395 Security Assessment Jobs - Page 6

Your Responsibilities: Evaluate the cyber security functionalities of product and improve the security posture. Work for fulfilling security compliance requirements for the products. Perform Threat modeling/ Security assessment for products Perform product hardening, to allow only necessary function for products operation. Cybersecurity functionality verification on control system components Participate in Vulnerability handling of the products Your Background: Bachelor s or Post Graduate Degree in Engineering 2 to 6 years of experience in cybersecurity Good understanding of cybersecurity principles like cyber security architecture, defense in depth, default deny, least privilege, compartmentalization, privileged initiation, AAA, etc. Good understanding of cyber security controls like; IDS/IPS (host and network), hardening, security policies, Malware Protection, Filtering, NGFW, etc. Knowledge in Networking, patch management. Hands on Experience with protocols like HTTP, HTTPS, SSL, SSH, ICMP, DHCP, L2TP, PPTP, DNS, SNMP, RDP, and NTP. Windows and Virtual Machine Administration. Experience with Security tools like NMAP, Nessus, Wireshark, etc. Certifications like MCP/MCITP/MCSE/CEH/CISSP are advantage. Knowledge on security standards like IEC 62443, ISO 27001. Knowledge on protocols like IEC 61850, Goose, Modbus is an added advantage.

About the Role: Grade Level (for internal use): 09 The Team: The Customer & Growth Office, a new shared capability within Market Intelligence, partners closely with the Sales organization to deliver a differentiated customer experience. This group enables our sales team and businesses by overseeing customer success, sales operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowers accelerated growth and delivery by putting the customer at the core of everything we do driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team is part of the broader commercial operations. An enabling function to assist with due diligence questionnaires, risk assessments, audits, and other customer inquiries. Our goal is to enable new revenue generation via RFX & deliver superior customer satisfaction by providing high-quality proposals & relevant information during pre/post-sales. We serve a vast array of clients across geographies and are committed to the client-first mindset. The Due Diligence/Audit Specialist will focus on the inquiries received for Market Intelligence. The Role: Project manager for complex customer audits and due diligence initiated by clients. Coordinate preparation, execution, and delivery of formal responses.Foster positive relationships with customers, maintain open and transparent communication with the customer throughout the process, acknowledge receipt of the due diligence request or audit initiation, and provide regular updates on progress. Develop a deep understanding of product solutions and platforms for effective communication. Maintains awareness of internal controls and audit/Due Diligence trends to ensure the process remains effective.Ensuring that responses are accurate, timely, and comply with company standards. Tracking to completion of action items raised during assessments and audits. Maintain thorough documentation of the entire due diligence or audit response process, including correspondence with the customer, supporting documentation provided, and any actions taken to address issues or concerns.Coordinating with internal stakeholders such as sales, product, legal, and information security to respond to customer requests and create accurate, persuasive, and cogent response documents.Assist with our centralized database processes, policies, and procedures to drive improvement in tools and content. Assist in continually updating due diligence content. Identify opportunities to optimize processes, leveraging automation, technology, and data analytics where possible. What we are looking for Overall 3 7 years of relevant experience Possessing a robust comprehension of Information/Cyber Security, Risk Management, BIA/BCP, Application Security, Network Security, Incident Response, and Cloud Security Demonstrating a solid foundation in audit and control review, particularly in SOC audit, business processes, and controls Proficient in addressing Third Party Risk Assessments, Information Security Assessments, and Audits Exhibiting strong Decision-making and Critical Thinking skills, adept at conducting thorough analysis leading to informed decision-making outcomes Personal competencies Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization Strong analytical and problem-solving skills, with the ability to assess complex information and develop actionable insights Self-motivated with an outstanding attention to detail Capable of managing multiple concurrent projects efficiently Demonstrates creativity and consistently employs initiative in all tasks and projects Ability to cultivate strong working relationships with internal colleagues is imperative for the role About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, andmake decisions with conviction.For more information, visit www.spglobal.com/marketintelligence . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 20 - Professional (EEO-2 Job Categories-United States of America), SLSGRP202.1 - Middle Professional Tier I (EEO Job Group)

