44 Soc2 Jobs

The Cloud Storage Administrator will manage and support cloud-based storage platforms in AWS and/or Azure. This role involves configuring, monitoring, and optimizing object, block, and file storage solutions to ensure high availability, performance, and data protection across our cloud infrastructure. Required Skills Administer and support cloud storage services such as Amazon S3, EBS, EFS, Glacier and Azure Blob, File and Archive Storage. Disaster mitigation design and implementation experience with a focus on architecture for cross-region replication, backup management, RTO and RPO planning and chaos engineering recovery. Demonstrate use of AWS Elastic Disaster Recovery or Azure Site Recovery. Certification and privacy standards associated with PII, data protection and compliance gap expectations. Ability to identify and tag PII, applying encryption and masking techniques and knowledge and experience in compliance certification (SOC2, ISO27001, GDPR, etc.) and demonstrate use of Azure Macie or Azure Purview. Monitoring and cost optimization practices to proactively alert on performance, usage and anomalies. Demonstrate use of AWS CloudWatch or Azure Monitor and AWS Cost Explorer or Azure Cost Management, . Embrace IaC and automation practices for backups, lifecycles, and archival polices. Demonstrate expertise with AWS CloudFormation or Azure DevOps and a history of use with Terraform modules for Cloud Storage. Manage backup and recovery processes using native cloud tools and third-party solutions. Implement storage policies including lifecycle rules, replication, and access controls. Perform capacity planning and forecasting for storage growth and utilization. Collaborate with infrastructure and application teams to meet storage and data access requirements. Ensure storage systems comply with data protection, retention, and security standards. Document configurations, procedures, and best practices for storage management. Respond to incidents and service requests related to storage systems. Participate in change and incident management processes aligned with ITSM standards. Required Experience 3+ years of experience in storage administration with cloud platforms (AWS, Azure, or both). Hands-on experience with cloud-native storage services and understanding of storage protocols. Experience with AWS CloudWatch, Azure Monitor, and the ability to set up proactive alerting on storage performance, usage, and anomalies. Strong troubleshooting and performance tuning skills related to storage. Familiarity with backup and disaster recovery solutions in cloud environments. Understanding of identity and access management as it pertains to storage services. Knowledge of ITSM processes such as incident, change, and problem management. Experienced with storage cost monitoring tools like AWS Cost Explorer or Azure Cost Management Knowledge of IaC tools (Terraform, CloudFormation) for provisioning storage resources, and automation of backup, lifecycle, and archival policies. Producing technical documentation. Exposure to enterprise backup solutions Show more Show less

At Bravura Solutions, collaboration, diversity, and excellence are highly valued. We provide a space for you to be curious, innovative, and contribute to our culture in an exciting and fast-paced environment. As a global FinTech market leader and ASX listed company, Bravura partners with over 350 top financial services clients, offering wealth management technology and products. We are dedicated to developing cutting-edge, digital-first solutions that help our clients achieve financial security and prosperity for their customers. Join us in our mission to drive innovation and make a positive impact in the financial services industry. We are currently seeking a Senior Information Security Officer to join our Information Security team. In this role, you will be responsible for implementing and operating the organization's Information Security Management System (ISMS) within your region. Your main tasks will include driving security risk management, ensuring policy compliance, conducting audits, providing training and awareness, managing supply chain risk, and supporting security operations in incident management. Key Responsibilities: - Oversee the implementation and operations of the ISMS within the region. - Ensure alignment with global security policies and regulatory requirements. - Identify, assess, and mitigate security risks. - Maintain the risk register and track remediation activities. - Develop and enforce security standards and client requirements. - Lead internal and external security audits and ensure timely remediation of findings. - Provide security assurance to clients and coordinate with service delivery teams. - Develop and deliver security awareness programs and support training initiatives. - Assess and manage security risks associated with third-party vendors and suppliers. - Assist in managing and responding to security incidents within the region. Qualifications: - Bachelor's degree in Information Security, Computer Science, or related field. - 5+ years of experience in an information security role, preferably in an MSP or data processing environment. - Strong understanding of ISO27001, NIST, GDPR, and other security frameworks. - Experience in security risk management, audits, compliance, and client security assurance. - Knowledge of security operations, incident response, and managed security services. - Excellent communication and stakeholder management skills. - Security certifications such as CISSP, CISM, or CRISC are preferred. At Bravura, we offer a competitive salary, employee benefits scheme, parental leave policy, free meals, and transport facilities. If you are passionate about information security and want to work in a dynamic and innovative environment, we would love to hear from you. Apply now and be part of our team dedicated to shaping the future of financial technology.,

