3,264 Security Best Practices jobs in India

Company: WhatJobs

Location: Bhubaneswar, Odisha, IN

Our client, a leading financial services firm, is seeking a highly competent Senior Information Security Analyst to join their dedicated security operations center in **Bhubaneswar, Odisha**. This is a critical on-site role, vital for maintaining the integrity and security of sensitive data.

The Senior Information Security Analyst will be responsible for identifying, assessing, and mitigating information security risks across the organization's IT infrastructure. The ideal candidate will possess extensive knowledge of cybersecurity principles, threat intelligence, vulnerability management, incident response, and security frameworks.

Key Responsibilities:

• Monitor and analyze security alerts from various security tools (SIEM, IDS/IPS, EDR).
• Investigate security incidents, conduct forensic analysis, and implement containment and eradication strategies.
• Perform vulnerability assessments and penetration testing on systems and applications.
• Develop and implement security policies, standards, and procedures.
• Manage and maintain security infrastructure, including firewalls, intrusion detection systems, and antivirus solutions.
• Conduct risk assessments and develop mitigation plans to address identified vulnerabilities.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Develop and deliver security awareness training to employees.
• Participate in security audits and ensure compliance with regulatory requirements.
• Collaborate with IT teams to implement security best practices in system design and deployment.
• Develop and refine incident response plans and playbooks.
• Contribute to the continuous improvement of the organization's security posture.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 6 years of experience in information security, cybersecurity operations, or risk management.
• In-depth knowledge of cybersecurity principles, threats, and attack vectors.
• Hands-on experience with SIEM tools (e.g., Splunk, LogRhythm), IDS/IPS, and endpoint security solutions.
• Experience with vulnerability scanning tools (e.g., Nessus, Qualys) and penetration testing methodologies.
• Familiarity with security frameworks (e.g., NIST, ISO 27001) and compliance requirements.
• Strong analytical and problem-solving skills with meticulous attention to detail.
• Excellent communication and interpersonal skills, with the ability to work effectively in a team.
• Relevant certifications such as CISSP, CISM, CEH, or GSEC are highly desirable.
• Ability to work under pressure and respond effectively to security incidents.

This is a critical role in protecting our client's digital assets in **Bhubaneswar**. If you are a dedicated security professional committed to safeguarding information, we encourage you to apply.

Entity:

Technology

Job Family Group:

IT&S Group

Job Description:

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

Are you passionate about protecting what matters most? We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security.

We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy.

Role Synopsis

In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with bp's business areas, you will support the protection of IT systems and business data that are important to bp's operations.

You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that business teams can operate with confidence, knowing their systems and processes are secure.

Ready to make a real impact in energy security? Join us in safeguarding the people, processes and systems that power our transition to net zero!

Key Accountabilities

In this role you will deliver security activities to support bp's business. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities:

• Security Assessments : We need someone that can conduct comprehensive assessments of systems, identifying risks and issues while recommending appropriate remediation measures.

• Technical & Non-Technical Risk Advisory : You'll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly.

• Cyber Behaviour Promotion : We strive to build a strong cyber security culture. You'll assist with the development and promoting good cyber behaviours in day-to-day operations.

• Incident Management Support : When security incidents happen, we need you to provide specialist security expertise. You'll support incident response activities and improvement recommendations.

• Customer Support : We want you to act as the go-to point of contact for information security. You'll provide timely and accurate expertise on security matters affecting their systems or data.

You will:

• Assess and Evaluate : You'll perform regular security assessments of business systems. We use established methodologies to identify potential risks, weaknesses and security gaps.

• Respond and Advise : We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements.

• Analyze and Report : You'll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences.

• Support and Collaborate : We work closely with business teams to implement security measures. You'll help maintain robust security posture while aligning with operational needs.

• Promote and Educate : We nurture positive cyber security behaviours! You'll work through targeted awareness activities, training support, and expert guidance.

• Monitor and Review : We want someone who understands the security landscape affecting bp systems and stay ahead of emerging threats and industry standard methodologies.

Education

• Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering.

• Working towards professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.

• Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework.

Desirable Experience and Capability

• Previous track record in information security roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies.

• Ability to explain security concepts to a variety of audiences.

• Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments.

• Attention to detail and ability to work independently while balancing multiple activities.

• Ability to adapt security recommendations to different operating environments.

• Ability to use technology, data, and insights to enable decision making.

Travel Requirement

Up to 10% travel should be expected with this role

Relocation Assistance:

This role is eligible for relocation within country

Remote Type:

This position is a hybrid of office/remote working

Skills:

Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism

Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please  contact us .

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

Entity:

Technology

Job Family Group:

IT&S Group

Job Description:

Information Security Lead

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

Passionate about identifying and crafting security solutions that make bp a cyber resilient organisation, the Information Security team partner with business teams to help them understand cyber risk and take personal ownership for cyber security!

We’re looking for curious minds who are driven by opportunities to build value and deliver secure digital products and services to advance the global energy transition.

Role Synopsis

In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of an Information Security Lead has never been more critical. Our partnership with the business is essential to ensuring the confidentiality, integrity, and availability of an organisation's data and information systems.

Offering insights that influence the development and deployment of secure, resilient solutions & services. Your expertise enables teams to innovate with confidence, knowing their solutions align with the highest standards of data protection and regulatory compliance.

Key Accountabilities

In this role you will be responsible for the delivery of security activities to ensure swift business value realization. This role focuses on information security and digital security risk activities with the following key accountabilities:

• Relationship and Customer management : Act as the main point of contact for all Digital Security enquiries within the relevant business portfolio. Build strong partnerships and influence positive change that serves the commercial ambitions.

• Security Expertise: Provide technical expertise, implementing digital security operating processes aligned to security standards across all value stream activities.

• Safety: Prioritize cyber and operational safety, improve digital security controls through architecture designs and process to maintain our cyber posture and react to new threats.

You will:

• Monitor and Assess : Keep a vigilant eye on our digital domains, using innovative tools to detect and assess threats. This includes collaborating on the identification, assessment and management of risk

• Strategize and Protect : Develop and implement robust security measures, crafting a secure environment for our data and systems.

• Respond and Recover : Partner Customers during security incidents with a calm, calculated approach, minimising impact and guiding recovery efforts.

• Educate and Advocate : Champion security awareness across the organisation, encouraging vigilance and responsibility.

• Innovate and Guide : Provide strategic insights to teams, ensuring security is a cornerstone of product development and business operations.

• Protect & Defend: Proactively mitigate cyber risks and coordinate the remediation of findings from vulnerability scans, supplier assurance, compliance reviews, and support the digital Delivery teams in maintaining high levels of cyber hygiene.

Education

• Degree Educated, preferably BSc in Information Security or equivelent.

• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or working towards certification.

• Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework is highly advantageous.

Desirable Experience and Capability

• Previous track record in similar roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies.

• Strong influencing skills that enable you to communicate technical information to both technical and non-technical audiences, clearly and concisely.

• Deep technical knowledge, and experience delivering security solutions and providing technical advice.

• A track record of delivering business benefits by balancing the need to protect the organizations commercial ambitions and maintain operations of the core value streams.

• Experience working within developing digital ecosystems, with multiple partners and environments, ensuring suitable digital security standards and practices delivered and maintained.

• Good understanding of enterprise and operational risk management, risk governance and compliance requirements.

• Excellent project management skills, with the ability to lead multiple projects simultaneously.

• Able to adapt to shifting priorities, demands, and timelines and keep customers abreast of impact (potential or actual) to defined delivery timescales and/or business impact.

• Ability to use technology, data, and insights to enable decision making.

Travel Requirement

Up to 10% travel should be expected with this role

Relocation Assistance:

This role is eligible for relocation within country

Remote Type:

This position is a hybrid of office/remote working

Skills:

Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism

Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please  contact us .

