25 Infosec Jobs

Shift: (GMT+05:30) Asia/Kolkata (IST) What do you need for this opportunity? Must have skills required: ISO 27001, SOC 2, AWS, GCP, Azure, public cloud Infosec Engineer As an Information Security Engineer at IDfy, youll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, youll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if youve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Heres what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!. Who We Are. Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.. Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.. Deepwatch Recognition Includes. 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified. 2024 Military Times Best for Vets Employers. 2024 US Department of Labor Hire Vets Gold Award. 2024 Forbes' America's Best Startup Employers. 2024 Cyber Defense Magazine, Global Infosec Awards. 2023 and 2022 Fortress Cybersecurity Award. 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners. 2022 Cybersecurity Excellence Award for MDR. Position Summary. This role is 100% onsite in Bengaluru. The shift for this position is Monday Friday, 7:30AM 3:30 PM.. Deepwatch is looking for a highly motivated, self-driven, technical analyst dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. The Deepwatch Squad and Security Operations Center offers opportunities to expand your skill set through a wide variety of experiences, detecting and responding to incidents as they occur in real-time for our customers.. The Deepwatch squad is a unique approach to how we support our customers and ultimately provide an experience not found anywhere else. You’ll be an integral part of supporting our customers by understanding their bespoke environment, needs and challenges. You will be playing a key role in supporting some of the top organizations in the world, and have the opportunity to develop your skills by working with the best responders in the industry, your team and your Squad.. The Analyst I is focused on providing descriptive analysis. They will answer questions such as the who, what, when, and where of events. Analysts are curious individuals who actively work to develop a better understanding of the environments they are assigned. Using cybersecurity best practices, you will monitor and secure complex customer environments utilizing industry leading technology such as Splunk, xSOAR, CrowdStrike and more.. In This Role, You’ll Get To. Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS. Monitor a queue of security events generated by the Deepwatch platform SOAR, triage events based on their criticality, and escalate validated security events to customers. Document and manage incident cases in our case management system. Keep up-to-date with information security news, techniques, and trends. Identify and report any gaps in log collection or reporting as soon as possible to the customer and Deepwatch Engineering. Become proficient with Splunk, ServiceNow and other third-party threat intelligence tools as required. Perform security detection analysis and investigations using SIEM and SOAR technologies, leverage Deepwatch proprietary tooling and intelligence and maintain SLA’s. Act as the first line of defense during security events by triaging and investigating alerts within a customer’s environment. Produce high-quality written and verbal communications, recommendations, and findings to customer management in a timely manner. Continue to sharpen your skills and capabilities on the job, and through the Deepwatch development program. To be successful in this role, you’ll need to:. A basic understanding of cyber security principles, concepts and practice with a focus on SOC operations, alert triage and investigations. Know your way around SIEM platforms (Splunk preferred), how to perform queries and leverage various log sources to perform investigations. Articulate the process involved in pivoting to other log sources, cloud systems, or consoles to perform a comprehensive analysis from multiple data sources. Have a basic understanding of modern EDR, email security and cloud identity platforms. Review SIEM alerts and make a determination for what other sources or intelligence is needed to make a determination, relying on peers to help improve your skills and capabilities. A strong understanding of all basic ports and protocols. Familiarity with Windows, Mac, and Linux file path structure.. Familiarity with OSINT, TTPs and IOCs. Strong written and verbal communication skills with the ability to produce well-written reports and analysis that’s thorough, accurate and complete.. Provide the customer with a complete understanding of the investigation. CEH, CySA, GSEC, Sec+, or equivalent certification preferred. A college degree in Information Security or IT, related training, certifications or on-the-job experience. Life At Deepwatch. For employees, Deepwatch fosters a unique, flexible work environment designed with collaboration in mind. The company emphasizes personal and professional. growth, offering benefits such as professional development programs, comprehensive health coverage, and generous parental leave. Deepwatch is also committed to diversity, equity, inclusion, and belonging, aiming to empower underrepresented groups in tech by connecting them with meaningful opportunities, mentors, and sponsors.. In recognition of its supportive workplace culture, Deepwatch earned the Great Place To Work Certification/(TM) in 2025, underscoring its dedication to. creating a positive and inclusive work environment. Deepwatch is a global cybersecurity company with offices in San Francisco Bay Area, CA; Tampa, Florida;. and Bengaluru, India.. What We Offer. At Deepwatch, we are committed to supporting our employees with a comprehensive benefits package designed to enhance your well-being and financial security.. We Partner With Plum Benefits To Provide. ? Group Health Insurance – Comprehensive medical coverage for you and your dependents.. ? Group Accidental Insurance – Financial protection in case of accidental injuries.. ? Group Term Life Insurance – Security for your loved ones in unforeseen circumstances.. For additional details, refer to the benefits guide provided by Plum.. Payroll & Compensation. ? Pay Cycle: Salaries are processed monthly and paid on the last day of each month.. ? Pay Slips & Reimbursements: Delivered via email.. ? Payroll Processing: Managed by BCL Chartered Accountants through GreytHR, which provides tax and payment-related details.. Show more Show less