Job Title: Senior Information Security Engineer (ISO, Compliance) Experience Required: 4-5 years in Information Security Location: Whitefield, Bengaluru -Hybrid Key Areas: SOC 2 Type 1 and Type 2, ISO 27001, GDPR, security governance, vendor security due-diligence, vendor security reviews and assessment, preparation of security checklist, security awareness/phishing simulation, management dashboards, manage key metrics for IT and Infosec. You can apply by filling the form : https://forms.gle/LGarRicG4jcFVWEX6 Roles & Responsibilities: Develop and finalize policies, procedures, and guidelines related to IT and Infosec domains in alignment with industry best practices (ISO 27001 , GDPR and SOC 2). Align internal IT and Infosec processes as per ISO 27001 and SOC 2 standards and security guidelines. Assist in defining and reviewing the key metrics for management reporting. Developing cyber security standards, including incorporating industry practices and applicable compliance requirements. Develop review checklists, questionnaires, and manage evidences to assist the IT vendor risk management process. Perform 3rd party security due-diligence reviews and periodic vendor risk assessments to assess vendor compliance. Coordinate with external stakeholders and auditors for IT and Infosec related reviews Coordinate for conducting periodic penetration testing exercises on in-scope applications and related infrastructure. Coordinate with stakeholders for timely closure of open risks. Assist in imparting security awareness training and executing phishing simulation exercises to employees. Assist IT and Infosec in gathering the metrics data and prepare management dashboards. Coordinate and facilitate SOC 2 audits, acting as the primary point of contact for the external auditor. Gather evidence and documentation to demonstrate compliance with SOC 2 requirements. Address any audit findings and implement corrective actions. Experience Should have 4-5 years of experience in information security domain and minimum Should have 4 of years in overall IT and Infosec governance related activities. Must have sound knowledge in defining processes, developing policies, procedures, and guidelines, and preparing management reporting dashboards. Must have experience in guiding teams with respect to SOC 2 requirements Developing and implementing enterprise governance, risk, and compliance strategy and solutions. Familiarity with industry standards and regulations including PCI, ISO27001, SOC 2, GDPR, CIS, NIST is desired. Candidates from BFSI experience will be preferred Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security implications.

Minimum 7 years’ experience in IT SOX/ITGC, SOC1/SOC2, ITACs, IPEs, and Information Security Audits with strong knowledge of IT infrastructure, preparation of Risk & Control Matrix, Leading the walkthroughs and control testing. CISA, CISM, ISO 27001

8+ Years of exp in Database Technologies: AWS Aurora-PostgreSQL, NoSQL,DynamoDB, MongoDB,Erwin data modeling Exp in pg_stat_statements, Query Execution Plans Exp in Apache Kafka,AWS Kinesis,Airflow,Talend.AWS Exp in CloudWatch,Prometheus,Grafana, Required Candidate profile Exp in GDPR, SOC2, Role-Based Access Control (RBAC), Encryption Standards. Exp in AWS Multi-AZ, Read Replicas, Failover Strategies, Backup Automation. Exp in Erwin, Lucidchart, Confluence, JIRA.

As a Sr. Software Reliability Engineer at Autodesk, you will have the exciting opportunity to join our platform team in Pune, India, focusing on our Cloud services. You will be a key contributor to Autodesk Platform Services (APS), a cloud service platform that facilitates custom and pre-built applications, integrations, and innovative solutions. APS offers APIs and web services to leverage our customers" Design and Make data, connecting custom workflows and end-to-end solutions. This role allows you to work directly on the APIs and services that impact millions of Autodesk product users. Reporting to the Sr. Manager of Engineering, you will play a significant role in ensuring the smooth operation of Autodesk Platform APIs, which serve as the foundation for next-generation design apps. In this hybrid position, you will be part of an Agile product team dedicated to developing top-tier cloud software applications and services. Collaboration will be a key aspect of your role as you work with local and remote colleagues from diverse backgrounds such as business, engineering, operations, and support. Within this dynamic environment, you will have the opportunity to work alongside highly motivated and skilled software engineers. As a member of the team, you will engage in continuous learning, teaching, and problem-solving to deliver innovative solutions to complex engineering challenges. Your responsibilities will include making critical decisions, addressing challenging issues, and enhancing the platform's reliability, resiliency, and scalability. Your role will involve configuring and enhancing cloud infrastructure to ensure service availability, resiliency, performance, and cost efficiency as load times increase over time. You will also be responsible for maintaining system updates for security compliance, driving service level objectives (SLOs), participating in technical discussions and decision-making, building tools for operational efficiency, troubleshooting technical issues, and contributing to on-call rotations for timely service recovery. To qualify for this position, you should hold a Bachelor's Degree in a related field such as Computer Science, possess at least 6 years of software engineering experience with a minimum of 3 years as a Site Reliability Engineer, demonstrate familiarity with Elasticsearch/OpenSearch, AWS deployment, Continuous Delivery methodologies, resiliency patterns, and cloud security. Proficiency in using observability tools like Grafana, Open Telemetry, or Prometheus, and experience with security compliance standards such as SOC2 are also required. The ideal candidate for this role is a team player with a strong focus on delivering comprehensive solutions. You should have a passion for continual learning, be adept at presenting software demos, and be capable of addressing questions regarding project progress effectively. Join us at Autodesk, where we empower innovators to turn their ideas into reality, shaping a better world for all. Our inclusive culture guides our interactions with each other, our customers, and partners, defining our positive impact on the world. If you are ready to embrace new challenges and contribute to meaningful work, we invite you to be an integral part of our team. Autodesk offers a competitive compensation package, including base salaries, annual cash bonuses, commissions for sales roles, stock grants, and comprehensive benefits. We are committed to fostering a culture of diversity and belonging, ensuring that everyone has the opportunity to thrive and succeed.,

