728 Cisa Jobs

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on small to medium complexity deals. Lead or work as Lead Solution Architect on small to medium complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approvers. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solution. Work on building the cost model for the solution. Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done.Roles & Responsibilities:Frequently interacts with senior client leadership.Develop statement of workPerforms Peer ReviewsAssists in performing QAHas led solution development for multiple deal typesWork with delivery leads for the approval of solution/effortsBring out technical differentiators and value in the solutionAble to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 3 years in leading solution development in a reputed organizationDeep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessaryShould be a good presenterShould have leadership qualitiesShould keep himself/herself up to date on various SA Cost models and processes, work independently to develop costing and pricingGood communication and collaboration skills Prior experience in leading solution development will be an advantageExperience in leading delivery and solution planning of large, complex dealsComfortable in using relevant tools and estimatorsComfortable working in extended working hoursCISSP, CISM, CISA Cloud Security knowledge and certification AWS, AzureSolution Architect Core TrainingSolution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have a minimum of 8 years of experience This position is based at our Pune office. Qualification 15 years full time education

Core Responsibilities o Provide support in building IAM controls, standards & policies along with best practices to ensure compliance with information security directives and industry standards o Contribute into designing & integrating IAM solutions for web/mobile apps to strengthen security controls at enterprise scale o Collaborate with enterprise & application designers, developers, other information security teams, enterprise infrastructure and testing teams to deliver high quality solutions for remediating security threats o Identify Key control deficiencies and provide roadmap for closures o Define and document issues for escalation to engineers o Work closely with business to address their incidents and task requests Mandatory Skills Technical- Hands-on experience in implementing IAM controls, policies, standards across enterprise Experience in implementing SailPoint IdentityIQ 8.X including design, development, implementation and application support Customize, configure, and develop IAM solution integration Ability to understand the business requirements and implement them with minimal customizations to the product. Expert level experience in the application and user onboarding, using OOTB and custom connectors. Expert knowledge of User Access Review certifications (Targeted, Manager, Role, Application etc.) Ability to understand the business requirements for User Access review and implement them technically in the system to achieve the desired outcomes with minimal changes to the system. Experience in Roles and Entitlement used in IAM solution. Deep understanding of RBAC concepts and understanding of the SailPoint IdentityIQ Roles to ensure proper discovery and implementation. Good knowledge of web server and application server. Good understanding of LDAP concepts and working experience with the directories. Experience in using database client tools like MS SQL Management Studio, Toad, etc. Excellent development coding skills relevant to SailPoint IdentityIQ (java beanshell oracle jsf XML etc.). Behavioral- Excellent communication (both - verbal & written), collaboration and relationship-building skills. Demonstrated initiative, creativity & ability to influence Client focused mindset - exceed the expectations of our internal and external customers Strong interpersonal, communication, motivational, organizational and planning skill Qualification Eligibility BE / B. Tech / MCA from reputed institute 5+ years of relevant experience across Information Security, Software Engineering, and Software Development roles to handle IAM projects Proven engineering skills in delivering IAM solutions related capabilities and practices Preferred Certification CISSP ( Certified Information Systems Security Professional) and/or CISA( Certified Information Systems Auditor) designation and/or CEH( Certified Ethical Hacker)

