409 Pci Dss Jobs - Page 9

Knowledge of ATM/POS switching, Debit Card Issuance/Management, Digital Channels interface and ISO8583 messaging standard. Familiarity with EMV Contact/Contactless, VISA, MasterCard Card Issuing & Acquiring, Scheme compliance requirement. Desirable to have knowledge on Local Switch integration and certification. Experience with an EFT transaction switching or on-line banking environment. Experience in testing ATM/Switching and Card Management technologies(contact / Contactless). Hands-on experience with automated test tools and simulators. Experience in Restful Webservices+JSON based integration will be added Advantage. Familiarity on PCI DSS compliance requirement. Experience on Switch integration with VISA/Mastercard is mandatory. Experience on Google Pay/Samsung Pay/Apple Pay Wallets and QR Code and Emerging payments will be a added Advantage. Experience in Web Service integration and API s. Strong design and programming knowledge on JAVA, C/C++ on Unix/Linux environment, Unix Shell Scripting Knowledge of end-to-end systems development life cycles (i. e. , waterfall, Agile and other modern approaches to software development) Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization Excellent in preparing the Solution Architecture document, Functional and technical spec Willingly shares relevant technical and/or industry knowledge and expertise to other resources Excellent problem-solving, team, and time management skills. Resourceful and proactive in gathering information and sharing ideas. Strong analytical, statistical, and problem-solving skills. Experience in banking or financial services industry is an advantage. Working experience in Cloud and Digital transformation projects is an advantage. Good knowledge skill on open platform is a plus. RESPONSIBILITIES The role will be responsible for handling the Solution Architecture and Design for the ATM Switch, Debit Cards and Payment domain. The job title will be Senior Solution Manager. Lead and manage the highly competent team and vendor for both Solutioning and project delivery. Build effective relationship and partnership with the business stakeholders to support their technology needs Key Responsibilities Regulatory & Business Conduct Display exemplary conduct and live by the Group s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Lead the team to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment. ] * Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. Serve as a Director of the Board Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association (or equivalent) Other Responsibilities Embed Here for good and Group s brand and values in team Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures Multiple functions (double hats) Skills and Experience ATM Switching Master Card, Visa, CUP Certification handling ISO 8583 message understanding Recon and Settlement Qualifications BE or MCA with 8+ hrs relevant experience, no specific format certification expected Together we: Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations. Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum. Flexible working options based around home and office locations, with flexible working patterns. Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning. Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential. 30937

Product Specialist - Retail Payments with a strong background in API development and microservices architecture along with deep expertise in retail banking. The ideal candidate will drive solution, architecture, design, and delivery ensuring compliance with security and governance standards with fostering innovation and efficiency in digital payment solutions. Key Responsibilities Solution Architecture Engineering Excellence: 1. Design robust API-driven microservices solutions for retail payments, ensuring scalability, security, and compliance. 2. Define end-to-end solution architecture for payment applications, ensuring alignment with business and regulatory requirements. 3. Collaborate with stakeholders to translate business requirements into scalable and maintainable technology solutions. 4. Ensure seamless integration of payment systems with other banking platforms and third-party services. 5. Conduct performance optimization and implement best practices to enhance reliability and scalability. Governance, Security and Compliance: 1. Identify and implement security controls by collaborating with Security teams. 2. Ensure adherence to regulatory compliance, risk mitigation and governance policies. 3. Conduct Security impact assessments to mitigate potential risks throughout the delivery lifecycle. 4. Ensure adherence to enterprise technology standards and best practices in payment system design and implementation. Collaboration and Alignment: 1. Work Closely with Engineering Lead, Squads and Chapters to define and implement Solutions. 2. Provide technical leadership and mentorship to development teams, ensuring high-quality software delivery. 3. Collaborate with cross-functional teams for successful implementation and deployment of payment solutions. 4. Actively participate in Solution reviews and architectural governance forums. Innovation Continuous Improvement: 1. Stay updated on emerging technologies in payment space. 2. Foster a culture of innovation by driving modernization initiatives and continuous improvement strategies. 3. Align technical solutions with the organization long-term technology vision and business goals. 4. Leverage automation CI/CD and Sec Devops practices to improve software development efficiency Regulatory Business Conduct Display exemplary conduct and live by the Group s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Lead the team to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment. ] Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. Serve as a Director of the Board Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association (or equivalent) Other Responsibilities Embed Here for good and Group s brand and values in team Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures Multiple functions (double hats) Skills and Experience Knowledge of ATM/POS switching, Debit Card Issuance/Management, Digital Channels interface, Encryption, HSM and ISO8583 messaging standards Familiarity with EMV Contact/Contactless, VISA and MasterCard Card Issuing Acquiring, Scheme compliance requirements Experience with an EFT transaction switching and processing. Familiarity on PCI DSS and PA DSS compliance requirements Experience on Switch integration with VISA/Mastercard is mandatory. Others such as UPI, JCB and National switches. Experience on Google Pay/Samsung Pay/Apple Pay Wallets and QR Code and Emerging payments will be a added Advantage Experience in Web Service integration and API s Knowledge of end-to-end systems development life cycles (i. e. , waterfall, Agile and other modern approaches to software development) Excellent in preparing the Solution Architecture document, Functional and technical spec Excellent problem-solving, team, and time management skills. Experience in Programming Languages and other emerging technologies Experience in Cloud Services Qualifications B TECH or BE or MBA grade in Computer Science/ Information Systems or related IT Area; 8 to 12 Years About Standard Chartered Were an international bank, nimble enough to act, big enough for impact. For more than 170 years, weve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If youre looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we cant wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, youll see how we value difference and advocate inclusion. Together we: Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term What we offer In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations. Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum. Flexible working options based around home and office locations, with flexible working patterns. Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning. Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential. www. sc. com/careers 30720