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About Team The Internal Audit team at Paytm comprises seasoned professionals with diverse skill sets and experience across different verticals like process audits, technology audits and forensics. The team focuses on implementing the approved audit plan, ensuring delivery of qualitative audits and conducting internal / special reviews while leveraging technology & data analytics and gauging key risks across business processes. About the role: We are seeking an experienced and detail-oriented Information Security and Cloud Security Auditor to join our team. The ideal candidate will have 3-7 years of expertise in data security and privacy control implementation, internal auditing, third-party risk management, cybersecurity governance, and cloud security (banking sector preferred). This role will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing our information security policies and procedures. Key Responsibilities: Conduct IT and cloud security audits across various domains, including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. Follow up on and ensure closure of non-compliance issues identified during audits. Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions. Conduct risk-based security assessments on internal, vendor, and third-party hosted environments, focusing on both traditional IT and cloud infrastructure. Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions. Experience/ Skills Required: Minimum 5 years of experience in information security and auditing, with a strong background in cloud security, and the banking and IT industries. Proven experience in performing IT and cloud security audits, validating ITGC and cloud application controls, and maintaining audit documentation. Hands-on experience with vulnerability management, risk management, physical security, identity & access management, encryption, secure development, incident management, security infrastructure, and security policy for both on-premises and cloud environments. Expertise in third-party risk management, regulatory compliance, and managing IT audit findings in both traditional and cloud-based contexts. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Qualifications & Certification: Bachelor's / Master s degree in Information Technology, Cyber Security, or a related field. ISO 27001/CNSS/CCNA/CISA/CISM/CISSP Preferred Detailed knowledge of security tools, PCI-DSS, general ITGC controls, compliance testing, cloud risk assessment, GRC, OWASP, MITRE ATT&CK, change management, and policies and procedures. Proficiency in various security and cloud technologies including AWS, Azure, Google Cloud Platform, Palo Alto, Fortinet & Checkpoint Firewalls, SOAR (Cortex), Force scout Why join us 1. A collaborative output driven program that brings cohesiveness across businesses through technology 2. Improve the average revenue per use by increasing the cross-sell opportunities 3. A solid 360 feedback from your peer teams on your support of their goals 4. Respect, that is earned, not demanded from your peers and manager Compensation: If you are the right fit, we believe in creating wealth for you With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants - and we are committed to it. India s largest digital lending story is brewing here. It s your opportunity to be a part of the story!

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 -year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Role & responsibilities • Design, implement, and manage security solutions for cloud infrastructure, primarily on Google Cloud Platform (GCP), with additional responsibilities for Azure and AWS environments. • Develop and enforce security policies, procedures, and standards to ensure compliance with industry best practices and regulatory requirements. • Conduct security assessments, vulnerability scans, and penetration testing to identify and mitigate risks. • Monitor and respond to security incidents, providing timely and effective resolution. • Collaborate with cross-functional teams to integrate security into the development and deployment processes. • Stay up to date with the latest security trends, threats, and technologies to continuously improve our security posture. • Provide guidance and training to internal teams on cloud security best practices. • Implement and manage identity and access management (IAM) policies and procedures to ensure secure access to cloud resources. • Automate security processes and workflows using tools such as Terraform, Ansible, or similar. • Develop and maintain security documentation, including architecture diagrams, incident response plans, and standard operating procedures. • Perform regular audits and compliance checks to ensure adherence to security policies and regulatory requirements. • Collaborate with third-party vendors and service providers to evaluate and integrate security solutions. • Participate in security incident response drills and tabletop exercises to enhance preparedness and response capabilities. • Analyze and report on security metrics to measure the effectiveness of security controls and identify areas for improvement. Required Experience & skills Bachelors degree in computer science, Information Technology, or a related field. Proven experience as a Cloud Security Engineer or similar role, with a strong focus on Google Cloud Platform (GCP). Working knowledge of Azure and AWS cloud platforms. In-depth understanding of cloud security principles, practices, and technologies. Experience with security tools and technologies such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Relevant certifications such as Google Professional Cloud Security Engineer, AWS Certified Security Specialty, or Microsoft Certified: Azure Security Engineer Associate are a plus.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record of 65 and above Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security architecture solutions- Conduct security assessments and provide recommendations- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of security compliance standards and regulations- Good To Have Skills: Experience with cloud security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Security Architecture Design- This position is based at our Gurugram office- A BE or MCA or MSc with Good Computer Science Background with good academic record of 65 and above is required Qualification BE or MCA or MSc with Good Computer Science Background with good academic record of 65 and above