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

Bring more to life.
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology?
At Pall Corporation, one of Danaher's ( 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact.
You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life.
As a global leader in high-tech filtration, separation, and purification, Pall Corporation thrives on helping our customers solve their toughest challenges. Our products serve diverse, global customer needs across a wide range of applications to advance health, safety and environmentally responsible technologies. From airplane engines to hydraulic systems, scotch to smartphones, OLED screens to paper-everyday Pall is there, helping protect critical operating assets, improve product quality, minimize emissions and waste, and safeguard health. For the exponentially curious, Pall is a place where you can thrive and amplify your impact on the world. Find what drives you on a team with a more than 75-year history of discovery, determination, and innovation.
Learn about the Danaher Business System ( which makes everything possible.
The Engineer, Information Security is responsible for designing, implementing an organisation's security systems and protocols to protect against security breaches, cyber-attacks, and other malicious activities.
They must develop and implement security tools, providing guidance and training to analysts on security best practices. They must collaborate with external security vendors and partners on the deployment of such tools and the best practices involved in keeping them operating optimally.
This position reports to the Director, Information Security and is part of the Information Technology Department located in Pune, India and will be an on-site role.
In this role, you will have the opportunity to:
+ Design and implement security controls, including access control, network segmentation, intrusion prevention and other tools, to mitigate risks and protect against security threats.
+ Evaluate emerging security technologies and make recommendations for their integration into the security architecture framework.
+ Conduct security reviews and risk assessments of new and existing IT systems, applications, and networks.
+ Create and maintain comprehensive documentation for security systems, procedures, and security incidents.
+ Participate in incident response planning and execute incident response procedures with security analysts in the event of a security breach.
The essential requirements of the job include:
+ Proven experience as a security engineer in a mid-sized organization, with 2+ years of experience in an engineering role.
+ Experience in building and maintaining security systems.
+ Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
+ Knowledge of security standards, frameworks and regulations such as ISO 27001, NIST, PCI DSS, and GDPR.
+ Exhibit good analytical skills, as well as the ability to work well in a demanding, dynamic environment.
Travel, Motor Vehicle Record & Physical/Environment Requirements:
+ Ability to travel - international travel up to 10% per year.
It would be a plus if you also possess the following:
+ Bachelor's degree in computer science, Information Technology, or related field.
+ Professional certifications such as CISSP, Security+, CASP+, GIAC.
Pall Corporation, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info ( .
At Pall we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Pall can provide.
Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.
For more information, visit .

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start **Caring. Connecting. Growing together.**
**Position Overview:**
This position is responsible for overseeing and implementing security measures to protect the organization's data and infrastructure. This role involves developing security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives.
**Key Responsibilities:**
+ **Security Strategy:** Develop and implement security strategies tailored to the segment to ensure the protection of data and infrastructure.
+ **Risk Management:** Identify, assess, and mitigate security risks associated.
+ **Incident Response:** Lead incident response efforts for security breaches within the segment, including investigation, containment, and remediation.
+ **Compliance:** Ensure compliance with relevant regulations and standards.
+ **Collaboration:** Work closely with other IT teams and segment leaders to integrate security measures into services and applications.
+ **Training and Awareness:** Support security training and awareness programs for employees within the segment to promote a security-conscious culture.
+ **Policy Development:** Develop and enforce security policies and procedures.
+ **Audit and Assessment:** Facilitate information security (e.g. ISO 27001, NIST) and regulatory audits, as well as security assurance activities that verify the effectiveness of implemented security controls.
+ **Business Partnership:** Foster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored security solutions.
**Qualifications:**
+ 3-5 Years of Experience
+ Proven experience in developing and implementing security strategies.
+ Strong knowledge of risk management and security architecture.
+ Experience in leading incident response efforts.
+ Knowledge of compliance regulations US & India (such as HIPAA & IT Act) and experience with security monitoring tools.
+ Excellent collaboration and communication skills.
+ Ability to conduct training and develop security policies.
+ Experience in conducting security audits and assessments.
+ Demonstrated ability to build and maintain relationships with business leaders and stakeholders.
+ Should understand all aspects of Security environment, TLS Versions
+ Understands Data - Data at rest, data in motion, Compliance, Data Relevance
+ Should be able to assess and share the Vulnerability to Business
+ System Security Plan (SSP)
+ Understands Encryptions
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._