Product Specialist - Retail Payments with a strong background in API development and microservices architecture along with deep expertise in retail banking. The ideal candidate will drive solution, architecture, design, and delivery ensuring compliance with security and governance standards with fostering innovation and efficiency in digital payment solutions. Key Responsibilities Solution Architecture Engineering Excellence: Design robust API-driven microservices solutions for retail payments, ensuring scalability, security, and compliance. Define end-to-end solution architecture for payment applications, ensuring alignment with business and regulatory requirements. Collaborate with stakeholders to translate business requirements into scalable and maintainable technology solutions. Ensure seamless integration of payment systems with other banking platforms and third-party services. Conduct performance optimization and implement best practices to enhance reliability and scalability. Governance, Security and Compliance: Identify and implement security controls by collaborating with Security teams. Ensure adherence to regulatory compliance, risk mitigation and governance policies. Conduct Security impact assessments to mitigate potential risks throughout the delivery lifecycle. Ensure adherence to enterprise technology standards and best practices in payment system design and implementation Collaboration and Alignment: Work Closely with Engineering Lead, Squads and Chapters to define and implement Solutions. Provide technical leadership and mentorship to development teams, ensuring high-quality software delivery. Collaborate with cross-functional teams for successful implementation and deployment of payment solutions. Actively participate in Solution reviews and architectural governance forums. Innovation Continuous Improvement: Stay updated on emerging technologies in payment space. Foster a culture of innovation by driving modernization initiatives and continuous improvement strategies. Align technical solutions with the organization long-term technology vision and business goals. Leverage automation CI/CD and Sec Devops practices to improve software development efficiency Regulatory Business Conduct Display exemplary conduct and live by the Group s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Lead the team to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment. ] Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. Serve as a Director of the Board Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association (or equivalent) Other Responsibilities Embed Here for good and Group s brand and values in team Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures Multiple functions (double hats) Skills and Experience Knowledge of ATM/POS switching, Debit Card Issuance/Management, Digital Channels interface, Encryption, HSM and ISO8583 messaging standards Familiarity with EMV Contact/Contactless, VISA and MasterCard Card Issuing Acquiring, Scheme compliance requirements Experience with an EFT transaction switching and processing. Familiarity on PCI DSS and PA DSS compliance requirements Experience on Switch integration with VISA/Mastercard is mandatory. Others such as UPI, JCB and National switches. Experience on Google Pay/Samsung Pay/Apple Pay Wallets and QR Code and Emerging payments will be a added Advantage Experience in Web Service integration and API s Knowledge of end-to-end systems development life cycles (i. e. , waterfall, Agile and other modern approaches to software development) Excellent in preparing the Solution Architecture document, Functional and technical spec Excellent problem-solving, team, and time management skills. Experience in Programming Languages and other emerging technologies Experience in Cloud Services Qualifications B TECH or BE or MBA grade in Computer Science/ Information Systems or related IT Area; 8 to 12 Years About Standard Chartered Were an international bank, nimble enough to act, big enough for impact. For more than 170 years, weve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If youre looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we cant wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, youll see how we value difference and advocate inclusion. Together we: Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term What we offer In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations. Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum. Flexible working options based around home and office locations, with flexible working patterns. Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning. Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential. www. sc. com/careers 30719

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist In this role, you will: Be responsible for maintaining, and uplifting IAM PAM control. Identify, investigate, and report potential Cybersecurity related exposures and recommend corrective action, maintaining SME support and/or ownership through to resolution. Work alongside the IDAM Control Owners to record, analyse, monitor, and publish MI / KCI reporting; dashboards; for the Cybersecurity management and other appropriate stakeholders. Stakeholder Engagement: Collaborate with business units and IT teams, to gather requirements and ensure smooth project execution. Provide regular updates to senior management and other stakeholders. Governance and Compliance: Experience of working in a regulated environment with exposure to global regulatory requirements, including GDPR, SOX, PCI DSS, and ISO 27001. Implement robust governance practices to manage risks and ensure compliance. Team Coordination and Leadership: Lead cross-functional teams, work alongside project managers, control owners, business analysts, and technical specialists. Foster collaboration and resolve conflicts to maintain project momentum. Proven track record of working with technical, cybersecurity and/or operations teams. Lead geographically disbursed team and pull them together to achieve common objectives. Excellent written and verbal communications Excellent data analytics skills. Process Improvement: Continuously evaluate processes and propose enhancements to improve efficiency, scalability, and security. Develop and implement best practices for project delivery. Risk and Issue Management Identify, assess, and mitigate risks throughout the project lifecycle. Proactively manage issues and dependencies to avoid project delays. Documentation Project initiation, planning, execution, monitoring, and closure documentation including but not limit project charter, project plan, various status report, performance report and project closeout report. Requirements To be successful in this role, you should meet the following requirements: Knowledge Experience of Identity Access Management (IAM) Controls Technical background within security spaces- Privileged Access Management Extensive knowledge on managing compliance IAM Security Standards Able to understand Operating Effectiveness of IAM Secrets Controls, Identify Gaps and Remediate Manage Govern KPIs / KCIs / KRIs Stakeholder Management Across all Lines of Defence Communication Skills for stakeholder collaboration on Standard Procedures and Best Practices Role relevant qualifications, i. e. CISSP/CISM is desirable but not essential Excellent written and verbal communications Excellent technical data analytics skills. Strong presentation and reporting skills.

Drafting, Reviewing, Updating, and Enforcing Information Security Policies: Responsible for the formulation, periodic review, update, and organization-wide enforcement of information security policies and procedures in line with regulatory and industry standards. Implementing IS Related Controls as per Regulatory Requirements and Industry Best Practices: Ensures timely implementation and tracking of security controls as mandated by regulators and aligned with globally accepted standards such as ISO 27001, NIST, and PCI DSS. Coordinating Security Audits as per Regulatory Requirements: Acts as the central coordinator for internal, external, and regulatory audits, ensuring availability of evidence, responses, and closure of observations. Conducting Training and Awareness (Phishing and Quiz): Plans and executes regular security awareness programs, phishing simulations, and quizzes to build a security-conscious culture among employees. Performing IS Risk Assessment / GAP Assessment: Conducts periodic risk and gap assessments to identify, evaluate, and mitigate security weaknesses across systems, processes, and third parties. M aintenance of ISO 27001:2022 and PCI-DSS Certification: Manages and coordinates activities necessary to maintain ISO 27001:2022 and PCI DSS certification status, including audits, documentation, and corrective actions. Monitoring Ongoing IS Compliances through Compliance Calendar : Acts as a checker by maintaining a compliance calendar and tracking entity-wise and function-wise adherence to security compliance requirements. Policy, Process, and Other IS-Related Audits : Conducts independent assessments of IS policies, procedures, and control effectiveness to ensure compliance and identify opportunities for improvement. Participating in Regulatory Inspections: Supports regulatory inspections related to information security by providing necessary documentation, system access, and clarifications. Incident Management: Reviews information security incidents to find trends, causes, impact, and check how well responses worked; ensures incidents are reported to regulators on time as per rules; and regularly updates senior management or the board on security status, key risks, incidents, and compliance

Overview Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Let’s build this together! Responsibilities Operate day-to-day Information Security Governance, Risk, and Compliance (GRC) activities across the organization. Support alignment and implementation of security standards including ISO 27001, PCI, NIST, and TISAX. Assist in the execution of Information Security Risk Management policies and procedures. Collaborate on internal and external audit activities, and track remediation efforts to closure. Support documentation, reporting, and evidence gathering for compliance and regulatory assessments. Contribute to the continuous improvement of governance processes, control effectiveness, and risk posture. Coordinate with business units and IT teams to ensure governance standards are understood and adhered to. Qualifications 3–5 years of experience in information security governance, risk, compliance, or audit. Working knowledge of ISO 27001, PCI-DSS, NIST, TISAX, or other major regulatory frameworks. Experience with policy implementation, risk assessment methodologies, and audit coordination. Ability to evaluate and articulate compliance requirements to technical and non-technical teams. Strong documentation, analytical, and reporting skills with attention to detail. Excellent interpersonal and communication skills to work cross-functionally. Preferred Qualifications Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar. Experience with GRC platforms and tools. Exposure to vendor risk management and compliance monitoring.