Must have Skills - 7+ years software development experience with emphasis on architecture 2+ years as Product Manager or Product Owner SaaS company experience Customer engagement experience (internal & external) SDLC familiarity Encryption and data protection experience Web product security expertise Ability to manage security-related features Strong stakeholder communication skills Experience with security frameworks (OWASP, NIST) Cross-functional team leadership API security knowledge . Good to Have Skills Knowledge of compliance standards (SOC2, ISO 27001, GDPR) Experience with threat modeling Background in cybersecurity or InfoSec Cloud security experience (AWS, Azure, GCP) Agile/Scrum methodologies Technical writing skills Security certifications (CISSP, CISM, etc.) Shifts in which the candidate will work - Primary: India time zone Secondary: Must be flexible to align with Israel time zone as needed Note : Role requires coordination between India and Israel time zones for stakeholder alignment and collaboration . Years of Experience - 9+ years total (7+ years development/architecture + 2+ years Product Management) .

Job Description Job title: Senior Software Technologist - Security u00A0 Your role: u2022 Utilizes specialized knowledge to manage and address a diverse range of security issues and projects within the team, applying in-depth expertise to identify, analyze, and resolve complex security challenges, ensuring effective solutions and enhanced protection for the organization. u2022 Works under limited supervision and broad guidelines, using independent judgment to make decisions on significant compliance matters and navigate complex situations effectively. u2022 Examines potential security breaches by assessing the nature and scope of the threat, coordinate an effective response to mitigate immediate impacts, and recommend comprehensive corrective actions to address identified vulnerabilities. u2022 Identifies key performance indicators (KPIs) for information security, providing detailed reports and analysis to assess the effectiveness of security measures, and ensure alignment with organizational security objectives. u2022 Tracks service levels related to information security, providing detailed analyses and reports on security service performance, incidents, and issues to ensure optimal security operations and compliance with established standards. u2022 Monitors the health and performance of security services, investigating incidents and driving their resolution, coordinating with vendors and other stakeholders to ensure effective service execution and mitigate security issues. u2022 Assists in the evaluation of both new and existing applications by participating in security reviews, ensuring that they meet established security standards and identifying potential vulnerabilities that need to be addressed. u2022 Reviews security policies, procedures, and related documentation to ensure effectiveness, incorporate best practices, address emerging threats, and align with organizational needs and compliance requirements, maintaining a robust and adaptive security framework. u2022 Develops effective relationships with internal teams and external partners to collaboratively resolve security-related issues, refine procedures, and enhance security outcomes in alignment with organizational goals. You're the right fit if: Bachelor's / Master's Degree in Computer Science, Information Technology, Cybersecurity or equivalent. Minimum 8-10 years of experience in areas such as Security Architecture, Network Security, Cybersecurity Technology, Information Security or equivalent Experience in cloud and/or application security Possess strong knowledge of cloud architectures and security best practices Hands-on experience with Infrastructure as Code tools, particularly Terraform Show proficiency in secure coding practices and OWASP Top 10 Have at least one hands on experience participating in security compliance (industry regulation, ISO27001, SOC2) R elevant cloud security certifications (e.g., CCSP, AWS Security) E xperience with healthcare industry security requirements Expertise in cloud-native security tools Strong open source culture, and u201Cautomation firstu201D mindset. Autonomous, rigorous, team-oriented, and driven by meaningful projects. How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the companyu2019s facilities. Field roles are most effectively done outside of the companyu2019s main facilities, generally at the customersu2019 or suppliersu2019 locations. Indicate if this role is an office/field/onsite role. About Philips We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others. u2022 Learn more about . u2022 Discover . u2022 Learn more about . If youu2019re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care .

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITGC Knowledge about regulators RBI, IRDA, SEBI Fresher 2023 /2024 in B. Tech or Cybersecurity