**Description**
This position is responsible for the leadership of the India Information Security (IS) department as part of the Global Information Security Directorate. Areas of responsibility will include coordination with the other IS Departments to ensure standard enforcement of security polices and controls, interfacing with local India IT teams and business leaders, and mitigating risks to the organization's information assets.
**Responsibilities :**
+ Manage India Information Security team's day to day operations.
+ Support the global Security Operations (SecOps) department to safeguard digital assets by assisting with detecting, investigating, and resolving cybersecurity threats
+ Assist the global Governance, Risk & Compliance (GRC) department with enforcing cybersecurity policies, overseeing cybersecurity risk, facilitating cybersecurity compliance audits, and conducting cybersecurity awareness training.
+ Assist the global Cybersecurity Infrastructure and Design (CID) department with management and maintenance of the cybersecurity systems, platforms, and controls.
+ Implement Secure Software Development Lifecycle (SSDLC) in India office by enforcing the compliance of global policies, processes, procedures and principles.
**Qualifications**
+ Bachelor's degree in Cyber/Information Security or Information Technology, Computer Science, Computer Engineering
+ Professional certifications such as CISSP, CISM, or equivalent multi-domain cybersecurity focused certification.
+ At least 10 years of experience in IT security management, with a proven track record of managing teams in global matrix environment
+ Experience with security technologies: EDR, SIEM, SOAR, CASM, CASB, CSPM, IAM, PAM
+ Excellent communication and interpersonal skills to effectively engage internal stakeholders.
+ Demonstrated ability to analyze complex security issues, devise solutions, and enforce established security controls.
+ Strong leadership skills to drive standardization of processes, procedures, and principles.
**Job** Engineering
**Primary Location** India-Maharashtra-Mumbai
**Schedule:** Full-time
**Travel:** No
**Req ID:**
**Job Hire Type** Experienced Not Applicable #BMI N/A

**Who We Are**
At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.
**The Role**
Are you passionate about cybersecurity and looking for an exciting role where you can make a difference? If so, we have an opportunity for you! As a Security Specialist at Kyndryl, you will play a crucial role in enabling and securing our customer organizations, cultures, and ecosystems.
Your responsibilities will be varied and dynamic, spanning asset classification models, risk assessment reports, information security policies, security solution scenarios, implementation plans, organization models, procedures, security services, security effectiveness evaluation reports, and security awareness workshops. You will be tasked with configuring, monitoring, and managing the performance of networks to maintain the quality of services, while also protecting organizational infrastructure from malicious cyber-attacks.
As a key member of our team, you will assess, predict, prevent, and manage the risk of IT infrastructure and data, helping our customers stay ahead of the curve and ensure their systems are secure. You will develop and implement security policies and procedures, working closely with other departments to ensure that all security measures are in place and operating effectively.
But that is not all - at Kyndryl you will have the opportunity to explore innovation in CyberSecurity data science - taking information that has been gathered and looking for areas to have that "Ah Ha" moment. Drawing conclusions and patterns from the data across single and multiple clients. Creating new ideas in the area of risk management and risk quantification.
In addition to your technical responsibilities, you will also play a key role in raising awareness of potential security threats through technical security training on best practices. This is an exciting opportunity to help shape the culture of our clients' organizations and make a tangible impact on their security posture.
If you have a passion for cybersecurity - governance, risk and compliance, are looking for a challenging and dynamic role, and want to work with a team of like-minded individuals, then we want to hear from you! Join us as a Security Specialist and help us secure the future of our clients' organizations.
**Key Responsibilities:**
+ **Design, implement, and manage** end-to-end security architecture to protect the organization's IT infrastructure.
+ **Lead the deployment and management** of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solutions, with a focus on Microsoft Sentinel and Defender XDR.
+ **Develop and maintain** security policies, procedures, and standards to ensure compliance with industry best practices and regulatory requirements.
+ **Integrate and automate** security processes using Microsoft Logic Apps and other automation tools to enhance incident response and threat detection capabilities.
+ **Monitor and analyze** security alerts and incidents, providing expert guidance on remediation and mitigation strategies.
+ **Collaborate with cross-functional teams** to ensure security controls are integrated into all aspects of the IT environment.
+ **Conduct regular security assessments** and audits to identify vulnerabilities and recommend improvements.
+ **Stay current** with the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture.
Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.
**Who You Are**
You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others.
**Required Skills and Experience :**
+ 8+ years of experience in cybersecurity, with a focus on security architecture and operations.
+ Proven expertise in SIEM and SOAR solutions, particularly Microsoft Sentinel and Defender XDR.
+ Hands-on experience with Microsoft Logic Apps for security automation.
+ Strong understanding of network security, endpoint security, cloud security, and identity and access management.
+ Excellent leadership and project management skills.
+ Hands on experience on Firewall (Palo Alto, Fortinet), VPN (Citrix), NAC (ForeScout, HP ClearPass Airwave), DNS (Infoblox)
+ Strong analytical and problem-solving abilities.
+ Effective communication and interpersonal skills.
+ Ability to work independently and as part of a team.
+ Detail-oriented with a commitment to delivering high-quality results.
**Preferred Skills and Experience:**
**Bachelor's degree** in Computer Science, Information Technology, Cybersecurity, or a related field.
**Relevant certifications** such as CISSP, CISM, or similar are highly desirable.
**Being You**
Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.
**What You Can Expect**
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.
**Get Referred!**
If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.
Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

