Incident Remediation Jobs in Bengaluru

Security Operations Engineer FalconX Location: Bangalore Experience: 3+ Years Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field About FalconX FalconX is a pioneering team of operators, investors, and builders transforming institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX simplifies the complex and fragmented digital asset ecosystem. Our platform empowers clients to navigate the crypto landscape seamlessly, providing access, liquidity, and tools to execute institutional strategies from start to scale. Role Overview We are looking for a Security Operations Engineer to strengthen our cybersecurity posture and protect our systems, data, and clients. In this role, you will monitor, detect, and respond to threats across on-premise and cloud environments, conduct investigations, perform threat hunting, and automate security operations. Key Responsibilities Monitor, detect, and respond to security incidents across cloud and on-premise environments. Analyze security alerts from various tools to identify potential threats and anomalies. Conduct forensic investigations and deep-dive analysis to identify trends and attack techniques. Perform proactive threat hunting across endpoints, networks, and cloud environments. Analyze security logs and behavioral patterns to detect Indicators of Compromise (IOCs). Investigate security incidents and provide actionable mitigation and remediation recommendations. Develop and refine threat hunting methodologies using frameworks like MITRE ATT&CK. Automate threat detection and response processes using scripting languages such as Python, PowerShell, or Bash. Continuously monitor emerging threats, vulnerabilities, and attack trends to improve strategies. Required Qualifications Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field. 3+ years of experience in Security Operations, Threat Hunting, or a similar cybersecurity role. Hands-on experience working with log data for detection and response (Cloud, EDR, Network, etc.). Experience developing and deploying detection rules (Yara, Sigma, SQL-based rules, etc.). Strong understanding of network security monitoring, packet analysis, and log correlation. Deep knowledge of advanced threat detection methodologies and threat intelligence. Proficiency in analyzing attacker TTPs using frameworks like MITRE ATT&CK. Skilled in scripting and automation for security operations (Python, PowerShell, Bash). Familiarity with endpoint security, identity management, cloud security, and incident response. Protect critical systems, data, and client assets from emerging cyber threats. Play a key role in detecting, investigating, and responding to security incidents. Collaborate with cross-functional teams to strengthen security posture and operational resilience. Drive proactive threat hunting and automation to improve efficiency and effectiveness. Qualification : Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field

IT System and Security Engineer Location: Bengaluru Work Type: Full-Time Company Overview Locus is a battle-tested, agentic Transportation Management System powering logistics across 30+ countries. In 2025, Locus joined the Ingka Group (IKEA Retail), combining high-growth tech agility with the scale of a global enterprise while continuing to operate independently. Role Overview We are seeking an IT System and Security Engineer to manage core IT operations, strengthen endpoint security, and ensure compliance. This hands-on role requires technical expertise to maintain a secure, compliant, and efficient environment across Google Workspace, Okta, and Jamf. Key Responsibilities Operations Management: Oversee user onboarding/offboarding, hardware provisioning, and complex troubleshooting. Security Administration: Monitor Okta, Jamf Pro, and Jamf Protect to ensure MFA enforcement and device encryption. Remediation: Proactively review and fix security vulnerabilities and compliance findings. Automation: Streamline routine tasks using Python, Bash, or Google Apps Script. Compliance & Audits: Maintain asset inventories and prepare evidence for SOC2 and ISO27001 readiness. Skills & Qualifications 2 5 years of experience in IT administration or security operations. Expertise: Google Workspace security and Identity Management (Okta). MDM Platforms: Proven experience with Jamf Pro, Intune, or equivalent tools. Scripting: Ability to write automation scripts in Python or Bash. Frameworks: Familiarity with SOC2 / ISO27001 compliance processes. What We Value Global Mindset: Curiosity about diverse markets. Driven: Energized by complex challenges. Thoughtful: Analytical and deliberate approach. Exact in Craft: Commitment to detail and excellence. Help redefine logistics through innovation. We offer competitive compensation, a supportive work environment, and the opportunity to scale IT security within the IKEA ecosystem.

Security Research Engineer Security Research Experience: 5 8 Years | Location: Bangalore | Employment Type: Full-Time About SecPod SecPod is a SaaS-based cybersecurity products company focused on prevention-first security. Our Saner Cloud platform is a unified CNAPP solution that combines AI-driven threat intelligence, automated vulnerability detection, and Cloud Security Posture Management (CSPM) to secure multi-cloud environments. Role Summary We are seeking a highly skilled Security Research Engineer to join our Security Research team. This role focuses on researching emerging cloud security threats, developing security intelligence feeds, building proof-of-concepts (PoCs) for misconfigurations, and creating automated remediation and compliance content. Key Responsibilities Threat Research: Conduct security research to develop intelligence feeds and checks with a strong emphasis on cloud security. Vulnerability & Risk Analysis: Identify and create PoCs for emerging cloud misconfigurations and security risks. Automation: Develop automation for research and validation tasks using Python or other scripting languages. Compliance & Remediation: Build remediation feeds for cloud misconfigurations and compliance benchmarks. Lifecycle Management: Manage the end-to-end lifecycle of research outputs, from initial development through production release. Required Qualifications & Skills Professional Experience: 5 8 years in security research or engineering, with at least 3 years in a senior technical role. Cloud Infrastructure: Hands-on experience with AWS, Azure, or GCP. Technical Fundamentals: Strong understanding of operating systems, networking, and computer science security. Programming: Proficiency in languages such as Python, C, C++, or Java. Environment Expertise: Experience across Linux/Unix, Windows, and virtualization environments. Compliance: Solid knowledge of cloud security and security benchmark compliance. Education Bachelor s degree (or equivalent) in Computer Science or a related field. Qualification : Bachelors degree (or equivalent) in Computer Science or a related field