Innovation is and will always be the core of SAP Fioneer, and it is the promise of why we were spun out of SAP: agility, innovation, and delivery. SAP Fioneer builds on a heritage of outstanding technology and a deep understanding of corporate and consumer demands. At the heart of it all it is simple: We bring financial services to the next level with innovative software solutions and platforms. We are helping companies in the financial services industry to achieve speed, scalability, and cost-efficiency through digital business innovation, cloud technology, and solutions that cover banking and insurance processes end-to-end. A global company, with rapid growth, innovative people, and a lean organization makes SAP Fioneer a place where you accelerate your future! About role: We are committed to safeguarding our digital assets and ensuring the highest level of security for our clients. As we continue to grow, we are seeking an experienced Senior Cyber Security Engineer to join our dynamic team. The ideal candidate will bring extensive expertise in managing and securing complex environments, with a focus on O365 Security Tools, zScaler, MS Sentinel, SIEM, and Azure Security. This role requires a comprehensive skill set in incident response, vulnerability management, data protection, and cloud security, enabling us to securely empower our development and product teams. The successful candidate will have a proven track record in implementing and overseeing security solutions that protect organizational assets and improve security posture. Responsibilities: Security Infrastructure: - Design, implement, and manage security solutions leveraging O365 Security Tools, zScaler, MS Sentinel, and SIEM in support of the Security Architecture of Fioneer. - Develop and maintain comprehensive security strategies for cloud and on-premises environments. Data Protection and Leakage Prevention: - Establish the DLP and DRM program at Fioneer beyond just the deployment of the technology, but also drive data protection processes into the business and the organization. - Implement and manage data protection and leakage prevention controls. - Develop and enforce policies to safeguard sensitive information and prevent data breaches. Insider Risk Management: - Implement and manage insider risk management programs. - Monitor and analyze user activities to identify and mitigate insider threats. Security Frameworks: - Ensure compliance with security frameworks such as SOC2 and ISO27001. - Contribute to the continuous improvement of security policies and procedures. Azure Security: - Provide expertise in Azure Security, including Infrastructure as Code (IaC), Privileged Identity Management (PIM), Identity and Access Management (IAM), and Kubernetes security. - Collaborate with cloud teams to ensure secure cloud environments. Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - Proven experience as a Cyber Security Engineer with expertise in O365 Security Tools, zScaler, MS Sentinel, SIEM, incident response, vulnerability management, and data protection. - Proven experience in creating business user focused communication guides to implement Data Protection Technologies. - In-depth knowledge of security frameworks, particularly SOC2 and ISO27001. - Extensive experience in Azure Security, including Infrastructure as Code, PIM, IAM, and Kubernetes security. - Certifications such as CISSP, CISM, or relevant Azure certifications are highly desirable. Requirements: - Minimum of 5 years of experience in security engineering or operations in an enterprise environment. - First-hand experience with programming languages required, development experience in any cloud environment is a plus. - Excellent communication and people-focused skills. - Eager to learn and improve your cloud application security skills. - Ideally, initial professional experience of DevSecOps in the cloud, secure cloud configuration, secure cloud operations, vulnerability management. - Fluent in English and open to other cultures and ideas. - A sense of humor. Benefits: You will have the opportunity to collaborate with some of the brightest minds in the industry on an incredibly ambitious project to shape the ever-evolving financial sector. This is an environment where you can have it all - the agility, enthusiasm and dynamism of a start-up, combined with the established expertise, solid market presence, and extensive customer network of a more established organization. At SAP Fioneer, you will benefit from a flexible work environment that encourages creativity and encourages you to think outside the box, bring new ideas to the table, and challenge the status quo. You will become part of a diverse and global team that we are proud of and are constantly growing and reinventing. As an employee, you will have the chance to chart your own career path and take advantage of competitive compensation packages and progression opportunities based on merit. We offer a comprehensive benefits package that includes occupational pension provisions, support for health and wellbeing, various mobility options like bike leasing and transportation allowances, as well as additional perks such as celebration rewards, meal programs, jubilee recognition, and relocation reimbursement.,

As a Senior Security Risk Analyst at Snowflake, you will play a crucial role in managing and enhancing the existing program for assessing the risk associated with third-party tools and services utilized by Snowflake. Your responsibilities will include overseeing the intake process, collaborating with stakeholders to gather necessary information, comprehensively understanding the use case for each tool or service, and reviewing documentation to ensure compliance with security controls. Your role will involve identifying and mitigating third-party security risks to safeguard Snowflake's assets. Key Responsibilities: - Conduct ongoing security risk assessments for third-party vendors to identify and evaluate potential risks, providing detailed evaluations and actionable recommendations based on security best practices. - Support and monitor remediation efforts for identified gaps, conducting audits to validate closure. - Review evidence provided by vendors to align their security controls with Snowflake's data protection requirements. - Assess and manage security findings from various vendor security monitoring systems. - Develop and enhance security documentation and collaborate cross-functionally to achieve team objectives. - Adopt a risk-based approach to review and negotiate security agreements, measure program effectiveness, and ensure SLAs are met. - Establish viewpoints, negotiate effectively with stakeholders, and drive desired outcomes. Qualifications of an Ideal Senior Security Risk Analyst: - 6+ years of experience in security compliance, with at least 3 years focusing on third-party security risk. - Strong motivation to excel in fast-paced environments. - Proficiency in various security best practices and technologies, including risk management, data protection, encryption, access management, and security governance. - Ability to work across different time zones and exceptional communication skills for presenting technical documents and reports. - Deep understanding of industry regulations and standards such as PCI-DSS, HIPAA, SOC, GDPR, and ISO. - Exceptional organizational skills, analytical ability, and deadline management. - Technical competence to explain complex security concepts to stakeholders with varying cybersecurity expertise. - Self-motivated problem solver with the capacity to work both independently and collaboratively. - Strategic thinking, attention to detail, and a strong commitment to accuracy and accountability. - Proficiency in leading meetings with internal and external stakeholders to achieve desired outcomes. - High ethical standards demonstrated through successful background checks and references. Preferred Experience: - Familiarity with JIRA, Confluence, and ServiceNow. - Experience in reviewing and negotiating security agreements. - Security certifications such as CISSP, CCSP, or CISA. - Cloud platform experience with AWS, Azure, Google Cloud, or similar providers. Snowflake is an innovative and fast-growing company, and we are seeking individuals who align with our values, challenge conventions, and drive innovation while contributing to their own and Snowflake's future success. To explore opportunities for impact and growth, please refer to the job posting on the Snowflake Careers Site for details on salary and benefits in the United States: careers.snowflake.com.,