BASIC INFORMATION ON THE POSITION Position Name: Deputy Manager - ESGC PURPOSE OF THE ROLE To ensure Information Security Management System and Risk management framework including Business continuity are effectively planned & established in line with the business objectives. The job exists to ensure compliance to IS requirements, both from customer and organization. If this role did not exist, ensuring compliance to IS requirements is not possible. KEY RESPONSIBILITIES AND ACCOUNTABILITIES Compliance to client information security requirements as agreed in the MSA by ensuring that requirements are captured, documented, implemented and verified Ensure customer audits are cleared successfully without any critical non-conformances Propose cost effective solution and maintain compliance cost Contain Revenue Leakage by ensuring reduction in revenue leakages resulting from IS incidents and effective implementation of controls Ensure operational excellence through the following: 1. Develop and manage ISMS (Information Security Management System) framework including Business continuity and awareness 2. Identify and implement applicable industry practices (IT act and amendments, Data Privacy and Data Security framework etc) 3. Establish and implement measurement program to assess effectiveness of the framework/system 4. Ensure all internal / external audits are planned and successfully cleared. 5. Monitor and track all internal/external audit findings to closure. Highlight open findings and accepted risks Enable Innovation through Automation and New initiatives Ensure Effective People Management by keeping the team engaged and having diverse workforce, Creating accountability & ownership in the team, handling team members grievances and ensuring team attrition is within targets Ensure Capability Development in the team by upgrading competency (skills) in the team in line with the current industry practices and business objectives including both managerial and technical capability EDUCATION QUALIFICATION Degree: BE/M.tech or MBA Certifications: CISA/ CISM Certification - ISO27001 lead auditors certification MINIMUM EXPERIENCE REQUIRED Overall (in years): 10- 15 years Relevant (in years): 8-12 years DOMAIN/ FUNCTIONAL SKILLS Good understanding of various IS standards, framework such as ISO27001, PCIDSS, HIPAA, NIST, SOC/SSAE16 Standards & ISO27005, ISO 22301 Guidelines - Knowledge of risk management (ISO31000, ISO27005), business processes - Knowledge of IT Security, physical and environmental security and HR security controls - Knowledge of regulatory requirements

As a Cloud Ops professional at Tally, you will be part of a team dedicated to delivering top-notch connected services in public clouds for Tally's customers. Your mission will be to ensure unmatched reliability, strong security, and optimal cost efficiency. You will have the opportunity to design, implement, and operationalize solutions using cutting-edge cloud native technologies to provide a seamless experience for our customers. Your responsibilities will include overseeing Risk Management & Governance for Tally's suite of cloud-based connected services, implementing secure access at every level, and ensuring compliance with regulatory requirements. You will focus on Cloud Security Oversight, primarily in the AWS environment, while also considering multi-cloud environments. Your role will involve managing regulatory and compliance issues and providing governance and reporting on cloud operations. To excel in this role, you should bring experience in risk management, governance, or compliance roles within fintech, banking, or cloud-centric organizations, particularly in product or fully hosted service-based settings. You should have expertise in AWS security tools, architectures, and best practices, along with a deep understanding of Indian financial sector regulations such as RBI, SEBI, and the IT Act. Possessing relevant certifications like CISSP, CISM, AWS Certified Security Specialty, CRISC, or CISA would be advantageous. You will be expected to demonstrate a thorough understanding of cloud-native security principles, AWS best practices, risk frameworks (NIST, ISO, COBIT), and regulatory mandates. Your role will involve bridging business requirements with technical security implementations, requiring strong communication, stakeholder management, analytical thinking, and a proactive problem-solving approach. Join us at Tally, where we value honesty, integrity, a people-first culture, excellence, and impactful innovation. Be a part of our journey to simplify the lives of millions of small and medium businesses globally through technology and innovation.,

As a Senior Auditor, Technology at LegalZoom, you will be an impactful member of the internal audit team, assisting in achieving the department's mission and objectives. Your role will involve evaluating technology risks in a dynamic environment, assessing the design and effectiveness of internal controls over financial reporting, and ensuring compliance with operational and regulatory requirements. You will document audit procedures and results following departmental standards and execute within agreed timelines. Additionally, you will provide advisory support to stakeholders on internal control considerations, collaborate with external auditors when necessary, and focus on continuous improvement of the audit department. Your commitment to integrity and ethics, coupled with a passion for the internal audit profession and LegalZoom's mission, are essential. Ideally, you hold a Bachelor's degree in computer science, information systems, or accounting, along with 3+ years of experience in IT internal audit and Sarbanes-Oxley compliance, particularly in the technology sector. Previous experience in a Big 4 accounting firm and internal audit at a public company would be advantageous. A professional certification such as CISA, CIA, CRISC, or CISSP is preferred. Strong communication skills, self-management abilities, and the capacity to work on multiple projects across different locations are crucial for this role. Familiarity with technologies like Oracle Cloud, AWS, Salesforce, Azure, and others is beneficial, along with reliable internet service for remote work. Join LegalZoom in making a difference and contributing to the future of accessible legal advice for all. LegalZoom is committed to diversity, equality, and inclusion, offering equal employment opportunities to all employees and applicants without discrimination based on any protected characteristic.,

