions to major real-world challenges by using best practice technologies, tools, techniques, and products to translate system requirements into the design and development of customized systems. In your role, you will be responsible for Your primary responsibilities include: Working on the end-to-end feature development and solving challenges faced in the implementation. Collaborate with key stakeholders, internal and external, to understand the problems, issues with the product and features and solve the issues as per SLAs defined. Being eager to learn new technologies and implementing the same in feature development Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Hands on extensive experience on RPG language on AS/400 System I and have worked on Production system and Application Development. 3+ years of relevant experience working on mainframes. * Should have technical expertise/hands on - Assembler, COBOL, JCL, CICS, VSAM, Inter-test, Fault Analyser, File-Manager, Control-M/Any other Scheduler etc. Should have expertise working on JIRA/Confluence/SharePoint/Any Change management tool (Remedy/My service/Service now etc.) Message Types and Transaction flows Preferred technical and professional experience Processing between Acquirers, Issuer & Acquiring gateways etc. Interact with different stake holders, gather and articulate the Requirements. Good communications skills to deal with the clients directly and set up calls to bring the Business and Delivery inline

Role is SAP subject matter expert/architect role for Security. Key responsibilities will involve working with Business Stakeholders, understanding requirements, translating user requirements into SAP IT scope, assessing impact on application & connected systems, estimating high level schedule and efforts to implement solution and ensure successful technical delivery Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Candidate must have min. 2-4 years of solid SAP Security Implementation experience with focus on Role authorizations. Solid implementation and hands-on experience in ECC 6.0 role build. Experience in working with stakeholders and leading SAP security projects. Sound understanding of SOD - segregation of duties. Support technical requirement gathering, develop prototypes/PoCs/recommend solutions with limited information from the business, delivery quality technical specifications and documentation Preferred technical and professional experience SOX/GRC Control experience

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

As an Assistant Vice President in the IT_Industries4.0_Digital TwinsBIM + IoT OPS_Coe department, you will be responsible for leading and managing the implementation of BIM (3D, 4D & 5D), Autodesk Revit, stormwater systems, clash detection, Navisworks, IoT, AI/ML, and CostX technologies. You will be expected to demonstrate a high level of business and commercial acumen, a global mindset, entrepreneurship, and people excellence. You will also need to have a strong focus on critical thinking, product and service management, IT application, and information security.

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Job Title: Senior Information Security Engineer (ISO, Compliance) Experience Required: 4-5 years in Information Security Location: Whitefield, Bengaluru -Hybrid Key Areas: SOC 2 Type 1 and Type 2, ISO 27001, GDPR, security governance, vendor security due-diligence, vendor security reviews and assessment, preparation of security checklist, security awareness/phishing simulation, management dashboards, manage key metrics for IT and Infosec. You can apply by filling the form : https://forms.gle/LGarRicG4jcFVWEX6 Roles & Responsibilities: Develop and finalize policies, procedures, and guidelines related to IT and Infosec domains in alignment with industry best practices (ISO 27001 , GDPR and SOC 2). Align internal IT and Infosec processes as per ISO 27001 and SOC 2 standards and security guidelines. Assist in defining and reviewing the key metrics for management reporting. Developing cyber security standards, including incorporating industry practices and applicable compliance requirements. Develop review checklists, questionnaires, and manage evidences to assist the IT vendor risk management process. Perform 3rd party security due-diligence reviews and periodic vendor risk assessments to assess vendor compliance. Coordinate with external stakeholders and auditors for IT and Infosec related reviews Coordinate for conducting periodic penetration testing exercises on in-scope applications and related infrastructure. Coordinate with stakeholders for timely closure of open risks. Assist in imparting security awareness training and executing phishing simulation exercises to employees. Assist IT and Infosec in gathering the metrics data and prepare management dashboards. Coordinate and facilitate SOC 2 audits, acting as the primary point of contact for the external auditor. Gather evidence and documentation to demonstrate compliance with SOC 2 requirements. Address any audit findings and implement corrective actions. Experience Should have 4-5 years of experience in information security domain and minimum Should have 4 of years in overall IT and Infosec governance related activities. Must have sound knowledge in defining processes, developing policies, procedures, and guidelines, and preparing management reporting dashboards. Must have experience in guiding teams with respect to SOC 2 requirements Developing and implementing enterprise governance, risk, and compliance strategy and solutions. Familiarity with industry standards and regulations including PCI, ISO27001, SOC 2, GDPR, CIS, NIST is desired. Candidates from BFSI experience will be preferred Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security implications.