Role Overview We are seeking a highly experienced CloudOps & InfoSecurity Lead/Manager to take ownership of our cloud infrastructure, security posture, and compliance initiatives. This role will be responsible for overseeing mission-critical CloudOps functions on AWS, leading InfoSec initiatives including VAPT, DR drills, and ISO27001/SOC 2 compliance, and ensuring smooth and secure technology operations across the organization. The role also involves liaising with Vendors to manage on prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc, This is a hands-on leadership role that requires deep expertise in AWS infrastructure, DevOps pipelines, security frameworks, and experience collaborating with engineering, operations, and compliance teams. Key Responsibilities Cloud Operations (AWS) Manage and maintain core AWS services including: EKS (Kubernetes), EC2, RDS, S3, CloudWatch, Glue, Kinesis Own and optimize DevOps pipelines built on GitLab CI/CD. Implement cost-optimized, secure, and highly available cloud architectures. Ensure system monitoring, alerting, scaling, and backup strategies are effective and well-documented. Manage Disaster Recovery (DR) environments and conduct periodic DR drills. Information Security & Compliance Lead Vulnerability Assessment & Penetration Testing (VAPT) cycles and remediation efforts. Drive and maintain ISO27001 and SOC2 compliance: Work with external auditors and internal teams to ensure readiness. Own documentation, policy updates, and evidence collection. Implement and monitor security controls, incident management protocols, and regular access audits. Prepare and share weekly/monthly infosec and infra reports with leadership. Platform & SaaS Administration Oversee GCP Workspace (formerly G Suite) including Gmail, Drive, user provisioning, storage planning, and backup policies. Ensure data retention and security across productivity tools. Team & Vendor Collaboration Work with external vendors (e.g., for security testing, DR hosting, cloud services), Infra services Collaborate with engineering and QA teams for security reviews and infrastructure needs. Support procurement and vendor evaluation for infra and security tooling. Manage Vendors who manage on-prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc and governance aspects related to regular reporting, auditing etc of IT infrastructure. Required Skills & Experience 8-10 years of experience in cloud infrastructure and information security domains. Proven expertise in AWS services like EKS, EC2, S3, CloudWatch, RDS, Kinesis, Glue, etc. Hands-on experience with DevOps pipelines (GitLab preferred). Strong understanding of infosec frameworks , compliance processes, and experience managing ISO27001 / SOC2 audits. Experience conducting and managing VAPT assessments and DR drills . Familiarity with Google Workspace (GCP) administration for email, storage, and access management. Strong communication and reporting skills with experience preparing stakeholder-ready documents. Experience managing or working with cross-functional teams and external vendors. Good to Have Certifications such as AWS Certified Solutions Architect , CISSP , CISM , or ISO27001 Lead Auditor . Exposure to container security , SAST/DAST tools , IAM best practices , and cloud cost optimization . Experience in a regulated domain such as Fintech/NBFC is a plus.

As a Senior Security Risk Analyst at Snowflake, you will be an integral part of the Global Security Compliance & Risk team. Your primary responsibility will be managing and enhancing the existing program that evaluates the risk associated with third-party tools and services used by Snowflake. This includes overseeing the intake process, collaborating with stakeholders to gather necessary information, analyzing the use case for each tool/service, and reviewing documentation to ensure compliance with security controls. Your role will be crucial in identifying and mitigating third-party security risks to safeguard Snowflake's assets. In this role, you will independently conduct ongoing security risk assessments for third-party vendors, providing in-depth evaluations and actionable recommendations aligned with security and compliance best practices. You will also be involved in monitoring and supporting remediation efforts for identified security gaps, ensuring closure through thorough audits. Additionally, you will assess security findings from various monitoring systems, compare vendor security controls with Snowflake data protection requirements, and enhance security documentation. Ideal candidates for this position will have at least 6 years of experience in security compliance roles, including a minimum of 3 years focusing on third-party security risks. You should possess a strong understanding of security best practices across various domains such as application security, risk management, encryption, identity and access management, and network security. Proficiency in industry regulations and standards like PCI-DSS, HIPAA, GDPR, as well as experience with frameworks like SOC1, SOC2, and ISO, will be advantageous. Moreover, you should demonstrate exceptional communication skills, both written and verbal, and the ability to work effectively across different time zones. Your role will involve collaborating with cross-functional teams to achieve security objectives, negotiating security agreements, and measuring program effectiveness against SLAs. Strong organizational skills, technical competence, and the ability to lead meetings with stakeholders from diverse backgrounds are essential for success in this role. Bonus points will be awarded for experience with tools like JIRA, Confluence, and ServiceNow, as well as security certifications such as CISSP, CCSP, or CISA. Previous exposure to major cloud providers like AWS, Azure, or Google Cloud will also be advantageous. If you are a motivated individual who thrives in a fast-paced environment, possesses a strong ethical foundation, and is committed to enhancing security practices, Snowflake offers an exciting opportunity to contribute to our growth and innovation. Join us in building a secure future for Snowflake while challenging conventional thinking and driving impactful change.,