Security Operations Engineer Location: Bangalore About Us FalconX is a pioneering team of operators, investors, and builders committed to transforming institutional access to the digital asset markets. By bridging traditional finance with cutting-edge technology, we address the industry's most complex challenges. We offer a comprehensive solution for all digital asset strategies from startup to scale enabling our clients to navigate the ever-evolving cryptocurrency landscape with confidence. We are seeking an experienced Security Operations Engineer to help secure FalconX s infrastructure and protect our clients digital assets. As a part of our security team, you will monitor, detect, and respond to cyber threats across both on-premise and cloud environments, ensuring the integrity and safety of our systems and data. Key Responsibilities Security Monitoring & Incident Response: Monitor and respond to security incidents across both on-premise and cloud environments, ensuring timely detection and remediation of potential threats. Threat Detection & Analysis: Analyze security alerts from various security tools to identify, investigate, and mitigate security risks. Conduct in-depth forensic investigations to identify trends, attack techniques, and vulnerabilities. Proactive Threat Hunting: Conduct proactive threat hunting across endpoints, networks, and cloud environments, looking for sophisticated and emerging threats that may not yet be detected by traditional security measures. Forensics & Incident Investigation: Investigate and analyze security incidents to identify the root cause. Provide actionable recommendations for improving security posture and preventing future incidents. Detection Engineering: Develop and refine threat detection methodologies and rules (e.g., Yara, Sigma, SQL-based rules, network protocols) to enhance security monitoring capabilities. Utilize frameworks like MITRE ATT&CK and the Cyber Kill Chain to guide threat hunting and analysis. Automation & Scripting: Leverage scripting languages (Python, PowerShell, or Bash) to automate threat detection, analysis, and response processes, improving overall efficiency and effectiveness. Threat Intelligence & Trend Analysis: Stay informed about emerging threats, vulnerabilities, and attack trends to continuously improve detection strategies and enhance the response to new security challenges. Qualifications Education & Experience Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). Experience: Minimum of 3 years in a security operations, threat hunting, or similar cybersecurity role. Security Expertise Strong experience working with security tools and log data (Cloud, EDR, Network, etc.) for detection and response. Deep understanding of network security, packet analysis, and log correlation. Proficiency in advanced threat detection methodologies and threat intelligence, with a strong grasp of attacker tactics, techniques, and procedures (TTPs), especially using frameworks like MITRE ATT&CK. Technical Skills Proficiency in scripting and automation (Python, PowerShell, Bash). Experience with detection engineering and developing custom detection rules (e.g., Yara, Sigma, SQL-based, Network). Familiarity with endpoint security, identity management, vulnerability management, cloud security, and incident response. Soft Skills Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication skills, with the ability to work effectively in a collaborative, fast-paced environment. Be part of a rapidly growing company at the cutting edge of finance and technology. A dynamic, fast-paced work environment where your expertise will directly impact business success. Competitive salary and benefits package. Opportunities for professional growth in a highly innovative industry. Qualification : Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)

Job Title: Information Security Engineer Location: Bengaluru Company: Altisource (NASDAQ: ASPS) About Altisource At Altisource, we develop cutting-edge technologies and services for the mortgage and real estate industry. We re a trusted partner to 7 of the top 10 U.S. mortgage servicers, operate one of the leading real estate auction platforms, and support a cooperative with over 15% market share in the $1.8 trillion U.S. originations market. If you're passionate about cybersecurity and want to make an impact in a high-growth, tech-driven environment this is the role for you. Position Summary We re looking for a highly motivated Information Security Engineer to support our growing security operations. You will play a vital role in identifying and mitigating security risks across applications, systems, and networks. This role involves vulnerability assessments, code reviews, and automation of security tasks ensuring Altisource remains secure and compliant in a fast-paced environment. Key Responsibilities Conduct vulnerability assessments on applications, networks, and systems. Perform manual verification to reduce false positives and validate security fixes. Communicate identified vulnerabilities and recommend remediation steps to internal teams. Perform secure code reviews and assist development teams in fixing identified issues. Identify and mitigate risks throughout the software development lifecycle. Leverage commercial and open-source tools for vulnerability detection (e.g., Qualys, Nessus, Burp Suite). Assist in internal penetration testing initiatives. Develop internal tools and automate security tasks, leveraging AI where applicable. Stay updated on the latest threats, tools, and best practices in cybersecurity. Create detailed assessment reports and present findings to technical and non-technical stakeholders. Train and mentor team members on vulnerability management processes and tools. Required Qualifications Bachelor s degree in Computer Science, Engineering, or a related field. 3 to 5 years of hands-on experience in information security or related roles. Relevant certifications such as CEH, GIAC, or similar. Solid experience in: Network vulnerability assessments Application scanning and secure code review Windows, Linux, and Unix operating systems Familiarity with OWASP tools, methodologies, and security best practices. Strong communication skills both written and verbal. Preferred Skills Experience with tools like: Qualys, Nessus, Nexpose, SAINT Burp Suite Pro, HP WebInspect Static analysis tools (e.g., IBM AppScan Source, Fortify) Proficiency in one or more programming languages: Java, C, C++, .NET (C#, VB). Experience delivering training or presenting technical content to teams. Background in technical writing or web development is a plus. Be part of a team securing technologies used by top players in the mortgage and real estate space. Work with modern tools and frameworks. Enjoy a collaborative environment that supports innovation, growth, and learning. Qualification : Bachelors degree in Computer Science, Engineering, or a related field

DevOps Engineer Bangalore, India Location: Bangalore (Bengaluru) Experience: 2 to 8 Years Industry: IT Software / Cloud & DevOps Job Summary: We are seeking an experienced DevOps Engineer to design, implement, and manage CI/CD pipelines on AWS and support application deployments. The ideal candidate will have hands-on expertise with AWS services, automation tools, and security integration within DevOps workflows. Key Responsibilities: Design, configure, and maintain CI/CD pipelines using AWS native tools or traditional platforms such as Jenkins, GitHub Actions, etc. Deploy applications on AWS using services like AWS Fargate, EBS, S3, CodePipeline, CodeBuild, and others Onboard applications onto AWS DevOps platform following the required CI/CD workflow Collaborate with application and operations teams to provide remediation and support for CI/CD pipeline onboarding Integrate various test automation frameworks and tools into CI/CD pipelines for continuous testing Implement security scanning and frameworks within pipelines, including SAST, DAST, IAST, and RASP Monitor the DevOps platform, applications, and infrastructure; respond proactively to incidents and events Automate operational tasks using Ansible or scripting languages (e.g., Python, Bash) Develop reusable automation assets and scripts to streamline DevOps processes Required Skills: Proven experience setting up and managing CI/CD pipelines on AWS and other platforms Strong knowledge of AWS services relevant to DevOps: Fargate, EBS, S3, CodePipeline, CodeBuild Familiarity with automation tools like Ansible, scripting languages, and infrastructure-as-code Experience integrating security tools and frameworks within DevOps pipelines Good troubleshooting and monitoring skills with cloud-native tools and third-party platforms Excellent collaboration skills for working across development and operations teams Preferred Qualifications: Bachelor s degree in Computer Science, Engineering, or related field Certifications in AWS DevOps (AWS Certified DevOps Engineer) or similar credentials Experience with container orchestration (e.g., Kubernetes) and Docker Knowledge of Agile and DevSecOps methodologies Work on cutting-edge cloud-native DevOps solutions Collaborate with a dynamic team focused on automation and security Opportunity for professional growth and certification support Qualification : Bachelors degree in Computer Science, Engineering, or related field.