Desired Candidate The ideal candidate is a proactive and detail-oriented professional with strong leadership skills and a passion for cybersecurity. They should have excellent communication abilities to convey technical concepts to diverse audiences and a proven track record of managing teams and fostering a culture of security awareness. Adaptable and ethical, the candidate thrives in dynamic environments and collaborates effectively to address evolving cyber threats while maintaining the highest standards of confidentiality and integrity. Responsibilities: Strategic Planning: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with organizational goals. Risk Management: Identify, assess, and mitigate potential cybersecurity risks and vulnerabilities across systems, applications, and networks. Incident Response: Lead and coordinate incident response activities, ensuring quick containment, recovery, and root-cause analysis of security breaches. Compliance and Standards: Ensure adherence to relevant regulatory standards (e.g., GDPR, ISO 27001) and internal security policies. Team Collaboration: Lead and mentor the cybersecurity team, fostering skill development and ensuring alignment with security objectives. Stakeholder Communication: Act as a liaison between technical teams and senior management, translating technical risks into business terms. Continuous Improvement: Monitor and evaluate the effectiveness of security measures, and recommend enhancements to maintain a robust security posture. Tool and Technology Management: Oversee the deployment and management of security tools (e.g., SIEM, firewalls, endpoint protection, etc.) to ensure system integrity and confidentiality. Training and Awareness: Develop and conduct security training programs to promote awareness and compliance across the organization. Requirements: Education: Bachelors or Masters degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 6-10 years of experience in cybersecurity roles with progressive leadership responsibilities. Certifications: CISSP (Certified Information Systems Security Professional)[Ongoing is acceptable]. Additional certifications (e.g., CISM, CEH) are a plus. Technical Expertise: Strong understanding of security architecture, protocols, and best practices. Experience with tools like SIEM, IDS/IPS, endpoint security, firewalls, and vulnerability management systems. Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments. Soft Skills: Excellent verbal and written communication skills for technical and non-technical audiences. Strong leadership, project management, and team collaboration abilities. Analytical and problem-solving mindset with attention to detail.

Responsibilities: * Ensure compliance with PCI DSS, NIST, HIPAA & ISO standards. * Design, implement & maintain secure systems using Infosec principles. * Conduct regular security audits & risk assessments. * Experience in SOC and SIEM tools-Qradar

Dear Candidate, Greetings. We are hiring for the role of Biso Helius Technologies Hyderabad. Work mode – Work from office Project – Singlife Exp – 10 to 15 years Please find the below JD for your reference. Role: BISO Work Location: Hyderabad (ODC) Key Responsibilities Focuses on Core BISO activities: Conduct Information Security Business Impact Assessments (ISBIA) for Projects, Applications, and Third-Party Outsourcing arrangements, aligning with Singlife Standards. Collaborate with Technology and Business units to evaluate the impact of control deficiencies. Lead the implementation of IS standards at the business level, ensuring alignment of procedures and practices with established standards. Collaborate in creating Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) using appropriate tools. Engage with Security Incident Response Teams to guide the resolution and closure of incidents, offering proactive recommendations. Generate periodic IS risk management reports, highlighting critical issues and proposing corrective action plans. Ensure adherence to IS standards and best practices across diverse disciplines. Support the business during audit reviews and regulatory inspections related to IS matters. Maintain vigilant oversight of IS programs, encompassing programs, policies, and associated reporting within the business landscape. Collaborate with business units to rectify non-compliance in processes, applications, and outsourcing activities. 1. 2. Act as a Business Partner Regularly communicate and interact with Management and Employees, enhancing understanding of IS-related programs, policies, and standards. Leverage the ISO network to share resources, extract best practices, and enhance operational efficiency. Validate compliance with security controls within business contracts. Evaluate the alignment of IS processes with business needs, particularly concerning software and internet usage. Conduct Information and Cyber Security Awareness training to fortify organizational preparedness. Partner with application managers or the Technology Information Security Officer (TISO) to address specific technical requirements. Stay relevant to evolving cybersecurity regulations (MAS, CSA, GIA, LIA) to provide subject matter expert feedback. Assess the impact of new and updated regulations promptly by partnering with the ISO, Technology & Operations community. 3. Other Requirements Demonstrate skill in delivering compelling presentations and managing complex programs. Display exceptional aptitude in consulting, problem-solving, and analytical capabilities. Exhibit a proactive, assertive, service-oriented demeanour while effectively functioning as a cohesive team player. Demonstrate the ability to manage concurrent tasks and prioritize effectively, even in conflicting timelines. Key Decisions within the Role Be the gatekeeper of the IS business impact assessments (ISBIA) processes and ensure applications within Singlife adhere to IS standards. Team Direct and indirect accountability for Information Security Officers Requirements Experience Minimum 10 years of experience in Information security. In areas such as security governance, risk management, application security design, security project management or security operation. • Professional Certifications CISSP, CISM, CISA, SANS, Cloud would be preferred. Education Bachelor’s degree in IT, Engineering or equivalent Skill Matirx- Skill Candidate's self- assessment (Score 1-5) Primary: InfoSec experience Secondary: Risk/Governance/Assurance framework Experience in conducting Infosec Training Excellent Communication/Presentation skills Infosec Certifications Primary: Cybersecurity regulations Secondary: Creation of Risk Acceptance/Risk Exceptions/CAPs Monetary Authority of Singapore (MAS) regulations Awareness of Security Control . Compliance Security Audits . Please revert with update profile if you find it interesting. Feel free to reach out for any queries. Role & responsibilities Preferred candidate profile

Role & responsibilities Analysis of external vendor questionnaire s to assess the security posture and security controls of a vendor Drafting risk reports which summarize the information security assessment including any risks to the organization. Following up with internal and external (vendor) stakeholders to clarify and validate information related to initiatives Review legal agreements w ith vendors from an information security perspective. Provide security consulting services to Enterprise Services and Business Units. Once the required experience and aptitude has been shown, expectation will be that the Information Security Analyst will start to perform these tasks independently with minimal supervision. Competencies: Bachelor's Degree preferably in Computer Science or related streams Strong verbal communication - able to communicate complex and technical issues in plain English. Advanced writing skills with emphasis on report writing. Strong analytical/problem solving abilities. Strong understanding of existing and emerging Information Security technologies. Strong consulting skills and ability to influence a win - win outcome. Self-starter, strategic thinker, negotiator, and consensus builder. Ability to understand Sun Life's diverse business units and ability to work with diverse groups. Nice to have - Sound knowledge of technologies related to Information Security: encryption, firewalls, intrusion detection/prevention, anti-virus, DDoS, behavioral analysis/advanced malware detection.

3-5 yrs of experience in IS GRC focusing on regulatory compliance. Understanding of security standards and frameworks (E.g. ISO 27001, NIST CSF, PCI DSS, SOX 404, SOC2, NIS2 and PCI DSS. Knowledge of Python PySpark or SparkSQL is an added advantage.

Skill required: Risk & Compliance - Operational Audit & Compliance Designation: Risk and Compliance Senior Analyst Qualifications: BCom/Master of Business Administration/CA Inter Years of Experience: 5 to 8 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.The Operational Audit & Compliance team focuses on auditing and managing effective implementation and delivery of functional processes within operations to mitigate risks. The role may require for you to have a good understanding of anti-corruption, BCM and infosec policies, records management and contractor controls. The team is responsible for establishing processes to validate the effectiveness and drive improvements wherever required. What are we looking for Risk and Compliance Experience Knowledge of Finance & Accounting processAuditing experience Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification BCom,Master of Business Administration,CA Inter

Skill required: Risk & Compliance - Risk Management Designation: Senior Analyst Qualifications: BCom,Master of Business Administration,CA Inter Years of Experience: 5 to 8 About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.The Operational Audit & Compliance team focuses on auditing and managing effective implementation and delivery of functional processes within operations to mitigate risks. The role may require for you to have a good understanding of anti-corruption, BCM and infosec policies, records management and contractor controls. The team is responsible for establishing processes to validate the effectiveness and drive improvements wherever required. What are we looking for Risk and Compliance Experience Knowledge of Finance & Accounting processAuditing experience Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification BCom,Master of Business Administration,CA Inter

Greetings from Datamark!!! Postion : Information Security Analyst Experience : 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Fortinet-Fortigate Firewalls, Data Network Security - Firewalls, VPN, Microsoft Email Security, Zscaler Proxy, Load Balancing. Security exposure, PA, Fortinet, WAF, Email Security, Proxy. All L2 level. 3 years of Exp in Infosec Domain. Should be able to handle Domestic and Global customers both. Key Skills: Firewalls Web Application Firewall Application Delivery Controller (Load Balancer) Virtual Private Network (VPN) Email Security Appliance Proxy Web filtering Important Note: CEH certification is Mandatory

This will be an Individual Contributor role to start and can evolve over time based on how this function matures. You will play a critical role in the companys tech infrastructure, processes which will be fully aligned with regulatory, security and business continuity standards. Key Responsibilities Draft, coordinate monitor IT processes policies to ensure compliance as per IT Act, regulatory bodies (e.g. RBI, SEBI, GDPR, UIDAI etc.), info security (ISM) guidelines and other applicable laws with respect to Technology, in coordination with internal external stakeholders Prepare update business-wise IT infra details required by the Compliance/Legal teams for regulatory filings and 3rd party audits Conduct vendor risk assessment audits ensure identified gaps are proactively filled Introduce new processes policies by conducting market studies surveys relevant to our business Plan, formulate, coordinate, implement monitor the cyber crisis management plan (CCMP) Incident Management and resolution Interface with external auditors and set up processes to ensure all Infosec audits go smoothly Formulate, implement, review monitor BCP Requirements 4-6 years of experience, including being SPOC for Infosec audits In-depth knowledge of technology, security, risk, and compliance best practices Strong capability in interfacing with both technology and business teams Detailed understanding of security monitoring, threat intelligence vulnerability management A self-driven attitude with a strong sense of ownership Experience with RBI and/or SEBI (preferred) audits is a big plus Assisting the team to conduct Technology Committee Assisting the Risk Officer to conduct independent assessments of the business functions Provide timely data for Risk Management Committee

we have a requirement on InfoSec Engineer for one of our clients for contract to Hire role. job Details: skills InfoSecEngineer Experience9+ Years Location:PAN INDIA Job typeContract to Hire Pay roll companyIDESLABS Work ModelHybrid INFOSEC ENGINEER Linux/RHEL/Windows patching and vulnerabilities remediation SSH Keys/Certificate management EOL analysis for Java/Python/Jenkins Libraries Nice to haveScripting for automation

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZS’s India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What You’ll Do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk. Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

An Information Security Consultant is responsible for ensuring an organization's data and systems are secure and compliant with industry standards. They assess vulnerabilities, develop security policies, and implement solutions to protect digital

Job Opening: Local IT Administrator Location: On-site | Company: PRINTS24x7 Type: Full-time | Experience: 3+ years preferred What Were Looking For: PRINTS24x7 is seeking a skilled and responsible Local IT Administrator to manage and enhance our on-site IT infrastructure. The ideal candidate will have proven expertise in network and system administration, asset management, and hands-on software handling, along with familiarity with modern AI tools. A deep understanding of IT security protocols and compliance standards is essential to safeguard our operations and ensure data integrity. Candidates should be proactive, detail-oriented, and committed to providing reliable technical support across the organization. Key Responsibilities: Monitor and maintain network infrastructure (routers, firewalls, switches). Provide end-user support for hardware/software issueshands-on and responsive. Administer Windows Server environments (Active Directory, Group Policy). Enforce IT security protocols and manage antivirus and threat mitigation systems. Maintain and oversee IT asset lifecyclefrom procurement to decommissioning. Document system configurations, software licenses, support logs, and audits. Integrate and utilize AI tools to improve diagnostics and operational efficiency. Ensure adherence to compliance standards and data protection regulations. Collaborate with vendors for procurement, maintenance, and technical support. Required Skills & Knowledge Proficiency in system administration, software patching, and troubleshooting. Strong grasp of networking (IP addressing, VLANs, subnetting). Working knowledge of AI tools (e.g., automation platforms, AI-based diagnostics). Familiarity with cybersecurity best practices and compliance frameworks. Solid documentation practices and inventory management experience. Effective communication skills for both technical and non-technical users. Desired Attitudes Proactive and solution-focused with strong problem-solving skills. Adaptable to evolving technologies and operational needs. Detail-oriented with a commitment to accuracy and system integrity. Team-oriented and approachable with a service-minded outlook. What Success Looks Like: You will serve as the backbone of our IT operations—ensuring reliability, enforcing security, optimizing performance, and enabling team productivity through seamless technology support. Your expertise and foresight will directly contribute to PRINTS24x7’s operational excellence. Ready to make a difference? Send your resume and cover letter to hr@prints24x7.com

Role & responsibilities General description of the role: Minimum 8 years of experience in managing security audits, such as, ISO 27001, HIPAA, SOC 1, SOC2, PCIDSS Including preparing control owners for audits, interpreting control requirements, reviewing control evidence for appropriateness, testing control effectiveness, presenting control evidence to external auditors, and audit planning with external auditors In-depth knowledge of security controls, interpreting control requirements for SOC 2, ISO, or HIPAA, PCIDSS audits, reviewing control evidence for completeness an accuracy, and ensuring evidence provided to auditors satisfies control requirements. Ability to of plan and lead meetings with control owners and external auditors. Ability to clearly define control requirements to control owners or explaining control evidence to external auditors. Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness, following up on audit requests, and helping to establish a continuous monitoring function. Assist in testing and verification of all controls and formulating reports documenting findings. Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies, standards, and procedures. Work closely with internal business teams to assist in the identification and assessment of potential security risks, and establish risk owners, ratings, and management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS, HIPAA, GDPR Analyse potential impact of new threats and communicates risks to relevant business units Manage security operations, analyse security exceptions, gather necessary background information, document exceptions and ensure that the risk is recognized and managed with compensating controls Provide orientation to Business Units on Risk Assessment, Business Continuity Plan and Business Impact Analysis Facilitate in preparation of Business continuity plan for each project and functions Conduct internal ISMS and BCMS audits and identify potential gaps in the system Prepare detailed and summary reports of assessments, remediation plans as needed and advise internal stakeholders Report the audit findings on the potential weakness in the system and areas of improvement Preferred candidate profile Top 5 Skill Set Hands-on experience with security technologies Experience in Information security and business continuity internal audits Strong Knowledge in risk management, ISO 27001, ISO 22301 PCI DSS, HIPAA, GDPR, SOC 2 Knowledgeable in security concepts, techniques, tools, methods, and practices Good technical in cyber security products Individually to perform the technical audits