A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001. 1. Regulatory Compliance Monitoring: o Ensure the technology department complies with relevant laws and regulations, such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. o Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement: o Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. o Regularly review and update policies to ensure they remain aligned with changing regulations and industry best practices. 3. Risk Management: o Assess risks related to technology operations, particularly data privacy and cybersecurity risks. o Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. o Conduct regular audits and reviews of IT systems to ensure they meet compliance standards. 4. Training & Awareness: o Educate and train technology teams and other employees on compliance-related matters, such as data security, privacy policies, and risk mitigation strategies. o Promote awareness of compliance issues, helping staff understand their responsibilities in maintaining compliance. 5. Audit & Reporting: o Prepare reports for management, regulators, or auditors, demonstrating compliance with relevant regulations and policies. o Coordinate internal and external audits related to technology compliance. o Implement corrective actions where necessary to address non-compliance findings. 6. Data Privacy Management: o Oversee data protection strategies and ensure proper handling of sensitive information, including encryption, access control, and data retention policies. o Manage consent collection and user privacy preferences in accordance with privacy regulations. 7. Incident Management: o Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. o Coordinate with relevant authorities if there is a need to disclose any breaches or security incidents.

We are seeking a forward-thinking AI Architect to design, lead, and scale enterprise-grade AI systems and solutions across domains. This role demands deep expertise in machine learning, generative AI, data engineering, cloud-native architecture, and orchestration frameworks. You will collaborate with cross-functional teams to translate business requirements into intelligent, production-ready AI solutions. Key Responsibilities: Architecture & Strategy Design end-to-end AI architectures that include data pipelines, model development, MLOps, and inference serving. Create scalable, reusable, and modular AI components for different use cases (vision, NLP, time series, etc.). Drive architecture decisions across AI solutions, including multi-modal models, LLMs, and agentic workflows. Ensure interoperability of AI systems across cloud (AWS/GCP/Azure), edge, and hybrid environments. Technical Leadership Guide teams in selecting appropriate models (traditional ML, deep learning, transformers, etc.) and technologies. Lead architectural reviews and ensure compliance with security, performance, and governance policies. Mentor engineering and data science teams in best practices for AI/ML, GenAI, and MLOps. Model Lifecycle & Engineering Oversee implementation of model lifecycle using CI/CD for ML (MLOps) and/or LLMOps workflows. Define architecture for Retrieval Augmented Generation (RAG), vector databases, embeddings, prompt engineering, etc. Design pipelines for fine-tuning, evaluation, monitoring, and retraining of models. Data & Infrastructure Collaborate with data engineers to ensure data quality, feature pipelines, and scalable data stores. Architect systems for synthetic data generation, augmentation, and real-time streaming inputs. Define solutions leveraging data lakes, data warehouses, and graph databases. Client Engagement / Product Integration Interface with business/product stakeholders to align AI strategy with KPIs. Collaborate with DevOps teams to integrate models into products via APIs/microservices. Required Skills & Experience: Core Skills Strong foundation in AI/ML/DL (Scikit-learn, TensorFlow, PyTorch, Transformers, Langchain, etc.) Advanced knowledge of Generative AI (LLMs, diffusion models, multimodal models, etc.) Proficiency in cloud-native architectures (AWS/GCP/Azure) and containerization (Docker, Kubernetes) Experience with orchestration frameworks (Airflow, Ray, LangGraph, or similar) Familiarity with vector databases (Weaviate, Pinecone, FAISS), LLMOps platforms, and RAG design Architecture & Programming Solid experience in architectural patterns (microservices, event-driven, serverless) Proficient in Python and optionally Java/Go Knowledge of APIs (REST, GraphQL), streaming (Kafka), and observability tooling (Prometheus, ELK, Grafana) Tools & Platforms ML lifecycle tools: MLflow, Kubeflow, Vertex AI, Sagemaker, Hugging Face, etc. Prompt orchestration tools: LangChain, CrewAI, Semantic Kernel, DSPy (nice to have) Knowledge of security, privacy, and compliance (GDPR, SOC2, HIPAA, etc.)

Role- ITGC -Senior Location - Gurgaon, Kochi, Kolkata, Noida, Bengaluru, Chennai, Pune Exp- 3-6 Years To qualify for the role, you must have Preferably B.E/B.Tech (Computers, Electronics, Data Analytics), BCA/MCA, B.Sc/M.Sc. (computers major), MBA, CA. Must Have 3-6 years of hands-on internal/external IT Audits Atleast One - IT General Controls, IT Automated Controls, and Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting Able to perform independent security configuration review of common operating systems and databases - Windows, Unix, DB2, AS400, SAP R3ECC/HANA, Mainframe, SQL, Oracle. Knowledge of documentation and data analysis tools like Word, Excel, Access, Strong English verbal and written communication skills. Nice to have CISA, CISM, CRISC, ISO27001, Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI German/Dutch/French language is an added advantage.

We are seeking an experienced Cloud Validation Testing Engineer to ensure the reliability, performance, and security of cloud-based applications and infrastructure. The ideal candidate should have strong expertise in cloud platforms (AWS, Azure, GCP), automation testing, performance validation, and security compliance. This role involves validating cloud-based solutions, conducting functional and non-functional testing, and ensuring adherence to cloud best practices. Key Responsibilities: Develop and execute Cloud Validation Test Plans to ensure the functionality, scalability, and security of cloud-based applications. Perform functional, performance, security, and compliance testing of cloud solutions. Automate cloud testing processes using tools like Selenium, JMeter, Postman, Robot Framework, and Terraform. Validate cloud infrastructure, networking, and data pipelines across AWS, Azure, or GCP. Conduct API testing for cloud services using Postman, REST Assured, or similar tools. Ensure adherence to cloud compliance standards (ISO, SOC2, HIPAA, PCI-DSS, etc.). Perform load, stress, and scalability testing using JMeter, Gatling, or K6. Implement CI/CD testing automation within DevOps pipelines using Jenkins, GitHub Actions, or Azure DevOps. Identify and troubleshoot cloud performance bottlenecks, latency issues, and service failures. Work closely with developers, cloud architects, and security teams to improve system reliability. Validate disaster recovery, backup, and failover mechanisms for cloud environments. Required Skills & Qualifications: 6+ years of experience in software testing and cloud validation. Strong expertise in AWS, Azure, or GCP cloud platforms. Hands-on experience with automation frameworks like Selenium, Robot Framework, or Cypress. Proficiency in Python, Java, or PowerShell for test automation. Experience with cloud monitoring tools (CloudWatch, Azure Monitor, Google Stackdriver). Knowledge of Kubernetes, Docker, and microservices testing. Strong understanding of API testing, performance testing, and cloud security validation. Experience working in Agile and DevOps environments.

Education: Bachelors in information systems, Accounting or a related field. Experience: 1-4 years of IT Audit experience, with a strong focus on ITGC. Proficiency inn auditing frameworks and standards, including SOX, COSO, COBIT, or ISO 27001.

We are looking for an experienced Senior Compliance Analyst with expertise in SOC 2, ISO 27001, PCI DSS, and GDPR regulations. The ideal candidate will have a deep understanding of global security and privacy standards and will play a pivotal role in assessing, implementing, and maintaining the organizations compliance posture. Key responsibilities:- Ensure compliance with all applicable regulatory requirements, including SOC2, ISO 27001, PCI DSS, GDPR rules and guidelines. Develop and implement compliance policies, procedures, and programs. Conduct regular compliance reviews and audits to identify areas of improvement. Collaborate with other departments to ensure effective implementation of compliance measures. Work with external vendors to ensure compliance adherence Maintain up-to date compliance records and provide them to Sales, Marketing, Internal and External Customers on a need-to-know basis Provide training and education on compliance matters to staff and stakeholders. Monitor market trends and regulatory developments to stay informed of potential risks or issues. Job Requirements:- Strong knowledge of audit and regulatory compliance to ensure the security, privacy, and reliability of SaaS services in a global market. Familiarity with ISO 27001, PCI DSS, GDPR rules and guidelines. Ability to work collaboratively with cross-functional teams. Strong analytical skills and attention to detail. Bachelor's degree in a related field preferred but not required. Experience in Leading Software Project Teams desired but not mandatory.

Lead governance, risk, and compliance initiatives across cyber domains. Develop risk frameworks, align with global regulations, and interface with leadership and auditors. Required Candidate profile Strategic cyber risk leader with experience in GRC, regulatory compliance, and cyber risk frameworks. Ability to drive governance programs and manage stakeholder communication

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

IT Audit planning & management, ISO27001 audits & implementation, corrective actions & follow-up, ITGC, Cyber Security, SOC 2. Experience in IT regulatory compliance (RBI, IRDA, SEBI), IT risk & controls review, app & infra security.

Role Summary We're seeking an experienced Cloud Security Engineer with strong expertise in Azure and GCP platforms. In this role, you'll work at the intersection of cybersecurity and cloud engineering, focusing on implementing security recommendations from Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) solutions. Key Responsibilities Analyze and prioritize security findings from CSPM and CNAPP tools across Azure, GCP and AWS environments Coordinate and execute remediation activities with cloud engineering teams to address identified vulnerabilities Lead the deployment, configuration, and maintenance of CSPM and CNAPP solutions Develop and implement security automation to streamline remediation processes Create and maintain cloud security documentation, including policies, procedures, and architectural diagrams Participate in security incident response for cloud-related events Provide cloud security expertise during new service deployments and architecture reviews Stay current with evolving cloud security best practices, threats, and compliance requirements Qualifications 4+ years of experience in cloud security across Azure and GCP platforms Demonstrable experience with CSPM and CNAPP tools and methodologies Strong understanding of cloud-native security controls, including IAM, encryption, network security, and logging/monitoring Proficiency in security automation using tools like Terraform, Azure ARM templates, or GCP Deployment Manager Experience with Kubernetes and other containerisation technologies Experience with cloud security frameworks and compliance standards (e.g., CIS, NIST, SOC2) Strong knowledge of DevSecOps principles and practices Excellent communication skills to effectively coordinate with various technical teams Preferred Skills Relevant security certifications (e.g., CCSP, Azure Security Engineer, GCP Professional Cloud Security Engineer) Experience with container security and Kubernetes environments Familiarity with cloud security APIs and CLI tools Background in security architecture or engineering Experience with cloud infrastructure as code (IaC) security scanning

