127 Cloud Security jobs in Chennai
Cloud Security
Posted 2 days ago
Job Viewed
Job Description
Dear Candidate
Tata Consultancy Services is hiring for Cloud Security
Experience: 10+Years
Location: Bangalore / Pune / Hyderabad
Roles and Responsibilities:
We are seeking a Cloud DevOps Engineer with hands-on experience in cloud-native environments and preferably a strong working knowledge of Wiz Cloud Native Application Protection. You will be responsible for reliable delivery of Wiz capabilities and supporting Wiz integration with HSBC cloud (AWS, GCP, Azure, AliCloud) and containers infrastructure. This is a cross-functional role that bridges DevOps and Security, enabling secure and compliant cloud deployment and increased visibility of cloud and containers security posture.
- Wiz management plane: delivery and management to automate day-to-day operations – user onboarding, wiz policy and settings updates, migration between Wiz tenants, automate Wiz integration with cloud and containers platforms.
- Wiz Integration & Management: onboard new cloud and containers accounts into Wiz, recipes for integrating Wiz with CI/CD pipeline, containers registry, ticketing systems.
- Implement custom Wiz reports for different stakeholders by leveraging Wiz API and Graph using GraphLQ, Python etc.
- Build and maintain infrastructure-as-code for Wiz deployments and configurations.
- Contribute to security runbooks, incident response, and policy-as-code documentation.
- Responsible for updating and patching Wiz management plane software and infrastructure.
- Support integration efforts with downstream reporting tools by provisioning and maintaining service accounts and APIs catalogue needed.
- Experience in building management plane for IT systems on cloud platforms to monitor system health using gitOps and CICD pipelines, preferably using Google technology, e.g. CloudRun
- Experience in process automation for making changes to Wiz platform e.g. create new roles, updating roles, automate users onboarding
- Strong scripting or coding skills (Pythons, Go, etc.) to implement custom report and API in Wiz for vulnerability scanning reporting, configuration baseline, and runtime security
- Proficiency with at least one major cloud provider (GCP, AWS)
- Infrastructure-as-Code (iac) experience with terraform, Helm
- Experience in CICD tools (GitHub Actions, Jenkins, CloudRun, AWS system manager)
- Experience in debugging and troubleshooting for Wiz related issues
Regards
S.Shanbaga
Tata Consultancy Services
Human Resources- CSP TAG
GCP Cloud Security Engineer
Posted 2 days ago
Job Viewed
Job Description
Dear Candidate,
Tata Consultancy is hiring for GCP Cloud Security Engineer
Skill : GCP Cloud Security
Location : PAN INDIA
Experience : 4-13 Years
WALK IN DRIVE LOCATION : CHENNAI, BANGALORE, HYDERABAD
WALK IN DRIVE TIMING : 9:30AM to 2:30PM
Roles and Responsibilities:
- Lead Security advisory efforts
- Validate and recommend security controls
- Provide security guidance and consultation to customer stakeholders.
- Help in evaluation of new security products
- Lead incident response efforts and coordinate with relevant teams
- Team Leadership and Mentorship
- Mentor Junior security engineers and provide technical guidance
- Lead and manage security initiatives
- External Collaboration
- Collaborate with external security vendors and partners.
Qualifications:
- Bachelors degree in Computer Science, Information Security, of a related field.
- 5+ years of experience in cloud security with at least 3 years of experience with GCP
- Deep understanding of GCP Security best practices and services
- Proven experience in leading security initiatives
- Strong experience in incident response and security investigations.
- Good to have knowledge on Infrastructure as Code (e.g. Terraform)
- Strong leadership, communication and presentation skills
- Relevant advanced security certifications (GCP Professional Cloud Architect, CISSP, CISM, CCSK) are required.
Regards,
Priscilla Nancy
HR TAG – CSP
Tata Consultancy Services
Information Security Analyst
Posted today
Job Viewed
Job Description
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our **Foundational Services** teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Foundational Services re-engineers client and partner processes to deliver excellence through secure, reliable, and controlled services.
Trust is part of our DNA at Citi. As such, we take safeguarding our customer data very seriously. The Cloud Technology Services (CTS) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi's and our clients' assets and information. We manage information security as an end-to-end program - one with a clear mandate and accountability. Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.
Being talent-driven, we are focused on attracting, developing, and retaining diverse and inclusive talent with a high technical skill level. As a member of our team we will provide you with career development opportunities at all stages of your career. Our employees model a passion for protecting Citi and our clients and believe in treating others with dignity and respect.
This is an opportunity to work with Global Secrets Management Platforms team which is part of Citi's Cloud Technology Services. We are responsible for secrets management on-prem and the cloud for several hundred applications across the firm.
Our commitment to diversity includes a workforce that represents the clients we serve globally from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We'll enable growth and progress together.
**Information Security Analyst - PAM specialist**
We are opening our doors for talented individuals who are passionate about Cyber Security, want to be part of innovation by implementing and driving cutting edge technologies within a world class organization.
If you have a background in technology and interested to learn and grow with a world class Cyber Security team, then Citi is a place for you to be.
**Responsibilities:**
+ Provide BAU support for secrets management applications like CyberArk, HashiCorp Vault.
+ Collaborate with various internal and external stakeholders/support teams as required to support the application and business needs.
+ Work with client applications to provide integration/onboarding guidance.
+ Identify security vulnerabilities in the system and implement necessary solutions to remediate the vulnerabilities.
+ Strong Automation experience - Identify manual processes that can be smartly automated.
+ Ensure security best practice is followed and provide solutions to improve existing infrastructure processes in the company.
+ Be involved in the design and subsequent implementation of software and service infrastructure.
+ Provide on-call support in rotation as required.
+ Gather requirements and provide walkthroughs to businesses on usage of various SDKs and API services available for integration with Secrets/Identity and Access Management applications.
**Qualifications:**
+ 5+ Years' experience
+ Bachelor's in Engineering Degree (Computer Science or Equivalent)
+ Any trainings/certifications in Cybersecurity will be considered a plus
**Critical Competencies:**
+ CyberArk, HashiCorp Vault experience will be a big plus.
+ Basic experience working with one or more of these scripting languages - Python, Unix Shell, Perl, Go & PowerShell scripting.
+ Experience with one or more server operating system like Linux, Windows.
+ Experience/basic understanding of CHEF, Ansible, Terraform, CI/CD.
+ Experience with one or more cloud providers such as AWS, GCP, AZURE.
+ Understanding of containers and associated technologies like Kubernetes/OpenShift.
+ Excellent written and verbal communication skills
+ Ability to work across all levels of the organization.
+ Must have good analytical skills.
+ Strong customer and quality-focus.
+ Sound problem resolution, judgment, and decision-making skills .
+ Ability to work well individually and as part of a team.
**About Citi**
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
Additional information may be found at | Twitter: @Citi ( | YouTube: | Blog: | Facebook: | LinkedIn: .
---
**Job Family Group:**
Technology
---
**Job Family:**
Information Security
---
**Time Type:**
Full time
---
**Most Relevant Skills**
Please see the requirements listed above.
---
**Other Relevant Skills**
For complementary skills, please see above and/or contact the recruiter.
---
_Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._
_If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review_ _Accessibility at Citi ( _._
_View Citi's_ _EEO Policy Statement ( _and the_ _Know Your Rights ( _poster._
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Information Security Analyst
Posted 2 days ago
Job Viewed
Job Description
About the company
Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.
Lexitas offers an array of services including local and national court reporting, medical record retrieval, process service, registered agent services and legal talent outsourcing. Our reach is truly national as well as international.
Lexitas is a MNC Company that has set up a subsidiary in Chennai, India – Lexitas India Pvt. Ltd. This Indian company will be the Lexitas Global Capability Center, helping build a world class IT development team, and over time serve as a Shared Services hub for several of the corporate functions.
For More Information -
This is a Full-Time Job located in Chennai, India.
Summary:
This position supports information security, privacy, risk and compliance programs and activities under the direction of the VP of Information Security or designated Information Security Manager. The position assists in developing and maintaining a comprehensive security program for Lexitas. Providing functional and technical support is important to maintain security posture and protection of electronically and physically stored information assets across our systems. Tasks include supporting design, implementation, configuration, documentation, and maintenance to mitigate risk to the business and its computing resources and assets, as well as collaborating with applicable providers, managing and monitoring tools, and facilitating applicable processes and procedures.
Key Roles and Responsibilities :
- Supports IT security, privacy, risk and compliance systems, processes, supporting activities, with the ability to lead activities and programs.
- Monitors computer networks and associated tools and provider services for security, privacy, risk and compliance issues
- Supports the project management, tracking, and documentation of Information, Privacy, Risk, and Compliance programs, processes, and activities
- Investigate security breaches and cybersecurity incidents.
- Documents security breaches and assesses impact.
- Performs and/or supports security tests, risk assessments, and audits to uncover network, application, and process vulnerabilities and provides guidance and training to ensure violations do not persist.
- Tracks and facilitates the mitigation of vulnerabilities to maintain a high security standard.
- Supports best practices for IT security, privacy and compliance.
- Performs and supports 3rd party vulnerability management and penetration testing.
- Research security enhancements and makes recommendations to management.
- Stays current on information technology trends and security standards.
- Prepares reports that detail security, privacy, and compliance risk assessment findings.
- Supports Security Operations Center functions including monitoring and supporting Incident Response activities.
- Supports all related IT Security, Privacy, Risk and Compliance policies and provides guidance to the business.
- Other Information Security, Privacy, Risk, and Compliance duties as required.
Skills and Abilities:
- Experience with computer network and application vulnerability management and penetration testing, and techniques.
- Solid understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
- Ability to identify and mitigate network and application vulnerabilities.
- Good understanding of patch management
- Proficient with various OS
- Excellent written and verbal communication skills
- Knowledge of firewalls, antivirus, and intrusion detection system concepts
- Ability to support and document areas of Information Security, Privacy, Risk, and compliance processes and programs.
- Ability to support incident response process.
- Experience directing 3rd Party providers in the areas of Information Security, Privacy, Risk and Compliance
- Support information security controls including physical and data security protecting the confidentiality, integrity and availability of information systems data.
- Preferred KSA’s:
- Strong working knowledge and experience with primary Information Security, Privacy, Risk, and compliance standards and frameworks such as NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc.
- Experience administering information security software and controls.
- Experience supporting process for managing network and application security.
- Network and system administration experience a plus.
- Good understanding of Standard Information Security Baseline Frameworks, Business Continuity, and Disaster Recovery protocols and best practices.
- Exposure to ITIL (Incident/Change Management) – ITIL v3F preferred.
- Learns and monitors the business processes for the areas of primary support responsibility.
- Support annual Security Baseline Audits and execution of recommendations.
- As part of the technology team, performs “Help Desk” day-to-day tasks in support of Information Security, Privacy, Risk, and Compliance.
Education and Experience:
- Bachelor’s degree in computer science or related field strongly preferred.
- IAT Level-2 technical certification strongly preferred (Comp TIA Security+ or CISSP) or ability to obtain within first 90 days of hire.
- 5+ years’ experience performing role of Information Security Analyst or SOC
- Demonstrated experience in responding to, managing, and resolving security incidents.
- Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
- Experience with Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
- Experience working with Security Information and Even Management (SIEM) system is a plus.
Business Information Security officer
Posted 157 days ago
Job Viewed
Job Description
Yubi, formerly known as CredAvenue, is re-defining global debt markets by freeing the flow of finance between borrowers, lenders, and investors. We are the world's possibility platform for the discovery, investment, fulfilment, and collection of any debt solution. At Yubi, opportunities are plenty and we equip you with tools to seize it.
In March 2022, we became India's fastest fintech and most impactful startup to join the unicorn club with a Series B fundraising round of $137 million.
In 2020, we began our journey with a vision of transforming and deepening the global institutional debt market through technology. Our two-sided debt marketplace helps institutional and HNI investors find the widest network of corporate borrowers and debt products on one side and helps corporates to discover investors and access debt capital efficiently on the other side. Switching between platforms is easy, which means investors can lend, invest and trade bonds - all in one place. All of our platforms shake up the traditional debt ecosystem and offer new ways of digital finance.
Job Description
Act as the liaison between business units and corporate security teams to align objectives with robust security strategies.
Serve as the primary point of contact for clients for all security-related questions, concerns, and communications.
Develop and implement security policies, standards, and procedures tailored to business needs.
Lead risk assessments, identifying vulnerabilities that may impact business operations.
Facilitate regular communication between IT, security, and business leaders to ensure alignment.
Guide business units in understanding and mitigating cybersecurity risks.
Oversee compliance with applicable data protection regulations and internal security requirements.
Foster a culture of security awareness through training and effective communication.
Drive incident response planning and coordinate swift actions during security breaches.
Monitor emerging threats and continuously refine security practices to pre-empt risks.
Report risk assessments, metrics, and progress updates to executive leadership for strategic decision-making.
Collaborate with procurement and business teams to assess the security and privacy risks associated with third-party vendors used by the business units, ensuring compliance with TPRM policies.
Facilitate external Infosec audits by coordinating with auditors, providing necessary documentation and access, and ensuring timely responses to audit findings.
Maintain a strong understanding of the organization's security compliance obligations and work with business units to ensure adherence.
Drive initiatives to address compliance gaps and implement necessary controls.
RequirementsRequirement
Bachelor’s degree in Computer Science, Information Security, or a related field; a Master’s degree is often preferred.
Experience in “ISO 27001” is a must for the role.
2+ years of experience in cybersecurity, risk management, or IT security roles with increasing responsibilities.
Recognized certifications such as CISSP, CISM, or equivalent demonstrate proficiency in security best practices.
Proven track record in leading cross-functional teams and managing security programs in a complex business environment.
Deep understanding of compliance requirements, regulatory frameworks, and the ability to align security strategies with business objectives.
Excellent communication, interpersonal, and stakeholder management skills, with the ability to influence without authority
Strong analytical and problem-solving skills, with the ability to translate technical security concepts into business language.
Ability to work independently and collaboratively within a fast-paced, dynamic environment.
Strong understanding of information security principles, frameworks (e.g., ISO 27001, SOC2, NIST CSF), and relevant compliance regulations.
Threat Hunting Specialist - Information security
Posted 1 day ago
Job Viewed
Job Description
Remote Position: Hybrid
Region: Asia
Country: India
State/Province: Chennai
City: Guindy, Chennai
**Summary**
We are seeking a highly experienced and proactive Cybersecurity Senior Specialist to join our dedicated threat hunting team. In this senior role, you will be at the forefront of our defence strategy, proactively identifying, isolating, and neutralizing advanced cyber threats before they can impact our organization. You will leverage your deep expertise in security analytics, threat intelligence, and incident response to hunt for sophisticated adversaries within our complex network environments.
**Detailed Description**
+ Proactive Threat Hunting: Develop and execute advanced threat hunting missions using a hypothesis-driven approach. Proactively search for indicators of compromise (IOCs) and indicators of attack (IOAs) across endpoints, networks, and cloud environments.
+ Threat Intelligence Integration: Consume, analyze, and operationalize threat intelligence from various sources to inform hunting activities and enhance detection capabilities.
+ Advanced Analytics & Tooling: Utilize Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and other security tools to identify anomalous patterns and malicious activity. Develop and refine custom detection rules and analytics.
+ Incident Response: Serve as a subject matter expert during high-priority security incidents. Conduct deep-dive forensic analysis to determine the root cause, scope, and impact of breaches.
+ Mentorship & Collaboration: Mentor junior analysts, share knowledge with the wider security team, and collaborate with security engineering to improve security posture and close visibility gaps.
+ Reporting & Communication: Clearly document and communicate findings, methodologies, and recommendations to both technical and executive stakeholders.
**Knowledge/Skills/Competencies**
+ Technical Expertise:
+ Proficiency with security tools such as SIEM (e.g., Splunk, Sumologic, Sentinel), EDR (e.g., CrowdStrike, SentinelOne), and packet capture analysis tools (e.g., Wireshark).
+ Strong understanding of the framework and its application in threat hunting.
+ In-depth knowledge of operating systems (Windows, Linux, macOS), network protocols (TCP/IP), and cloud security principles (AWS, Azure, GCP).
+ Experience with scripting languages (e.g., Python, PowerShell) for automation and analysis.
+ Strong understanding of cloud security concepts, platforms (AWS, Azure, GCP).
+ Experience in risk and compliance management and process development in the areas of information technology and security
+ Advanced knowledge of risk mitigation and business controls
+ Excellent problem resolution and creative problem-solving skills
+ Excellent project management skills and strong knowledge of change management processes
+ Analytical Mindset: Exceptional analytical, problem-solving, and critical-thinking skills with a keen eye for detail.
+ Communication: Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.
**Physical Demands**
+ Duties of this position are performed in a normal office environment.
+ Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.
**Typical Experience**
A minimum of 8-10 years of hands-on experience in cybersecurity, with at least 5 years dedicated to threat hunting, incident response, or security operations center (SOC) roles
**Typical Education**
+ Bachelor's Degree in Computer Science, Information Security, or a related field.
+ Must have at least 2 of the below certifications:o CompTIA Security+o CompTIA Cybersecurity Analyst (CySA+)o CompTIA Advanced Security Practitioner (CASP+)o Certified Ethical Hacker (CEH)o Offensive Security Certified Professional (OSCP)
+ Educational Requirements may vary by Geography
**Notes**
This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).
At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
**COMPANY OVERVIEW:**
Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.
Chief Information Security Officer (CISO) - Large Agri Enterprise
Posted 23 days ago
Job Viewed
Job Description
Role Overview
The Chief Information Security Officer (CISO) will be responsible for establishing and leading the information security strategy, governance, and execution across the Group's NBFC and Agro Trading entities. The role ensures compliance with RBI cybersecurity guidelines, data privacy laws, and sectoral best practices, while aligning security with business growth, digital initiatives, and risk management.
Key Responsibilities
1. Information Security Strategy & Governance
- Develop and implement the Group-wide Information & Cyber Security Framework aligned to RBI NBFC Cybersecurity Directions, ISO 27001, and NIST standards.
- Establish governance mechanisms to oversee security across both financial and agri-trading operations.
- Drive group-level cybersecurity policies, SOPs, and awareness programs .
- Report regularly to the Board / Risk & Audit Committee on cybersecurity posture, risks, and incidents.
2. Regulatory Compliance & Risk Management
- Ensure compliance with RBI's Cyber Security Framework for NBFCs , CERT-In directives, and relevant data privacy regulations (DPDP Act).
- Conduct periodic IT & IS audits, vulnerability assessments, and penetration tests.
- Manage regulatory inspections, audits, and reporting requirements.
- Establish a risk-based approach to protect sensitive customer, financial, and trading data.
3. Security Operations & Incident Response
- Establish a Security Operations Centre (SOC) / outsource managed services for continuous monitoring.
- Define and lead the Incident Response Plan (IRP) including detection, containment, investigation, and recovery.
- Coordinate cyber crisis management and business continuity planning across group entities.
- Oversee endpoint security, data protection, identity & access management, and fraud monitoring.
4. Technology & Process Security
- Implement and monitor network, application, and cloud security controls.
- Secure digital lending platforms, Oracle NetSuite ERP, mobile apps, and multiple customer portals for Agri Finance and Agri trading entities.
- Ensure trading operations (ERP, commodity platforms, Digital Marketplaces, External Interfaces) are safeguarded from cyber threats.
- Define secure DevSecOps practices for in-house and/or outsourced application development.
5. Leadership & Stakeholder Management
- Lead the Information Security team and coordinate with IT, Risk, Compliance, Legal, and Business Units.
- Work with external vendors, cybersecurity consultants, and regulators.
- Build a culture of security awareness across employees, agents, and third parties.
- Act as the single point of accountability for group-level cybersecurity.
Qualifications & Experience
- Bachelor's degree in IT/Computer Science/Engineering; Master's preferred.
- Certifications: CISSP / CISM / CISA / ISO 27001 Lead Implementer / CRISC (preferred).
- 12+ years of IT/Information Security experience, with at least 5 years in a leadership role.
- Proven experience in NBFC / BFSI cybersecurity compliance . Exposure to agri trading systems is an advantage.
- Strong understanding of RBI NBFC guidelines, DPDP Act, NIST, ISO 27001, cloud security, fraud risk management .
Key Competencies
- Strategic thinking with strong risk management mindset.
- Hands-on knowledge of security operations, threat management, and compliance.
- Ability to balance security with business agility and cost constraints of a mid-sized group.
- Excellent communication with senior management, regulators, and external partners.
- Leadership, influence, and cross-functional collaboration.
Success Metrics
- Zero major regulatory non-compliance findings.
- Timely reporting and closure of vulnerabilities and incidents.
- Improved security maturity score (e.g., ISO/NIST assessments).
- Enhanced employee security awareness levels.
- Reduced cyber risk exposure across NBFC and Agro Trading operations.
Be The First To Know
About the latest Cloud security Jobs in Chennai !
Senior Principal Consultant - Oracle HCM Cloud Application Security & HCM Advanced Controls
Posted 1 day ago
Job Viewed
Job Description
As an Oracle HCM Cloud Application Security & HCM Advanced Controls Consultant, you will be responsible for designing, implementing, and managing security frameworks and advanced control mechanisms within Oracle Human Capital Management (HCM) Cloud applications. You will ensure that client environments maintain compliance, data integrity, and robust security through expert configuration of Role-Based Access Controls (RBAC) and Advanced Controls.
**Responsibilities**
**Job Title: Oracle HCM Cloud Application Security & HCM Advanced Controls Consultant**
**Location:** India (Bengaluru, Hyderabad, Chennai, Noida, Gurgaon, Pune, Gandhinagar, Kolkata, Mumbai)
**Experience:** Minimum 4 years
**Employment Type:** Full-Time
**Key Responsibilities**
**Security Configuration**
+ Design and implement comprehensive RBAC security models tailored to organizational structures and compliance requirements.
+ Develop and enforce security policies, user provisioning, and de-provisioning workflows.
+ Configure and manage user roles, privileges, and entitlements within Oracle HCM Cloud.
**Advanced Controls Implementation**
+ Deploy Oracle HCM Advanced Controls to monitor and mitigate segregation of duties (SoD) conflicts.
+ Implement controls to ensure compliance with regulatory standards such as GDPR, SOX, and CCPA.
+ Analyze security risks, conduct risk assessments, and recommend corrective actions.
**Client Consulting & Training**
+ Engage with clients to understand their security requirements and translate business needs into technical security solutions.
+ Provide best practice recommendations for Oracle HCM Cloud security and controls.
+ Conduct workshops, training sessions, and knowledge transfer to client teams on security features and compliance management.
**System Integration & Troubleshooting**
+ Integrate Oracle HCM Cloud security with enterprise identity and access management solutions including Identity Governance and Single Sign-On (SSO) systems.
+ Diagnose and resolve security-related issues in the HCM Cloud environment.
+ Work closely with cross-functional teams to ensure seamless security integration.
**Documentation & Reporting**
+ Maintain detailed security design documentation, user manuals, and configuration guides.
+ Prepare and present audit-ready reports and compliance status updates for stakeholders.
+ Continuously update knowledge base to reflect changes in security policies or Oracle HCM functionalities.
**Required Skills & Qualifications**
+ Minimum 4 years of experience in Oracle HCM Cloud security and advanced controls.
+ Strong knowledge of Oracle HCM Cloud security framework including RBAC, user provisioning, and role design.
+ Hands-on experience with Oracle HCM Advanced Controls to mitigate SoD conflicts and ensure compliance.
+ Deep understanding of regulatory requirements like GDPR, SOX, and CCPA as they relate to HCM systems.
+ Experience integrating Oracle HCM security with enterprise Identity Governance and SSO solutions.
+ Excellent analytical, problem-solving, and communication skills.
+ Ability to manage multiple client engagements and deliver solutions on time.
+ Experience working in a client-facing role with strong consulting skills.
**Preferred Skills**
+ Knowledge of Oracle ERP Cloud security is a plus.
+ Exposure to audit processes and internal control frameworks.
**Why Join Us?**
+ Opportunity to work with industry-leading Oracle Cloud applications.
+ Work in a collaborative, innovative environment with global clients.
+ Competitive salary and benefits.
+ Career growth and professional development opportunities across Oracle's global network.
**Interested candidates are requested to apply with an updated resume highlighting relevant Oracle HCM Cloud security and advanced controls experience.**
Career Level - IC3
**About Us**
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing or by calling in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
Security Engineer
Posted 20 days ago
Job Viewed
Job Description
Security Engineer: ( Microsoft Subject Matter Expert) :
Fulltime Remote
About the Role:
Do you want to be on the frontline fighting for safe use within the digital frontier? Does describing your job to your family and friends as being a cyberwarrior or threat hunter sound awesome or awe inspiring? Then join us as part of our Security Operations Center (SOC)
Engineering team as a Microsoft Services Subject Matter Expert (SME) supporting our frontline Threat Hunters. In addition, given the rapid changes within the Microsoft ecosystem you will also be working cross-functionally with Product Management and R&D Engineering to drive differentiation within our service as well with our Business Development team to help maintain the relationship with Microsoft.
While this role will have business responsibilities that will help you expand your career options, the primary day to day role is as a Security Engineer. As a Security Engineer, you will serve as a critical support system for the SOC. You will create, enhance, and tune alerts and detections so that the SOC can best defend our client's networks. Your goal will be to continually improve the detection and alerting that the SOC receives. In some cases, you will work directly with clients to ensure that they send us the most beneficial and important data. You will leverage our tech stack, elements of Microsoft and provide ongoing support both internally and externally. In short, you will be a critical member of the team using Microsoft Defender, Microsoft Sentinel, Microsoft Suite including Purview, Entra, Intune tools, the Pondurance SIEM and SOAR as well as other products and services to protect our clients in the ever-changing threat landscape.
Responsibilities:
Stay on the forefront of the Microsoft ecosystem
Drive security detection improvements
Tune existing alerts and client data in our SIEM tooling for optimal performance.
Identify workflow improvements and curate new automations through our SOAR platform
Assist in continuous improvement efforts to evaluate detection and response capabilities
Develop methods to detect potential threats
Maintain the SOAR platform in support of day-to-day SOC activities
Work with cross-functional teams to enhance detection capabilities
Qualifications:
Strong understanding of tuning alerts and pertinent logs to aid in detecting threats
Expert knowledge of Microsoft including, but not limited to Defender, Sentinel, Purview, Entra, and Intune
Experience building data retrieval from the Microsoft security ecosystem
Leveraging detection mechanisms within SIEMs and SOAR
A strong understanding of cyber-attacks, MITRE ATT&CK framework, emerging threats and threat modelling as well as security research techniques
Intermediate experience with Python, PowerShell, Bash or Go
Intermediate experience with IDS/IPS systems
Talents:
Ability to adjust and adapt in a fast pace and dynamic environment, including changes in responsibilities as the business evolves.
Capacity for Synthesis: bring together disparate elements to create a coherent entity or a big-picture overview in order to gain a new perspective
Applied Technical Thinking: apply specialized, theoretical knowledge to efficient operational uses
Demonstrate strong composure with a balance of urgency and intensity, as well as focus
Security Engineer 3
Posted 1 day ago
Job Viewed
Job Description
**Job Summary**
"Responsible for contributing towards the build and maintenance of the organization's cyber security systems and infrastructure. Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards. Conducts security assessments and audits to identify cybersecurity risks within the company's networks, applications and operating systems. Helps secure and protect the Network Infrastructure: Routers, Switches, Optical Devices, L2 Datacenter and cabling, Strand Mounted devices, Secure Routing protocols, DOCSIS plant (CMTS/vCMTS/PON), SDN, best practice device configuration, network automation, monitoring and troubleshooting. Tests company's internal systems to validate security and detect any computer and information security weaknesses. Performs a technical analysis of vulnerabilities and determines the impacts to the organization Reports, tracks and records findings in a comprehensive vulnerability assessment report. Identifies and recommends appropriate action to mitigate vulnerabilities and reduce potential impacts on cybersecurity resources. Applies long-term objectives and plans related to the company's technical vision to daily activity. Applies innovative solutions for cyber engineering developmental problems that are competitive with industry and company standards. Has in-depth experience, knowledge and skills in own discipline. Usually determines own work priorities. Acts as a resource for colleagues with less experience.
Employees at all levels are expect to:
- Understand our Operating Principles; make them the guidelines for how you do your job
- Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services
- Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences
- Win as a team - make big things happen by working together and being open to new ideas
- Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers
- Drive results and growth
- Respect and promote inclusion and diversity
- Do what's right for each other, our customers, investors and our communities"
**Job Description**
**The Company**
Founded in 1963, and headquartered in Philadelphia, Pennsylvania, Comcast Corporation (NASDAQ: CMCSA, CMCSK) is a global media and technology company with two primary businesses: NBCUniversal and Comcast Cable. NBCUniversal operates 30 news and entertainment cable networks, the NBC and Telemundo broadcast networks, television production operations, television station groups, Universal Pictures, and Universal Parks & Resorts. Comcast Cable Communications, LLC ("Comcast nation's largest video, high-speed internet, and phone provider to residential and business customers under the XFINITY brand. Comcast has invested in technology to build a sophisticated network that delivers the fastest broadband speeds and brings Cable") is the customers personalized video, communications, home management offerings and business services.
**COMCAST India**
Comcast India Engineering Center
Chennai One SEZ, Phase 2 (5th floor)
North Block, Phase 2, Module 7&8,
Pallavaram - Thoraipakkam 200 Feet Road,
Thoraipakkam,
Chennai-600 097.
**Summary:**
Want to do the best work of your life? With 24 million customers in 7 countries, make your mark at Europe's leading media and entertainment brand. A workplace where you can proudly be yourself; our people make Sky a truly exciting and inclusive place to work.
As a key member of Sky's Enterprise Technology Identity and Access Management Team you will help set the direction of our B2C strategy and roadmap as we expand the platform across new areas of the business. You will be working closely with platform owners and stakeholders to make adoption of B2C as frictionless as possible, through a deep understanding of the business requirements and how the technology can be applied to create the best customer experience. You will also be working to maintain our existing B2C solution and will be expected to make recommendations around best practice and upgrades to the platform owners and IAM manager.
**Website** - Skills:**
# **One identity, CyberArk, PAM, IS , NIST,** **Azure AD,** **CrowdStrike Identity Protection, bash,** **LDAP, SAML, OAuth, and OpenID Connect.**
**Core Responsibilities**
- **Design, develop, and implement IAM solutions using One Identity Manager** .
- Collaborate with other team members to ensure that IAM solutions meet business requirements, security standards, and regulatory compliance.
- **Develop custom scripts and processes to extend the functionality of One Identity Manager** .
- Configure and maintain **connectors for identity sources such as Active Directory, LDAP, and HR systems.**
- **Perform IAM solution testing, troubleshooting, and issue resolution.**
- Be responsible for the **development lifecycle, testing and deployment of your code,** ensuring change compliance is maintained throughout.
- Proactively ensure that the platform remains in line with emerging technologies by ensuring upgrades are completed in a timely manner.
- Provide technical guidance to clients and other team members on IAM best practices, solution design, and implementation.
- Participate in the development and delivery of client training programs and technical documentation as required.
- Have an identity first approach with a sound understanding of the concept of least privileged.
- Conduct regular audits and assessments of the IAM stack identify and address any security gaps or vulnerabilities.
- Work with auditors to and supply evidence as required.
- Stay ahead of the security curve and make best practice recommendations to senior management ( **NIST, NCSC** etc.)
- Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations.
- Mentoring and support for other members of the Team.
**Required Experience and Skills:**
- Solid understanding of **Identity Governance and Administration** platforms (preferably **One Identity** ) with at least 3 years' experience in the field.
- Strong understanding of I **AM concepts and protocols such as LDAP, SAML, OAuth, and OpenID Connect.**
- Expertise in cross platform scripting ( **TSQL, Powershell, bash etc** .).
- On premise and cloud directory services ( **LDAP, Azure AD, GSuite etc** .)
- Be a subject matter expert on both legacy and modern authentication protocols.
- Have excellent security awareness including standards e.g., **IS , NIST and CIS.**
- Have a good understanding of **Web APIs including SOAP, REST and GraphQL architectures.**
- Have a good understanding of Access Controls and Identity Lifecycle management.
- Have excellent communication and organisational skills.
**Desired Skills and experience:**
- Privileged Account Management **(preferably CyberArk)**
- Azure Identity Solutions ( **PIM, MFA, Conditional Access** etc.)
- Integration with IAM supporting software suites such as **SIEM (Splunk) and Crowstrike Identity Protection.**
- Familiarity with regulatory requirements such as **PCI-DSS, SOX, and GDPR** .
- **Certification in One Identity Manager** is highly desirable.
**Experience: 5 - 7.5 years**
**Location:** Chennai, Tamil Nādu Education: Bachelor's Degree or Equivalent
**#CIECTN25**
Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality - to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary ( on our careers site for more details.
**Education**
Bachelor's Degree
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
**Relevant Work Experience**
5-7 Years
**Job Family Group:** Information Technology