Job Title: Lead Systems Software Engineer Location: Bengaluru, Karnataka, India (On-Site) Team Overview: Join our Application Security team at Cloud Software Group, where we focus on protecting web applications and services from security threats. As a part of this passionate team, you will engage in application layer attack protection, threat intelligence, and the mitigation of OWASP attacks. We are highly focused on emerging security trends and delivering cutting-edge solutions to defend against advanced cyber threats. Job Description: As a Lead Systems Software Engineer, you will be responsible for implementing, configuring, and maintaining Web Application Firewalls (WAFs) to safeguard web applications and services. This role involves identifying security threats, performing security assessments, and collaborating with cross-functional teams to ensure security best practices are followed throughout the development lifecycle. Key Responsibilities: WAF Implementation & Maintenance: Implement and maintain Web Application Firewalls (WAFs) to protect web applications and services from security threats, including bot attacks. Security Policies & Rules: Develop and manage security policies and rules for WAFs to ensure the prevention of OWASP-Top-10 vulnerabilities, unauthorized access, data breaches, and other security incidents. Security Assessments & Penetration Testing: Conduct security assessments and penetration testing of web applications and services to identify vulnerabilities and recommend remediation measures. Collaboration: Work closely with other security teams and developers to ensure security best practices are integrated into the design, development, and maintenance of web applications and bot management systems. Emerging Threats Awareness: Stay informed on the latest security threats, technologies, and best practices to continually improve the security posture and protect against evolving threats for WAF and API. Incident Response: Participate in incident response and investigations as needed to identify the root cause of security incidents and implement corrective actions to prevent recurrence. Continuous Improvement: Lead initiatives to improve processes, systems, or products to enhance job area performance. Address complex security problems by considering multiple issues across various specialties. Qualifications: Education: Bachelor s (BE/B.Tech) or Master s degree in Computer Science, Information Security, or related fields, or equivalent work experience. Experience: 9-11 years of experience in network protocols (TCP, UDP, HTTP, DNS, SSL/TLS) and web application security, with a focus on WAFs and bot mitigation. Technical Expertise: Experience with industry-leading WAFs such as Citrix NetScaler AppFirewall, Imperva, ModSecurity, or F5 BIG-IP ASM. Proficiency in C, C++, and scripting languages like Python and Perl. Analytical Skills: Strong problem-solving abilities with a demonstrated capacity to identify and respond to security threats quickly. Communication Skills: Excellent verbal and written communication skills with the ability to collaborate effectively across teams and with stakeholders. About Us: Cloud Software Group is one of the largest cloud solution providers globally, serving over 100 million users. Our suite of cloud-based products powers productivity and collaboration, enabling real work to get done from anywhere. We value passion for technology, risk-taking, and innovation. If you re ready to be part of a company on the brink of transformative growth, now is the perfect time to join us. We are committed to Equal Employment Opportunity (EEO) and compliance with all applicable laws, ensuring a diverse and inclusive workplace for all. This position is ideal for individuals passionate about cybersecurity and looking to be at the forefront of web application protection and security innovations. Qualification : Bachelors (BE/B.Tech) or Masters degree in Computer Science, Information Security, or related fields, or equivalent work experience.

Job Title: Senior Systems Software Engineer Location: Bengaluru, Karnataka, India Team Overview: Join a team of Application Security experts at Cloud Software Group, where we focus on securing web applications and services. Our team is passionate about application layer attacks, protection mechanisms, threat intelligence, and protecting against OWASP threats. We re constantly evolving, staying at the forefront of emerging security trends. Job Description: As a Senior Systems Software Engineer, you will be responsible for implementing, configuring, and maintaining Web Application Firewalls (WAFs) to secure web applications and services from potential threats, including bot attacks. This role involves ensuring the effective operation of WAFs to prevent common vulnerabilities and unauthorized access, conducting security assessments, and collaborating with other security and development teams to enhance the security posture of our web applications. Key Responsibilities: WAF Implementation & Maintenance: Implement, configure, and maintain Web Application Firewalls (WAFs) to protect against security threats like OWASP-Top-10 vulnerabilities, unauthorized access, data breaches, and bot attacks. Security Policy & Rule Development: Develop and manage security policies and rules for WAFs to enhance their effectiveness in preventing security incidents. Penetration Testing & Security Assessments: Perform security assessments and penetration testing of web applications and services to identify vulnerabilities and recommend remediation actions. Collaboration: Work closely with other security teams, developers, and stakeholders to ensure security best practices are followed in the design, development, and deployment of features for web applications and bot management. Stay Updated on Security Trends: Keep informed about emerging security threats and technologies, continually improving security mechanisms to safeguard against new threats for WAF and API. Incident Response: Participate in incident response and investigations to understand the root cause of security breaches and implement corrective actions to prevent future incidents. Process Improvement: Lead initiatives for improving processes, systems, and products to optimize the performance and effectiveness of security measures. Qualifications: Education: Bachelor's (BE/B.Tech) or Master s degree in Computer Science, Information Security, or related fields, or equivalent professional experience. Experience: At least 5 years of experience working with network protocols like TCP, UDP, HTTP, DNS, SSL/TLS, and web application security, particularly in WAF and bot mitigation. Technical Skills: Proficiency with industry-leading WAF solutions like Citrix NetScaler AppFirewall, Imperva, ModSecurity, or F5 BIG-IP ASM. Experience in programming languages such as C, C++, and scripting languages like Python or Perl. Problem-Solving Skills: Strong analytical and problem-solving abilities to identify, assess, and mitigate security threats quickly. Communication & Collaboration: Excellent communication skills, with the ability to effectively collaborate with stakeholders across teams. About Us: Cloud Software Group is one of the world s largest providers of cloud solutions, empowering more than 100 million users globally. At Cloud Software Group, we re building the future of work, enabling people to get things done from anywhere. Our team thrives on passion for technology, embracing the courage to take risks and innovate. We re on the brink of another significant leap in technology evolution and we need experts like you to help us get there. If you're passionate about cybersecurity and eager to drive innovations, this is the perfect time to join us and be part of something transformative. Qualification : Bachelor's (BE/B.Tech) or Masters degree in Computer Science, Information Security, or related fields, or equivalent professional experience.

