Content Management & Proxy solution-

As a Security Researcher in SaaS security posture management, your primary responsibility will be to conduct research on emerging security threats and vulnerabilities in SaaS environments and to develop and implement strategies to mitigate those risks. Specifically, your job duties will include: Conducting in-depth research on emerging security threats and vulnerabilities in SaaS environments.

• Analyzing data and security logs to identify potential threats and take proactive measures to prevent them.
• Developing and implementing security policies and procedures to protect against security threats in SaaS environments.
• Collaborating with other members of the IT team to implement security measures and ensure compliance with industry standards and regulations.
• Keeping up-to-date with the latest security technologies and trends in SaaS security posture management.
• Communicating findings and recommendations to management and other stakeholders.
• Participating in incident response and resolution activities in the event of a security breach in SaaS environments.
• To be successful in this role, you should have a Bachelor's or Master's degree in Computer Science, Information Security, or a related field, and have experience in researching emerging security threats and vulnerabilities in SaaS environments. You should also have strong analytical and problem-solving skills, and hold industry certifications such as CISSP, CEH, or OSCP. Excellent communication and collaboration skills are essential to work effectively with cross-functional teams.

Experience:- Overall 10 to 12 years of experience of which atleast 5 to 7 years’ experience should be in Information Security. Mandatory is 5 to 7 years’ experience in Information security and with one full end to end implementation experience.

Base location: - Bengaluru - Must

Joining requirement: - Not later than second week of June 2023.

Requirements: -

1.      Mandatory - ISO 27001:2013 lead implementor certified

2.      Mandatory - ISO 27001:2013 lead auditor certified (but if it is a good candidate, we can still consider)

3.      Good to have – CISA, CISM, Risk management certification, Privacy certifications.

4.      Mandatory - Atleast one end to end implementation experience of ISO 27001 standard. The candidate should have a good implementation knowledge of ISO 27001, ISO 27002 standards and is required to implement the ISO requirements and run the ISMS program for multiple countries.

5.      This immediate requirement is for implementing the ISMS program for our Canadian office location. The candidate should be willing to work from Bengaluru in EST time zone during this implementation phase whenever required.

6.      Good documentation skills.

7.      Develop, implement, maintain, review and continually improve Information Security policies.

8.      Good understanding and knowledge of applicable legal and regulatory requirements as relevant to information security.

9.      Manage and maintain a risk register / risk database along with risk treatment plans.

10.  Good understanding of physical and environmental security.

11.  Conduct Internal Audits based ISO 27001 standards and Personal Data Protection policies. A good experience in independently conducting Internal and supplier audit with respect to information security.

12.  Provide training to the employees on Privacy & Information Security Management System on regular intervals.

13.  The greater part of the job involves interacting with people, interviewing them / auditing, Preparing audit reports, discussing / persuading / influencing.

14.  Mandatory: Good verbal and written communication skills. Eye for details.

15.  Good presentation skills.

16.  Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.

Experience:- Overall 10 to 12 years of experience of which atleast 5 to 7 years’ experience should be in Information Security. Mandatory is 5 to 7 years’ experience in Information security and with one full end to end implementation experience.

Base location: - Bengaluru - Must

Requirements: -

1. Mandatory - ISO 27001:2013 lead implementor certified
2. Mandatory - ISO 27001:2013 lead auditor certified (but if it is a good candidate, we can still consider)
3. Good to have – CISA, CISM, Risk management certification, Privacy certifications.
4. Mandatory - Atleast one end to end implementation experience of ISO 27001 standard. The candidate should have a good implementation knowledge of ISO 27001, ISO 27002 standards and is required to implement the ISO requirements and run the ISMS program for multiple countries.
5. This immediate requirement is for implementing the ISMS program for our Canadian office location. The candidate should be willing to work from Bengaluru in EST time zone during this implementation phase whenever required.
6. Good documentation skills.
7. Develop, implement, maintain, review and continually improve Information Security policies.
8. Good understanding and knowledge of applicable legal and regulatory requirements as relevant to information security.
9. Manage and maintain a risk register / risk database along with risk treatment plans.
10. Good understanding of physical and environmental security.
11. Conduct Internal Audits based ISO 27001 standards and Personal Data Protection policies. A good experience in independently conducting Internal and supplier audit with respect to information security.
12. Provide training to the employees on Privacy & Information Security Management System on regular intervals.
13. The greater part of the job involves interacting with people, interviewing them / auditing, Preparing audit reports, discussing / persuading / influencing.
14. Mandatory: Good verbal and written communication skills. Eye for details.
15. Good presentation skills.
16. Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.

·        Maximum 5 years of Information Technology/Technology Operations/Information Security experience required.

·        Minimum 3 years of experience in Cybersecurity, Identity & Access Management, Role Based Access Control, and Identity Governance is mandatory.

·        Knowledge on User Life Cycle Management, Access provisioning, Access administration is must.

·        Experience with technologies such as Role-Based Active Control (RBAC) and Attribute Based Access Control (ABAC) is required.

·        Experience in User Access Re-certification activities is mandatory.

