464 Vulnerability Management Jobs - Page 2

FS XSector Specialism Risk Management Level Senior Associate & Summary Indepth knowledge of application development processes and at least one programming and one scripting language (e.g., Java, Scala, C#, JavaScript, Angular, ReactJs, Ruby, Perl, Python, Shell). Knowledge on OS security (Windows, Unix/Linux systems, Mac OS, VMware), network security and cloud security. Why PWC Learn more about us . \ & Summary We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. s L1 Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Postincident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets Certified SOC Analyst (ECCouncil), Computer Hacking Forensic Investigator (ECCouncil), Certified Ethical Hacker (ECCouncil), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred) Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets SOC Splunk Education qualification B.Tech/MCA/MBA with IT background/ Bachelor s degree in Information Technology, Cybersecurity, Computer Science a Education Degrees/Field of Study required Bachelor of Engineering, Master of Business Administration Degrees/Field of Study preferred Required Skills SOC Operations SoCs No

FS XSector Specialism Risk Management Level Senior Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC \ & Summary We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. s L1 Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Postincident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets Mandatory (Anyone) Certified SOC Analyst (ECCouncil), Computer Hacking Forensic Investigator (ECCouncil), Certified Ethical Hacker (ECCouncil), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred) Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets SOC Splunk Education qualification B.Tech/MCA/MBA with IT background/ Bachelor s degree in Information Technology, Cybersecurity, Computer Science Education Degrees/Field of Study required Master of Business Administration, Bachelor of Engineering Degrees/Field of Study preferred Required Skills SoCs Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more} No

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Within our Database Administration team at Kyndryl, you'll be a master of managing and administering the backbone of our technological infrastructure. You'll be the architect of the system, shaping the base definition, structure, and documentation to ensure the long-term success of our business operations. Your expertise will be crucial in configuring, installing and maintaining database management systems, ensuring that our systems are always running at peak performance. You'll also be responsible for managing user access, implementing the highest standards of security to protect our valuable data from unauthorized access. In addition, you'll be a disaster recovery guru, developing strong backup and recovery plans to ensure that our system is always protected in the event of a failure. Your technical acumen will be put to use, as you support end users and application developers in solving complex problems related to our database systems. As a key player on the team, you'll implement policies and procedures to safeguard our data from external threats. You will also conduct capacity planning and growth projections based on usage, ensuring that our system is always scalable to meet our business needs. You'll be a strategic partner, working closely with various teams to coordinate systematic database project plans that align with our organizational goals. Your contributions will not go unnoticed - you'll have the opportunity to propose and implement enhancements that will improve the performance and reliability of the system, enabling us to deliver world-class services to our customers. Tune the Database to optimize and harmonize the performance of application databases (Oracle – RAC environment) on regular basis. Find queries, which are creating latches / locks or consuming higher system resource in application database and tune the same in co-ordination with in-house scripting team / application vendor to improve the transaction response time and avoid any latches / locks. Study the logic in the custom queries, verify the change to be implemented in applications and ensure that queries are optimized before deploying in productions environment. Any downtime due to improper tuning of custom query logic will be attributable to the bidder. Study the invalid objects in application Production database and validate the same on regular basis Indexing / Re-indexing of tables/objects to be carried out on regular basis. need to submit a report on the queries tuned to optimize the performance to Bank on monthly basis and its impact analysis. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior Administrator to Architect. We have training and upskilling programs that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with customers in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise: Oracle Database Monitoring and Maintenance(Minimum 5+ years experience with domain certification) Oracle Certification Database administration involves checking health of database, monitoring the database and perform database backup and day-to-day database management activities in RAC environment. Database Backup and restoration as per Bank requirement & maintaining the backup tape inventory. Replication of Database to NDR & DR sites & keeping the same in sync. Import and Export of data as per bank requirement. Time to time application of patches released by Oracle. Attending and Closing IS Audit/ VAPT observations IS Audit/ RBI Audit/ISO audit / VAPT/CISO observations etc. Conducting DR Drills on periodical basis. Implementation of Oracle Security products like Advance Security Option (ASO), Oracle Audit Vault & Database Firewall (AVDF), Data base Vault (DV), Data Masking, TDE etc. Database patch update / version upgrade from time to time. Addition of Real Application Cluster (RAC) nodes in application Data bases as per requirement. Performance tuning & query tuning of application Database. Preferred Technical and Professional Experience: Automation experience, especially IaaS (Infrastructure as a Service) Vulnerability management On prem AD FS (Active Directory Federation Services) with Microsoft Active Directory (AD) ,and/or Azure AD Database administrator should have expertise in Database tuning, Performance Tuning / Query optimization in application databases Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention.

Role & responsibilities Position : Cloud Security Location : Belapur, Mumbai Experience : 12yrs+ Minimum 12 years experience in IT / IT Security / Information Security in Banking, Financial Services and Insurance (BFSI)/ Non-Banking Financial Company (NBFC)/ Payment industries/IT MNCs, out of which at least past 5 years should have been in Cloud deployments. Essential: Significant experience with deploying/ managing private and public cloud deployments, virtualized environment, and containerization platforms. Hands-on experience in deployment of cloud infrastructure and cloud security technology Should have experience with Azure / AWS / GCP/ VMware Cloud Foundation/ OCI Should have experience in Tanzu Kubernetes Grid/Openshift/OCI and Devsecops Experience in Inter-technology, Inter-OEM, inter-datacentre and inter-cloud integration from security perspective. Experience in Cloud Security Solutions Proficient with Cloud Security Solutions and Cloud Technologies including CASB/ CSPM/ CWPP/ CNAPP/ Micro segmentation/ Virtualization technologies/ containerization technologies. Thorough in concept of high availability Certifications: Any one of OEM certification – (VMware/Azure/GCP/AWS/OCI etc.). •(CCSP/CCSK/GCSA/CompTIA Cloud+/ VCAP etc.). Preferred Additional technical certification like CISA/CISM/CISSP/ GSEC/ CompTIA Security+/ SSCP Preferred candidate profile Encryption, hashing, basic networking protocols and their significance. Cloud deployment models and services . AWS/Azure security services and hands on implementation IaC ( Terraform) hands on experience.