Department: Information Security Location: Mumbai Reports to: IS GRC Head Employment Type: Full-time Job Purpose: This role is responsible for driving the organization’s Information Security Governance, Risk, and Compliance (GRC) function, Industry standards (ISO 27001, NIST CSF), and regulatory requirements. The candidate will lead internal audits, vendor risk governance, SOC 2 readiness, automation initiatives, client assessments, and security awareness across the enterprise—while managing a team of security professionals. Key Responsibilities: Governance, Risk & Compliance • Implement and maintain a scalable Information Security GRC framework based on ISO 27001, NIST Cybersecurity Framework, and applicable regulatory requirements (RBI, SEBI, IRDAI, DPDPA). • Manage the information security policy lifecycle, risk registers, and control objectives across business units. • Lead the exception management process, including impact assessments, approval workflows, and periodic reviews. Internal Audit & Control Testing • Plan and execute periodic internal audits, control design evaluations, and operational effectiveness testing for IT and cybersecurity controls. • Coordinate external assessments, including SOC 2 readiness, ISO 27001 surveillance audits, and customer/compliance audits. • Track and close audit findings with clear ownership, root cause analysis, and sustainable remediation plans. Vendor Risk Management (End-to-End) • Oversee the Third-Party Risk Management (TPRM) lifecycle: onboarding, risk assessment, security clauses, ongoing monitoring, and exit governance. • Drive continuous oversight of critical vendors based on data exposure and service criticality, using automated tools where feasible. Automation & Tooling • Identify manual GRC activities suitable for automation; perform POCs, evaluate tools, and drive implementation. • Lead automation initiatives for risk assessments, control testing, evidence gathering, and exception workflows. SOC 2 & Compliance Readiness • Lead organizational readiness for SOC 2 Type 1 and Type 2 audits, working with Business SPOC's, application owners and control owners. • Align existing practices to SOC trust service criteria (Security, Availability, Confidentiality). Security Training & Awareness • Develop and deliver cybersecurity training and awareness programs tailored to various stakeholder groups (employees, management, vendors). • Promote a risk-aware culture and drive ongoing compliance awareness campaigns. Incident Response Oversight • Support and enhance the incident response governance process by aligning it with NIST CSF framework. • Ensure roles, responsibilities, and reporting mechanisms are clearly defined and followed during incidents. • Oversee the documentation of lessons learned, RCA, and incorporation of incidents into risk registers. Reporting & Stakeholder Engagement • Prepare and present dashboards, heatmaps, and reports for executive management, audit committees, and the board. • Maintain governance KRIs and provide insights into risk trends, audit closures, and compliance status. • Serve as a key liaison during client assessments, RFP security responses, and due diligence efforts. Team Leadership • Manage, mentor, and upskill a team of GRC analysts and specialists. • Allocate responsibilities, track performance, and foster collaboration across IT, Legal, Procurement, and Business teams. Key Requirements: Qualifications: • Bachelor’s/Master’s in Information Security, Computer Science, or related field. • Professional certifications preferred: CISA, CRISC, ISO 27001 LA, CISSP, CCSK, or equivalent. Experience: • 8+ years of experience in Information Security GRC, IT Risk, and Regulatory Compliance. • Strong expertise in internal audits, control testing, and vendor security governance. • Hands-on experience in managing SOC 2, ISO 27001, or similar frameworks. • Demonstrated leadership in team management and multi-stakeholder coordination. • Exposure to automating GRC functions using platforms like ServiceNow GRC, Archer, OneTrust, or similar. Skills & Competencies: • Strong analytical, documentation, and reporting skills. • Effective communication across technical and business audiences. • High level of integrity, ownership, and stakeholder management.

Role & responsibilities Serve as an IT project leader by exerting influence on the overall program's direction to ensure business and IT objectives are met. Drive and oversee all project lifecycles within the program to ensure incremental delivery of business outcomes and project stays within budget constraints Develop and maintain program or project documents including prioritization artifacts, charters, iterative program implementation plans, status reporting on deliverables, handling risks, assumptions, issues, and cross team dependencies with little to no oversight using established standards and procedures Perform and analyze intake of project demands, forecasting team allocation, demonstrating standard processes and procedures. Preferred candidate profile Bachelor's Typically, 5 - 8 years demonstrated and direct work experience in leading and large, complex, and strategic global initiatives. Experience working in a hybrid Agile environment with global matrix teams. Should have knowledge of and have done some level of program management. Skilled in Project Management Methodologies & Frameworks (SAFe, PMP, CSM) In depth understanding of Cost Management, Resource Management and Risk Management. Proven ability to create CBA, SBARs and other project management artifacts. Exposure to handling projects ranging InfoSecurity, Regulatory & Compliance, Strategy and IT Cloud Projects. Should have some working knowledge of the DevOps Model. Skilled in Word, Excel, Outlook, PowerPoint, Project Management Tools, Zoom, and SharePoint Experience working for a publicly traded company or financial services in a similar role. Working in a maturing IT Portfolio/Project Management office. Perks and Benefits Transportation Services : Convenient and reliable commute options to ensure a hassle-free journey to and from work. Meal Facilities : Nutritious and delicious meals provided to keep you energized throughout the day. Career Growth Opportunities : Clear pathways for professional development and advancement within the organization. Captive Unit Advantage : Work in a stable, secure environment with long-term projects and consistent workflow. Continuous Learning : Access to training programs, workshops, and resources to support your personal and professional growth. In order to apply, please click on below mentioned link - https://encore.wd1.myworkdayjobs.com/externalnew/job/Gurgaon---Candor-Tech-Space-IT---ITES-SEZ/Senior-Project-Manager_HR-15007

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. We are looking for Information Security Professional (ISMS/InfoSec) Job Summary: We are seeking a dedicated Information Security Professional to join our team. The ideal candidate will focus on maintaining and managing our ISO27001 certification. This role involves handling the overall Information Security Management System (ISMS), managing internal stakeholders, conducting internal audits, facilitating external audits, and overseeing the information security program management. Key Responsibilities: Maintain and manage the ISO27001 certification and related processes. Oversee the Information Security Management System (ISMS) ensuring compliance with ISO27001 standards. Manage and coordinate internal audits, identifying areas for improvement and implementing necessary changes. Facilitate external audits, acting as the primary point of contact with external auditors. Engage with internal stakeholders to ensure information security policies and practices are effectively communicated and implemented. Develop, implement, and manage information security programs to enhance organizational security posture. Stay updated with the latest developments in information security standards and best practices. Qualifications: Bachelor"™s degree in Information Security, Computer Science, or a related field. 5-7 years of experience in information security with at least 5 years in direct ISMS. Strong knowledge of ISO27001 standards and requirements. Experience in managing and maintaining an Information Security Management System (ISMS). Excellent stakeholder management skills and the ability to communicate effectively with various levels of the organization. Strong organizational and program management skills. Certifications such as ISO27001 Lead Auditor (LA) and Certified Information Systems Auditor (CISA) are preferred. Preferred Certifications: ISO27001 Lead Auditor (LA) Certified Information Systems Auditor (CISA) Skills: Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills. Ability to work independently and as part of a team. High attention to detail and a commitment to maintaining high standards of work. Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers atwww.siemens.com/careers

Role & responsibilities ISMS or Third-Party Risk Assessments Ability to effectively liaise with clients and manage stakeholder expectations Work with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Conducting risk assessments and audits with respect to people, process and technology Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures and standards Documenting information security risk, recommendation and compensating controls in the form of assessment/audit reports Desired qualifications Relevant 6+ years of experience in Third party risk management Highly preferred certifications - ISO27001, CISM , CRISK, CISA. Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management

Greetings from Datamark !!! Postion : Information Security Analyst Experience : 3 to 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Job Profile: IT Manager / Sr. Manager Role Overview and Responsibilities: We are looking for an IT & Service Desk Manager to maintain and supervise the IT setup of our company. This person will liaison with three key entities the CISO & Indus Leadership, Consulting staff, and our outsourced IT services provider. This is a great opportunity for someone to maintain a rapidly growing cloud-based IT setup of one of the most cutting-edge Big Data organizations Key Responsibilities: 1. Manage issues raised by internal consulting staff and liaison with the internal IT team and outsourced vendor to get these fixed; Provide interim support as and when required to consulting staff 2. Manage a team of 1 or 2 IT associates (internal or outsourced) to help provide IT support to consulting staff through the course of their work. 3. Continuously work on the requirements of maintaining our ISO 27001 certification and support the CISO perform backup recovery tests, review access control policies, perform disaster recovery procedures, etc. 4. Work with Internal Auditor to keep all compliances and improvements in check 5. Oversee client security assessments, respond to their compliance teams to build their trust and comfort with Indus Information security management systems 6. Create, manage, execute, and sustain key IT special projects at Indus 7. Support asset (software, hardware) purchase, drive procurement, maintain asset list, manage warranty timelines, etc. 8. Support creation of IT reports for systems across the organization (networks, servers, user laptops, etc.); Monitor & track them on regular basis 9. Continuously identify opportunities to improve the IT setup through new apps, products, services, with a view to improving the efficiency of the consulting staff Requirements 1. Experience and Personality Traits a. 8+ years of enterprise IT experience; IT desk management and supervisory of L1/L2/L3 support will be a plus b. Ability to work in a fast-paced, results focused environment c. Organized and detail-oriented d. Self-motivated and results-driven e. Resilient, persistent, and resourceful f. Proactive and independent 2. Skills Working knowledge of: i. Laptop & server hardware ii. Windows Domain Controller / Active Directory iii. Amazon cloud (Redshift, EC2, IAM) & Microsoft Azure Active Directory services iv. Microsoft 365 services and suite Intune, Exchange, Teams, SharePoint, OneDrive, Defender. v. Network & Firewall management vi. Microsoft office (Word, Power Point, Excel) vii. Basic Linux CLI and SQL commands viii. Technical experience on below will be preferred (but not mandatory): i. Management of enterprise solutions such as Data leakage prevention, MS Sentinel. b. Experience with clearing/supporting international certification ISO audits (especially ISO-27001) will be preferred but not mandatory c. Comfort in written and spoken English, since the position requires working with international clients periodically 3. Education i. Educational background in IT will be preferred