Job ID: 199874 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking a highly skilled and experienced Senior Governance, Risk, and Compliance (GRC) Specialist to join our dynamic team. The ideal candidate will have a strong background in GRC, with a proven track record of managing and implementing comprehensive risk management and compliance programs, particularly within the EMEA (Europe, Middle East, and Africa) and IMEA (India, Middle East, and Africa) regions. What will your job look like Develop and maintain governance frameworks, policies, and procedures. Ensure compliance with industry standards, regulations, and contractual obligations. Identify, assess, and prioritize security risks, implementing mitigation strategies. Conduct regular risk assessments, audits, and maintain risk registers. Ensure adherence to GDPR, CRA, and other relevant security regulations. Monitor and enforce security compliance across EMEA and IMEA regions. Develop and deliver compliance training programs for employees. Prepare and present security reports to senior management and stakeholders. Collaborate with internal teams and liaise with external auditors and regulators. Communicate security risks and mitigation strategies effectively to stakeholders. All you need is... Bachelor's degree in Business Administration, or a related field. Professional certification (e.g., CISA, CRISC, CISSP) is preferred. Minimum of 6 years of experience in governance, risk management, and compliance. Strong knowledge of relevant laws, regulations, and industry standards, particularly in the EMEA and IMEA regions. Strong understanding of NIST CSF, CIS, ISO 27001, PCI DSS, and Data Protection frameworks. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with experience in defending and explaining security risks and mitigations to customers and stakeholders. Ability to work independently and as part of a team. Proficiency in GRC software and tools. Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Job ID: 198625 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) In one sentence The IS/IT Audit Expert will assess systems, processes, and controls to ensure compliance with internal policies/practices and identify technological or operational risks All you need is... BA/BS degree in Information Systems, Computer Science, Engineering, or related field. 2-5 years of experience in IT Audit, Cybersecurity, Risk Management, IT Compliance, IT Project Management, or related field. Able to execute comprehensive IT/IS audits utilizing data analytics (MS Excel, Tableau). Ability to evaluate the adequacy and effectiveness of IS/IT controls. Sound knowledge of industry standards, emerging technologies, and best practices. Ability to identify and assess IT/IS related risks and evaluate their impact on the organization. Ability to conduct independent fieldwork and align with process/system owners. Mindset to proactively seek relevant education and training opportunities. Excellent communication skills (both verbal and written) and ability to interact with people across the globe with different cultures. What will your job look like Plan the scope and objective of the audit topic Evaluate a system s efficiency based on knowledge of business process and systems, financial, procurement, HR and other operations. Plan the auditing techniques according to the audit type/maturity/region. Perform the audit in a professional manner and in accordance with the approved audit testing program. Involve the audit director during, and at the conclusion of, the examination, to discuss the test results and deficiency remediation recommendations. Prepare draft report containing all gaps identified and applicable risk analysis for the director review Raise red flag at the right time during the course of review when there is an exception that should be handled by the director Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com Why you will love this job: Opportunity to work in a growing organization Involved in planning auditing techniques We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave! Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Location Bangalore : IT SOX, Risk Management, Audits, Business Continuity Planning Not Ready to Apply Join our talent pool and we'll reach out when a job fits your skills.

Key Responsibilities: AWS Infrastructure Management: Design, deploy, and manage scalable infrastructure solutions on AWS, ensuring high availability, security, and cost optimization. Implement infrastructure as code (IaC) using tools such as AWS CloudFormation, Terraform, or AWS CDK. Oversee the configuration and management of AWS services such as EC2, S3, Lambda, RDS, Elastic Beanstalk, VPC, ECS/EKS, CloudWatch, and others. Continuous Integration and Continuous Delivery (CI/CD): Design, implement, and optimize CI/CD pipelines to support frequent deployments, using tools like Jenkins, GitLab CI, CircleCI, AWS CodePipeline, AWS CodeBuild, etc. Automate software deployment, testing, and monitoring for faster delivery cycles. Collaborate with development teams to ensure seamless integration of code into the production environment. Automation and Scripting: Create automation scripts for cloud infrastructure provisioning, configuration, and monitoring using languages such as Bash, Python, Shell Scripting, or PowerShell. Automate operational tasks like patching, backup management, and scaling of infrastructure to ensure high availability and performance. Monitoring and Performance Optimization: Set up and manage AWS monitoring tools such as CloudWatch, CloudTrail, and X-Ray to ensure system health, availability, and performance. Troubleshoot, diagnose, and resolve infrastructure-related issues, ensuring uptime and smooth performance of cloud services and applications. Implement alerting systems to proactively identify and respond to system anomalies and performance issues. Security and Compliance: Implement robust security practices within AWS environments by applying encryption, managing IAM roles, enforcing least-privilege access, and integrating security tools into the CI/CD pipeline. Automate security configurations and compliance checks, such as vulnerability assessments and patch management, to maintain security baselines. Manage network security, VPC configurations, security groups, and AWS-specific security tools (e.g., AWS GuardDuty, AWS WAF). Collaboration and Documentation: Collaborate with cross-functional teams (development, operations, security) to understand requirements and ensure that the infrastructure supports business needs. Maintain detailed documentation for infrastructure architecture, processes, CI/CD workflows, and disaster recovery plans. Provide training and support to internal teams on best practices for deploying and managing applications on AWS. Disaster Recovery and Backup Strategies: Design and implement backup, disaster recovery (DR), and business continuity plans for mission-critical applications and data. Ensure data redundancy and automatic recovery for high availability and minimal service disruption. Cost Optimization: Monitor AWS usage and optimize infrastructure cost by implementing effective cost control measures, such as right-sizing EC2 instances, using AWS Spot Instances, Reserved Instances, and Auto Scaling. Work with finance and infrastructure teams to manage budgets and ensure cost-effective utilization of AWS services. Continuous Improvement: Stay up-to-date with the latest trends and technologies in AWS and DevOps practices. Continuously improve the efficiency, security, and scalability of infrastructure and deployment pipelines. Evaluate and recommend new DevOps tools and technologies to improve team productivity and system reliability. Bachelors degree preferably in Computer Science, Information Technology, or a related field. Experience: 3+ years of experience in AWS cloud services and DevOps engineering. Experience with CI/CD pipelines, Git, and version control systems. Hands-on experience with AWS services (e.g., EC2, Lambda, RDS, ECS/EKS, S3, CloudWatch, CloudTrail, VPC). Experience with containerization technologies like Docker, and container orchestration platforms like Kubernetes, ECS, or EKS. Familiarity with IaC tools (e.g., Terraform, AWS CloudFormation, AWS CDK). Knowledge of Linux/Unix systems and scripting languages like Python, Shell, or Bash. Experience with cloud-native monitoring, logging, and alerting tools (e.g., CloudWatch, Datadog, New Relic, Splunk). Technical Skills: Strong understanding of AWS security best practices and managing access using IAM and security policies. Proficiency in containerization and orchestration with Docker, Kubernetes, and EKS. Knowledge of DevOps tools and practices for continuous integration, delivery, and automation (e.g., Jenkins, GitLab CI, AWS CodePipeline). Familiarity with serverless architectures, particularly AWS Lambda, API Gateway, and DynamoDB. Experience with AWS CloudFormation, Terraform, or AWS CDK to manage infrastructure as code. Basic networking knowledge, including setting up VPCs, subnets, security groups, and NACLs in AWS. Certifications (Preferred): AWS Certified DevOps Engineer Professional or AWS Certified Solutions Architect. AWS Certified SysOps Administrator or AWS Certified Developer Associate. Soft Skills: Strong problem-solving skills, with the ability to quickly diagnose and resolve issues. Excellent communication skills, able to collaborate with both technical and non-technical teams. Detail-oriented and committed to high standards of quality. Ability to work in a fast-paced environment and manage multiple priorities. Benefits: Competitive salary and benefits we take care of our team! Mentorship from experienced – learn from the pros. Opportunities to learn and grow in a fast-paced startup – your potential is limitless. The chance to contribute to something meaningful – make a real difference in healthcare. Join our team and help us transform the future of healthcare