Cybersecurity, third-party risk management -client audit role. Department overview: The Customer Experience Team, a new shared capability within Market Intelligence, partners closely with Sales, account management, and product to deliver a differentiated customer experience. This group enables our revenue team by overseeing customer success, revenue operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowerment of accelerated growth and delivery by putting the customer at the core of everything we do driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team, within Revenue Operations & Transformation, plays a crucial role in driving new revenue generation and ensuring superior customer satisfaction. The team supports key workflows such as RFPs, due diligence, risk assessments, client audits, and other customer inquiries, by providing high-quality proposals and relevant information throughout the pre- and post-sales cycles. Serving a diverse range of clients across various geographies, the team is committed to a client-first mindset, forging strong partnerships and delivering exceptional results. Position Summary: Track and maintain a central repository of all the issues, findings, and gaps identified by customers during due diligence and audits. Collaborate with product, technology, and functional teams to identify the best possible way to remediate client-identified gaps and answer client inquiries. Coordinate preparation, execution, and delivery of formal responses. Track and report weekly, biweekly, and monthly statistics on the open, remediated, and in-progress issues to the leadership and senior stakeholders. Foster positive relationships with customers, maintain open and transparent communication with the customer throughout the process, acknowledge receipt of audit findings and provide regular updates on progress. Develop a deep understanding of product solutions and platforms for effective communication. Maintain awareness of internal controls and audit/due diligence trends to ensure the process remains effective. Maintain thorough documentation of the entire audit findings process, including correspondence with the customer, supporting documentation provided, and actions taken to address issues or concerns. Lead Cross-Functional Programs & Projects: Oversee key milestones and activities; communicate program details, project risks, and mitigations to leadership, ensuring timely project completion. Develop and Manage Project Plans & Reporting: Create project plans, tools, reports, and narratives for identified programs. Re-prioritize based on impact and effort and provide tactical support for implementation. Education and experience: Bachelors degree in a related field, with 8+ years of project management and execution experience. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record in project delivery with excellent communication, time management, organizational, presentation, and stakeholder management skills. Demonstrated success in planning, directing, and implementing multiple, complex projects concurrently. Ability to set priorities independently and meet deadlines in a fast-paced environment. Experience working in a collaborative environment, building strong relationships at all organizational levels, and effectively working with diverse styles, skills, and cultures. Personal competencies: Exceptional communication and interpersonal skills, able to engage and influence stakeholders at all levels with flexibility and negotiation expertise to drive optimal outcomes. Strong analytical and problem-solving abilities, skilled in assessing complex data and developing actionable strategies. Self-motivated with a keen eye for detail, ensuring high-quality execution in all tasks. Highly proficient in managing multiple projects simultaneously, demonstrating adaptability as priorities shift, and showing creativity and perseverance in problem-solving. Demonstrates consistent creativity and initiative across all tasks and projects. Fosters strong collaborative relationships with internal teams, enhancing synergy and teamwork.

Application Security Risk Classification Analyst Project description Do you have the know-how to apply business analysis techniques to deliver process and control execution in Application Security area? Are you a committed and collaborative team player with an analytical and logical mind-set? Are you motivated to work in a complex, diverse and global environment? ASCA (Application Security Risk Classification (ASCA) is part of a global organization within Technology Information Security Office (TISO). Our services focus on Cyber Hygiene for applications and infrastructure, detecting/remediating/governing measures for cyber threats. . You'll be working as part of our global Application Security team. As an ASCA Analyst, you'll play an important role in ensuring the on-going cyber-security of our client. We offer flexibility in the workplace and equal opportunities to all our team members. Our team is global, diverse and collaborative as we work across organizations to keep our technology, applications and the businesses they support secure. Responsibilities We're looking for a ASCA business analyst to: On-board applications to Application Security Framework (ASF) in cooperation with the Software Component Manager (SWCM) Management of applications in scope of control processes and execution Management of the pipeline of the applications to be onboarded Coordinating entries to Application Security Management System Compliance reporting to stakeholders, including risk and compliance teams. Production Tollgate verification for releasing applications into Production environment. Skills Must have Your expertise Ideally 2-3 years of experience in applying cyber security analysis or administration, preferably in IT Security or Risk Management projects (Application Security area preferred). Experience with data analysis proficiency with Excel is a must. Ability to work independently on assigned tasks and driving them from start to completion. Ability to challenge and propose possible improvements (in various areas, e.g. process, reporting) Ability to explain complex concepts in a clear and concise manner Use to work with stakeholders on different levels of the organization Use to work in a demanding and variable environment Excellent written and verbal communication skills Fluent in English Nice to have Experience within Application Security area preferred