**Join Amgen's Mission of Serving Patients**
At Amgen, if you feel like you're part of something bigger, it's because you are. Our shared mission-to serve patients living with serious illnesses-drives all that we do.
Since 1980, we've helped pioneer the world of biotech in our fight against the world's toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you'll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.
Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you'll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.
**What you will do**
Let's do this. Let's change the world. In this vital role you will be an integral part in driving growth & innovation, improving efficiency and creating enterprise value - supporting our mission "To Serve Patients". The Manager-Information Security will be responsible for the oversight and hands-on leadership of the Directory Services (AD and LDAP) team within the Digital Identity Access Services (DIAS) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in Active Directory, Enterprise Unix LDAP and other Directory services. Candidate should have a deep understanding of security standard processes, and the ability to lead a team in a dynamic, global environment.
**Roles & Responsibilities:**
+ Manage Amgen's Internal and External PKI Technologies
+ Manage External PKI vendors like Sectigo and Entrust
+ Develop and maintain the Directory and LDAP standards and architecture, ensuring that it meets industry standards and best practices
+ Assess and select IAM technologies and tools that align with Amgen's IAM strategy
+ Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations
+ Develop and implement the IAM (Identity Access Management) strategy aligned with the organization's information security goals and regulatory requirements.
+ Lead the design, implementation, and management of IAM solutions, including governance for Directory Services.
+ Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights.
+ Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information.
+ Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks.
+ Know the latest with industry trends, emerging threats, and standard methodologies in IAM.
+ Collaborate with IT and security teams to integrate IAM solutions with other security and business systems.
+ Develop and maintain key performance indicators (KPIs) to track service metrics and generate regular reports for management.
+ Evaluate and implement IAM tools and technologies to enhance security and streamline processes.
+ Participate in vendor proposals, contract negotiations, and support renewals.
+ This role on occasion might have responsibilities outside of business hours.
+ Travel: International and/or domestic travel up to 10% may be essential.
**What we expect of you**
We are all different, yet we all use our unique contributions to serve patients.
**Basic Qualifications:**
+ Master's degree with 4 to 6years of experience related field OR
+ Bachelor's degree with 6 to 8 years of experience in related field OR
+ Diploma with 8 - 12 years of experience in related field.
**Preferred Qualifications:**
**Must-Have Skills:**
+ Strong knowledge of Internal and External PKI (Public Key Infrastructure).
+ Strong knowledge of Directory Services and LDAP Services.
+ Solid understanding of Active Directory Domain structure and security, Windows Operating Systems and Domain Controllers, Azure AD and Microsoft Entra ID.
+ Strong knowledge of LDAP directories and managing LDAP Structure.
+ Knowledge of LDAP Schema and configuration changes.
+ Create and modify Shell Scripts for bulk LDAP operations.
+ Creation and implementation of LDAP Business Continuity plans.
+ Familiarity with security standards and regulations (e.g., NIST, ISO).
+ Experience with Authentication, Provisioning/De-provisioning, Role Management, Session Management and Directory Services.
+ Experience in driving transformation initiatives using Scaled Agile methodology.
+ Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization.
**Good-to-Have Skills:**
+ Work experience in the biotechnology or pharmaceutical industry.
+ Degree in Computer Science, Information Systems, or Engineering.
+ Familiarity with GxP standards, Information Security standards and policies like ISO 27001/27002, NIST and others.
+ Strong problem-solving and analytical skills.
+ Demonstrated ability to work effectively in a fast-paced, dynamic environment.
+ Understanding of ITIL processes and implementation.
+ Proficiency in scripting and automation (e.g., Python, Bash) is a plus
**Professional Certifications**
+ CompTIA Security+ (preferred)
+ Cloud Identity or Security Certification (preferred)
+ Microsoft Azure Certification (preferred)
**Soft Skills:**
+ Excellent analytical and troubleshooting skills.
+ Strong verbal and written communication skills.
+ Ability to work effectively with global, virtual teams .
+ High degree of initiative and self-motivation.
+ Ability to manage multiple priorities successfully.
+ Team oriented, with a focus on achieving team goals.
+ Strong presentation and public speaking skills.
**What you can expect of us**
As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we'll support your journey every step of the way.
In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.
**Apply now and make a lasting impact with the Amgen team.**
**careers.amgen.com**
As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease.
Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