An Opportunity to Work with One of India's Leading Credit Card Tech Innovators BOBCARD (A Bank of Baroda Subsidiary) Education: BE/B.Tech, BCA/MCA, BSc/MSc in Computer Science, IT, or related field. Experience: 6 - 10 years Location: Goregaon, Mumbai (5 days' from Office) **Domain: Fintech/BFSI/NBFC (mandate) Applicants should possess the following attributes: 6-10 years of experience in IT/Banking/NBFC sector as MS SQL administrator/ Manager 2-3 years relevant experience in leading MS SQL DBA team Experience on MS SQL 2016 and 2019, implementation of always ON, MS SQL Cluster, log-shipping, backup and restore Core expertise in troubleshooting Database related issue Experience in implementation of best practices and comply with regulatory guidelines Experience in handling internal & external regulatory IT audits and closer of IT audit findings, knowledge on cyber security compliance Experience on migration, upgrade and patching of databases Adhere ITIL process and automate the task using scripting. Experience in Banking & NBFC will be preferred Excellent written, oral communication and presentation skills Key highlights of the role are listed below (purely indicative and not limiting): Manage MS SQL database platform for the organization. Setting up MS SQL database platform to support business operation Make sure Implement best practices for MS SQL database platform and meet regulatory compliances like PCI DSS & RBI Work with internal & external auditor to close audit finding related to MS SQL database platform Plan & execute Migration, upgrade and patching on demand/regular basis to make sure systems are always updated Examining the issues, inefficiencies in the exiting MS SQL database platform and provide solution to overcome Implement and manage proactive Monitoring for MS SQL database platform Update management for purchasing & give understanding of required license MIS reports to Senior management Troubleshoot escalated technical issues

Everything we do is powered by our customers! Featured on Deloittes Technology Fast 500 list and G2s leaderboard, Maropost offers a connected experience that our customers anticipate, transforming marketing, merchandising, and operations with commerce tools designed to scale with fast-growing businesses. With a relentless focus on our customers success, we are motivated by curiosity, creativity, and collaboration to power 5,000+ global brands. Driven by a customer-first mentality, we empower businesses to achieve their goals and grow alongside us. If youre ready to make a significant impact and be part of our transformative journey, Maropost is the place for you. Become a part of Maropost today and help shape the future of commerce! About the Position We are looking for an experienced Product Manager focused on Checkout & Integrations to help shape and scale our e-commerce platform s checkout experience and third-party integrations. In this role, you ll own mission-critical flows at the heart of the purchase journey ensuring fast, reliable, and conversion-optimized checkout experiences as well as the integration frameworks that power connections with payment gateways, ERP systems, tax providers, shipping tools, and more. You will collaborate closely with engineering, design, data, and go-to-market teams, as well as with external partners, to drive customer-centric improvements and scalable architecture. The ideal candidate is both technically adept and commercially minded, passionate about seamless user experiences and systems interoperability. You ll identify and prioritize meaningful problems, drive initiatives from concept to launch, and champion simplicity in complexity. What you ll be responsible for: Lead the strategy and roadmap for Checkout & Integrations, aligning cross-functional teams to deliver business value and customer outcomes Own and evolve the checkout experience to optimize speed, reliability, and conversion across web and mobile Collaborate with key stakeholders to define, build and scale integration capabilities with third-party systems (e.g., payments, shipping, accounting, tax, CRM) Translate complex customer needs and use cases into simple, scalable, and high-performing solutions Ensure compliance with regional and international regulations related to payments and data Build strong feedback loops with customers and partners to inform and validate product decisions Define and track clear success metrics for your domain Identify technical trade-offs and work closely with engineering to find the right balance between scope, speed, and quality Communicate roadmap, progress, and learnings clearly across the organization Collaborate with other product managers to ensure a unified and consistent platform experience What you ll need to bring to Maropost: 5+ years of product management experience with a strong track record in building and scaling SaaS ecommerce or payments-related products Experience owning and optimizing checkout flows in transactional or ecommerce platforms Hands-on experience with third-party integrations and APIs, including common ecommerce tools (e.g., Stripe, PayPal, ShipStation, Avalara, NetSuite) Solid understanding of the regulatory landscape related to checkout, payments, tax, and data privacy (e.g., PCI DSS, GDPR) Strong analytical and decision-making skills grounded in data and customer feedback Excellent communication and stakeholder management skills Familiarity with Agile methodologies and product development best practices A customer-first mindset and an ability to connect technical details to user value Experience working in high-growth, fast-paced environments Bonus: Experience with headless commerce or AI-powered checkout personalization What s in it for you? You will have the autonomy to take ownership of your role and contribute to the growth and success of our brand. If you are driven to make an immediate impact, achieve results, thrive in a high performing team and want to grow in a dynamic and rewarding environment - You belong to Maropost!