You will be responsible for conducting third-party/supplier security risk assessments, interpreting security assurance reports including SOC2 and pen test reports, and reviewing security requirements in contracts. Additionally, you will need to understand outsourced solutions and associated information classification, assess supplier security controls based on ISO27001/2 standards, and identify and document security risks. You will be expected to suggest recommendations to address identified security risks, potentially perform information classification such as AIC assessment, and hold security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. If you have at least 4 years of experience in Information Security, possess the necessary certifications, and can work in Mumbai (Andheri East) with a notice period of immediate to 30 days, we encourage you to share your updated resume to manasa.chilla@visionyle.com.,

As the IT Auditor at Navi, you will be responsible for overseeing Navis strategic Risk-based IT Audit Plan and managing the Group IT Audit Function in alignment with Navis Internal Audit Charter and industry standards set by ISACA, ISO, COBIT, IIA, and other relevant professional bodies. Your role will involve directing IT audit operations and strategies at the group level, auditing information systems, platforms, and operating procedures of Navi to ensure the effectiveness of the organizations risk management and internal controls. Your major responsibilities will include developing and implementing risk-based annual IT audit plans, evaluating IT infrastructure, identifying areas of risk or non-compliance, and ensuring proper resourcing for plan implementation. You will also be responsible for updating audit tools, informing senior management of significant risks, providing feedback on IT & data risks, maintaining relationships with key stakeholders, overseeing Internal Audits participation in business initiatives, and serving as a thought leader in IT risk management and internal control best practices. In addition, you will continuously inspect and assess various elements of the companys information systems, identify IT risk exposure, recommend remediation strategies, review security measures, coordinate with external auditors and regulators, track issues and actions management process, and provide early warning signals in IT areas for potential fraud scenarios. You will also be responsible for issuing clear and concise IT Audit reports, delivering MIS and reports to assist the Function Head, and making presentations to the audit committee and management independently. The ideal candidate for this role should possess IT audits related qualifications such as CISSP, CISA, CISM, GIAC, PPM, PMP, DISA, or equivalent, along with 7 or more years of experience in IT audits preferably with 2-3 years in a team management role. Strong knowledge of IT security and infrastructure, experience in agile product management environments, and 3 to 5 years of Fintech or NBFC industry experience are preferred qualifications for this role.,

As an Internal Auditor at Justdial Ltd in Bangalore, you will be responsible for projects in IT Advisory focusing on the assessment and evaluation of IT systems, along with the mitigation of IT-related business risks. Your role will involve IS audit, ITGC reviews, internal audit engagements, IT infrastructure review, and risk advisory, including supporting IT audit activities. Your responsibilities will include coordinating and managing statutory external audits for SOX (ITGC), providing management reports by collecting and analyzing audit information, conducting ISMS security awareness training programs within the organization, and supporting the Information Security Manager in managing and mitigating risk assessments. You will also be involved in implementing ISO 27001 controls across the organization, conducting risk assessments and gap analyses for ISO 27001/IT General Control, and performing internal audits for various business functions. Additionally, you will conduct data center audits as per ISO 27001 standards, develop and review information security policies and procedures, handle end-to-end ITGC statutory audit requirements, assist in the implementation of ISO 27001:2013 and managing the ISMS, and consult the organization on business continuity for critical functions. You will also be involved in implementing and consulting on PCI DSS SAQ A-EP certification. The ideal candidate for this role should have a bachelor's degree in engineering or BSc-IT, experience in performing IT audits of banking/financial sector applications, and knowledge of IT regulations, standards, and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ISO 27001). Technical knowledge of IT audit tools, experience in carrying out OS/DB/Network reviews, exposure to risk management and governance frameworks/systems, and proficiency in project management, communication, and presentation skills are essential. Being a team player with strong self-directed work habits, initiative, drive, creativity, maturity, self-assurance, and professionalism is crucial for success in this role. Preferred certifications include CISA, CISSP, ISO 27001 Lead Auditor/Implementer, and CISM. Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools is also required.,