Client Questionnaires & Audit Manager, Information Security & Risk Management Role Description: The Client Questionnaires & Audit Manager, Information Security position will be an integral member of the Information Security and Risk Management team. This role will be responsible for organizing and managing internal and external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance. Successful candidate will have a good mix of security knowledge, understanding of industry best practice, and a demonstrated background in information security risk management. The candidate will be responsible for managing and responding to client security questionnaires, audits, and assessments related to the organizations information security posture. This role involves working closely with internal teams, clients, and external auditors to ensure the companys security practices align with industry standards and client requirements. The manager will also coordinate audit activities to ensure compliance with security frameworks and regulations. The ideal candidate: is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve. possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies. possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role. Successful candidate will develop strong relationships, collaborate across teams, coordinate multiple timelines, and manage complex, cross discipline projects. global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly. Responsibilities: Client Security Questionnaires: Establish a repository of standardized security questionnaire responses and ensure they are updated with the implemented security controls, certifications, and policies. Manage responses to client security questionnaires in a timely and accurate manner. Collaborate with internal teams (e.g., IT, legal, Information Security) to gather necessary documentation and information for client inquiries. Serve as the main point of contact for clients regarding security-related inquiries and responses. Client MSA Security Terms and Conditions Review: Create security terms and conditions for inclusion in contracts. Review security terms and conditions and provide feedback to legal team. Audit Coordination: Lead and coordinate client and internal audits to assess the organization's compliance with security policies, procedures, and regulatory requirements (e.g., ISO 27001, HIPAA). Serve as the liaison between the organization and external auditors or clients performing audits. Prepare and provide evidence for security audits, ensuring all documentation is complete and accurate. Collaborate with internal teams to design and implement mitigation strategies for identified risks. Collaborate with control owners to create corrective action plans to ensure appropriate remediation efforts are implemented and completed in a timely manner. Cyber Insurance Response: Respond to cyber insurance questionnaires based on implemented security controls, certifications, and policies. Process Improvement: Identify opportunities to improve the efficiency and effectiveness of client questionnaire responses and audit processes. Develop and implement templates, and workflows to streamline the completion of client questionnaires. Continuously improve the organization's internal audit and compliance processes to meet client expectations. Stakeholder Engagement: Engage with clients and third-party auditors in discussions around the organization's security posture. Communicate effectively with internal stakeholders, including IT, legal, compliance, and senior leadership, to ensure timely responses to audits and questionnaires. Provide recommendations to management regarding areas of improvement in security practices and compliance. Experience: 10+ years of experience in information security, with a focus on audit management. Experience with responding to security questionnaires and managing client audits. Experience in managing third-party audits and internal audit processes. Familiarity with compliance frameworks such as NIST, ISO 27001, HIPAA, and others. Demonstrated advanced verbal and written communication skills Excellent project management and organizational skills, with the ability to handle multiple audits and client requests simultaneously. Excellent organization skills and be a self-motivated learner Qualifications: Bachelors degree in Information Security, Cybersecurity, Communications, Education, Computer Science, Engineering or related field or equivalent work experience CISA, CRISC, CISM, or CISSP certifications (one or more) preferred Why Join Us Remote work flexibility and a collaborative team environment. Work on meaningful Transformation projects with global clients. Continuous learning and growth opportunities. Supportive culture where your voice matters and your work makes an impact.