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevOps Good to have skills : KubernetesMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Expected to provide solutions to problems that apply across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in DevOps- Good To Have Skills: Experience with Kubernetes- Strong understanding of cloud security principles- Knowledge of security frameworks and standards- Experience in designing and implementing security solutions- Ability to conduct risk assessments and threat modeling Additional Information:- The candidate should have a minimum of 12 years of experience in DevOps- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of identity and access management solutions- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow- This position is based at our Hyderabad office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management- Strong understanding of cloud security principles- Experience in designing and implementing security solutions for cloud environments- Knowledge of security compliance standards and regulations- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Okta Identity Management- This position is based at our Noida office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring compliance with governance and risk management standards. Roles & Responsibilities:- Expected to be an SME in ServiceNow Governance, Risk, and Compliance (GRC)- Collaborate and manage the team to perform effectively- Responsible for team decisions and ensuring adherence to security standards- Engage with multiple teams and contribute to key decisions- Expected to provide solutions to problems that apply across multiple teams- Design and implement security solutions to protect cloud infrastructure- Collaborate with cross-functional teams to ensure security requirements are met- Ensure compliance with governance and risk management standards Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC)- Strong understanding of cloud security architecture and design principles- Experience with implementing security controls in cloud environments- Knowledge of industry best practices for cloud security- Experience with security assessment and risk management- Good To Have Skills: Experience with Security Architecture Design- Recommendation:Familiarity with other security frameworks and standards Additional Information:- The candidate should have a minimum of 12 years of experience in ServiceNow Governance, Risk, and Compliance (GRC)- This position is based at our Pune office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring compliance with governance and risk management policies. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Design and implement security solutions to protect the organization's cloud infrastructure.- Collaborate with cross-functional teams to ensure the security architecture meets business requirements.- Ensure compliance with governance and risk management policies.- Stay updated with the latest security trends and technologies to recommend improvements and enhancements. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security frameworks and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Familiarity with security assessment and auditing processes.- Excellent problem-solving and analytical skills.- Strong communication and collaboration abilities. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : Security Architecture DesignMinimum 15 year(s) of experience is required Educational Qualification : Minimum 15 years of full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and providing guidance on security best practices and standards. Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have Influencing and Advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Collaborate with stakeholders to define security requirements and develop security architecture.- Design and implement security solutions to protect the organization's systems and data.- Conduct security assessments and audits to identify vulnerabilities and recommend remediation measures.- Develop and maintain security policies, standards, and procedures.- Provide guidance and support to development teams on secure coding practices.- Stay up-to-date with the latest security trends, threats, and technologies.- Conduct security awareness training for employees to promote a culture of security.- Assist in incident response and investigation activities.- Participate in security incident management and resolution.- Collaborate with external vendors and partners to ensure the security of third-party integrations.- Contribute to the development and improvement of security processes and controls. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of identity and access management (IAM) concepts and technologies.- Familiarity with security frameworks and standards such as ISO 27001 and NIST.- Experience with security assessment tools and techniques.- Excellent problem-solving and analytical skills. Additional Information:- The candidate should have a minimum of 15 years of experience in SailPoint IdentityIQ.- This position is based at our Bengaluru office.- A minimum of 15 years of full-time education is required. Qualification Minimum 15 years of full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct security assessments and define security requirements.- Collaborate with cross-functional teams to ensure security measures are integrated.- Stay updated on the latest security trends and technologies.- Provide guidance and support to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of security architecture principles.- Experience in implementing cloud security controls.- Knowledge of security compliance standards and regulations.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 3 years of experience in CyberArk Privileged Access Management.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : BTECH Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance- Strong understanding of security architecture design- Experience in implementing cloud security controls- Knowledge of security compliance standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Governance- This position is based at our Gurugram office- A BTECH degree is required Qualification BTECH