Job Title: GRC Specialist Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: About the Role Governance Risk and Compliance Specialist (GRC Specialist) We're looking for a candidate with 2-4 years of relevant experience. Key Responsibilities: Define, implement, and maintain the Information Security Management System (ISMS) and Privacy Information Management System (PIMS). Plan and execute periodic risk assessments. Work directly with the business units to facilitate risk assessment and risk management processes. Define, Review and Maintain the organizational information security policies, processes, procedures and control framework to ensure it is adequate to address the emerging risks due to changing environment, technology and legal requirements. Align customer and internal information security objectives to the ISMS and PIMS. Monitor and fulfill client contractual (MSA) information security and privacy obligations. Monitor and fulfill legal obligations related to protection of personal information across different jurisdictions like GDPR, CCPA. Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review. Liaise with security vendors, suppliers, service providers and external resources for new security tools for improving security. Lead the Information Security audits / assessments / remediation and present key risks to the management. Perform the Third party Risk Assessment of Critical Vendors. Conduct Information Security and Privacy awareness and training programs for the employees as part of their induction and regular awareness. Oversee information security and privacy incident management process for incident reporting, containment, resolution and root cause analysis. Plan and coordinate BCP and DR tests. Setup guidelines for secure coding practices. Recommend security and privacy controls based on people, process and technology approach and industry best practices. Identifying solutions or writing automation scripts for solving regular tasks or optimizing processes. SOC Monitoring Activities such as. Firewall, Vulnerability, Inspector, Guarduty etc. Log Review, Incident Handling & Compliance adherence. Qualifications: Good understanding of information security compliance requirements like ISO27001, SOC2, CSA STAR and Privacy requirements like BS10012 & ISO27701. Good understanding of legal obligations towards protection of personal information across different jurisdictions like GDPR, CCPA, etc. Experience in creating and auditing security and privacy best practices and implementation of security and privacy principles across organization, to meet business goals along with customer and regulatory requirements. Experience implementing security and privacy controls for cloud platforms like AWS, Azure. Experienced in solving Audit and Regulatory Issues. Experience in auditing MDM, SSO solutions, AWS (Cloud Infra), Firewall, WAF, DLP etc. Good at solving information security compliance challenges by recommending solutions and best practices. Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Job Title: IMPO UAM Authorization Analyst Location: Bengaluru, India Unit: Johnson & Johnson Innovative Medicine Principal Operations (IMPO) Job Type: Full-Time Employment Type: Permanent About Johnson & Johnson: At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, profoundly impacting health for humanity. Role Purpose: The IMPO UAM Authorization Analyst role at Johnson & Johnson is responsible for enhancing user access security and compliance within global SAP S/4 systems, while driving key User Access Management (UAM) initiatives. This role supports business adaptation through SAP S/4 HANA implementation, focusing on core SAP Manufacturing, Order to Cash, Procure to Pay, and Finance processes. The position is part of the IMUAM team, ensuring security requirements are designed and implemented compliantly within the Transcend Program, a global initiative for business transformation. Key Responsibilities: Security Workshops & Role Design: Lead security workshops to gather business and compliance requirements for role design, ensuring validation post-build for S/4 HANA Roles and Authorization requirements. UAM Strategy Development: Develop UAM strategies involving composite roles, Fiori tiles, business roles/user personas, and data security/UI masking concepts for S/4HANA. Data Validation & Compliance Documentation: Perform data validation, conduct health checks, and provide compliance documentation to ensure proper security implementation. Role Design & Testing: Design, test, and implement rule sets for SAP S/4HANA role design, ensuring they align with security protocols. User Account Setup & Support: Support role data and user account setup. Provide advice on role design testing and coordinate business UAT activities. Authorization Defects Management: Manage authorization defects and provide support for user cutover and Hypercare activities during and post-implementation. Collaboration & Training: Work closely with the Business Adaptation team to facilitate training, communication, and readiness across regions. Assist in transitioning between project phases and operational support teams. Compliance & Security Audits: Ensure compliance with internal and external standards through regular SAP security assessments and audits. Issue Troubleshooting & Resolution: Troubleshoot and resolve complex SAP security issues to maintain a secure environment. Documentation Management: Develop and maintain comprehensive documentation for SAP security policies, procedures, and configurations. Mentorship & Team Development: Train and mentor junior team members, promoting the implementation of SAP security standard processes. Qualifications: Required: Educational Background: Bachelor s degree in a relevant field (preferably Risk Management, Compliance, Audit). Experience: 6-8 years of experience in UAM within an enterprise risk management framework. Demonstrated expertise in SAP GRC Access Control and Identity Management tools. Hands-on experience with end-to-end SAP S/4HANA implementation, including Fiori. Deep knowledge of SAP authorization concepts, Segregation of Duties (SoD) mitigation, and remediation strategies. Proficiency in risk matrix/rule set maintenance, data analysis, conversion, and migration. Tools & Platforms: Experience with teamwork platforms (e.g., Confluence, Jira, MS Teams). Project Management: Strong project management and collaboration skills with experience in remote and virtual environments. Language Skills: Fluent in English with outstanding oral and written communication skills. Additional Experience: Experience in the pharmaceutical domain is a plus. Preferred: Industry Experience: Experience in Life Sciences, Pharmaceuticals, or similar industries. Leadership & Innovation: Demonstrated leadership skills with the ability to embrace innovation and promote a culture of continuous improvement. Project Management: Previous experience in a PMO role managing large-scale SAP implementation projects. Cross-Cultural Team Collaboration: Ability to work effectively with team members from different cultural and technical backgrounds. Other Requirements: Hybrid Work: Ability to work on-site a minimum of three days per week, with up to two remote workdays based on the flexible work policy. Travel: May require up to 10% domestic and/or international travel. Diversity & Inclusion: Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. We are committed to fostering an inclusive and diverse work environment, and we encourage applicants from all backgrounds to apply. We value diversity and do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, age, national origin, or veteran status. Qualification : Bachelors degree in a relevant field, with a preference for studies in Risk Management, Compliance, and Audit.