JOB SUMMARY Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associates career development. Additionally, senior associates daily activities are closely supervised by the management teams of their assigned projects. Senior associates may supervise associates and/or senior associates when serving as a member of a project management team. There is no typical day for our SOC teams. While our lead focus is on SOC examinations, our clients also rely on us to perform multiple types of attestations similar to SOC across a variety of network, application, or cloud environments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest technologies. Our teams are mostly remote (yet extremely collaborative) and work together to utilize their unique backgrounds and experience to provide the high level of quality service that our clients have come to expect. In addition to the hands-on knowledge youll develop with each project, client also promotes a continuous learning environment. Team members are encouraged to attend at least one training event every year to build upon their skills and acquire new certifications. A Senior Associate will hold the following roles and responsibilities as part of their role: • Demonstrate proficiency in client's Methodology • Guide associates and peers • Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.) • Successfully run a project from fieldwork through completion • Understand and demonstrate ability to speak to client's service lines at a high level and their leaders • Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria • Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2 • Know all four report opinion outcomes and ability to draft modified opinions • Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion • Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly • Client's Methodology o Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.) o Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide o Review and demonstrate ability to apply concepts of EWP WP Guidance” • Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP) • Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2 • Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc. • Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories • Ability to articulate qualified vs unqualified opinion; know all four types of opinions • Learn client's services and service line leaders • Adhere to and complete all matters included in the Associate Score Card • Accurately manage and report time worked to each project / initiative Essential Functions: • Complying with client's code of ethics and professional conduct, methodologies, policies, and procedures • Adhering to the professional and regulatory standards relevant to assigned service line specialization(s) • Promoting client's company culture and exemplifying client's values • Establishing high quality relationships and rapport with client personnel • Managing client expectations to ensure expectations are exceeded • Completing assigned duties in a timely manner and with a high attention to detail • Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project • Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks • Escalating issues internally in a proper and timely manner • Using discretion and decorum in the timing, form, and content of all client communications • Booking travel reservations in a timely manner and in accordance with client's travel and expense policies and procedures • Performing the essential functions of other service delivery positions when qualified and called upon to do so • Attending project kick-off and closing meetings • Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable • Drafting project deliverables • Serving as a contact for clients' basic questions regarding an engagement • Participating in recruiting and candidate interview activities • Training project team members • Acclimating newer team members to client • Contributing to client's practice development efforts • Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s) • Contributing to client's thought leadership (e.g., articles, webinars, public speaking, etc.) Knowledge, Skills, and Abilities: • Working knowledge of client's services, methodology, and relevant professional standards • Requisite knowledge of applicable technology and security domains • High level of attention to detail and quality of work product • Client service oriented • Excellent time management, organizational, and verbal and written communication skills • Ability to work on-site or remotely as a valuable contributor to a collaborative team • Capable of simultaneously managing assigned tasks for multiple projects • Proficient using Microsoft Word, Excel, and PowerPoint, as well as client's service delivery applications • Full understanding and application of ethics, independence and client's values Education, Work Experience and Certifications • Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified • 2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls • Ability to work well independently, within a team and with clients as well as travel ~40-50% (MTh) • Maintains (preferred) or working towards obtaining least one certification relevant to client's services (i.e. CPA, CCSK or CISA)

What You'll Do Were hiring a Site Reliability Engineer to help build and maintain the backbone of Avalaras SaaS platforms. As part of our global Reliability Engineering team, youll play a key role in ensuring the performance, availability, and observability of critical systems used by millions of users. This role combines hands-on infrastructure expertise with modern SRE practices and the opportunity to contribute to the evolution of AI-powered operations. Youll work closely with engineering and operations teams across regions to drive automation, improve incident response, and proactively detect issues using data and machine learning. What Your Responsibilities Will Be Own the reliability and performance of production systems across multiple environments and multiple clouds (AWS, GCP, OCI). Use AI/ML-driven tools and automation to improve observability and incident response. Collaborate with development teams on CI/CD pipelines, infrastructure deployments, and secure practices. Perform root cause analysis, drive postmortems, and reduce recurring incidents. Contribute to compliance and security initiatives (SOX, SOC2, ISO 27001, access and controls). Participate in a global on-call rotation and knowledge-sharing culture. What You'll Need to be Successful 5+ years in SRE, DevOps, or infrastructure engineering roles. Expertise with AWS (GCP or OCI is a plus), AWS Certified Solutions Architect Associate or equivalent Strong scripting/programming skills (Python, Go, Bash, or similar) Experience with infrastructure as code (Terraform, CloudFormation, Pulumi). Proficiency in Linux environments, containers (Docker/Kubernetes), and CI/CD workflows. Strong written and verbal communications skills to support world wide collaboration.