We are looking for a skilled and motivated Vulnerability Management Engineer to join our team In this role, you will be responsible for assessing, tracking, and managing vulnerabilities in cloud and platform environments You will play a critical role in ensuring the security posture of applications and infrastructure, using various vulnerability management tools and processes Your responsibilities will include evaluating vulnerabilities, triaging risks, and ensuring proper remediation actions are taken to protect the organization's systems Responsibilities: Vulnerability Assessment: Assess the risk of CVEs (Common Vulnerabilities and Exposures) in the context of your environment and prioritize them based on risk Vulnerability Management Lifecycle: Triage the entire vulnerability management lifecycle, ensuring vulnerabilities are identified, tracked, and remediated in a timely manner Application Security Vulnerability Management: Manage and oversee the Application Security and Vulnerability Management product, including CSPM (Cloud Security Posture Management), SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Dependency Scans, and Secrets Scans Cloud Security Container Protection: Responsible for platform vulnerability management, including Cloud Security Posture Management and Container Workload Protection using Prisma Scanner Change Request Analysis: Evaluate change requests for e-commerce systems, assess security implications, and provide security recommendations Change Tracking: Track all feature changes, bug fixes, and release changes for each platform release to ensure no vulnerabilities are introduced CVE Tracking: Monitor and track CVEs, ensuring timely identification, prioritization, and assessment of vulnerabilities Component Identification: Identify and document components and systems impacted by proposed changes and their associated vulnerabilities Security Assessment Planning: Develop and implement security assessment plans for changes to ensure compliance with industry standards and best practices Vulnerability Scanning: Conduct regular vulnerability scans of infrastructure and source code, focusing on Kubernetes containerized apps, to identify and prioritize security risks Documentation: Maintain detailed and accurate records of vulnerability assessments, findings, remediation actions, and reporting for compliance purposes Security Tools: Experience with enterprise-grade vulnerability management tools like Prisma and Wiz is a plus Qualifications: Solid understanding of vulnerability management life cycle and risk assessment Experience with vulnerability scanning tools and platforms such as Prisma/Wiz Familiarity with Cloud Security Posture Management (CSPM), Container Workload Protection, SAST, DAST, and Dependency Scans Proven experience in security assessment, vulnerability remediation, and risk management Strong knowledge of CVE tracking and vulnerability prioritization techniques Knowledge of security best practices and compliance standards Excellent documentation, communication, and collaboration skills Past experience in operating enterprise-grade security vulnerability management tools is a plus

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Deliver No PerformanceParameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Windows Security Senior Engineer Company: - Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: We are looking for Security Engineer to contribute in the area of the Windows on Snapdragon products. The person will have the responsibility to perform security assessment, design & code review, develop fuzzing harness and fuzz the Windows software stack on Snapdragon products. Ideal candidate must posses security mindset and has good exposure on Security Development Life Cycle "SDLC". The ideal candidate also needs to have Strong Embedded software knowledge, Experience on Windows Internals and good driver development. Solid understanding of Operating System concepts, RTOS, FW management. Solid understanding of System level features, Processor and Power management, architecting system level features. Hands on experience in complex and multi domain large features. Windows kernel driver development experience. Understanding and experience in Designing and Implementing Windows Kernel mode drivers, Board support package, ACPI & UEFI. Strong communication and interpersonal skills. Strong problem solving and debugging skills. Ability to co-ordinate across stakeholders and Task management Handling small to large medium size technology teams. Experience on Enterprise and IHV/IBVs is a plus Minimum . Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Preferred Qualifications 2+ years of Security Engineering or related work experience. Design and development of Fuzzing harness Ability to perform design and code review for vulnerability detection Strong knowledge on Windows OS internals and Windows Driver knowledge (KMDF) Windows Device driver programming and debugging with WinDbg, JTAG/other tools. ARM Processor architecture and Assembly Language. Experience with PC software - System BIOS, UEFI, ACPI, Drivers, Applications Embedded OS (Kernel architecture, OS services heap, memory, multi-core, multi-threading, and crash debugging). Knowledge of OS/system performance profiling and optimization techniques. Communication, written & interpersonal skills, motivation, the ability to learn quickly

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Summary: Designs and implements technical solutions for protecting the confidentiality, integrity and availability of sensitive information. Provides technical evaluations of client systems and assists with making security improvements. Provides technical support in the areas of vulnerability assessment, risk assessment, network security and security implementation. Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Conducts security product evaluations, and recommends products, technologies and upgrades to improve the client"™s security posture. Responsibilities : Customizes, validates, administers and supports a variety of enterprise wide information security platforms, systems, frameworks and applications, based on requirements provided by management; Develops implementation plans related to information security for systems, tools, platforms, and frameworks. Conducts security assessments of systems, tools, platforms, policies, procedures and frameworks. Creates designs and diagrams related to information security for systems, tools, platforms, and frameworks. Develops standard operating procedures for information security related to systems, tools, platforms, and frameworks. Leads audits and reviews designs for information security issues. Validates vulnerabilities identified during security testing, audits, and assessments, while reviewing for false positives. Understands large scale multi-tenant software products supporting multiple government agencies. Understands large scale software integrations of multiple software products. Acts as source for direction, training and guidance for less experienced information security engineers. Works with engineering teams to define and refine information security and systems management policies and settings. Evaluates new and emerging products, technologies and make recommendations to leadership concerning introduction of new technologies. Required Skills > 6 years of information security experience for state and/or federal agencies required. > 6 years of leading information security assessments, policy development, framework implementation, and tool implementation. Must have knowledge of one or more of the following productsBroadcom Identity Manager, Identity Suite and Single Sign On. Preferred Skills Undergraduate degree Certification from Information Security Program (CISM, CompTIA, GSEC, CISSP, etc.) Preferred. Preferred knowledge of one or more of the following productsDell Nutanix, Dell VxRail, VMware ESXi/vCenter/NSX/SRM, Microsoft Windows Server, RedHat Enterprise Linux, MS SQL Server, Nagios, NewRelic APM/Infrastructure/Browser, Octopus Deploy, Puppet, Splunk, Veracode.