Customer Success Manager (Commercial/SMB) Location: Bengaluru Experience: 3-5 Years (Management), 10+ Years (Customer Success) Shift: North American Customer Hours About Saviynt Saviynt is an identity authority platform that empowers organizations to secure and manage digital access while enabling innovation. As businesses navigate digital transformation and increasing cyber risks, Saviynt s Enterprise Identity Cloud provides unparalleled visibility, control, and intelligence to protect users while ensuring seamless access to essential tools and technologies. Role Overview As a Customer Success Manager (CSM) Commercial/SMB, you will be responsible for customer loyalty, retention, and adoption of Saviynt s solutions. This role requires a proactive leader who can drive value-based outcomes, provide strategic oversight, and mentor a team of 4 CSM Associates in India. You will collaborate closely with cross-functional teams, ensure successful onboarding, and help customers maximize the value of their investment in Saviynt. Key Responsibilities Customer Relationship & Success Management Serve as the primary point of contact for customers post-implementation. Manage a regional book of business focused on Commercial/SMB customers. Develop and maintain strong relationships with key customer stakeholders. Oversee customer health and proactively eliminate adoption barriers. Manage subscription renewals, ensuring high retention rates. Monitor product utilization trends and recommend improvements. Strategic Growth & Expansion Identify and develop up-sell & cross-sell opportunities. Drive customer education on new features & releases. Gather customer feedback and provide insights to product & engineering teams. Collaboration & Process Improvement Work with Sales, Implementation Partners, and Internal Teams to enhance customer experience. Conduct routine health checks and coordinate remediation plans when needed. Lead customer meetings, track action items, and ensure execution. Implement and improve customer success best practices. Team Leadership & Mentorship Lead and coach 4 CSM Associates in India. Oversee team initiatives and ensure alignment with customer success goals. Travel & Availability Available to work North America hours to support customers. Travel to customer sites (up to 50%) when required. What You Bring Bachelor s degree in Computer Science, Engineering, or related field 10+ years of experience in customer-facing roles (Customer Success, Account Management, or Professional Services) 3-5 years of experience in people management Experience in Identity & Access Management (IAM), Cybersecurity, or Compliance (Required) Strong knowledge of cloud, hybrid, and on-premise IT architectures Ability to translate technical concepts into business-friendly language Track record of managing customer relationships and resolving challenges SaaS experience in a fast-paced, high-growth environment Perks & Benefits Medical, Dental, Vision, Life Insurance 401K Plan Unlimited PTO & Sick Leave Daily Catered Lunches & Employee Recognition Programs Team Socials & Holiday Parties Salary: $150,000 - $180,000 per year (Plus eligibility for discretionary bonus based on performance) Not accepting applications from candidates based in California, Colorado, and Washington Security & Compliance Responsibilities As part of this role, you will be required to: Complete Security & Privacy Awareness Training during onboarding and annually thereafter. Adhere to Information Security & Privacy Policies, including but not limited to: Data Classification, Retention & Handling Policy Incident Response Policy & Procedures Business Continuity/Disaster Recovery Policy Mobile Device & Access Control Policies Saviynt is a high-growth, industry-leading company in identity security. You will have the opportunity to: Work on cutting-edge IAM solutions for global enterprises. Drive real impact in a customer-centric role. Be part of a collaborative, diverse, and inclusive work environment. If you are passionate about customer success and thrive in a dynamic environment, we d love to hear from you! Saviynt is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, disability, or veteran status.

Infosec Lead Experience: 5-7 Years | Location: Bengaluru About Gameskraft: Founded in 2017, Gameskraft is one of India s fastest-growing online gaming companies. Our mission is to build a safe, secure, and responsible gaming ecosystem while delivering unmatched experiences through innovation and technology. As the industry s only ISO 27001 and ISO 9001 certified company, we set the highest benchmarks in security, design, and performance. Job Summary: We are seeking an experienced Infosec Lead to drive our security strategy, ensuring robust web security, application security, and compliance across the organization. You will be responsible for leading a team of security professionals, implementing best-in-class security measures, and ensuring compliance with industry regulations such as HIPAA, PCI-DSS, ISO, and GDPR. Key Responsibilities: Security Strategy & Program Management: Develop, implement, and maintain a comprehensive security program to safeguard company assets, systems, and data. Collaborate with cross-functional teams to integrate security into product development and business operations. Conduct risk assessments and vulnerability analyses to identify and mitigate security threats. Compliance & Regulatory Adherence: Ensure compliance with HIPAA, PCI-DSS, ISO, GDPR, and other relevant security frameworks. Maintain security certifications and drive adherence to regulatory standards. Develop and enforce security policies, standards, and procedures. Incident Response & Risk Management: Lead incident response efforts, including investigation, containment, and remediation. Continuously monitor security threats, emerging trends, and vulnerabilities to strengthen cyber resilience. Provide security guidance and risk analysis during product launches and infrastructure changes. Team Leadership & Stakeholder Collaboration: Lead and mentor a team of security professionals, fostering a culture of security awareness across the organization. Work closely with engineering, IT, legal, and business teams to embed security best practices. Present regular security reports and key performance metrics to senior management. What You Bring to the Table: Education: Bachelor s or Master s degree in Computer Science, Information Security, or a related field. Experience: 5-7 years of experience in information security, with a strong focus on web security, application security, and compliance. Proven track record in leading security teams and managing enterprise security programs. Technical Expertise: Strong knowledge of security technologies such as firewalls, IDS/IPS, SIEM, encryption, authentication protocols, and penetration testing tools. Experience with cloud security (AWS, Azure, GCP) and DevSecOps methodologies. Familiarity with secure coding practices and application security frameworks (OWASP, NIST, CIS Controls). Hands-on expertise in risk assessment, vulnerability management, and security architecture design. Certifications (Preferred): CISSP, CISM, CISA, CEH, or equivalent industry-recognized security certifications. Soft Skills & Leadership: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to influence and drive security initiatives across multiple teams. Work Culture at Gameskraft: Startup Environment: Fast-paced, ownership-driven culture where innovation and agility thrive. Impactful Work: Direct contribution to securing one of India s largest gaming platforms. Collaboration: Work alongside some of the best minds in the gaming and consumer internet industry. Data-Driven: Leverage analytics to enhance security posture and decision-making. Compensation & Benefits: Attractive Compensation & ESOPs Competitive salary with equity options. Health Insurance 5 Lakh medical cover for you and your family. Car Lease Policy Exclusive leasing options for employees. Relocation Benefits Assistance with moving to Bengaluru. Free Lunch & Stocked Pantries Enjoy great food while you work! Performance-Based Growth Transparent appraisals and rapid career progression. Join Us & Secure the Future of Gaming! If you re passionate about cybersecurity, risk management, and building secure digital ecosystems, we d love to have you on board. Apply now and be part of an exciting journey at Gameskraft! Qualification : Bachelors or Masters degree in Computer Science, Information Security, or a related field.