Location: Noida Experience: Minimum 4- 10 years Responsibilities: Assist in the implementation and maintenance of information security strategies, ensuring alignment with regulatory requirements, industry standards, and business goals. Support the development and enforcement of information security policies, procedures, and best practices to protect data integrity, confidentiality, and availability. Monitor security alerts, analyze potential threats, and assist in incident detection, response, and resolution to mitigate security risks. Conduct risk assessments and vulnerability scans to identify security weaknesses and assist in remediation efforts. Work closely with engineering and IT teams to embed security best practices across the software development lifecycle and cloud infrastructure. Assist in security audits, compliance checks, and regulatory reporting to ensure adherence to RBI guidelines, DPDP Act, ISO 27001, and Cert-IN regulations. Manage and configure security tools such as firewalls, IDS/IPS, SIEM, endpoint protection, and vulnerability scanners. Assist in access control management, ensuring appropriate permissions and role-based access policies are in place. Contribute to security awareness programs, helping employees understand cybersecurity threats and best practices. Stay updated on emerging security threats, attack vectors, and defensive technologies, recommending enhancements to security processes. Qualifications and Skills: Bachelors degree in Information Security, Computer Science, IT, or a related field. Minimum of 4 years of experience in information security, cybersecurity operations, or risk management. Hands-on experience with firewalls, IDS/IPS, SIEM tools, endpoint security, and vulnerability management. Strong understanding of network security, encryption, identity and access management (IAM), and cloud security (AWS, Azure, or GCP). Knowledge of security frameworks such as ISO 27001, NIST, CIS Controls, and RBI IT Guidelines. Exposure to penetration testing, security log analysis, incident response, and threat intelligence. Strong problem-solving, analytical, and communication skills. Relevant certifications preferred (CEH, Security+, CISSP (Associate), CISM). Ability to work in a fast-paced environment, collaborate with cross-functional teams, and maintain a security-first mindset.

Position Summary: The role will report into the Cyber Security Organization, the role will support key vulnerability management initiatives that will minimize security weaknesses in the environment by working with the Cybersecurity, IT Infrastructure, and Application teams to drive vulnerability remediation across RRD Globally. This is an excellent opportunity for an experienced Security Engineer to join our Growing Cyber Security team. The Security Vulnerability Management Engineer will work within a multi-national team comprised of both internal and external analysts. They will play a key role in ensuring the effectiveness of RRDs cyber security vulnerability Management program. The role will represent the Security Operation function within RRD Cyber Security and will champion best practices to both Cybersecurity and its business partners. The Security Engineer will support the security operations function continually improves, remains tuned to specific organizational threats, and operates an effective security toolset. Technology Specific Skills and Other Requirements for this role include: Bachelor degree in Computer Science, Information Systems or discipline related to functional work or role with 3 to 5 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience. We are looking for a highly motivated and talented analyst with a passion for Vulnerability Management. The ideal candidate will have experience supporting and managing vulnerability management activities in large enterprise environments. Need strong organization, coordination and negotiation skills to engage with other global and member firm teams. Sound knowledge of common infrastructure and web application vulnerabilities and common vulnerability categorizations such as CVE, CVSS, CWE Sound knowledge of common vulnerability identification & remediation tools, such as Rapid7/Nessus/ Qualys, Kali, Kenna, Tenable, RiskIQ, Microsoft SCCM and IBM BigFix/Tanium etc Secure DevOps experience would be a plus He or She should have a strong understanding of security operations concepts, vulnerability management and incident remediation within a complex global organization. Must have excellent communication skills; both verbal and written. Relevant Security certifications like CEH, CISSP etc ITIL foundation Certification and experience preferred Must have expert on OS knowledge on Windows, Linux and networking technologies Familiarity with Python or related programming language. Understanding of common security threats, attack vectors, vulnerabilities and exploits Expert level understanding of networking & Security concepts. Good Knowledge on AWS, Azure and other cloud Technologies. Highly self-motivated and directed; Strong organizational, oral communication and project management skills. Excellent attention to detail; Ability to effectively prioritize and execute tasks in a high-pressure environment; Experience in working in an onsite-offshore model. Knowledgeable in security concepts, techniques, tools, methods and practices Proven relationship management expertise with both business and technical personnel Ability to work well independently and in a team environment Ability to handle multiple tasks, prioritize and meet deadlines Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.

Key Responsibilities: Lead and execute vulnerability assessments across enterprise systems using Qualys VMDR and related modules. Manage and optimize Qualys scanning infrastructure including scanner appliances and cloud agents. Develop and maintain scanning strategies and schedules for internal and external assets. Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with stakeholders. Generate detailed reports and dashboards using Qualys reporting tools and best practices. Ensure compliance with internal security policies and external regulatory requirements. Provide technical guidance and mentorship to junior team members. Collaborate with IT, DevOps, and application teams to integrate vulnerability management into CI/CD pipelines. Required Skills and Experience: 5+ years of experience in vulnerability assessment and management. Hands-on experience with Qualys VMDR, Patch Management, and Continuous Monitoring. Strong understanding of vulnerability lifecycle, CVSS scoring, and remediation workflows. Experience with asset discovery, host tracking, and scanning best practices. Familiarity with scripting (Python, PowerShell) for automation and integration. Knowledge of network protocols, operating systems, and web application security. Industry certifications such as CEH, CISSP, or Qualys certifications are a plus. Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Management. Experience3-5 Years.

HI, Job Description Develop and maintain security tooling, guidelines, and standards for the Security Engineering team. Participate in threat intelligence and forensic analysis exercises, with guidance from more senior engineers. Work closely with application and infrastructure teams on mitigation of vulnerabilities against all cloud hosted systems. Create and maintain thorough runbooks and incident response documentation for the Security Operations Center (SOC). Create and monitor correlated event dashboards in the SIEM, alerting against thresholds you develop. Research, implement, and configure security protections for email, hosts, and identities. Write scripts to automate manual tasks. Create and provide training to assist new staff and internal teams. Education Bachelor's degree in Information Systems, Computer Science, or related discipline. Or any combination of education and experience which would provide the required qualifications for the position. Experience 5+ years of experience in being a part of a security operations center, with focuses on threat intelligence, incident response, blue team operations and SIEM query/workflow creation. 5+ years of experience in systems administration, software engineering, software development, or related discipline. Licenses CEH, SANS, ISC2 (CISM, CISSP, CCSP, etc), AWS, GCP, Azure Knowledge Working knowledge of SOC operations and incident response procedures, such as EDR, SWG, CASB, email threat protection, SIEM and SOAR platforms, threat intelligence frameworks (like MITRE ATT&CK), vulnerability and identity management, network security tools (firewalls, IDS/IPS), Python or PowerShell scripting, cloud-native security services (AWS, Azure, GCP), forensic and log analysis, and documentation platforms for preserving security operations materials. Skill in: Analytical, critical thinking and problem-solving skills; troubleshooting and resolving architecture and application development issues; working as member of a team; communicating effectively; establishing and maintaining effective working relationships. Ability to: Determine how a system should work and how changes in conditions, operations, and the environment will affect outcomes; demonstrate presentation skills with a high degree of comfort with both large and small audiences; work in a fast- paced environment; plan, organize, and prioritize workload and multi-task, to meet deadlines; establish and maintain effective working relationships through collaboration and respect.

Role Overview: The Cyber Security Auditor is responsible for auditing cybersecurity processes, risks, and controls. The role requires a strong understanding of industry frameworks like NIST (e.g., NIST CSF, NIST 800-53) and hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures. Key Responsibilities: Risk and Control Assessments: Conduct assessments of cybersecurity risks and controls across network security, application security, vulnerability management, and governance controls. Issue Validation: Perform closure verification and issue validation for security findings, ensuring remediation aligns with risk reduction objectives. Vulnerability Management: Understand vulnerability management and penetration testing programs, patch management processes, threat intelligence, and threat hunting integrations. Governance Controls: Review and test governance controls related to cybersecurity policies, procedures, roles, and responsibilities. Technical Expertise: Test controls for network security, firewalls, IDS/IPS, SIEM tools, and endpoint security. Application Security: Hands-on experience in application security, vulnerability management, patch management, and security monitoring. Network Protocols: Strong knowledge of network protocols (TCP/IP, HTTP, SSL/TLS, DNS, VPN, etc.) and secure configurations. Cloud Security: Familiarity with cloud security controls (AWS, Azure, GCP) and DevSecOps principles. Desired Skills and Certifications: Frameworks and Standards: Strong understanding of NIST frameworks (CSF, 800-53), ISO 27001, CIS Controls, and regulatory requirements. Tools: Experience with GRC tools or IAM/PAM tools such as Archer, SailPoint. Certifications: Professional certifications like CISA, CISSP, CISM, CRISC, CEH, or GIAC certifications (GCIH, GCFA, GPEN) are highly desirable. Emerging Threats: Stay up to date with emerging cyber threats, attack techniques, and regulatory requirements impacting security controls. Top 5 Keywords for LinkedIn Search: Cyber Security Auditor NIST Frameworks (CSF, 800-53) Vulnerability Management Governance, Risk, and Compliance (GRC) Professional Certifications (CISA, CISSP, CISM) These keywords should help you identify candidates with the relevant skills, experience, and certifications for the position. If you need further assistance or have any other questions, feel free to ask! You said: make a good roles and responsibility based on the jd given for a job p[ost Copilot said: Copilot Roles and Responsibilities for Cyber Security Auditor Role Overview: The Cyber Security Auditor is responsible for auditing cybersecurity processes, risks, and controls. This role requires a strong understanding of industry frameworks such as NIST (e.g., NIST CSF, NIST 800-53) and hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures. The auditor will validate control effectiveness and perform closure verification/issue validation to strengthen the organization's cybersecurity posture. Key Responsibilities: Risk and Control Assessments: Conduct comprehensive assessments of cybersecurity risks and controls across various domains including network security, application security, vulnerability management, and governance controls. Evaluate the effectiveness of existing security measures and recommend improvements. Issue Validation and Remediation: Perform closure verification and issue validation for security findings. Ensure remediation efforts align with risk reduction objectives and enhance overall security posture. Vulnerability Management: Understand and assess vulnerability management and penetration testing programs. Oversee patch management processes and integrate threat intelligence and threat hunting activities. Governance Controls: Review and test governance controls related to cybersecurity policies, procedures, roles, and responsibilities. Ensure compliance with regulatory requirements and industry standards. Technical Expertise: Test and validate controls for network security, firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM tools, and endpoint security. Apply hands-on experience in application security, vulnerability management, patch management, and security monitoring. Network Protocols and Secure Configurations: Demonstrate strong knowledge of network protocols (TCP/IP, HTTP, SSL/TLS, DNS, VPN, etc.) and secure configurations. Implement and maintain secure network configurations. Cloud Security and DevSecOps: Familiarity with cloud security controls for platforms such as AWS, Azure, and GCP. Apply DevSecOps principles to integrate security into the development and operations processes. Professional Development: Stay up to date with emerging cyber threats, attack techniques, and regulatory requirements impacting security controls. Pursue relevant professional certifications such as CISA, CISSP, CISM, CRISC, CEH, or GIAC certifications (GCIH, GCFA, GPEN). Desired Skills and Certifications: Frameworks and Standards: Strong understanding of NIST frameworks (CSF, 800-53), ISO 27001, CIS Controls, and regulatory requirements. Tools: Experience with GRC tools or IAM/PAM tools such as Archer, SailPoint. Certifications: Professional certifications like CISA, CISSP, CISM, CRISC, CEH, or GIAC certifications (GCIH, GCFA, GPEN) are highly desirable.

Design, implement, and assess cybersecurity controls across IT and OT environments. Conduct vulnerability assessments, develop secure architectures, and ensure compliance with standards Required Candidate profile Experienced in hands-on cybersecurity engineering and threat assessment with exposure to IT and OT. Strong in vulnerability scanning, architecture reviews, and cross-functional collaboration.

What we offer: Group Summary: Magna is more than one of the world s largest suppliers in the automotive space. We are a mobility technology company built to innovate, with a global, entrepreneurial-minded team. With 65+ years of expertise, our ecosystem of interconnected products combined with our complete vehicle expertise uniquely positions us to advance mobility in an expanded transportation landscape. Job Responsibilities: The IR Analyst, Product Cybersecurity role is a part of Magnas central Information Security Risk & Compliance (ISRC) team. This position will serve as a primary point of contact in matters related to product cybersecurity vulnerability monitoring, management, and reporting. The Product Security IR Analyst will be the primary team member from the ISRC to utilize our global threat intelligence & vulnerability management tool. This role will work closely with leads from each of our unique business units to coordinate continual cybersecurity activities related to our products. Responsibilities Identify potential vulnerabilities in Magnas products by utilizing Magna s cyber threat intelligence and vulnerability management tool. Analyze and verify identified vulnerabilities to determine their applicability and relevance to Magnas products. Assess the risk level of verified vulnerabilities based on known industry frameworks. Collaborate with the product engineering team to facilitate the remediation of vulnerabilities. Track and report status of reported vulnerabilities Create playbooks and best practices for product cybersecurity incident response Stay current with industry best practices and emerging trends in product security to continuously improve Magnas vulnerability management process. Qualifications Bachelors degree or equivalent experience in a related technical field 4+ years of relevant experience in cybersecurity vulnerability monitoring, management, and/or incident response (automotive product preferred) Strong knowledge of product cybersecurity and vulnerability management principles. Proficiency in learning and adapting to new, advanced software tools Expert knowledge of industry standards related to product cybersecurity & incident response (ISO/SAE 21434 preferred) Excellent written and verbal English communication skills Comfortable conveying information effectively and professionally to a wide variety of technical and non-technical audiences Ability to work collaboratively with diverse teams. Enthusiasm for the evolving field of cybersecurity and a desire to continuously learn and improve Attention to detail and ability to prioritize tasks effectively. Awareness, Unity, Empowerment: At Magna, we believe that a diverse workforce is critical to our success. That s why we are proud to be an equal opportunity employer. We hire on the basis of experience and qualifications, and in consideration of job requirements, regardless of, in particular, color, ancestry, religion, gender, origin, sexual orientation, age, citizenship, marital status, disability or gender identity. Magna takes the privacy of your personal information seriously. We discourage you from sending applications via email or traditional mail to comply with GDPR requirements and your local Data Privacy Law. Worker Type: Regular / Permanent Group: Magna Corporate

Management Level Director & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Responsibilities The role requires someone who understands DLP information protection technology from both a managerial/strategic level and hands on technical design and implementation. Architect/engineer Data Leakage Prevention security solutions covering DLP Endpoint, Discover, Web & Email. Provide advice on Data Leakage Policy development. Own and manage tool configuration, ensuring appropriate governance and change control arrangements are operating across the business. Provide support for DLP platform including analysis, continuous configuration, tuning and testing of data loss prevention policies Perform maintenance on the DLP platform including patching, configuration modifications and upgrades/Migrations Integrate with analytics and compliance tooling. Monitor DLP information security alerts though DLP tools to respond, triage, and escalate as needed. Analyze event/alert patterns to properly interpret and prioritize threats with available DLP tools and other data protection devices. Identify trends and drive requirements aimed at improving and enhancing existing data loss prevention detection policies and configurations. Provide technical advice and input for the support of integrated security systems and solutions. Interface with clients in the strategic design process to translate security and business requirements to improve the efficiency of daily tasks, monitoring, and processes with innovative ideas. Create, review, maintain and update documentation including Documenting & Publishing fixes in central knowledge base. Monitor the use of the tools and ensure a consistent process of improvement is in place. Candidate should have hands on experience on 2 of the recognized DLP tool (Forcepoint, Symantec, Netskope, Mcafee or Digital Guardian). Experience 12+ years work experience on a Security Technical Services and/or Support Operations team preferred. Candidate will exhibit a history of reliability and strong decisionmaking skills due the trust imparted in them as a DLP analyst. DLP related monitoring experience desired. Candidate must possess strong analytical skills to identify complex security issues and respond at the same level with a technical understanding of when to escalate impacting security events. Experience working with clients in a support role Must possess requisite oral communication and writing skills Must be selfmotivated and capable of independent work while operating in a geographically and culturally diverse peer group. Mandatory skill sets As above Preferred skill sets As above Years of experience required 12+Years Education qualification B.Tech, preferred Education Degrees/Field of Study required Bachelor of Engineering Degrees/Field of Study preferred Required Skills Data Security Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Influence, Information Security, Innovation, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations {+ 28 more} Travel Requirements Available for Work Visa Sponsorship

Overview. ormation Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area, Responsibilities. Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage, Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc, L2/L3 level is added advantage, Should have knowledge in managing Vulnerability tools and various remediation efforts, Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed, Enforce incident response service level agreement, Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company. Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks. Vulnerability management assessment and remediation. Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks. Research the latest information technology (IT) security trends. Help plan and carry out an organization’s way of handling security. Develop security standards and best practices for the organization. Recommend security enhancements to management or senior IT staff. Document security breaches and assess the damage they cause, Performs other duties as assigned. Qualifications. Tech, B. 2-5 years’ Experience working in a Security Operations Center. 2 years minimum in the computer industry. Knowledge working with complex Windows environments. Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001. Knowledge in design and administration of security tools. Good written and verbal communication skills. Show more Show less

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes and for that, we need you to join us.. The Team:. As a member of the Information Security Organization at Celonis, you'll collaborate closely with various departments and customers to communicate and demonstrate the security posture of our products. This position is part of the Security Enablement team within the broader Security GRC (Governance, Risk, and Compliance) Department. The Information Security team plays a critical role in ensuring Celonis' technology and information assets are appropriately guarded from external and internal threats. The Security GRC Department you'll be joining is responsible for maintaining existing security attestations at Celonis globally, balancing risk with appropriate controls and assessing control effectiveness.. The Role:. As Associate Security Enablement Analyst within the Information Security GRC team, you will act as a key interface between Celonis and its customers, helping to demonstrate the strength of our security posture and ensuring a smooth, informed, and confident customer journey. In this role, you’ll handle a broad range of customer-facing security activities—from responding to security questionnaires and audits, to building scalable processes and content for security communications. You’ll work closely with internal stakeholders across Legal, Operations, and Engineering, playing a critical role in reinforcing trust and transparency around our security practices. This position is ideal for someone who thrives at the intersection of security, communication, and customer success.. The work you’ll do:. Customer Security Requests: Respond quickly and accurately to customer security inquiries, supporting business development and customer success efforts.. Technical Security Communication: Independently address technical questions from customers, ensuring their security requirements are clearly understood and met.. Audit Support: Support customer audits and remote assessments by preparing and delivering relevant security documentation and evidence.. Security Questionnaires: Lead the completion of security questionnaires and related documentation, particularly those focused on cloud security.. Cross-Functional Collaboration: Work with Legal, Operations, and Cloud Engineering to develop and maintain standardized materials that clearly explain our security controls and practices.. Knowledge Management: Build and maintain a centralized knowledge base covering key Information Security topics, making resources easily accessible to internal and external stakeholders.. Enablement & Culture: Contribute to internal initiatives that strengthen Celonis’s security culture, operational maturity, and external security presence—whether through team development, internal enablement, or customer-facing improvements.. Privacy & GenAI Readiness: Collaborate with cross-functional teams to support privacy-related initiatives and emerging GenAI-related security considerations, ensuring alignment with evolving regulatory and customer expectations.. The qualifications you need:. University degree in the field of Information Technology and Management, Business Administration, or a similar field. Experience working with Security Questionnaires, IT projects, RFX. Work experience in the field of IT Security, Auditing, Cloud Security or similar. Excellent communication skills in English (spoken and written). Excellent ability to communicate with clients, relevant departments, collaborators and other relevant actors. High professional responsibility and excellent skills to work independently. Excellent skills to learn quickly and adapt to new tasks. Ability to learn topics related to Cloud, Infrastructure, and IT Security. Ability to work under pressure andin a dynamic work environment. Excellent communication skills in German (has the advantage). What Celonis Can Offer You:. Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business.. Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities.. Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more.. Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs.. Connect and Belong: Find community and support through dedicated inclusion and belonging programs.. Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future.. Collaborate Globally: Join a dynamic, international team of talented individuals.. Empowered Environment: Contribute your ideas in an open culture with autonomous teams.. About Us:. Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It’s system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.. Get familiar with the Celonis Process Intelligence Platform by watching this video.. Celonis Inclusion Statement:. At Celonis, we believe our people make us who we are and that “The Best Team Wins”. We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard that's when creativity and innovation happen.. Your Privacy:. Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices. By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.. Please be aware of common job offer scams, impersonators and frauds. Learn more here.. Show more Show less

Summary Of The Position:. This position requires candidate should be Graduate/Post Graduate on Engineering / Computer Science with at least 10 + years of experience in managing Information Security / Cyber Security for an enterprise level.. Lead and manage day-to-day security operations and ensure the implementation and enforcement of security measures across the organization. Role will involve assessing vulnerabilities, managing security incidents, and overseeing a team of security professionals. Collaborate closely with IT, risk management, and other business units to maintain a secure infrastructure and ensure compliance with relevant security standards and regulations.. Qualification, Certifications and Knowledge level. Tech/ B. Certifications: CEH / GSEC / CISM or other relevant security. 10 years of experience in cybersecurity or information security roles.. Strong knowledge of SIEM, firewalls, IDS/IPS, vulnerability management, and encryption.. Experience with security frameworks such as NIST, ISO 27001, SOC 2 or CIS.. Hands-on experience with incident response and management.. Prior experience in a leadership or managerial role within security operations is preferred.. Good understanding of IT/IS & Cyber risks. Experience in risk management processes and reporting. Experience in third-party risk management frameworks & processes. Good Communication Skills. Ability to work independently and to take emergent decisions on his/her own. Ability to work collaboratively with internal and external stakeholders to achieve a mutually beneficial result. Good team player, hardworking, enthusiastic with good attitude. Experience:. 10-12 years of relevant work experience in Information Security / IT Security and risk management functions.. Roles & Responsibilities:. Security Operations Management:. Oversee daily security operations and lead the Security Operations Center (SOC) team.. Develop and enforce security policies, procedures, and guidelines.. Manage vulnerability scanning, penetration testing, and threat monitoring activities.. Ensure all security tools (firewalls, IDS/IPS, DLP, SIEM) are properly configured, maintained, and updated.. Incident Response And Management:. Lead investigations and response to security incidents, breaches, or cyberattacks.. Perform root cause analysis and post-incident reporting.. Ensure incident response plans are regularly tested and optimized.. Threat And Vulnerability Management:. Manage and review system vulnerabilities and threats and implement risk mitigation strategies.. Perform regular risk assessments and security audits to identify and address security gaps.. Collaborate with DevOps and infrastructure teams to integrate security best practices in all systems.. Compliance And Governance:. Ensure compliance with security regulations, standards, and frameworks (ISO 27001, NIST, GDPR, etc.).. Maintain up-to-date documentation of security controls and processes.. Coordinate internal and external security audits, including audits related to compliance.. Leadership And Team Development:. Supervise and mentor junior security analysts and engineers.. Provide guidance on career development, training, and certifications.. Collaborate with HR and senior leadership to define security team goals and objectives.. Vendor And Stakeholder Management:. Liaise with third-party vendors to assess security tools and technologies.. Work closely with other business units, such as IT, legal, and finance, to ensure security objectives are aligned with business priorities.. Security Awareness And Training:. Develop and implement IT security awareness training programs for employees.. Foster a culture of security awareness across the organization.. Perform a phishing simulation exercise at the organizational level and assess the associated risks.. Summary Of The Position:. This position requires candidate should be Graduate/Post Graduate on Engineering / Computer Science with at least 10 + years of experience in managing Information Security / Cyber Security for an enterprise level.. Lead and manage day-to-day security operations and ensure the implementation and enforcement of security measures across the organization. Role will involve assessing vulnerabilities, managing security incidents, and overseeing a team of security professionals. Collaborate closely with IT, risk management, and other business units to maintain a secure infrastructure and ensure compliance with relevant security standards and regulations.. Qualification, Certifications and Knowledge level. Tech/ B. Certifications: CEH / GSEC / CISM or other relevant security. 10 years of experience in cybersecurity or information security roles.. Strong knowledge of SIEM, firewalls, IDS/IPS, vulnerability management, and encryption.. Experience with security frameworks such as NIST, ISO 27001, SOC 2 or CIS.. Hands-on experience with incident response and management.. Prior experience in a leadership or managerial role within security operations is preferred.. Good understanding of IT/IS & Cyber risks. Experience in risk management processes and reporting. Experience in third-party risk management frameworks & processes. Good Communication Skills. Ability to work independently and to take emergent decisions on his/her own. Ability to work collaboratively with internal and external stakeholders to achieve a mutually beneficial result. Good team player, hardworking, enthusiastic with good attitude. Experience:. 10-12 years of relevant work experience in Information Security / IT Security and risk management functions.. Roles & Responsibilities:. Security Operations Management:. Oversee daily security operations and lead the Security Operations Center (SOC) team.. Develop and enforce security policies, procedures, and guidelines.. Manage vulnerability scanning, penetration testing, and threat monitoring activities.. Ensure all security tools (firewalls, IDS/IPS, DLP, SIEM) are properly configured, maintained, and updated.. Incident Response and Management:. Lead investigations and response to security incidents, breaches, or cyberattacks.. Perform root cause analysis and post-incident reporting.. Ensure incident response plans are regularly tested and optimized.. Threat and Vulnerability Management:. Manage and review system vulnerabilities and threats and implement risk mitigation strategies.. Perform regular risk assessments and security audits to identify and address security gaps.. Collaborate with DevOps and infrastructure teams to integrate security best practices in all systems.. Compliance and Governance:. Ensure compliance with security regulations, standards, and frameworks (ISO 27001, NIST, GDPR, etc.).. Maintain up-to-date documentation of security controls and processes.. Coordinate internal and external security audits, including audits related to compliance.. Leadership and Team Development:. Supervise and mentor junior security analysts and engineers.. Provide guidance on career development, training, and certifications.. Collaborate with HR and senior leadership to define security team goals and objectives.. Vendor and Stakeholder Management:. Liaise with third-party vendors to assess security tools and technologies.. Work closely with other business units, such as IT, legal, and finance, to ensure security objectives are aligned with business priorities.. Security Awareness and Training:. Develop and implement IT security awareness training programs for employees.. Foster a culture of security awareness across the organization.. Perform a phishing simulation exercise at the organizational level and assess the associated risks.. UnifyCX is an emerging Global Business Process Outsourcing company with a strong presence in the U.S., Colombia, Dominican Republic, India, Jamaica, Honduras, and the Philippines. We provide personalized contact centers, business processing, and technology outsourcing solutions to clients worldwide. In nearly two decades, unifyCX has grown from a small team to a global organization with staff members all over the world dedicated to supporting our international clientele.. At UnifyCX, we leverage advanced AI technologies to elevate the customer experience (CX) and drive operational efficiency for our clients. Our commitment to innovation positions us as a trusted partner, enabling businesses across industries to meet the evolving demands of a global market with agility and precision.. UnifyCX is a certified minority-owned business and an EOE employer who welcomes diversity.. Show more Show less