Your day at NTT DATA The Senior Associate Information Security Analyst is a developing subject matter expert, responsible for designing and implementing security systems to protect the organization's computer networks from cyber-attacks, and to help set and maintain security standards. This role is required to monitor the organization's computer networks for security issues, install security software, and document any security issues or breaches found. The Senior Associate Information Security Analyst is responsible for assisting in the planning, implementation, and management of information security measures to safeguard the organization's digital assets and systems and contributes to maintaining a secure and compliant environment. What you'll be doing Key Responsibilities: Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary. Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls. Performs regular vulnerability assessments, analyses scan results, and assists in prioritizing and remediating identified vulnerabilities. Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts. Assists in ensuring compliance with industry standards (for example, GDPR, ISO 27001) by conducting assessments and implementing necessary controls. Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs. Documents security breaches and assess the damage they cause. Works with the security team to perform tests and uncover network vulnerabilities. Fixes detected vulnerabilities to maintain a high-security standard. Develops organizational best practices for IT security. Performs penetration testing and upgrades systems to unable security software. Installs and upgrades antivirus software and tests and evaluates new technology. Assists with the installation of security software and understands information security management. Researches security enhancements and makes recommendations to management. Stays abreast of information technology trends and security standards. Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices. Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes. Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems. Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization. Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects. Performs any other related task as required. Knowledge and Attributes: Good communication skills to effectively convey technical information to non-technical stakeholders. Good analytical thinking and problem-solving skills to prevent hacking on a network. Ability to identify and evaluate potential risks and to develop solutions. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Understands firewalls, proxies, SIEM, antivirus, and IDPS concepts. Understands patch management with the ability to deploy patches in a timely manner whilst understanding business impact. Developing proficiency with MAC and OS. Familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR). Basic understanding of network and system architecture, protocols, and security controls. Ability to analyze security incidents and assess potential risks. Ability to work both independently and collaboratively in a fast-paced environment. Academic Qualifications and Certifications: Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related. Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous. Required Experience: Moderate level of demonstrated experience in information security or cybersecurity, or related roles. Moderate level of demonstrated experience working in a global IT organization. Moderate level of demonstrated experience with computer network penetration testing and techniques. Moderate level of demonstrated experience with security assessment and vulnerability scanning tools. Workplace type : On-site Working

Your day at NTT DATA The Senior Associate Security Consultant is responsible for developing expertise in their area of specialization. This role is responsible for translating clients cybersecurity requirements and customizing and implementing security solutions into specific systems, applications and product designs. This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools. This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities. In addition, this role provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients, as well as guides and supports clients in the development and implementation of product security controls. What you'll be doing Key Responsibilities: Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems. Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies. Prepares and maintains documentation, including security assessment reports, findings, and recommendations. Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies. Learns and uses various security tools and technologies for assessments and monitoring. Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices. Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements. Communicates effectively with clients to understand their security needs and concerns. Participates in training programs and certifications to develop expertise in cybersecurity. Knowledge and Attributes: Strong interest in cybersecurity and a desire to learn and grow in the field. Knowledge of basic cybersecurity concepts, principles, and best practices. Familiarity with common security tools and technologies is a plus. Excellent analytical and problem-solving skills. Effective communication skills, both written and verbal. Ability to work collaboratively in a team environment. Eagerness to stay up to date with the evolving cybersecurity landscape. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field. Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential. Required Experience: Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment. Moderate level of experience with security architecture design principles. Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others. Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT