What Information Security Jobs are in Bangalore?
Showing 51 Information Security jobs in Bangalore
Senior Information Security Engineer-IBM Guardium
Posted 4 days ago
Job Viewed
Job Description
Wells Fargo is seeking a Senior Information Security Engineer.
**In this role, you will:**
+ Lead or participate in computer security incident response activities for moderately complex events
+ Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
+ Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
+ Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
+ Review and correlate security logs
+ Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
+ Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
+ Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
**Required Qualifications:**
+ 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
**Desired Qualifications:**
+ 4+ years of IBM Guardium or Imperva SonarG/DCAP database activity logging and monitoring experience
+ 4+ years of experience in information security applications and systems
+ Experience with interpreting requirements and implementing Use-Cases
+ Strong proven verbal and written communication skills, including business and technical writing skills
+ Demonstrated ability to interface with all organizational levels
+ Experience in preparing Business Requirements Documentation, Test Plan and Test scripts
+ Proven problem solving and analytical skills
+ Ability to work independently and manage sometimes competing priorities
+ Database auditing or database administration experience
+ Application security planning and security architecture
+ Expect scripting experience
+ Knowledge of impact analysis, and risk analysis as they apply to extremely complex applications
+ Experience in Information Security and/or relevant education/certifications
+ Experience with Ansible and Python
**Posting End Date:**
14 Jul 2026
**_*Job posting may come down early due to volume of applicants._**
**We Value Equal Opportunity**
Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
**Applicants with Disabilities**
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo ( .
**Drug and Alcohol Policy**
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy ( to learn more.
**Wells Fargo Recruitment and Hiring Requirements:**
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.
**Req Number:** R-
Is this job a match or a miss?
The Principal Information Security Specialist, Threat Intelligence
Posted 6 days ago
Job Viewed
Job Description
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Principal Information Security Incident Response Analyst is a highly skilled subject matter exper, responsible for providing an escalation path for Level 1 and 2 workflows for high-risk incidents.
Additionally, this role facilitates proactive security measures through analytics and threat hunting processes and is responsible for detecting and monitoring escalated threats and suspicious activity affecting company technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).
This role is responsible to manage critical and high-risk exposures in the daily operation of real-time threat management activities.
This senior technical resource facilitates problem resolution and mentoring for the overall team. This includes operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).
**Key responsibilities:**
+ Manages weekly sprints in Threat Hunting analytics.
+ Manages the processing of security alerts, events, and notifications (e.g. via email, ticketing, virus warning, intelligence feeds, workflow, etc.).
+ Manages the notification of internal and/or external teams according to agreed alert priority levels, and escalation trees.
+ Monitors events for suspicious events, investigation, and escalate where applicable.
+ Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
+ Prioritizes threat analysis based on risks associated with each threat and working with the appropriate teams to ensure related communications are in line with company best practice and recommendations.
+ Acts as the primary technical lead for the Computer Incident Response Team (CIRT), coordinating the work of technical staff from various departments, as well as the work of third-party technical experts.
+ Ties third party attack monitoring services and threat reporting services, into internal CIRT communications systems, so as to better alert CIRT team members about what's coming, and what preparations to undertake before production systems at NTT Ltd are damaged (and what remedial actions to take after damage has taken place).
+ Regularly reviews the current configurations of NTT Ltd production information systems and networks, with an eye towards the steps that attackers must take to break through existing defenses, and recommends configuration changes, system setting changes, network topology changes, and other modifications that would enhance the overall level of security.
+ Designs, specifies, programs, deploys, and fine-tunes custom software which analyses the vast amount of log, audit trail, and other recorded activity information that modern systems record, so as to be able to immediately detect unauthorized activity, most importantly intrusion by unauthorized parties and the execution of unauthorized software.
+ Designs automated scripts, automated contingency plans, and other programmed responses which are launched when an attack against company systems has been detected.
+ Designs, specifies, programs, debugs, and oversees the work of others related to middleware, and other system integration tools, which tie multiple security monitoring systems together so as to better meet company information security needs.
+ Performs post-mortem analyze with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users.
+ Reviews incident and problem management reports to identify potential security weaknesses and perform an impact and risk analysis, developing recommendations for highlighted risks, ensuring that these risks and solutions are presented to the relevant stakeholders.
+ Ensures that security service audit schedules are developed, scoped, discussed and agreed with the business.
+ Reviews access authorization for compliance with policy, administration security controls for effectiveness, security on the operational systems and verify that security monitoring is working.
**To thrive in this role, you need to have:**
+ Ability to remain calm and focused during stressful situations.
+ Ability to listen and adapt to changing situations.
+ Ability to recognize potential problems and take steps to fix the issues.
+ Extended understanding of complex inter-relationships in an overall system or process.
+ Extended knowledge of technological advances within the information security arena.
+ Demonstrates analytical thinking and a proactive approach.
+ Displays consistent client focus and orientation.
+ Extended knowledge of information security management and policies.
+ Extended understanding of current and emerging threats, vulnerabilities, and trends.
+ Extended understanding of malware forensics, network forensics, and computer forensics also highly desirable.
+ Ability to statically and dynamically analyze malware to determine target and intention.
+ Ability to uncover and document tools, techniques, procedures used by cyber adversaries in attacking managed infrastructure.
+ Sound decision making abilities with demonstrate teamwork and collaboration skills.
+ Displays good planning and organizing ability.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related field.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
+ Industry certifications such as CISSP, CISM, CISA, CEH, CHFI preferred.
+ Information Technology / ITILSM / ICT Security / ITIL v3 preferred.
**Required experience:**
+ Extended experience in a Technology Information Security Industry.
+ Extended experience working in a SOC/CSIRT.
+ Extended experience or knowledge of SIEM and IPS technologies.
+ Extended experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis.
+ Extended experience in building SIEM rules and/or indicators of compromise for threat detection.
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune
Global 100. We are committed to accelerating client success and positively impacting society through
responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with
unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and
application services. Our consulting and industry solutions help organizations and society move
confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more
than 70 countries. We also offer clients access to a robust ecosystem of innovation centers as well as
established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each
year in R&D.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
**Third parties fraudulently posing as NTT DATA recruiters**
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters whether in writing or by phone in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an **@nttdata.com** email address. If you suspect any fraudulent activity, please contact us ( ) .
Is this job a match or a miss?
Principal Information Security Engineer
Posted 8 days ago
Job Viewed
Job Description
**Job category:** Technology
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start **Caring. Connecting. Growing together.**
**Primary Responsibilities:**
+ Ensure compliance with industry, regulatory and contractual security requirements of all products, customers, and assigned areas
+ Provides analysis of and suggested solutions to complex Cyber Security issues, as well as complex conceptual analysis, building and maintaining key security metrics
+ Drive fast paced cyber remediation efforts that have significant programs that will minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled, and processed within the organization
+ Solid communicator with demonstrated collaboration, analytical, and critical thinking skills to achieve business goals, while balancing security and technology objectives
+ Assist BISOs/XISOs by delivering on cyber program accelerator objectives driving identified security gaps and improvements that require collaboration from different teams across the enterprise
+ Translating technical security requirements to customers in support of BISOs/XISOs
+ Assist in the development and presentation of program reporting metrics
+ Expertise in cloud security, platforms, and services, including understanding of current security offerings from leading cloud services providers, and their applicability to securing a SaaS for enterprise security requirements
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ 5+ years of experience in customer experience and implementing customer experience strategies, preferably in a security or technology environment
+ 4+ years of experience in an infosec programs
+ 4+ years of proven analytical, reporting and problem-solving skills, with the ability to identify and address customer pain points and satisfaction drivers with data
+ 4+ years of experience communicating and partnering with internal customers
**Preferred Qualifications:**
+ Bachelor's degree in computer science, Business, related field, or 10+ years equivalent experience
+ CISSP, GSEC or similar certification
+ 7+ years of experience in Information Security
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
Is this job a match or a miss?
Senior Information Security Engineer - Python Full Stack Developer
Posted 7 days ago
Job Viewed
Job Description
Wells Fargo is seeking a Senior Information Security Engineer.
**In this role, you will:**
+ Lead or participate in computer security incident response activities for moderately complex events
+ Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
+ Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
+ Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
+ Review and correlate security logs
+ Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
+ Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
+ Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
**Required Qualifications:**
+ 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
**Desired Qualifications:**
+ 4+years of experience in Software Engineering, Data Engineering, or a backend development python development and backend architecture.
+ Expert level knowledge of Python internals, concurrency (Asyncic/Multiprocessing) and building high performance, memory efficient applications.
+ Proven expertise in designing and governing enterprise grade CI/CD pipelines and must manage complex code promotions across multi-region environments using GIT hub actions, Git Lab, or Azure DevOps.
+ Extensive hands-on experience with Apache Kafka (or Confluent), including cluster tuning, schema registry management and designing event driven architectures.
+ Deep experience with Grafana and Prometheus for full stack observability - defining SLIs/SLOs, custom exporters and complex alerting logic.
+ Strong understating of the end-to-end ML life cycle, specifically in the deployment and scaling of models using frameworks like **BentoML, Ray, or KServe.**
+ Experience in SQL, data modelling, ETL/ELT pipelines, and large-scale data processing.
+ Good to have knowledge in Terraform, Palumi and container orchestration - Kubernetes, EKS.
+ Work Location: Bangalore / Hyderabad
**Job Expectations:**
+ Lead the development of mission critical python services, ensuring high availability and low latency performance.
+ Standardize how code moves through the organization, implementing sophisticated deployment patterns like **Blue-Green, Cannery or Ring deployments** .
+ Lead the design of Kafka based data backbones, ensuring data integrity, durability and scalability.
+ Build and manage a unified monitoring strategy in Grafana, providing deep visibility into business critical data flows.
+ Collaborate with data science teams to transition experimental ML models into robust, scalable production services.
+ Act as a subject matter expert, conducting high-level code reviews and suggesting best practices on python, DevOps maturity.
+ Ensure that the CI/CD movement and secret management meet stringent enterprise security standard0073.
**Posting End Date:**
30 Jul 2026
**_*Job posting may come down early due to volume of applicants._**
**We Value Equal Opportunity**
Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
**Applicants with Disabilities**
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo ( .
**Drug and Alcohol Policy**
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy ( to learn more.
**Wells Fargo Recruitment and Hiring Requirements:**
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.
**Req Number:** R-
Is this job a match or a miss?
Cyber Security Spec IND
Posted 3 days ago
Job Viewed
Job Description
About us:
We are a highly successful 190-year-old, Fortune 500 commercial property insurance company of 6,000+ employees with a unique focus on science and risk engineering. Businesses worldwide trust our expertise to protect their assets, relying on our comprehensive risk assessments and robust, engineering-based insurance solutions to safeguard against fire, natural disasters, and other perils. Serving over a quarter of the Fortune 500 and major corporations globally, we deliver data-driven strategies that enhance resilience, ensure business continuity, and empower organizations to thrive.
FM India is a strategic location for driving our global operational efficiency. Our presence in India allows us to leverage the countrys talented workforce and advance our capabilities to serve our clients better. We have diverse corporate functions that emphasize research, advanced technologies like AI and analytics, risk engineering, research, finance, marketing, HR, etc. working together to provide innovative solutions and nurture lasting relationships from co-workers to clients.
Role Title: Cyber Security Spec IND
Position Summary:
Assists senior team members with performing the day to day operations and monitoring of security infrastructure technologies (such as SIEM, UEBA, Firewall, AV/EDR, DLP) used to prevent, detect, and/or respond to security incidents. These operational activities include monitoring and responding to cyber security alerts and incidents. Manages ticket queues and responds to operational incident tickets received from the service desk and processes change requests.
Job Responsibilities:
- With guidance from senior team members, performs daily security event monitoring and subsequent investigation activities. In the event that a security incident has been found, follows enterprise incident response standard processes ensuring proper escalation and engagement of more senior team members, management, and other technical teams as appropriate.
- With guidance from senior team members, supports efforts to implement 0% ongoing improvements to security policies and infrastructure configurations which improve the effectiveness and efficiency of Xs threatprevention, detection, and response services.
- Under the direction of more senior team members, provides support for business and technology initiatives which require assistance from thesecurity infrastructure services team.
- Maintain familiarity with companies security standards and ensure that 0% technologies and security policies are implemented in support of those standards. Communicate any identified gaps to peers and management in atimely manner.
- Is able to communicate and work as a team both within security infrastructure services and across other groups in support of goals andobjectives.
- Maintains clear concise and accurate documentation for processes and configurations. Ensure documentation is kept up to date and in the propershared, accessible location.
Skill and Experience:
- 1-3 years of experiencerequired to perform essential job functions.
- Additional Experience Qualifier (optional): Minimum of one (1) year of experience in information technology, security administration, business analysis, risk, audit, compliance, computer forensics, network perimeter security or other related discipline.
- Ability to communicate verbally and in writing
- Ability to coordinate activities with team members and other stakeholders
- Must have a strong work ethic, and a positive attitude
- Ability to work independently or on a team Ability to multitask and change priorities with effective results
- General knowledge of at least one of the following areas: operating systems, databases, systems, networks, application development Working knowledge of MS Office suite, especially Excel
- PowerBI Preferred
- Ability to leverage various sources of information articles, webinars, Internet, etc to gain accurate knowledge of current security threats, vulnerabilities and mitigating strategies to address them
Must Have Skills:
- Security Event Analysis and Triage
Ability to review escalated alerts, analyze supporting evidence, and apply structured thinking to determine legitimacy, severity, and next steps under guidance. - Foundational Adversary and Attack Knowledge
Working understanding of common attacker behaviors and tactics, including familiarity with concepts such as phishing, credential abuse, lateral movement, and the MITRE ATT&CK framework. - Broad Technical Curiosity and Literacy
Exposure to enterprise technologies including endpoints, identity systems, cloud services, networking, email, and SaaS platforms, with the ability to follow attack paths across domains. - Data Loss Prevention and Insider Threat Exposure
Familiarity with DLP or insider threat alerting, including reviewing user behavior, contextual data, and supporting basic investigations and escalations. - Analytical and Automation Aptitude
Strong problem-solving skills, comfort working with data, and experience or interest in scripting and automation tools (e.g., Python, PowerShell, APIs). Ability to apply these skills to enhance and scale AI-assisted SOC operations.
GSEC/GCIH/Security+/BTL1/BTL2/CySA+/SC-200/CCTIA - Automation & Integration Mindset
Experience or interest in integrating AI agents with automation tools and enterprise systems (e.g., APIs, Power Automate, SIEM platforms). Ability to extend agent capabilities to support SOC use cases such as enrichment, triage support, and workflow orchestration.
Education and Certifications:
4 Year/ bachelors degree required.
Work location: Bengaluru
Is this job a match or a miss?
Senior Specialist Cybersecurity - Non-Human Identity (NHI) Engineering
Posted 3 days ago
Job Viewed
Job Description
**Location:** Bangalore or Hyderabad. This is an onsite role requiring 5 days/week presence; candidates must be based in or willing to relocate to one of these locations.
**About the Team**
We are strengthening AT&T's enterprise Non-Human Identity engineering capability to support discovery, inventory, ownership, access governance, credential security, and monitoring machine identities across hybrid cloud and on-premises environments. The team works closely with IAM, PAM, IGA, cloud, AI platform, application, infrastructure, DevOps, and security monitoring teams to operationalize centralized governance for service accounts, APIs, bots, application identities, RPA workloads, cloud workload identities, and AI agents.
**Role Summary**
As a Senior Specialist Cybersecurity - Non-Human Identity Engineering technical leader, you will implement, integrate, automate, troubleshoot, and operate the enterprise NHI and Cloud IAM governance program. You will support discovery, onboarding, classification, ownership mapping, access governance, credential security, reporting, and remediation for non-human identities. This is a senior hands-on engineering role that requires deep technical execution, the ability to lead by doing, and the capability to guide other engineers through complex IAM platform, cloud IAM, PAM, secrets management, monitoring, application, and agentic workload challenges.
**What You'll Do**
- Execute NHI discovery, onboarding, classification, ownership mapping, and registry maintenance across service accounts, APIs, bots, RPA, cloud workloads, and AI agents.
- Integrate NHI data and controls with IGA, PAM, secrets management, cloud IAM, SaaS, DevOps, monitoring, and enterprise application platforms.
- Implement lifecycle controls including access provisioning, entitlement validation, access reviews, deprovisioning, and event-driven reviews for high-risk NHIs.
- Operationalize credential security controls including automated rotation, dynamic secrets, short-lived certificates, JIT access, runtime authentication, and least privilege.
- Identify and remediate orphaned, stale, duplicate, unmanaged, over-permissioned, or unjustified NHIs through structured tracking and follow-up.
- Support AI-agent and agentic workload onboarding by validating ownership, system mappings, access, credentials, and monitoring visibility.
- Serve as a senior hands-on escalation point for production issues involving NHI discovery, cloud IAM permissions, secrets, integrations, monitoring gaps, and data quality.
**What You Need to Bring**
- 8+ years of enterprise experience in IAM, cloud IAM, PAM, IGA, cybersecurity engineering, infrastructure security, or machine identity management.
- Hands-on experience with NHI engineering across service accounts, APIs, application identities, bots, RPA, privileged machine accounts, cloud workload identities, and agentic workloads.
- Ability to lead by doing: design integrations, build automation, troubleshoot production issues, validate access models, and guide engineers through implementation challenges.
- Strong hands-on experience with AWS IAM, Azure Entra ID, and/or GCP IAM, including integration with IGA, PAM, secrets management, and monitoring platforms.
- Experience implementing access governance and lifecycle controls, including entitlement validation, certifications, least privilege, deprovisioning, and remediation.
- Experience with secrets management and credential security patterns including automated rotation, dynamic secrets, short-lived certificates, JIT access, and runtime authentication.
- Scripting proficiency in Python, PowerShell, Bash, APIs, or similar tools for automation, diagnostics, reporting, integration, and remediation.
- Strong troubleshooting, communication, documentation, and collaboration skills across technical teams, application owners, cloud teams, vendors, and leadership stakeholders.
**Nice to Have**
- Experience with Oasis, SailPoint, CyberArk, HashiCorp Vault, Azure Entra ID, AWS IAM, GCP IAM, ServiceNow, CI/CD tools, cloud-native security services, or SIEM integrations.
- Understanding of AI agents, agentic workflows, automated workloads, and identity risks associated with autonomous systems.
- Experience with zero trust architectures, least-privilege access models, privileged access management, and identity threat detection.
- Exposure to infrastructure-as-code, containerized deployments, DevOps pipelines, cloud platforms, or API-based integrations.
- Strong troubleshooting, analytical, organizational, self-motivation, and stakeholder management skills.
- Interest in leveraging automation or AI-enabled tools to improve discovery, monitoring, reporting, remediation, and operational response workflows.
Why Join Us?
- Play a hands-on role in operationalizing AT&T's enterprise NHI governance capability across IAM, cloud, PAM, secrets management, and AI-agent environments.
- Work on high-scale discovery, onboarding, access review, credential security, and remediation activities that directly reduce risk from unmanaged machine identities.
- Collaborate directly with teams across India and the US on a strategic identity security capability that improves visibility, access control, and operational resilience.
**\#Cybersecurity**
**Weekly Hours:**
40
**Time Type:**
Regular
**Location:**
IND:KA:Banglaore / Intl Tech Park, Whitefield Rd - Storage: Creator Building, Itpb, Whitefield Rd (inactive)
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status
Is this job a match or a miss?
AVP -Cyber Security Specialist
Posted 4 days ago
Job Viewed
Job Description
About Us:
MUFG Bank, Ltd. is Japans premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Banks parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the worlds leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. The Group aims to be the worlds most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFGs shares trade on the Tokyo, Nagoya, and New York stock exchanges.
MUFG Global Service Private Limited:
Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFGs global network across Americas, EMEA and Asia Pacific.
Cyber Security Specialist, Cybersecurity Services
Systems Office for Asia (ASO) IT Risk Management Department (IRMD)
Position Title:Cyber Security Specialist
Corporate Title: Assistant Vice President
Reporting to: Vice President
Location: MUFG Global Services Pvt. Ltd., Bhartiya Centre for Information Technology, Thanisandra, Main Road, Bengaluru, Karnataka.
Job Description:
This is a Security Risk Assessment role supporting the Asia Pacific Region in reviewing and maintaining controls to protect the Organization against risks associated with Cybersecurity Threats from both Internal and External.
Roles & Responsibilities:
The candidate will be expected to be a Subject Matter Expert in both functional and technical aspect of the Security Domains as indicated below,
- Carry out Security Risk Assessment to identify potential threats and security risks of systems and networks, assess the risk likelihood and impact, and recommend effective controls to mitigate the risks
- Carry out Threat Modeling to identify potential ways and gaps that systems and networks can be exploited by cyber threats based on the threat landscape, such as advanced malware, data exfiltration, vulnerability exploits, network intrusion, denial of service and other techniques, and recommend appropriate countermeasures.
- Review and evaluate the efficacy of security measures prior to Production system go-live to meet the banks Technology Risk, Security and regulatory compliance requirements
- Review and evaluate the efficacy of security measures of key 3rd party vendors and external-hosted systems of the Bank, during onboarding and ongoing service review
- Assist in creating, managing, and rolling out training programs for staff such as Cybersecurity awareness, cyber offence and defense, and Incident Response (IR).
- Assist in developing, monitoring and reporting the cyber risk profile of the Bank and its APAC branches
- Be the subject matter expert to advise on cyber security frameworks, standards and risk assessment matters.
- Engage in security research and conduct knowledge sharing to ensure the Bank is aware and well-prepared in defending against known and emerging security threats.
Customer:
- Develop and maintain strong stakeholder management with key stakeholders both within MUFG and externally.
- Work in partnership with colleagues in the global cyber security teams in the regional offices of Japan, Europe, America, China and other offices to share knowledge, support regional/global initiatives and best practices on cyber security.
- Work in partnership with colleagues in the Asian Branches to play a regional role to support regional cyber security improvement plans to ensure a consistent level of maturity in technology and processes across the region.
People:
- Support, coach and guide less experienced members of the team.
Job Requirements:
- Proactive and possess good understanding of IT Risk, compliance and security management frameworks
- Experience or good knowledge in Application development, Infrastructure and Enterprise Technology stackand system architecture and designis highly preferable
- Experienced in performing security risk analysis of various types of systems such as web-based and mobile applications, enterprise applications, APIs and cloud-based systems
- Knowledge of risk assessment tools, technologies, and methods.
- Detailed understanding of threat modeling practices, techniques and principles.
- Strong stakeholder management skills to collaborate with regional offices and branch offices.
- Keep up-to-date with the latest security standards, authentication and cryptography protocols, and regulatory requirements.
- Strong communication and writing skills with ability to influence heads of department, technical managers and other key stakeholders.
- Strong working knowledge of industry trends, security products and technology.
Education level:
- Bachelors degree in computing or relevant field
- Good to have certifications Certified Information Systems Security Professional (CISSP)
Experience:
- Desirable to have at least 6+ years of relevant experience in Threat Modeling, Cyber Risk and Application Security Review.
Equal Opportunity Employer:
The MUFG Group is committed to providing equal employment opportunities to all applicants and employees and does not discriminate on the basis of race, colour, national origin, physical appearance, religion, gender expression, gender identity, sex, age, ancestry, marital status, disability, medical condition, sexual orientation, genetic information, or any other protected status of an individual or that individual's associates or relatives, or any other classification protected by the applicable laws.
Is this job a match or a miss?
Information Security Lead
Posted 23 days ago
Job Viewed
Job Description
We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways.
Are you curious about being part of our growth story while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.
**Job Summary**
Iron Mountain is seeking a **skilled and strategic Information Security Lead - India** to join our **Global Information Security** team. In this role, you will be responsible for **ensuring the business understands and adheres to National Institute of Standards and Technology (NIST) based security controls while overseeing India-specific cyber controls to guarantee alignment with local regulatory landscapes** .
You will work within a specialized regional team that acts as a vital bridge between India's business leadership and our global security operations, balancing commercial agility with rigorous protection.
**What You'll Do**
In this role, you will:
+ **Responsibility 1:** Lead the continuous monitoring of information systems and operational environments, driving 100% completion of mandatory security training and maintaining meticulous system documentation and configuration standards.
+ **Responsibility 2:** Collaborate closely with regional business groups, the global Information Security team, and India-based stakeholders to proactively identify system vulnerabilities and drive swift, effective remediation.
+ **Responsibility 3:** Ensure strict compliance with both global frameworks and Indian mandates-including the Digital Personal Data Protection (DPDP) Act-while alerting leadership to any environmental changes impacting critical system security.
**What You'll Bring**
The ideal candidate will have:
+ **Extensive experience** in Information Security within Developer Operations (DevOps), Platform, Infrastructure, and Engineering environments.
+ **Strong knowledge** of global and India-specific compliance frameworks, including National Institute of Standards and Technology (NIST) 800-53, International Organization for Standardization (ISO) 27001, and the Indian Computer Emergency Response Team (CERT-In) Directions.
+ **Proven ability** in strategic stakeholder management, specifically the ability to articulate complex security risks to non-technical business leaders and translate commercial requirements into prioritized security workstreams.
+ **Expertise in sector-specific regulations** such as the Reserve Bank of India (RBI) Master Direction on Information Technology Governance and the Securities and Exchange Board of India (SEBI) Cybersecurity Framework
**Call to Action**
Ready to secure the future of data? Apply today to join Iron Mountain and lead our security excellence in India!
Category: Risk Management
Iron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers' assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here.
Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.
If you have a physical or mental disability that requires special accommodations, please let us know by sending an email to See the Supplement to learn more about Equal Employment Opportunity.
Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law.
To view the Equal Employment Opportunity is the Law posters and the supplement, as well as the Pay Transparency Policy Statement, CLICK HERE
**Requisition:** J
Is this job a match or a miss?
Information Security Engineer
Posted 23 days ago
Job Viewed
Job Description
The Incident Detection and Response (ID&R) team provides visibility into security and compliance, performs incident response, and drives root cause analysis to improve Cisco's security posture.
ID&R serves Cisco and its business entities to detect, respond, and mitigate security incidents, improve compliance and security posture, as well as ensure Cisco meets its regulatory and contractual obligations for data loss notification.
**Responsibilities Include:**
+ Splunk Domain Expert
+ Learn and deploy new technologies as needed to support business objectives related to security detection and response.
+ Update, modify, and enhance existing programs used for security detection and response.
+ Lead software upgrades, evaluations of new versions of the software.
+ Maintain the production security environment, including identification of problems and driving resolution.
+ Maintain data availability as a part of a 24x7 duty rotation.
+ Develop documentation on all custom solutions.
**Desired Skills**
+ Splunk Administration (minimum 4 years of experience)
+ Splunk Enterprise Security configuration and tuning
+ Splunk Cloud Administration
+ Splunk SOAR
+ Search Head Clustering
+ Indexer Clustering
+ Onboarding new data sources
+ Patching, configuration, and maintenance
+ Ability to automate recovery of frequent operational issues
+ Administration of other SIEMs (ELK, ExaBeam, etc) is a plus
+ Cloud platforms (AWS, GCP, Azure)
+ Experience deploying in AWS (AMI, CloudFormation, etc.)
+ Excellent communication skills and a self-starter
+ Using GitHub repositories
+ Jira Service Desk, ServiceNow for issue tracking and resolution
+ Experience with Linux/UNIX systems and the standard methodologies for deploying applications to those stacks.
+ Experience writing in Python (Perl also useful)
+ Web services and APIs ( in RESTful and SOAP
+ Agility and willingness to deal with a high level of ambiguity and change
+ Flexibility - willingness to pitch in where needed across program and team
+ Global teaming skills and ability to focus the team to deliver to timelines
+ Ability to multi-task
**Certifications**
+ Splunk Cloud Certified Administrator (required)
+ Splunk Enterprise Certified Architect (preferred)
+ AWS Certified Solutions Architect (preferred)
**Why Cisco?**
At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.
Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere.
We are Cisco, and our power starts with you.
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
Is this job a match or a miss?
Specialist, Information Security
Posted 23 days ago
Job Viewed
Job Description
Specialist, Information Security
**Reports to**
Team Manager, Cybersecurity
**Location**
Channi/Bangalore, Hybrid
**Team**
Cybersecurity, OCTO
**Role Overview**
The Cybersecurity Governance, Risk & Compliance (GRC) function sits within the Chief Information Security Office as part of the Digital and Technology organisation, reporting to the Chief Information Officer at Pearson.
We are seeking a motivated and detail‑oriented **Cybersecurity Risk Analyst** to support cyber risk and third‑party risk management activities within the Cyber GRC team. This role contributes to how cyber risks are identified, assessed, tracked, and reported across the organisation, working closely with Technology, Data Privacy, Procurement, and Risk Owners.
The role supports informed, risk‑based decision‑making by ensuring cyber risks are clearly documented, understood, and monitored, while enabling the business to move at pace. This is an individual contributor role, focused on high‑quality risk analysis, stakeholder engagement, and consistent execution of Cyber GRC processes.
**Key Responsibilities**
**Cyber Risk Management**
+ Support the identification, assessment, and documentation of cyber risks across technology and business domains.
+ Maintain accurate and up‑to‑date cyber risk records, including risk statements, impact assessments, controls, and remediation plans.
+ Work with Designated Risk Owners to ensure risks are clearly articulated in business‑relevant terms and appropriately owned.
+ Track risk treatment activities, issues, and remediation progress, highlighting delays or concerns for escalation.
+ Contribute to cyber risk reporting and dashboards to support management and senior stakeholder visibility.
+ Promote a pragmatic, risk‑based approach to cybersecurity decision‑making across technology initiatives and operational activities.
**Third‑Party Risk Management**
+ Support the execution of the third‑party cyber risk management (TPRM) process in line with business criticality and risk appetite.
+ Perform supplier cyber risk assessments and reviews, working with Procurement, Legal, and Technology stakeholders.
+ Track third‑party remediation actions, risk acceptances, and reassessments through to closure.
+ Support material supplier risk discussions by preparing risk summaries, evidence reviews, and decision documentation.
+ Maintain accurate third‑party risk data to support reporting, metrics, and audit or assurance activities.
**Stakeholder Engagement & Collaboration**
+ Partner with Technology, Data Privacy, Procurement, and Risk Owners to gather information and support risk assessments.
+ Act as a point of contact for cyber risk and third‑party risk queries within defined areas of responsibility.
+ Escalate emerging risks, issues, or blockers to the Team Manager with clear analysis and recommended next steps.
+ Contribute to a positive risk culture by supporting constructive, solution‑focused conversations.
**GRC Process, Tooling & Continuous Improvement**
+ Follow and consistently apply Cyber GRC frameworks, standards, and processes.
+ Use GRC tooling effectively to manage risk workflows, evidence, and reporting.
+ Identify opportunities to simplify risk documentation, improve data quality, or streamline processes.
+ Support audits, assessments, and regulatory or assurance activities by providing accurate risk evidence and analysis.
**Key Skills & Experience**
+ Experience in cybersecurity risk management, third‑party risk, IT risk, or GRC within a complex organisation.
+ Working knowledge of cyber risk frameworks such as ISO 27001, NIST CSF, or SOC2.
+ Strong analytical skills, with the ability to assess risk scenarios and control effectiveness.
+ Ability to communicate risk clearly and concisely in written and verbal form.
+ Strong attention to detail and ability to manage multiple tasks and priorities.
+ Comfortable working with stakeholders across technical and non‑technical teams.
+ Professional certifications or progress toward certifications desirable (e.g. CRISC, CISM, CISSP, CISA).
**What Success Looks Like**
+ Cyber risks are accurately identified, documented, and tracked through to resolution or acceptance.
+ Risk data is complete, consistent, and reliable, supporting meaningful reporting and decision‑making.
+ Third‑party cyber risks are assessed proportionately and managed without creating unexpected exposure.
+ Stakeholders experience Cyber GRC as a helpful, pragmatic partner rather than a compliance hurdle.
+ The Cyber GRC team operates efficiently with clear visibility of risk posture and priorities.
**Why Join Us**
+ Opportunity to develop deep expertise in cyber risk and third‑party risk management.
+ Exposure to a wide range of technology, suppliers, and business stakeholders.
+ Clear development pathway within a maturing Cyber GRC capability.
+ Supportive environment with strong focus on learning, growth, and professional development.
**Who we are:**
At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.
Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing
**Job:** Security
**Job Family:** TECHNOLOGY
**Organization:** Corporate Strategy & Technology
**Schedule:** FULL\_TIME
**Workplace Type:** Hybrid
**Req ID:** 22978
Is this job a match or a miss?
Explore numerous Information Security job opportunities in