Public Key Infrastructure (PKI) Basic understanding of certificate-based authentication principles, including the use of digital certificates, private/public key pairs, and smart card technology. Familiarity with the process of validating user identity using certificates and the role of certificate authorities (CAs). Experience troubleshooting hardware (E.g., card readers) and software issues on Windows and/or Mac laptops. Familiar with Cryptographic concepts (E.g.,- symmetric/Asymmetric encryption, digital signatures). Good experience on technologies like (E.g., - MS ADCS, OpenSSL, Venafi),external vendors (GoDaddy, DigiCert etc..) Extensive knowledge on SSL/TLS ,OCSP ,AIA,CDP concepts. Good to have scripting or automation (PowerShell) experience. Types of signing the certificate (Secure email, document signing, code signing, excel signing). Manage the lifecycle of digital certificates, including issuance, revocation, renewal. Good understanding of HSM(Hardware Security Module). CRL Renewal process /CRL and delta CRL concepts. Configure and maintain NDES(Network Device Enrollment Services) to support certificate enrollment for mobile devices /Intune/mas360,Troubleshooting NDES related issues. Manage root and issuing CA key ceremonies. PKI architecture ,CP(Certificate policies ) ,CPS(certificate Practice Statement) documents. Good knowledge on wild card certificates. Additional skills in PCI DSS(payment card industry data security standard) Good understanding of HSM in PCI DSS Knowledge on Types of Tokenization (Token generation, Token storage, Token retrieval) Review and validate software requests and tickets. Strong problem-solving skills and attention to detail. Excellent interpersonal and communication skills, both written and verbal. Ability to explain technical concepts to non-technical users in a clear and patient manner. Experience with help desk or ticketing systems is a plus. Prior experience in IT support, desktop support, or a similar technical support role preferred Desired/ Secondary skills Documentation and Best Practices: Maintain documentation for configurations, processes, and best practices Troubleshooting: Good to Have remote troubleshooting techniques, Skills, Knowledge of PKI & Change Management process. Customer service-oriented Domain Manufacturing (COREMFG) Max Vendor Rate in Per Day (Currency in relevance to work location) INR 6500 Per Day Delivery Anchor for tracking the sourcing statistics, technical evaluation, interviews, and feedback etc. Swati Joshi swati.joshi06@infosys.com ; Santosh Karne karnesanthosh.kumar@infosys.com Client Interview / F2F Applicable No Work Location Pan India ( all Major Cities ) Pune, Mumbai, Delhi, Noida, Bangalore, Hyderabad, Chennai, and Kolkata. Start date 05 June 2025 WFO/WFH/Hybrid WFO As per Company Policy BG Check (Pre/ Hybrid/ Post onboarding) Post Onboarding Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO YES. 3 Rotating Shifts.

Designation: Information Security Consultant Job Code: JD2208396 Location: Bangalore Number of Vacancies: 1 Total Experience: minimum 1 year Shift: General Reports to: CTO Qualification: BE/B.tech/Bsc/BCA/M.Tech/ME Certification: ISO 27001:2013 Lead Implementer (preferable) Job Description: IT Security Consultant , with overall 3+ years of professional experience with areas of expertise in Governance Risk & Compliance (GRC), Third Party Risk Management (TPRM), Information Systems Audits including ISO 27001, Data privacy, GDPR, ITGC Assessments, Control testing, Information Security, ISO 27001 Implementation, SOX and SOC 2, IT Risk assessments on application and infrastructure. Information Technology and Information Security Governance and Risk Compliance Implementation across various industries including Banking, Retail, Insurance, Energy, and e-commerce. Expertise in Vendor Management, Issue Management, Compliance Management, Policy Management, Business Continuity and Disaster Recovery& Risk management modules/solutions. Detailed knowledge of international regulations and best practices covering ITIL, COBIT, ISO 27000, SOX, COSO, PCI, HIPAA and NIST 800. Have experience in core ISMS, services focused on SOX, ITGC, COBIT, COSO, ISO 270001, specialized in Governance & Compliance and Internal Audits. Good experience in client interaction with global leaders during requirement specifications and project implementation phases. Performed risk assessments based on industry standards, provided recommendations to management on results of analysis and work closely with other team- members to refine and enhance security controls and reduce organizational risk. Managing GRC and Third-Party Risk Management related engagements. Conducting audit to check the security posture of critical vendors. Performing quality checks for third party risk assessment. Facilitating External and Internal audits for ISO 27001. Identify and assessing areas of significant business risk. Plan and evaluate IT-related technical and organizational measures. Managing and reporting compliance breaches and exposures. Conducting Compliance audits by reviewing SOC2 Type II, Hi-Trust, ISO27001, PCI-DSS reports. Supporting various departments by collecting and coordinating internal compliance data with auditors and various departments. Ensuring complete, accurate, and timely audit information is reported to Management and/or Risk Committees. Qualification Bachelor's degree in computer science (B. Tech, BE, BCA, or MCA), ISO 27001 :2013 LA Preferred, Experience in Audits and Assessments preferably covering ISO 27001, SOC 2 Type 2, GDPR, Client Audit and Privacy Regulations (GDPR) Experience in identifying and remediating threat & vulnerabilities. ***the candidate must have a very good communication skill