About the Role:

The Information Security Lead will be responsible for developing and implementing the organization’s information security framework to safeguard patient data, clinical systems, and enterprise IT infrastructure. This role ensures compliance with healthcare regulations, international standards, and hospital group policies, while building a culture of security awareness across all functions.

The position will drive proactive risk management, oversee incident response, and ensure business continuity in an increasingly digital healthcare environment.

Location: HSR Layout, Bangalore

Experience:

• Minimum 8–10 years of progressive experience in information security, with at least 4 years in a managerial role.
• Experience in healthcare/critical infrastructure environments strongly preferred.

Qualifications:

• B.E/B.Tech/MS in Information Security, Computer Science, or related field.
• Certifications (preferred): ISO 27001 Lead Implementer/Lead Auditor, CISSP, CISA, CISM, CEH.
• Strong understanding of information security frameworks, encryption, IAM, SIEM, cloud security, and medical IT environments

Key Deliverables:

A. Strategy & Governance

• Define and implement the information security strategy aligned with business and healthcare regulations.
• Develop and enforce security policies, standards, and procedures across hospital units.
• Maintain the Information Security Risk Register and ensure timely risk assessments and mitigation.
• Lead audits and ensure compliance with ISO 27001, HIPAA, NABH, and other standards.

B. Risk & Incident Management

• Investigate and manage security incidents, ensuring root cause analysis and prevention.
• Conduct vulnerability assessments and penetration tests, ensuring timely closure of gaps.
• Oversee Business Continuity and Disaster Recovery (BC/DR) for critical hospital systems.

C. Technology & Vendor Oversight

• Implement and manage security solutions (SIEM, IAM, encryption, endpoint security, etc.).
• Embed security controls in procurement and third-party contracts.
• Audit IT vendors, MSPs, and medical IT providers to ensure ongoing compliance.

D. Awareness & Culture Building

• Drive security awareness programs in collaboration with HR/L&D.
• Clarify roles and responsibilities to strengthen accountability across teams.
• Advise leadership and project teams on security risks in new systems and initiatives.

Mandatory Candidate Skills:

• Expertise in risk assessment, incident response, and compliance.
• Proficient in vulnerability management and modern security tools.
• Skilled in designing security programs for multi-site organizations.
• High integrity with commitment to data privacy and patient safety.
• Strong leadership, communication, and stakeholder management