We are looking for a Senior Technology Operations Analyst to join our L1 Prod Support in Bangalore. We are looking for someone who has experience in 24/7 customer support model. You should have knowledge on Java / Tomcat based Application structures since we are supporting for the Application issues reported by customers. We would love to speak with you if you have skills in Linux, AWS, SQL, Monitoring tools & DevOps (Jenkins) tools. About you - Skills & Experience Computer Science related bachelor s degree or equivalent experience. Minimum 5 years of equivalent experience, including a familiarity with Linux systems fundamentals, AWS Services, networking, and database technologies. Strong experience on Ticket & Monitoring tools on ServiceNow, Salesforce, PagerDuty, Datadog. Strong experience in Linux knowledge in SQL and Data management process. experience in AWS platform (Services EC2, ELB, ASG, VPC, Route53,) Must have a good understanding of distributed computing and solid understanding of networking and UNIX system concepts Strong customer service mindset. What would you be doing in the role Actively monitor the stability and performance of Java / Tomcat based Applications in AWS data centers, Run the Application support desk for a 24x7 distributed enterprise environment. Ensure standards and SLAs are met, including response time, follow up, ticket updates, and resolution Escalate events as required by the documented procedures with the proper level of urgency and follow-through. Responsibility for the external / internal customers reported issues through the salesforce. Performing scheduled jobs (Daily / weekly / monthly) for CompuMark Product. Interface with L2 DevOps and Dev teams to coordinate next actions. Perform standard systems and website troubleshooting - diagnose troubles detected by our systems and work quickly to resolve issues Apply applications specific updates and fixes. Work closely with an existing team of skilled operation engineers. It would be great if you have ITIL V3/V4 Foundation Certification, Public and Private Cloud Certifications. Knowledge in SQL and Data management process Experience creating and maintaining documentation in Confluence and other relevant tools (PowerBi, PPT). Basic knowledge of NOC/SOC About the Team L1 extent 12 members, 24/7/365 Coverage and first-level support for BIS and Customer Facing / Flagship Application Products. Provide Application Monitoring, Incident Identification, Validation, Remediation and/or Escalation for over 190 Plus Applications. Executing the scheduler jobs through Mainframe and Airflow for the CompuMark and Cortellis Applications. Hours of Work Fulltime 45 hrs/week 24/7 rotational shift At Clarivate, we are committed to providing equal employment opportunities for all persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations. Qualification : Computer Science related bachelors degree or equivalent experience.

About this opportunity: The primary responsibility of this role is to assess new and existing security vulnerabilities from internal and external sources, determine applicability, and document the impact and remediation strategy in a customer viewable format. The role will focus on multiple technologies including all of the major cloud hosting environments, Linux based servers and firmware, specialized hardware products, multiple coding languages, and multiple virtualization technologies. The successful candidate will have the ability to understand the technical aspects of security, assess the risk, and translate that into simple to understand language. What Will You Do? Review vulnerability scan reports Monitor and assess external sources for new vulnerabilities Assess the applicability of vulnerabilities in context Determine the real impact of vulnerabilities Document findings and disclosures for each vulnerability and publish them to customers Negotiate with external researchers on disclosure timing Monitor remediations and update documentation Participate in Security Incidents regarding urgent vulnerabilities Provide metrics and statistics Qualifications Minimum Qualifications: Five (5) years of experience required (can include indirectly related experience) A team player Ability to interpret and explain CVEs to technical and non-technical audiences Working knowledge of hacking techniques Working knowledge of programming Working knowledge of risk evaluation Experience with the MS Office suite Excellent written and verbal communication skills Ability to react to changing priorities quickly and effectively High school diploma, GED, and/or equivalent professional experience While there is a primary location listed on this requisition, other locations may be considered Preferred Qualifications: Experience evaluating security risk in context of the production environment Experience with Jira Experience communicating directly to customers Experience with at least one of these languages: Python, Go, Java, or C Experience with scan reports from Snyk, Qualys, Crowdstrike, Inspector, Vdoo, or Binwalk Experience working remotely across many time zones and cultures Security certifications such as CISSP, CRISC, AWS SCS, etc. Ability to work flexible hours

Position Overview: We are seeking a highly skilled and experienced Member of Technical Staff QA Security to join our dynamic team at Aryaka. As a Senior QA Engineer, you will play a crucial role in ensuring the security and integrity of our SASE products by conducting thorough security assessments, designing and executing test plans, and collaborating with development teams to address vulnerabilities. Your expertise will help shape our network security solutions and contribute to the success of organizations worldwide. Key Responsibilities: 1. Conduct Security Assessments: Perform comprehensive security assessments of SASE products to identify vulnerabilities, weaknesses, and misconfigurations. Utilize both manual and automated testing tools to uncover security vulnerabilities and potential exploitation vectors. 2. Design and Execute Test Plans: Develop and implement test plans and methodologies to evaluate the effectiveness of firewall configurations in defending against unauthorized access, malicious activities, and other security threats. Perform penetration testing on firewall devices to simulate real-world attacks and assess resilience against advanced threats. 3. Analyze and Report Findings: Analyze firewall logs, traffic patterns, and rule sets to identify anomalies and security incidents. Generate detailed reports outlining findings, including identified vulnerabilities, potential impacts, and recommended remediation measures. 4. Collaborate with Development Teams: Work closely with firewall development teams to prioritize and address security issues identified during testing phases. Provide technical guidance and recommendations regarding firewall security best practices, configuration hardening, and threat mitigation strategies. 1. Stay Informed on Security Trends: Keep up to date with the latest firewall technologies, security trends, and industry best practices to continuously improve firewall testing methodologies. Participate in the development and implementation of security policies, procedures, and standards related to firewall security testing. Qualifications: Education: Bachelor s degree in Computer Science or a related field. Experience: 3-7 years of experience as a QA Engineer. Technical Skills: Strong understanding of firewall technologies, including stateful inspection, packet filtering, application layer filtering, and intrusion prevention systems (IPS), CASB, and DLP. Knowledge of common security vulnerabilities and attack vectors, including OWASP Top 10, SQL injection, cross-site scripting, and buffer overflows. Familiarity with web application security standards and protocols (e.g., SSL/TLS, OAuth, SAML). Experience with cloud security (AWS, Azure, GCP) and container security is a plus. Hands-on experience with firewall testing tools such as Nmap, Nessus, Metasploit, and Wireshark. Understanding of network protocols, the TCP/IP stack, and common attack vectors used to exploit firewall vulnerabilities. Experience with scripting languages (e.g., Python) for automation and custom tool development is a plus. Soft Skills: Excellent analytical and problem-solving skills with the ability to identify and mitigate security risks effectively. Strong communication skills to convey technical concepts to both technical and non-technical stakeholders. Ability to work independently and as part of a team in a dynamic and fast-paced environment. Certifications: CISSP, CCSP, or CEH certifications are preferred. Employee Value Proposition (EVP): At Aryaka, we offer a dynamic and innovative work environment where you will have the opportunity to make a significant impact in the network security industry. Our commitment to cutting-edge technology and customer satisfaction provides a platform for continuous learning and professional growth. Qualification : Bachelors degree in Computer Science or a related field.