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes and for that, we need you to join us.. The Team:. As part of the Information Security Organization, you will be working closely with different departments for their information security compliance. This role will be part of the new and growing Compliance Engineering function. The Information Security team plays a critical role in ensuring Celonis's technology and information assets are appropriately guarded from external and internal threats. The Security GRC Department you'll be joining is responsible for maintaining existing security attestations at Celonis globally, balancing risk with appropriate controls and assessing control effectiveness.. The Role:. This isn't a typical compliance role. It is a technical, hands-on position within our GRC organization, at the critical interface between business operations and technology. Here, you can be a data analyst, an engineer, an auditor, and a builder, using leading technology to design, create, and run automated solutions that test our security controls. In addition to that your analytical skills will contribute to our overall security process intelligence. You will get hands-on experience with our own Celonis platform, modern GRC (Governance, Risk, and Compliance) tools, and low-code automation.. The work you’ll do:. Design and build assets to test and continuously monitor the effectiveness of our internal security controls including continuous evidence collection. Rigorously test and validate the data and logic within your solutions to ensure accuracy, completeness, and reliability.. Participate in and support internal as well as external security compliance audits, applying your technical understanding as well as business acumen to assess control design and effectiveness.. Develop and manage insights to measure program effectiveness. This includes metrics for compliance and offers the opportunity to support broader security performance and risk management analytics.. Work with technical and non-technical teams across Celonis to translate security requirements into automated tests and operational workflows.. The qualifications you need:. Academic background in Computer Science, Engineering, Information Systems, Physics, Mathematics or a related field, or equivalent work experience.. You thrive on big challenges, can anticipate and adapt to changes in direction, and are driven to continuously improve the solution.. A Builder's Mindset: You have foundational experience with data integration and analyzing data using SQL, Python, or similar languages in a database-like environment.. Strong Problem-Solving Skills: You are a self-starter who can troubleshoot issues independently and enjoys tackling open-ended challenges.. Excellent Communication Skills: You can clearly articulate and right-size complex technical issues in English to both technical and non-technical people.. This role requires working in shifts aligned with Central European Time (CET) to collaborate effectively with our global teams.. Preferred Qualifications:. A strong interest in or foundational knowledge of Process Mining, Continuous Controls Monitoring, Evidence Collection, GRC platforms, and IT Auditing.. Knowledge of cloud technologies from different cloud service models and security frameworks ( ISO 27001, SOC 2, NIST etc.). Demonstrated knowledge of technology risks, infrastructure, and information security princip. What Celonis Can Offer You:. Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business.. Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities.. Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more.. Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs.. Connect and Belong: Find community and support through dedicated inclusion and belonging programs.. Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future.. Collaborate Globally: Join a dynamic, international team of talented individuals.. Empowered Environment: Contribute your ideas in an open culture with autonomous teams.. About Us:. Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It’s system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.. Get familiar with the Celonis Process Intelligence Platform by watching this video.. Celonis Inclusion Statement:. At Celonis, we believe our people make us who we are and that “The Best Team Wins”. We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard that's when creativity and innovation happen.. Your Privacy:. Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices. By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.. Please be aware of common job offer scams, impersonators and frauds. Learn more here.. Show more Show less

About NCR Atleos Responsible for planning and performing Application Risk Assessments, as per the guidelines provided by regulations and standards. Build expertise on security governance and compliance that includes all Cloud providers and Cloud security monitoring. Build tool expertise on tools - Wiz, Algosec, Fortinet, Forscout, etc. Effectively collaborates and communicates with the stakeholders and ensure satisfaction Foster teamwork. Train and coach team members to ensure effective knowledge management activity. EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

HackIT Technology & Advisory Services is looking for Security Analyst - Red Team to join our dynamic team and embark on a rewarding career journey Gather, interpret, and analyze data to identify trends, patterns, and opportunities that support strategic decision-making Prepare clear, actionable reports, dashboards, and visualizations using tools like Excel, SQL, Power BI, or Tableau Collaborate with stakeholders to define business problems and recommend data-driven solutions Ensure data integrity, validate findings, and document methodologies Present insights to management and cross-functional teams in a concise and impactful manner Stay updated on industry best practices, tools, and emerging trends to enhance analysis quality and business outcomes