Within Societe Generale Global Solution Center (SGGSC), you will join Global Cybersec Capability Centre (G3C) team based out of Bengaluru, working in Cyber sec team as a infosec specialist to contribute in the information security and risk management practice. As a Cybersecurity senior analyst, you will be part of the G3C Infosec services within the G3C team (Global Cybersecurity Capability Centre). Based in Bangalore, you will manage infosec operations and responsibilities across regions and collaborate closely with security and IT teams across the organization to coordinate cybersecurity operations, governance activities, manage compliance efforts, and support audit readiness. You will play a vital role in presenting evidence, identifying risks, and implementing security controls in line with organizational and regulatory expectations. The candidate will be working in a high-pressure environment, it calls for assertiveness and flexibility to ensure deadlines are met based on agreements / defined milestones The main responsibilities are: Collaborate with internal stakeholders including CIO, CTO, and CISO teams, Centers of Expertise, and various tribes to manage security governance activities. Engage with HR, Risk, Internal Control, and Audit functions to coordinate cybersecurity reporting, evidence collection, and issue resolution. Conduct independent research and assessments to identify weaknesses and recommend remediation strategies in secure environments. Drive compliance initiatives and ensure readiness for internal and external audits. Support the development, implementation, and tracking of cybersecurity governance programs and documentation. Profile required Bachelors degree in Computer Science, Mathematics, or a related field (Masters degree preferred) Minimum 5 years of work experience in IT and Cybersecurity Strong knowledge of Information security, risk management, and monitoring frameworks Experience conducting independent research and identifying technical security gaps Relevant certifications such as CISSP, CISA, ISO 27001 Lead Auditor, CompTIA Security+, etc. Intermediate-level proficiency in Microsoft Excel Strong English proficiency (spoken, written, and read) Behavioral Competencies: Excellent organizational and cross-functional coordination skills Team player with strong initiative and the ability to work independently Effective analytical and decision-making abilities Proactive communication and stakeholder management skills Strong adaptability, openness to feedback, and willingness to continuously learn Results-driven with strong planning and execution discipline Negotiation skills are an added advantage

As a Customer Success Implementation Architect at AppViewX, you will play a crucial role in driving customer onboarding, solutioning, and ongoing adoption and usage of our products. You will lead the implementation of AppViewX solutions for automating customer IT network infrastructure and Public Key Infrastructure, combining deep technical knowledge with an understanding of customer business objectives and challenges to help them maximize the value of our products. Your responsibilities will include: - Collaborating with Customer Success Managers and Customer Success Design Architects to implement AppViewX technology for new customers, addressing their objectives and success criteria with technical attention to ensure a quick Go-live. - Implementing additional AppViewX technology to solve specific business challenges for new customers, acting as a trusted technical advisor to assist customers in navigating technical challenges throughout the implementation process. - Identifying new use cases as part of the account growth and renewal strategy. - Providing feedback to improve the customer experience, speed time-to-value, and create greater benefits for customers. - Contributing to Customer Business Reviews highlighting potential areas of improvements. - Partnering closely with cross-functional team members to translate business needs and product requirements into new solutions. - Working with Product and Engineering teams to prioritize product enhancements and long-term roadmap based on customer and industry priorities. Requirements: - Minimum 5 years of experience in a technical implementation role. - Minimum 3 years of experience in customer-facing technical roles for a SaaS company with enterprise software products. - Domain knowledge on PKI, DNS, Active Directory, ADCS, CRL, OCSP, and associated cryptographic standards. - Experience with Certificate Life Cycle management/operations and PKI implementation processes. - Hands-on experience with Kubernetes, Linux/Windows server management, Apache, IIS, and application expertise. - CISSP/CISM/CISA certification is preferred. - Excellent organization, troubleshooting, problem-solving, deployment, and multitasking skills with the ability to learn new technology quickly. - Experience working with F500 organizations. - Exceptional communication skills, both oral and written, coupled with excellent listening skills.,