The Principal Threat Research Engineer will identify, analyze, and mitigate evolving cyber threats by creating and maintaining effective threat detection signatures. This role requires deep expertise in understanding modern cyber threats, malware behavior, and signature writing for advanced threat detection technologies. You will work closely with cross-functional teams, such as threat intelligence, incident response, and security product development, to enhance the organization s defense capabilities and provide strategic insight into the threat landscape. Key Responsibilities: Signature Writing & Development: i) Design and develop accurate, high-quality signatures and detection rules for threat detection systems (IDS/IPS, AV, EDR). ii) Improve and update detection logic to adapt to the latest threats, exploits, and attack vectors. iii) Optimize detection signatures to minimize false positives and maximize detection efficiency across various security platforms. Threat Research & Analysis: i) Lead in-depth research into emerging cyber threats, malware, APT groups, and TTPs (Tactics, Techniques, and Procedures). ii) Analyze attack patterns, behavior, and malicious code to identify new detection opportunities. iii) Track and understand evolving threat landscapes, including new vulnerabilities, exploits, and attack campaigns. Collaborative Threat Intelligence: i) Collaborate with global threat intelligence teams to share threat research findings and develop a comprehensive understanding of adversarial behavior. ii) Maintain relationships with external threat-sharing communities and organizations to stay up-to-date on the latest threat information. iii) Support the security team in responding to active threats, providing detection strategies and remediation guidance. Detection Engineering & Optimization: i) Work closely with the detection engineering team to integrate custom and third-party signatures into existing detection platforms (SIEM, IDS/IPS, EDR). ii) Identify gaps in current detection methodologies and implement improved detection capabilities for advanced threats, such as zero-day exploits, fileless malware, and APT campaigns. iii) Conduct performance testing and tuning of signatures to ensure system stability and effectiveness under various network environments. Thought Leadership & Knowledge Sharing: i) Act as a subject matter expert on threat detection, signature development, and malware analysis for internal and external stakeholders. ii) Lead and mentor junior threat researchers and engineers by providing guidance, training, and technical expertise. iii) Create research reports, blogs, whitepapers, and presentations to communicate key research findings and trends to technical and non-technical audiences. Required Qualifications: Bachelor s or Master s degree in Computer Science, Cybersecurity, Information Security, or a related field. 8+ years of experience in cybersecurity, with a focus on threat research, signature development, or malware analysis. Proven experience in writing and optimizing signatures for IDS/IPS, antivirus, and endpoint detection and response (EDR) solutions. Deep knowledge of cyber threats, including malware, ransomware, phishing, and advanced persistent threats (APTs). Strong understanding of network protocols, system internals (Windows, Linux), and attack techniques such as fileless malware, obfuscation, and evasion. Proficiency with malware analysis tools (e.g., IDA Pro, Ghidra), network analysis tools (e.g., Wireshark, Zeek), and sandbox environments. Experience with signature formats such as YARA, Snort, Suricata, and regular expression-based detection logic. Familiarity with MITRE ATT&CK framework and how it maps to threat detection and signature development. Strong problem-solving and analytical skills, with an ability to think critically about threat detection and mitigation strategies. Excellent verbal and written communication skills, with the ability to convey complex threat intelligence and detection strategies to a diverse audience. Ability to work collaboratively across teams and mentor junior team members. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, GIAC, OSCP, or GREM. Expertise in scripting and automation (Python, PowerShell, Bash) to automate threat research and signature writing processes. Experience with cloud-based threat detection and response (e.g., AWS GuardDuty, Azure Sentinel). Familiarity with advanced hunting techniques, including threat hunting using logs, endpoint data, and network data. Employee Value Proposition (EVP): At Aryaka, we offer a dynamic and innovative work environment where you will have the opportunity to make a significant impact in the network security industry. Our commitment to cutting-edge technology and customer satisfaction provides a platform for continuous learning and professional growth. Qualification : Bachelors or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field.

What You ll Achieve: As a Consultant, Cyber Incident Response, you will be responsible for handling complex cybersecurity incidents, providing advanced analysis, and offering support to L1 and L2 analysts. Your role will require extensive experience in the full lifecycle of Cybersecurity Incident Response, including preparation, analysis, notification, response, recovery, and post-mortem activities. Key Responsibilities: Global Escalation Point: Serve as the primary escalation point for complex cybersecurity incidents that are not resolved by L1/L2 analysts, offering regional subject matter expertise on incident response. Incident Analysis and Investigation: Conduct in-depth analysis of security incidents, determining the root cause and potential impact to the organization. Investigate and analyze large, unstructured datasets, malicious artifacts, and EDR (Endpoint Detection and Response) tools to identify trends, anomalies, and potential threats. Incident Response Lifecycle: Oversee all phases of incident response, including preparation, analysis, response, recovery, and post-mortem reviews to identify lessons learned and enhance future response efforts. Liaison with Stakeholders: Act as a liaison between various stakeholders and internal CSIRT (Computer Security Incident Response Team) teams, helping implement best security practices and driving process improvements for incident response. Mentorship and Training: Provide guidance and training to L1 and L2 analysts, sharing your knowledge to enhance their skills in cybersecurity incident response. Essential Requirements: Cybersecurity Expertise: 10+ years of experience in cybersecurity incident response and hands-on experience within a Security Operations Center (SOC). Incident Investigation Skills: Exceptional ability to conduct investigations, analyze findings, and determine the root cause of incidents. Strong Technical Knowledge: In-depth understanding of security technologies such as SIEM (Security Information and Event Management), full packet capture, firewalls/NGFW, IDS/IPS, EDR, DLP (Data Loss Prevention), UEBA (User Entity Behavior Analytics), and familiarity with networking protocols. Experience with Cloud Computing, Microsoft Windows, and Linux/Unix platforms. Experience with Cyber-attacks: Strong knowledge of various cyber-attack types and techniques, including incident response, threat hunting, and understanding attack lifecycles. Analytical and Communication Skills: Excellent analytical thinking, time management, and coordination skills. Strong command of English, both written and verbal, for clear communication with stakeholders and teams. Desirable Requirements: Certifications: Industry-recognized certifications such as CISSP, SANS GCIH, GCIA, GNFA, GREM, etc. Additional Skills: Experience in Digital Forensics and reverse malware tools. Proficiency in scripting languages for incident analysis and automation.