Position Purpose Business Analyst for implementing GRC IT solutions in ServiceNow. Must have experience in implementing GRC solutions. Responsibilities D irect Responsibilities Lead the business requirements gathering process Collect and analyze requirements Animate workshops and meeting, write meeting minutes, follow up actions Prepare related documentation (functional design specifications, RACI, standard operating procedures, business workflow, user manuals etc.) Write User Stories, explain User Stories to developers Create training materials and conduct training sessions Follow up the development lifecycle steps requirements formalization, development testing, UAT coordination with stakeholders, transition to production organization, write release notes Assist users in user acceptance test (test scenarios, non-regression tests) Create and maintain the project planning, identify risks and handle it Ensure the post-implementation monitoring Provide regular project updates (meeting minutes, follow-up on action plan) Ensure proper escalation whenever required Contributing Responsibilities Manage assigned projects Ensure quality of service delivered by products Contribute to investigate user issues reported Technical & Behavioral Competencies Experience in Vulnerability Management processes and tools (Qualys, Rapid7, Tenable, Fortify, Sonarcube, Tanium, Nessus, Nexpose) Knowledge in any of the topics like IT Risk, SOX, Compliance, Control Plans, Action Plans, IT Continuity, Audit, ERM, ORM, Third Party Management Strong process analysis, mapping and design Practical experience of delivering change in IT environments Experience in project management and business analysis Excellent knowledge of the IT Project life cycle Proven track record of successful change management delivery within global banking industry or large organizations is a plus Knowledge and experience on GRC solutions (ServiceNow, Archer, GRC Enablon, eFront, Nasdaq Bwise) Knowledge on Agile methodologies Specific Qualifications (if required) kills Referential Behavioural Skills : (Please select up to 4 skills) Decision Making Creativity & Innovation / Problem solving Communication skills - oral & written Ability to synthetize / simplify Transversal Skills: (Please select up to 5 skills) Ability to understand, explain and support change Ability to develop and adapt a process Ability to anticipate business / strategic evolution Analytical Ability Ability to develop and leverage networks Education Level: Bachelor Degree or equivalent Experience Level At least 7 years Other/Specific Qualifications (if required) Industry Standard BA Qualification AGILE methodologies GRC, IRM (Integrated Risk Management)

Vice President (VP1) - Head of Common ICT LOD2 Controls Execution Platform - CICEP Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology Transversal Risks and RISK ORM Network. Under the authority of the Poles Managers, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities). In this context, the Common ICT LOD2 Controls Execution Platform (CICEP), reports hierarchically to the Group Head of ICT Controls Testing. The Head of CICEP, India CoE, ensures the homogeneity, the robustness and effectiveness of the ICT controls executed by the LoD1 by implementing LoD2 controls execution platform across Poles and Functions. The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports to Head of RISK ORM Network, India CoE, plus functionally to Group Head of ICT Controls Testing. Responsibilities Lead the delivery of the COE CICEP India team (including his/her missions) dedicated to: o Performing the LOD2 check and challenge on the execution of ICT controls (verification, re-performance, direct controls testing) requiring technical and business expertise. o Determining the design effectiveness, and operating effectiveness of IT and Cyber controls. o Review and assist the team with the evaluation of control deficiencies and provide practical recommendations for remediation. o Drafting high-quality reports containing the risk assessors opinion on the ICT control gaps, and recommendations for improvement, post completion of an assignment. o Ensuring completion of the testing LOD2 reviews and adherence to the validated internal timelines. Contribute to the maturity of the services provided by the CICEP platform by: o Enhancing the CICEP methodology and tools required to perform the ICT control reviews. o Identifying the areas of improvement (lessons learned) for ICT control reviews and proactively working with the relevant stakeholders to implement these enhancements. o Proactively supporting the standardisation of practises (workpapers, reports, templates etc.) across the CICEP platform (India and Portugal). Proactively contributes to the usage and enhancement of Group methodologies and tools for LOD2 control testing reviews. Provides upon request of business or the Operational Risk Officer(s), provides advice on ICT controls related to IT and cyber risk management. Actively participates in the monitoring of the LOD2 ICT control results, and their reporting to senior management. Works in collaboration with other stakeholders from business and RISK ORM teams to contribute towards influencing the ICT risk culture of The Bank. Improves the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities. Deliver quarterly CICEP KPI report in a timely and accurate manner, working in conjunction with the functional and the CoE managers. Manage the growth, productivity and efficiency of the CICEP platform and ensure a good continuity of its services. Provide, at least once a year for the European Supervisor, a regular and complete analysis and of the ICT Lod2 control highlighting key messages for the General Management. Contributing Responsibilities Collaborates at the India CoE level with Head of India CoE, including but not limited to the CoE level reporting requirements. Effectively contributes to the CoE, RISK India Hub and ISPL on Group mandates, objectives and priorities. Lead by example, demonstrating effective Leadership in the CICEP team leading to CoE as a positive place to work in conjunction with the Head of India CoE. Participates to the recruitment for the CoE. Technical Behavioral Competencies SKILLS, EXPERIENCE AND COMPETENCIES Skills Required 7+ years of experience in IT audit / ITGC controls testing / technical assessments, preferably in the areas of Cyber and Technology domains in a financial institution. Ability to manage the team and its workload independently to meet their targets, and priorities set in conjunction with management. Must be able to interface and coordinate work efficiently, and effectively with business partners. Excellent analytical skills being able to come to a thoughtful and business focused conclusion quickly. Good communication, listening and influencing skills, including ability to articulate complex issues and incorporate feedback. Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done. Being rigorous and thorough especially when logging and tracking issues through to conclusion. Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business. Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate. Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework. Team player focus on the success of the whole team. Working well both with others, as well as individually. Ability to work under strict timelines and at pressure situations to manage the delivery. Open to work under global time zones as required for workshops or stakeholder discussions. Skills Preferred Team management capabilities. Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements. Is self-aware, anticipates problems, adapts and meets them head on. Strong stakeholder management, relationship building, influencing, facilitating and presenting skills. Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success. Competencies: University degree (technical), and/or certification such as ISO27001, CISA. Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security, etc.). Conduct: Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure. Specific Qualifications (if required) Bachelors degree, and certification in Information Systems Skills Referential Behavioural Skills : (Please select up to 4 skills) Attention to detail / rigor Ability to deliver / Results driven Ability to deliver / Results driven Ability to collaborate / Teamwork Transversal Skills: (Please select up to 5 skills) Ability to develop others improve their skills Ability to inspire others generate people's commitment Ability to set up relevant performance indicators Analytical Ability Ability to develop and leverage networks Education Level: Bachelor Degree or equivalent Experience Level At least 12 years Other/Specific Qualifications (if required) Professional qualifications/trainings relevant to Information Security, Risk Management is a strong plus (ISO 27001, ISO 31000, CISSP, CRISC, CISM, CISA, CCSP) preferred.