Project Role :Security Architect Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills :ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills :Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification :15 years full time education Summary:As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring compliance with governance and risk management standards. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Design and implement security solutions to protect the organization's cloud infrastructure. Collaborate with cross-functional teams to ensure the security architecture meets business requirements. Ensure compliance with governance and risk management standards. Conduct risk assessments and develop mitigation strategies. Stay up-to-date with the latest security trends and technologies. Provide guidance and support to junior security professionals. Professional & Technical Skills: Must To Have Skills:Proficiency in ServiceNow Governance, Risk, and Compliance (GRC). Good To Have Skills:Experience with Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. Knowledge of industry standards and regulations related to cloud security. Familiarity with security frameworks such as ISO 27001 and NIST. Ability to conduct security assessments and audits. Excellent problem-solving and analytical skills. Additional Information: The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Advisor Project Role Description : Lead the effort and teams to enable development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security professional, you will have the opportunity to work on multiple projects that help organizations manage and mitigate risk and maximize enterprise value. In this role, ensuring it meets the business requirements and performance goals. You have to closely work with Project Architect to implement the solution as well as Create and update all supporting documentation for security solutions, Configure and optimize policies to enforce security and compliance standards, follow all security best practices while implementing security solutions. Roles & Responsibility Create and update all supporting documentation for security solutions, Configure and optimize policies to enforce security and compliance standards. Follow all security best practices while implementing security solutions. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Develop and implement security policies and procedures. Stay updated on the latest security trends and technologies. Professional & Technical Skills: Experience in Palo Alto/Cisco ASA/ Fortinet firewall / Prisma Access SASE / Zscaler SASE / Netskope / Cloudflare WAF / Email Security Firewall rule migration using tool and Data center migration Hand-on Experience in AWS, Azure, GCP and troubleshooting experience in NGFW such as Palo Alto, Prisma, FortiGate, Checkpoint, Cisco.-Must have Palo Alto Networks Prisma Access SASE Good understanding of Palo Alto Prisma, Panorama, firewalls, App-ID, user-ID, content-ID and Global Protect -In-depth understanding on IPsec VPNs, Global Protect VPNs, Security Profiles, Firewall implementation -Good understanding on cloud providers like AWS, Azure D Basic Knowledge on Operating Systems Windows, Unix, Linux Good design/implementation experience of infra security technologies (Panorama, PA NGFW, Prisma Cloud, Email security, Web Security, End point protection in Cloud (AWS/Azure/GCP/Zscaler) /On-Prem Build & configuration of various NGFW such as Palo Alto, FortiGate, Checkpoint, Cisco, Prisma Cloud. Design and hands on experience to skybox, firemon, Tufin Firewall rule review tool, Firewall on-boarding Checkpoint, Cisco, Palo alto Certification, Cloud certification Experience on Infra Security tools Assessment and security standards like (NIST, CIS, ISO HIPPA & PCI DSS)-Good to have NAC, Cisco ISE Web security technologies as Zscaler, Symantec Good conceptual and working knowledge around Workflow, Approval process. Additional Information:-B.E or MCA or M.Sc with Good Computer Science Background with good academic records-15 years full time education is required. The candidate should have a minimum of 9 years of experience in Palo Alto Networks Firewalls Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Zscaler Architecture Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security professional, you will have the opportunity to work on multiple projects that help organizations manage and mitigate risk and maximize enterprise value. In this role, ensuring it meets the business requirements and performance goals. You have to closely work with Project Architect to implement the solution as well as Create and update all supporting documentation for security solutions, Configure and optimize policies to enforce security and compliance standards, follow all security best practices while implementing security solutions. Roles & Responsibility -Create and update all supporting documentation for security solutions, Configure and optimize policies to enforce security and compliance standards.-Follow all security best practices while implementing security solutions.-Responsible for team decisions.-Engage with multiple teams and contribute on key decisions.-Provide solutions to problems for their immediate team and across multiple teams.-Develop and implement security policies and procedures.-Stay updated on the latest security trends and technologies. Professional & Technical Skills:-Design and implementation in Zscaler SASE along with NGFW (PA/Prisma Zscaler, Web Security (, Symantec), in on-prem and Cloud, End point protection, Data center migration-Experience in Zscaler SASE / Prisma Access SASE / Zscaler SASE / Netskope / Palo Alto/Cisco ASA/ Fortinet firewall / Cloudflare WAF / Email Security -Zscaler SASE cloud, Experience in designing infra security technology products (Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), Zscaler Digital experience (ZDX), deployment of Branch connector & Cloud connector, PA NGFW and Remote browser isolation-In-depth understanding on IPsec VPNs, Global Protect VPNs, Security Profiles, Firewall implementation-Good understanding on cloud providers like AWS, Azure D Basic Knowledge on Operating Systems Windows, Unix, Linux-Good design/implementation experience of infra security technologies (Panorama, PA NGFW, Prisma Cloud, Email security, Web Security, End point protection in Cloud (AWS/Azure/GCP) /On-Prem-Build, Design & configuration of various NGFW such as Palo Alto, FortiGate, Checkpoint, Cisco, Prisma Cloud with troubleshooting experience.-Hand-on experience in Azure/AWS-Design and hands on experience to skybox, fireman, Tufin Firewall rule review tool, Firewall on-boarding-Checkpoint, Cisco, Palo alto Certification, Cloud certification-Experience on Infra Security tools Assessment and security standards like (NIST, CIS, ISO HIPPA & PCI DSS)-NAC, Cisco ISE, Web security technologies as Zscaler, Symantec-Good conceptual and working knowledge around Workflow, Approval process. Additional Information:-B.E or MCA or M.Sc with Good Computer Science Background with good academic records-15 years full time education is required. The candidate should have a minimum of 7+ years of experience in Zscaler SASE Technologies. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Expected to provide solutions to problems that apply across multiple teams Develop and implement security solutions for cloud environments Conduct security assessments and audits to identify vulnerabilities Provide guidance on security best practices for cloud deployments Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of cloud security principles Experience with implementing security controls in cloud environments Knowledge of industry standards and regulations related to cloud security Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 12 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Roles and Responsibilities Greetings from GRM Technologies!!! Providing support in IT and Cyber Risk Advisory services offered by GRM Technologies to its clients in the following domains- Information regulatory compliance (ISO 27001, PCIDSS, RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, GDPR) Information risk management Information security and information assurance Information technology controls for financial and other systems Identifying processes and technologies to maintain and enhance the security architecture Disaster recovery and business continuity management Information privacy Have a fair understanding of Business Continuity Planning and DR Drills Should have conducted Information Life Cycle management reviews in the past Conducting Infrastructure Vulnerability Assessment and Penetration Testing Conducting Web and Mobile Application Security Assessment Conducting Secure Code Review Conducting Architecture Review Should have minimum 2-5 yrs. of experience into Cyber Security, including IT Risk, Cyber Risk & Compliance, IT Audit, Vendor Audit, VAPT, Application Security, Fraud Risk & Security. Knowledge of information security standards, principles and practices required Perform risk assessment, controls and documentation with expected standards (information technology/ business process) Conduct Infrastructure Vulnerability Assessment and Penetration Testing Conduct Web Application Security Assessment Conduct Mobile Application Security Assessment Conduct Source Code Review Perform SOX compliance audits, SOC 1 and SOC 2 audits, as well as testing and reporting Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2) Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.) Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable Ability to adapt to new scope areas and technologies Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more Ability to manage client communication and escalation Ability to make all attempts to guide the peers and self to improve client satisfaction scores Participate in proposal preparation Understanding of risk Appreciation for technological innovation Strong organization skills Curiosity and eagerness to learn Initiative to seek out opportunities and add value Tolerance for ambiguity and shifting priorities; appreciation of change. Should have certification on CCNA / CCNP / ITIL Exposure into ISO 27001 is mandate