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We need skilled Ping Identity Engineer with strong experience implementing and supporting customer identity and access management (CIAM) solutions using the Ping Identity suite, including PingOne, Ping DaVinci, and PingFederate. You will design, deploy, and maintain modern CIAM capabilities, working closely with business stakeholders, developers, and security teams to deliver secure and seamless customer authentication experiences. Roles & Responsibilities:-Develop customer authentication and authorization workflows-Integrate with third-party identity providers, directories, and social logins-Configure PingOne platform (PingOne MFA, PingOne Risk, PingOne DaVinci orchestration)-Set up policies for adaptive authentication, step-up authentication, and user journeys-Implement PingFederate for SSO and federation use cases-Support provisioning and lifecycle management via PingOne-Ping DaVinci:Design and build drag-and-drop workflows for identity verification, fraud detection, and progressive profiling-Integrate DaVinci flows with APIs, third-party tools, and identity proofing services Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Knowledge of security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and compliance requirements. Additional Information:- The candidate should have minimum 5 years of experience in Ping Identity.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

As a highly experienced Principal, Application Security Engineer, you will play a crucial role in leading and evolving our global application security strategy. Your primary focus will be to ensure that our products and platforms are developed securely from the ground up and remain resilient in the face of an ever-changing threat landscape. Collaboration with engineering, product, DevOps, and Security teams will be key as you work to integrate security into our software development life cycle (SDLC), promote secure coding practices, and influence stakeholders and leaders throughout the organization. Your responsibilities will include developing application security strategies at a global level, designing and implementing secure applications, and consistently enhancing the SDLC process. You will conduct comprehensive security assessments, encompassing static and dynamic application security testing (SAST/DAST), threat modeling, web/mobile application and API penetration testing, and reviews of application architecture. Collaboration with various teams such as security operations, DevOps, development, networking, IT, and product teams will be essential to remediate issues and uphold a strong security posture. Additionally, you will contribute to the development and automation of security testing tools and processes, manage third-party penetration testing services, and deliver threat modeling training to development teams to bolster product security and mitigate risks. In the event of incident response (IR) activities related to application security, your assistance will be invaluable. To excel in this role, you should possess at least 7 years of experience in areas such as application security engineering, threat modeling, penetration testing, web application/API development (e.g., .NET/C#, Java, JavaScript), system administration, networking, and information security. Proficiency in web application/API testing, static code analysis, and web application vulnerability scanners is crucial. Industry certifications from reputable organizations like OffSec, SANS, or isc2 will be advantageous. Prior experience in a technical security engineering role involving mentorship or training is desirable. Effective communication skills, along with experience in presenting to both technical audiences and executive leadership, are important attributes for success in this position. This position is based in Mumbai/Bangalore and offers remote work flexibility. The ideal candidate should be able to join within 30 days. Join us in promoting United States Equal Opportunity Employment by being part of our dynamic team focused on enhancing application security and safeguarding our products and platforms.,

At bp, your most valuable asset is our people. The People, Culture & Communications (PC&C) function aims to cultivate a diverse and inclusive culture that enables everyone to thrive. As we evolve from being an oil company to an integrated energy company, the PC&C is undergoing a significant transformation to enhance competitiveness, responsiveness, and customer focus. Investing in key locations like India, Hungary, Malaysia, and Brazil presents a stimulating yet challenging opportunity to shape a dynamic PC&C function. We are seeking individuals who are driven, ambitious, and thrive in fast-paced environments, with a passion for working with people. If you are ready to be part of a transformative journey, this is the perfect place for you. As an Offer & Onboarding Senior Specialist within the PC&C Operations & Advisory organization, you will be responsible for delivering Core People Services focusing on Offer & Onboarding services across various geographies. Your role involves providing top-notch Join & Welcome support to new BP joiners and the PC&C community, ensuring compliance and consistency in service delivery. Operating as an internal global shared services organization, Operations & Advisory is dedicated to providing centralized and standardized people services for BP. Your role is essential in delivering Core People Services within the PC&C Operations & Advisory organization, specializing in Offer & Onboarding services across diverse geographies. You will play a key role in delivering an exceptional new joiner experience and maintaining consistency and compliance in service delivery. Your responsibilities will include understanding business procedures and processes, providing first-line customer support, handling transactions related to requisition and offer management, ensuring data integrity, identifying and implementing continuous improvements, collaborating with various teams, resolving complex issues, and supporting new joiners during the on-the-job training period. To qualify for this role, you should have a Bachelor's degree or equivalent experience, a minimum of 3 years of shared service experience, and fluent English language skills. Additionally, you should possess strong customer service skills, digital fluency, numeracy, analytical thinking, risk management abilities, foundational knowledge of CRM systems, MS Office proficiency, and familiarity with People and Culture processes and Workday. By joining our team, you will have the opportunity to work in an excellent environment with benefits such as an open and inclusive culture, work-life balance, learning and development opportunities, insurance coverage, medical care, and more. We believe in fostering a diverse and inclusive environment where everyone is respected and treated fairly. If you are looking for a rewarding career in a supportive and ambitious environment, apply now for this exciting opportunity.,