Key Responsibilities: Mainframe Management & Support: Oversee and manage the z/OS mainframe environments and related technologies. Manage storage and related devices within the mainframe complex. Maintain complex profiles, update system exits, and ensure smooth system operations. Perform tasks related to system recovery during DR drills, and support the Disaster Recovery (DR) Exercises. Software Management & Installation: Install MVS software into SOS repository and manage software packaging using SMPE (System Modification Program/Extended). Implement software following the change process, execute MOM tickets for maintenance and IPLs, and apply software zaps to extend third-party software. Handle MVS Product Administration Requests, system recovery tasks, and software asset management (aligned with ITIL processes). Migration & Upgrades: Support MVS tasks for system migrations, LPAR builds, CPU swaps, and system upgrades. Handle CPU hardware refreshes, coupling facility SYSPLEX, and z/OS builds as part of refresh or migration projects. Work on ISV product replacement, and collaborate on client product upgrades and software assets management. Problem Resolution & Technical Leadership: Act as Subject Matter Expert (SME) for z/OS issues, and provide incident, problem, change, and software asset management solutions. Create I/O Configuration requests and assist in problem resolution for OMVS, Webserver, USS server activities, and HTTP configurations. Demonstrate REXX/Assembler/ISPF writing skills and provide technical leadership across the team. Audits & Compliance: Participate in internal and client audits, ensuring that findings are remediated and vulnerabilities are addressed in a timely manner. Follow processes related to license key management and ensure accurate asset tracking. On-call Support: Participate in 24/7 on-call rotation to support customers with their mainframe systems. Required Technical and Professional Expertise: Expertise in Mainframe z/OS Technologies: Hands-on experience with MVS software, SMPE, and z/OS builds. Strong background in storage management, OMVS/Webserver, USS server activities, and HTTP configurations. Software Management & Installation: Experience in software packaging, MVS tasks, and system recovery procedures. Knowledge of software zaps, license key management, and SMF data processing. Mainframe Operations & Maintenance: Experience with system recovery, hardware refresh, CPU swaps, and coupling facility SYSPLEX. Ability to handle Disaster Recovery (DR) Exercises and client migrations efficiently. Tools & Scripting: Proficiency in scripting tools like REXX, Assembler, and ISPF Dialogs for automating mainframe tasks. Problem Solving & ITIL Knowledge: Strong problem-solving skills to resolve technical issues in z/OS systems and ITIL knowledge for incident, problem, and change management. Desirable Qualifications: Mainframe Modernization Experience: Understanding and experience in mainframe migrations and modernization strategies. Experience in ISV Product Replacement & Client Support: Ability to handle ISV product replacements, client audits, and remediation activities. Certification & Training: Relevant certifications or extensive experience in mainframe systems, z/OS, or related fields.

Site Name: Bengaluru Luxor North Tower Posted Date: Dec 16 2024 GSK is a global biopharma company with a special purpose to unite science, technology and talent to get ahead of disease together so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns as an organization where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to impact the health of 2.5 billion people around the world over 10 years. Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves feeling welcome, valued and included. Where they can keep growing and look after their wellbeing.So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together. Key Responsibilities As a Director , R&D Tech Governance Risk and Compliance , you will be responsible for providing management and day to day support to the Senior Director for Governance, Risk & Compliance activities across the assigned business unit ensuring that Tech risks & controls from project inception to support within their business unit are identified, prioritized, effectively managed, and monitored.This role should work within the business unit to ensure Tech follows the required internal and external compliance standards and delivers a reduction in the overall risk profile for our customers. The primary responsibility of this position will be supporting R&D Tech. Additionally, this role will serve as the Bangalore site lead and play an active role in managing site-specific activities and HR related processes for GRC staff based in Bangalore GCC office. This role will provide YOU the opportunity to lead key activities to progress YOUR career. The role encompasses the following responsibilities: Risk and Compliance Consultancy on strategic programs Facilitate and approve Risk & Compliance Assessments Management and monitoring of CAPAs, Risks, Exceptions, ABAC, and Findings Contribute to the facilitation of functional Risk Management and Compliance Boards (RMCB) Partner with Business Quality Assurance teams for GxP compliance Support Internal / External audits including Audit Readiness activities Provide GRC support and oversight during application development and maintenance Software Change Management Oversight for GxP regulated applications Authorize systems releases Lead and motivate team of GRC manager and specialists Risk Management Contribute to identification and initiation of Risk mitigation projects to address significant risks impacting a Business unit, using Risk and Compliance assessments Facilitate risk identification and risk discussions within the business unit, both operational risk, product/project and strategic risk Assist Tech Business Unit management to make risk informed decisions through a comprehensive Risk Dashboard Raise and approve (where necessary) Policy Exceptions and significant Risks through the GSK integrated risk management tool (i.e., Archer). Input into, review and enforce compliance within Tech Policies and Standards as required within Business Unit Ensure emerging risks are identified and escalated appropriately and in a timely manner Support Product owners in the management of their project risks, ensuring risk identification process is embedded and operational Ensure awareness of security incident response process and report suspected security breach Partner with other GRC and Security staff to deliver a continuous training and education program to ensure ongoing awareness on new and updated Policies and Standards within their Business Unit. Governance & Compliance: Contribute to maintenance of the Business Unit delivery and operational frameworks (Activities, deliverables, roles and responsibilities) and ensure alignment to DTMS Monitor deliverable quality, ensure quality standards are being met for products/ projects, programs or operations within their remit, following a risk based approach, according to DTMS, risk and compliance assessments, and local SOPs. Contribute to providing Project Quality assurance oversight depending on the specific project risk profile, including specific assurance reviews as requested by stakeholders Ensure Business Unit activities align with Regulatory requirements and liaise with Business Quality Groups to contribute to the overall GxP validation status of the business facing application systems or services Contribute to ensuring Business Unit is keeping up with regulatory and legal requirements through a pro-active knowledge management program Quality assurance over the system change control within the Business Unit Supporting Product teams to maximize their velocity by right sizing their governance approach Audit Support Contribute to ensuring Business Unit is ready to host external inspections from regulatory bodies (i.e., FDA, EMEA, tax authorities) as well as external and internal auditors. Support management of overall Business Unit inspection readiness activities and CAPAs in liaison with the business Report status on CAPA s to Business Unit RMCB Information Policy Formation Work with the GRC GxP lead/Controls owners and DTMS team to review and approve the policy, standards, procedures, guidance and training for compliance with relevant legislation and GSK Requirements. Support reviews of the information systems for compliance with legislation and specifies any required changes within their Business Unit Support the GRC Director to implement policies, standards and procedures with aligned Tech Business GRC Consulting Support various GRC planned or remediation activities consulting with BU Tech staff to deliver Support implementation of relevant Management monitoring prog...