About the role: The global Identity Access Management team is passionately serving our stakeholders while evolving best practices. As an Identity Access Engineer , you have a pivotal operational role to provide and deprovision system access.You have an equally crucial role to partner collectively with stakeholders to mature, streamline, and automate Identity and Access Management procedures for Blackbaud. What you’ll do Ensure appropriate Control through timely removal of unnecessary or inappropriate system access Expediently provision approved access, often utilizing evolving Role Based Access Controls (RBAC), for Blackbaud systems to prevent excessive permissions and rights. Proactively expand approved RBAC roles through analysis, recommendation and adoption/rollout. Analyze and resolve access issues, coordinating with system owners or technical support resources as necessary. Participate in ongoing audits and assessments, and assist with implementation of audit or compliance recommendations Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support Identify , evaluate and recommend opportunities to eliminate, streamline, and automate access management practices.Partner with colleagues including application owners, cloud engineers, cyber security SMEs, etc. to effectively execute improvements based on expected value. Generate reports to perform in-depth analysis and data collection for issues associated with IAM What you’ll bring 2 years of experience in Identity or Access Management Tireless adherence and attention to appropriate IT general computing controls Ability to understand, work with and where appropriate leverage various technologies including PowerShell , ServiceNow, SailPoint's Identity-Now, Active Directory, EntraID , Salesforce, Workday, etc. Practical experience with SCA, ITIL, COBIT, NIST and/or other security and control frameworks Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Job Purpose (overall high-level summary of the role) Build and lead global relationships for Cybersecurity (sitting within the wider IT organization), representing WPB IT and WPB Cyber interests within the context of transformational and service uplift from central and federated functions. As a senior Cybersecurity SME for WPB, promote the principles of secure development and ensure effective coverage for all Cybersecurity services consumed. The Senior Cyber SME is, among many other things, responsible for the following key activities: Coordinate and manage the relationship between the central Cybersecurity leadership teams, WPB IT leadership and WBP CISO; reporting to WPB IT CISO. Provide specialist technical and process knowledge to influence support and manage the direction of cyber tooling, processes and practices into WPB IT and engineering teams. Lead the Information Security agenda within the central cyber control owners, including driving business/functional stakeholder engagement to ensure delivery of security programmes, tooling, and initiatives. Develop and maintain strong relationships with the cyber control owners and Heads of cybersecurity functions to ensure optimum synergy and collaboration between them WPB IT. Monitor and engage with cyber control owners, heads of cyber practices and central programme managers to shape and represent WPB IT in order to ensure that deliveries align with WPB IT interests and strategic direction. Promote the development and rollout of security tools and processes that aligns with WPB IT engineering strategies and ensure that group security scanning and orchestration tools can be adopted and used within WPB IT s CI/CD pipeline and engineering teams. Work with service line and value stream CIOs and their representatives to ensure that cyber assurance actions, vulnerability remediation and KCI compliance receives the right level of attention and support, and to escalate and highlight blockers if required. Guide the service lines/value streams CIOs and their representatives with respect to compliance with relevant security policies, standards, and governance, including challenging the risk profile, appetite, and control effectiveness, coordinating with embedded WPB Cyber SMEs, Risk Champions, and central Cyber teams required to ensure overall WPB IT operation within appetite. With specific focus ensure that control and risk metrics and related responsibilities for cyber assurance activities, vulnerability, and secure development practices & tooling, third party security reviews are monitored, actioned, and understood by WPB CIOs and their delegates. Ensure that WPB IT and Cyber priorities are communicated to cyber control owners and central cyber functions. Facilitate ongoing cybersecurity awareness within the Service Line to strengthen the responsible culture. Lead Annual Assurance activities (Pen Test & TMA) for WPB and provide oversight responsibility for TPSR Organization structure Reports to the WPB IT CISO Principal Accountabilities: key activities and decision-making areas Typical Targets and Measures Impact on the Business/Function Protect the Bank. Lead Security embedding within WPB IT together with the WPB CISO, owning the relationship with cybersecurity control owners and heads of cyber functions. Uses technical expertise and experience to enable WPB IT and Cybersecurity to develop implementable designs, solutions and operational plans to ensure compliant security is enforced. Leads and drives this change through effective communication, preparation, and implementation. Driving sustainable growth. Drive efficiencies in the SDL through secure from start development, SecDevOps and minimal iterative issue-remediation. Ensure that evolving technologies are embraced with appropriate mitigation controls and contingency planning. Achieving excellence. Promote the understanding of risk in the context of security in order to align WPB security practices with business risk appetite and strategic objectives. Generate an environment in which innovation is supported by security in the working practices. Measures benefits over the short, medium, and long term. Demonstrates a comprehensive WPB IT view when developing solutions. Executes ideas and innovation that are original but remain aligned to business objectives and cybersecurity principles and plans. Customers / Stakeholders Customer focus. Lead a customer-centered culture, championing activities encouraging outstanding customer advocacy. Proactively seek opportunities to utilize strong Cybersecurity principles to improve availability and ensure privacy for customers. Strengthening stakeholder relationships. Enhance key relationships, using rapport-building expertise and appropriate influencing to add value beyond the initial scope, increasing stakeholder advocacy. Maintain key relationships to include technology and business heads across WPB and Cybersecurity along with other GB/GF/R counterparts across the globe. Understanding markets and customers Cultivate strong relationships with organizationally important global and/or high value stakeholders with a tailored approach. Deliver fair outcomes for our customers and ensure own conduct maintains the orderly and transparent operation of financial markets. Promotes the most appropriate security solution even if there are short term additional costs. Demonstrates sensitivity to the realities and concerns of their stakeholders' situation. Analyses and interprets the evolving security threat landscape. Uses innovation to address the needs of customers and stakeholders (building trust). Leadership & Teamwork Drive the development and communication of a clear vision for secure development and maintenance in WPB IT which is aligned to the overall HSBC and Cybersecurity strategy, values and goals in order to inspire and engage people to create an inclusive, high performing, customer-centered culture. Lead, develop and motivate adoption of and compliance with the cybersecurity principles across the lifecycle in the PODs, XFTs, and service Lines / value streams within WPB IT. Lead and encourage constructive teamwork within value streams by demonstrating collaboration and matrix management in action and taking prompt action to address any activities and behaviors that are not consistent with HSBC's diversity policy and/or the best interests of the business and its customers. Monitors complex dependencies and respond accordingly to ensure on-going delivery to local and WPB IT goals. Translates the required course of action into a clear and realistic vision. Develops international solutions that are beneficial for the Service Line across its geographies and its customers. Identifies and builds relationships with key contacts and influencers Effectively translates coaching requirements to WPB IT s overall performance requirements. Operational Effectiveness & Control: Lead the continuing development, implementation and improvement of the security processes, understanding of risk and controls, and capabilities needed to deliver agreed plans and targets. Collaborate with control owners and WPB leadership to maximize end-to-end integration, effectiveness, and efficiency. Establish and maintain a robust and efficient control environment across the lifecycle to ensure good operational, financial and project management and compliance with HSBC policy and procedures, together with early identification and effective resolution or escalation of issues that arise. Lead the implementation and oversight of the Cyber Risk standards and governance frameworks, process and procedures, including adaptation of documentation, to ensure relevance to WPB operations, effective risk management and regulatory compliance. Creates an environment which anticipates risk, ensuring action is taken to quantify and mitigate them. . Coordinate with central cyber teams, 2LOD and control owners to ensure that WPB specific requirements and ways of working are integral to adopted Cyber Policies, Processes, and tooling. Implement IT best practices in risk policies and governance frameworks in areas across WPB IT. Management of Risk (Operational Risk / FIM requirements) The Senior Cyber SME will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation. The Senior Cyber SME will also continually reassess the Cybersecurity and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology. This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department. Observation of Internal Controls (Compliance Policy / FIM requirements) Maintains HSBC internal control standards vis- -vis cybersecurity operations, including coordination and resolution planning of internal and external audit points together with any issues raised by external regulators. The Senior Cyber SME will also manage and coordinate the implementation of new internal control and risk -related metrics relating to cyber and secure development practices (KCIs, KRIs, and GRAS). This will be achieved by service line / value stream adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified Cybersecurity risks. Escalation to CIOs and CISO when required for prompt addressing to relevant risk forum, such as WPB IT Cyber Working Groups, RCMMs to mention some examples. Local Job Requirements (This could include; Job Dimensions, Job Context & Major Challenges) Budget & people. This is a cross-functional and Senior Cyber SME role which supports and represents WPB IT interests against central cyber and group IT initiatives. This is achieved though and with the support of a large number of CIO delegates (risk champions), embedded cyber-SMEs, pod leads and ITSOs within WPB IT. It will secure applications leveraging right tools and processes enabled by Cybersecurity. The indirect headcount which will be supported by this role would be more than 150-200 staff. Relationships. Key relationships include ownership of the relationship with Cybersecurity control owners and Heads of Cybersecurity Functions and extends to peers across other Global Businesses, Global Functions and Regions up to MD levels in HSBC, including relationships with auditors, regulators and external security forums. This may also include external relationships with TPEMs and potentially vendors, focusing on security support to the WPB IT. Regulatory & Risk Management. Working closely with WPB IT Value Streams and governance counterparts (such as 2LOD, RR and CCO), build strong relationships with internal and external stakeholders (risk, audit, government agencies, industry forums etc) to understand the IT/Information Security risk profile, monitor compliance with policies and standards, and identify and address WPB IT specific requirements. Strategic input. Providing influence and input to ensure alignment between Cybersecurity and Central Cyber Functions and Leadership to represent and ensure WPB IT strategic outcomes and business goals. Uses technical knowledge and experience to solve complex problems, and propose implementable solutions, to deliver ongoing improvements in line with business strategy. Certifications, Qualifications & Experience (For the Job not the Job holder. Minimum requirements of the Job) Good understanding of WPB businesses and general understanding of the bank s businesses and differentiating factors between retail, wholesale, and investment banking A fair understanding of laws and regulations with an emphasis on regulations, rules and standards with global or boarder regional impact (e.g. GDPR, PCI DSS, DORA, HIPAA, etc.) Formal education with a post-graduate degree in IT, Information Security, Risk Management, Business Management or other relevant areas 10+ years of experience in Information Security Management and Cybersecurity High level of personal drive and motivation to ensure delivery of a broad range of outputs simultaneously across WPB IT and HSBC Technology Extensive Programme Management experience and analytical skills. Proven ability to articulate complex issues concisely and in simple language to support problem analysis. Strong knowledge of the external environment regulatory, political, competitors etc. Outstanding relationship management, collaboration and influencing skills. Strong attention to detail and business writing skills and to be able to challenge and shape submissions. Outstanding communication and interpersonal skills with the ability to produce clear and concise reports and communications to senior internal and external stakeholders. Excellent stakeholder management skills with a proven ability to build and maintain strong relationships and communicate on complex issues with a wide spectrum of stakeholders. Proven abilities in working across cultures. Familiarity with Information Security Control and Risk Frameworks (e.g., NIST, ISO 27001, COBIT, etc.) Strong familiarity with and competence in application security tools in general and with specific focus on security tooling used in secure development (e.g., SAST, DAST, MAST, FOSS), threat modelling and risk management. Certifications, Qualifications & Experience (For the Job not the Job holder. Minimum requirements of the Job) Familiarity with security controls around technologies such as cloud, mobile, social, open-banking, etc. Familiarity with OWASP, Cloud, and SANS guidelines on application-security. Experience in supporting Agile and DevOps methodologies. Experience in lifecycle management across the CI/CD pipeline Excellent understanding of banking and security in context of wider industry trends and direction