·        Working knowledge on Active Directory is must.

·        Working experience on any IAM tool (SailPoint/Okta/OneIdentity/Varonis/MIM) would be added advantage.

·        Knowledge on Identity and Access Management role/processes/tools is must.

·        Prior experience in processing IAM requests (Add/Modify/Delete) is must.

·        Experienced in Incident management & Change Management processes.

·        Knowledge of and the ability to adhere to SAS and SOX audit requirements pertaining to Identity & Access Management job requirements.

·        Experience with work-flow management tools such as ServiceNow.

·        Leveraging creative thinking and problem solving skills, individual initiative, and utilizing MS Office (Word, Excel, Access, and PowerPoint).

·        Understanding personal and team roles; contributing to a positive working environment by building solid relationships with team members; proactively seeking guidance, clarification and feedback.

·        Identifying and addressing business needs: building relationships with Stake Holders; developing an awareness of Firm services; communicating with the business/stake holders in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to a supervisor

·        Experience performing user administration tasks for various in-house and third-party applications.

·        Analyzing, prioritizing, and resolving faults to resolution. Resolve tickets according to SLAs and escalation procedures.

·        Strong analytical, problem solving and organizational skills. Be proactive, dynamic, and flexible.

·        Good Communication skills, able to articulate well with business and stakeholders.

·        Education Qualification : Any graduate/post graduate with Computer Science background.

Roles and responsibilities:

- Audit the current Information Security system and procedures and do a Gap analysis

- Identify immediate potential Information Security Risks and manage remediation tasks through to closure

- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap

- Design high-quality test plans and direct Data/Information security control test activities

- Continuously improve Octro Data/Information security control framework

- Maintain handbook pages and procedures related to Information security compliance

- Identify opportunities for Information security compliance control automation, execute them and then maintain

- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments

- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs

- Direct and support external audits as and when necessary

Requirements

- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs

- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.

About Octro Inc :

We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.

Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.

Job description – Information Security (Network)

Roles and Responsibilities

Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be responsible for implementation of new projects under Information Security Domain
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
• Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant  teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
• Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Good knowledge on Privacy, Governance and reporting
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

Job description- Information Security(Financial)

Roles and Responsibilities

HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements.
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
• Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

Smart Rain Technology is a rapidly growing technology company located in Hyderabad, India. Our mission is to save water, save money and save time through our proprietary irrigation and water management system. We are looking for an experienced Executive Director to organize, grow, and oversee the daily operations in Hyderabad, India.

Candidate will assist in technical vision and leadership for developing and implementing Smart Rain's technology initiatives, with an emphasis on integration of cutting-edge technology-based practices and services into our current offerings.

The area of responsibility for this role is very wide and thus requires thorough knowledge of various company processes, business practices including government and compliance requirements in India. The overall goal is to safeguard and augment the efficiency of the company’s operations in Hyderabad, India and to facilitate accelerating development and long-term success.

Executive Director Job Responsibilities:

• Responsible for the planning, organizing, and directing of the organization’s operations and programs.
• Thorough knowledge of government and compliance requirements in India. 
• Prepares accurate and timely analyses that capture and communicate business results, variances, and performance trends.
• Communicates and report company results to the parent company and shareholders.
• Provides leadership to and manages the efforts of site staff to ensure appropriate support of all departments.
• Coordinates and leads annual budget reviews, monthly and quarterly reviews, and periodic forecast updates with operational and senior management.
• Retains a diverse, highly qualified staff and provides career coaching, growth, and personal development for direct/indirect report employees.

• Provides leadership and technical direction for maintenance and support services for Web, Mobile applications, back-end services, enterprise software, peripherals, and assist in professional development of team.
• Ensures that the design, development, and implementation of enterprise applications and infrastructure systems support the needs of our customers, and management.
• Co-Develop and enforce policies and procedures to ensure the protection of local Smart Rain technology assets and the integrity, security, and privacy of data entrusted to or maintained by fellow team members.
• Develops and implements an accountability system for measuring the success of the goals defined with in the Smart Rain team.
• Serves as a company representative and assumes responsibility at local, regional, state, and national meetings and events pertaining to areas of responsibility.
• Demonstrates excellent interpersonal skills using tact, patience, and courtesy while exemplifying integrity, candor, and high ethical conduct.
• Provides vision, leadership, and direction to all employees within the department.
• Directs and/or coordinates the development of specifications for the procurement of hardware, software, telecommunications, and support services required to support Smart Rain India.
• Prepares materials and presentations for US Smart Rain management team

Executive Director Qualifications/Skills:

• Demonstrated leadership and management skills
• Ability to multitask
• Takes initiative
• Works independently
• Creative problem-solving skills
• Enthusiastic
• Dynamic
• Flexible
• Organized
• Collaborative

Education, Experience, and Licensing Requirements

• Bachelor’s Degree in computer science, finance or accounting
• CMA or MBA preferred
• 15 or more years of financial management experience in an operational environment
• 10 or more years management or supervisory experience
• Relevant experience in technology industry environment
• Experience working with US based company preferred

Benefits

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com