Position Purpose Within the framework of the policy defined by the ARVAL IT Production tribe , Level 2 System Engineer will work closely with L2/L3 Production teams. Responsibilities Direct Responsibilities Management of physical servers (DELL/HP). Hardware Incident management (with IBM/DELL/HP support). Maintenance and optimization of Windows systems (MCO) (Physical /VM) Identification and proposal of technical improvements and solutions to obstacles. Contributive Responsibilities Vulnerability management. Patch management and reporting. Deployment of physical and virtual Windows servers. Monitoring and management of production and test environments, including task monitoring and issue resolution. Collaboration with development teams to ensure alignment with best practices. Participation in incident management and implementation of workarounds. Contribution to technical documentation and procedure guides. Participate in the Oncall management rotation (7/7 24/24) Technical Behavioral Competencies Technical Competencies Server Hardware (Dell/HP) : In-depth knowledge of physical servers, including installation, configuration, and maintenance. Windows Server Operating System : Expertise in administering and managing Windows operating systems. Hyper-v /SCVMM : Proficiency in virtualization with Hyper-v to create and manage virtual machines. SCCM : Mastery of System Center Configuration Manager for configuration and deployment management (OS deployment and packaging) Skills Referential Behavioural Skills : (Please select up to 4 skills) Attention to detail / rigor Adaptability Creativity Innovation / Problem solving Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to develop and adapt a process Ability to anticipate business / strategic evolution Ability to understand, explain and support change Ability to develop others improve their skills Education Level: Bachelor Degree or equivalent Experience Level At least 5 years Other/Specific Qualifications (if required)

About Toast Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. Because our technology is purpose-built for restaurants, our customers trust that we will deliver on their needs today while investing in innovative experiences that will power the future of the industry. About this roll*: We are seeking a strategic and experienced leader to manage our Corporate Security and Governance, Risk, and Compliance functions in India. You will lead and grow both teams, strengthen our security posture, drive compliance with industry frameworks, and support enterprise risk efforts, while partnering closely with global stakeholders on key initiatives. What you will do: Corporate Security: Provide leadership and oversight to the CorpSec team, ensuring the implementation of best practices across endpoint protection, vulnerability management, and threat mitigation. Guide the design and management of a secure enterprise endpoint strategy, ensuring the CorpSec team aligns with policy and compliance requirements. Supervise the CorpSec team in conducting vendor risk assessments and coordinate with global stakeholders to drive remediation activities. Oversee the management of secure email gateway and Data Loss Prevention (DLP) systems, ensuring the CorpSec team enforces data protection and policy compliance across all endpoints (Windows, macOS, Linux). Manage endpoint investigations and root cause analysis, directing the CorpSec team to collaborate with the SOC for integrating telemetry into SIEM platforms (e.g., Splunk, Datadog). Ensure the CorpSec team maintains documentation, SOPs, and training resources, and oversees the delivery of awareness sessions to improve endpoint hygiene. Stay informed on emerging threats to provide strategic guidance to the CorpSec team for enhancing threat detection and response capabilities. Governance, Risk, and Compliance (GRC): Oversee the development and maintenance of GRC frameworks (SOC 2, PCI DSS, ISO 27001), ensuring the Technical GRC team aligns with global standards and maintains ongoing compliance. Manage the review process for third-party security attestations (e.g., SOC 2, ISO 27001) and guide the Technical GRC team in assessing vendors in collaboration with Legal, Procurement, and IT. Supervise periodic vendor risk reviews, ensuring the Technical GRC team identifies gaps and drives remediation plans effectively. Partner with internal audit and external assessors to support security evaluations and regulatory alignment. Provide oversight for regular reporting on compliance posture, risk trends, and incident metrics to senior stakeholders, ensuring the Technical GRC team delivers accurate and timely updates. Team Leadership and Development: Provide leadership and mentorship to the Corporate Security and GRC teams in India, fostering a high-trust, collaborative environment. Recruit, train, and grow security talent to build a resilient, high-performing organization. Set performance goals, conduct evaluations, and support team members' ongoing development. Do you have the right ingredients*? Bachelor’s in Computer Science, InfoSec, or related field (Master’s preferred). Industry certifications like CISSP, CISM, or CEH are strongly preferred. 10+ years in cybersecurity, with hands-on experience in vulnerability management, compliance automation, and GRC. Strong understanding of SOC operations, incident response, and security tooling (SIEM, IDS/IPS, WAF). Proven leadership experience managing distributed security teams in dynamic environments. Skilled in communication, collaboration, and team development. Deep knowledge of compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001) and regulatory expectations.

Role: Microsoft Defender/MAC Endpoint Vulnerability Management Specialist Role Summary: He/She will be responsible for managing vulnerability remediation activities using Microsoft Defender, with a strong focus on endpoint security and management. Additionally, should possess expertise in Mobile Device Management (MDM) solutions such as Intune, and demonstrate advanced troubleshooting skills at the Windows OS level. Scripting knowledge is considered a plus. Location: Bangalore Preferred Duration: 3 Months(Extendable Project) Date : Immediate Joining also preferred Key Responsibilities: - Review vulnerabilities report, analyze the solutions available and execute vulnerability remediation activities using Microsoft Defender. - Collaborate with the Security Team to assess vulnerabilities and implement mitigation strategies. - Manage endpoint security configurations and policies through Microsoft Defender. - Implement solutions through Mobile Device Management solutions, Intune/WS1/SCCM. - Develop policies as required in collaboration with Product Owners and Security team. - Provide L3 level support for Windows OS-related issues. - Diagnose complex system problems and work towards resolution swiftly. - Utilize scripting languages (e.g., PowerShell) to automate or deploy solutions as needed. - Develop scripts to enhance monitoring capabilities or streamline solution deployment processes. - Maintain comprehensive documentation of processes, incidents, resolutions, and changes implemented. Qualifications: - Proven experience in managing Microsoft Defender Endpoint solutions. - Expertise in MDM tools like Intune/WS1/SCCM. - Strong troubleshooting skills at the Windows OS level. - Proficiency in scripting languages such as PowerShell. - Excellent analytical skills with attention to detail. - Strong communication skills; ability to collaborate effectively with cross-functional teams. - Ability to work independently while managing multiple priorities efficiently. - Work experience with monitoring tools like Nexthink is an advantage.onsibilities

NAB is looking for Security Assurance Consultant to join our dynamic team and embark on a rewarding career journey Undertake short-term or long-term projects to address a variety of issues and needs Meet with management or appropriate staff to understand their requirements Use interviews, surveys etc. to collect necessary data Conduct situational and data analysis to identify and understand a problem or issue Present and explain findings to appropriate executives Provide advice or suggestions for improvement according to objectives Formulate plans to implement recommendations and overcome objections Arrange for or provide training to people affected by change Evaluate the situation periodically and make adjustments when needed Replenish knowledge of industry, products and field