Career Category Information Systems Job Description Join Amgen s Mission of Serving Patients At Amgen, if you feel like you re part of something bigger, it s because you are. Our shared mission to serve patients living with serious illnesses drives all that we do. Since 1980, we ve helped pioneer the world of biotech in our fight against the world s toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What you will do Let s do this. Let s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e. g. , KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization s security posture through structured vulnerability management processes. Roles Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e. g. , Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e. g. , Python, PowerShell) Awareness of cloud security tools (e. g. , AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking - Comfortable working with data and identifying patterns Attention to Detail - Careful review and tracking of vulnerabilities Communication Skills - Able to clearly document and explain findings Collaboration Teamwork - Works well with cross-functional teams Curiosity Continuous Learning - Strong interest in cybersecurity and professional growth Problem-Solving Mindset - Seeks practical solutions to real-world security issues What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers. amgen. com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. .

Job Summary: The Security consultant will be responsible for end-to-end Incident Response which includes detecting, analyzing, and responding to security incidents to protect an organizations IT infrastructure and products. The role involves working with product teams, leveraging tools, and following structured incident response policies and process. Key Responsibilities: 1. Incident Detection Analysis - Monitor security alerts from SIEM, IDS/IPS, and endpoint detection tools. - Investigate security events to determine impact, scope, and root cause. - Analyze network traffic, logs, and forensic artifacts to detect malicious activity. - Utilize frameworks like MITRE ATTCK, NIST 800-61, and Cyber Kill Chain for attack analysis. 2. Incident Response Mitigation - Respond to security incidents and perform containment, eradication, and recovery. - Document incident response actions and maintain playbooks for future reference. - Collaborate with IT, Security, and DevOps teams to implement security fixes. - Conduct malware analysis and reverse engineering when required. 3. Threat Intelligence Hunting - Stay updated on emerging threats and vulnerabilities. - Perform proactive threat hunting to detect potential attacks before they escalate. - Work with Threat Intelligence teams to assess indicators of compromise (IoCs). 4. Security Automation SOAR - Automate security incident response tasks using SOAR platforms. - Develop and optimize playbooks for automated threat containment. 5. Compliance Reporting - Ensure compliance with regulatory standards such as ISO 27001, NIST, PCI-DSS, SOC 2. - Prepare detailed incident reports and post-incident reviews (PIRs). - Assist in security audits and tabletop exercises for incident preparedness. Required Qualifications Skills Technical Skills: - SIEM Platforms - Endpoint Security - Forensics Malware Analysis - Threat Intelligence Tools - Programming/Scripting: Python, PowerShell - Cloud Security: AWS, Azure security best practices Soft Skills: - Strong problem-solving and analytical thinking. - Effective communication skills for technical and non-technical audiences. - Ability to work in high-pressure situations and make quick decisions. - Strong collaboration skills to work with cross-functional teams. Preferred Certifications: - Certified Incident Handler (GCIH) GIAC - Certified Cyber Incident Responder (ECIH) EC-Council - Certified Information Systems Security Professional (CISSP) (Nice to have) - Microsoft Certified: Security Operations Analyst Associate (Nice to have) - AI/ML Knowledge (Nice to have)

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

New requirement - JD for Cybersecurity risk manager: Key responsibilities As a Cyber Risk compliance Professional in our Group CISO office, you will be occupied in the following domains: a) Risk management b) Compliance. This role is responsible for planning, managing and coordinating various cybersecurity risk management activities focused on identifying, assessing, and mitigating risks for the enterprise from a business perspective. Skill requirement: Degree, or equivalent, in Information Security or Cyber Security or Computer science or similar course Self-motivation to continuously develop in the areas of cybersecurity Ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience Cyber / technology risk assessments management methodologies Hands on with assessment report preparation and presenting to senior technical and business stakeholders Articulative and confident in presentation to senior stakeholders Knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Advanced knowledge and understanding of ITGC, NIST 800-53, NIST CSF controls and Risk management frameworks Expertise in complex business processes and technological risks Deep understanding of security technologies including firewalls, proxies, SIEM, XDR, CSPM, IGA, PAM, Data protection Experience: 8 12 years.