As a Risk Professional specializing in Enterprise Risk and Controls at Fiserv, you will play a crucial role in the organization's Enterprise Risk and Controls team. Your responsibilities will include conducting Third Party Risk Assessments for vendors and providing support for PCI and SOC audits as part of the company's Third-Party Audit initiatives. This role is perfect for professionals who are adaptable and keen to contribute to various risk programs within the department. Your primary focus will be on the Third-Party Risk Management (TPRM) function. You will be responsible for gaining a thorough understanding of security policies, standards, and related processes within the TPRM program. Utilizing your strong assessment abilities, you will ensure that vendor-related risks are identified, evaluated, mitigated, and continuously monitored to maintain the highest standards of security and compliance. Key responsibilities will include driving collaboration between cross-functional stakeholders, contributing to TRPM Risk transformation projects, performing due diligence on vendor outsourcings, conducting third-party risk assessments, and reviewing documentation related to security policies and processes. You will also be responsible for monitoring and tracking risks through closure, maintaining auditable results, and participating in regional and global TPRM governance forums. To be successful in this role, you should ideally have a Bachelor's or Master's degree from an accredited university, experience in IT Risk and Compliance Management or Information Security domain, good interpersonal and communication skills, and the ability to work effectively within a matrixed organization. Proficiency in MS Office tools and exposure to Governance, Risk, and Compliance (GRC) tools are also required. Additionally, having financial services experience, knowledge of IT audit, ISO 27001, ITIL, Vendor Risk Management processes, and industry certifications such as CISA, CRISC, CTPRA, ISO 27001 LA/LI, ISO 31000 would be beneficial. The role requires working the 1 PM to 10 PM IST shift. If you are someone who thrives in a dynamic environment, enjoys collaborating with diverse stakeholders, and has a passion for maintaining the highest standards of security and compliance, then this role as a Risk Professional Enterprise Risk and Controls at Fiserv could be the perfect fit for you.,

The Cybersecurity Intern will be responsible for supporting various aspects of cybersecurity operations including governance, risk, compliance, assessments, and Security Operations Center (SOC) activities. The Intern will have the opportunity to work on different projects across multiple locations such as Thane, Pune, Bengaluru, and Mumbai. This internship will provide hands-on experience in the field of cybersecurity and offers a potential full-time position upon successful completion. In the role of CyberSecurity Intern - GRC, you will assist in developing and implementing information security policies, standards, and procedures. Your responsibilities will include educating employees on best practices, collaborating on security awareness programs, and supporting clients in establishing effective security governance frameworks. Additionally, you will help in compliance programs, conduct security audits, and identify vulnerabilities in clients" IT infrastructure. As a CyberSecurity Intern - Assessment, your key responsibilities will involve conducting Vulnerability Assessment and Penetration Testing (VAPT) for various applications, performing source code and configuration reviews, and preparing detailed security findings and recommendations. You will also guide clients in patching vulnerabilities, stay updated on cybersecurity trends, and contribute to continuous learning and adaptation in the field. In the role of CyberSecurity Intern - SOC, you will monitor security events and alerts, assist in analyzing potential threats, and participate in the investigation and documentation of security incidents. You will research emerging cyber threats, work on improving detection use cases, apply threat intelligence to monitoring activities, and support in creating reports and dashboards. Requirements for this internship include pursuing a degree in Computer Science, Information Security, or a related field, basic understanding of cybersecurity principles and tools, familiarity with Linux/Windows systems and networking concepts, eagerness to learn in a SOC/MDR environment, excellent communication and analytical skills. Certifications like CompTIA Security+ and CEH are preferred but not mandatory.,

The ideal candidate for this role should possess expertise in cloud security and architecture, with strong knowledge in Cloud Architect, Cloud Solution Architect, Information Security, Azure Security, AWS Security, and GCP Security. As a Cloud Security Architect, your key responsibilities will include performing security requirement analysis, formulating security policies and procedures, participating in strategy planning and risk management, conducting technical audits, and reviewing IT security architecture. You will lead the design and development of security architectures for various cloud and cloud hybrid systems, as well as provide information security pre-engagement support. In terms of technical requirements, you should be able to identify potential risks, develop proactive backup plans, and collaborate with stakeholders to prevent problem reoccurrence. You will also be responsible for understanding execution drivers and constraints, prioritizing activities, providing line management leadership, and authorizing the implementation of information security policies and guidelines. Furthermore, additional responsibilities may include possessing certifications such as CISSP, CCSP, CISM, Comptia Sec, CISA, AWS Cloud Practitioner, Azure, and GCP certifications. Preferred skills for this role include expertise in Cloud Security.,