About Northern Trust: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. We are proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve our sophisticated clients using leading technology and exceptional service. Company and Department Summary: Founded in Chicago in 1889, Northern Trust is one of the world's leading financial institutions specializing in providing asset servicing solutions to institutional clients. Our delivery of products and services is supported through a network of offices in more than 20 countries globally. We believe that our most valuable asset is our engaged, empowered, and diverse workforce. As a global institution, we are committed to building upon this diverse talent by encouraging innovative thinking and personal courage in an inclusive environment. Audit Services provides financial services professionals with the opportunity to work on challenging industry issues, applying knowledge, insights, and objectivity to protect and strengthen Northern Trust's legacy. Role Overview: The Asset Servicing International (ASI) Team within Audit Services is responsible for providing assurance focused on Northern Trust's core banking and asset servicing operations, as well as evaluating and advising on the implementation of new and emerging Technology and Data Analytics. Team members have the unique opportunity to develop views towards enterprise risks across global processes and key technologies, drive thought leadership in assessing fraud risks and controls, and create data analytics strategies to increase assurance effectiveness. It is encouraged for team members to build authentic relationships, think creatively, challenge the status quo, seek emerging trends, develop an insightful point-of-view, and hold themselves accountable in a flexible and delivery-driven culture. The Audit Manager is responsible for leading audit projects across ASI, providing oversight to the audit team, and communicating results of the engagement to senior management. The Audit Manager offers technical expertise and training to auditors within the engagement audit team, working closely with Senior Audit Managers to confirm the scope of the audit and devise an appropriate testing approach for the engagement. Major Duties: - Leads a minimum of two audits simultaneously - Conducts and documents more complex and high-risk audits throughout the Corporation - Demonstrates professional skepticism and comfort with questioning processes to facilitate improvements - Finalizes planning documents and assists in Audit Plan evolution by challenging scoping - Functions in various roles on audit assignments, such as leading audits, staffing audits, and providing oversight functions - Applies analytical skills to review information, perform assessments, and evaluate controls - Leads a team in executing audits and works closely with Senior Audit Managers on planning, scoping, and execution strategy - Reviews work papers of audit team members to ensure departmental standards are met - Communicates audit status to business unit and Audit Services management - Completes findings and recommendations for status updates, memos, and audit reports - Coordinates with other audit teams to ensure evaluations of related areas occur timely The successful candidate will benefit from having: - 8 to 12 years of internal audit experience in the financial services industry preferred - Comprehensive knowledge of internal audit processes and strong work paper documentation skills - Proficiency in Microsoft Office applications; experience with audit work paper applications preferred - Professional certifications (e.g., CPA, CISA, CIA, ACA, ACCA) and/or an MBA preferred - General knowledge of operations, functions, and objectives of interfacing areas - Proven ability to work independently and in a team environment - Strong organizational and time management skills - Flexibility and adaptability to change Experience Required: - A College or University degree and/or auditing experience in a financial institution or similar public accounting experience Working with Us: As a Northern Trust partner, you will be part of a flexible and collaborative work culture in an organization committed to exploring new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company dedicated to assisting the communities we serve. Build your career with us and apply today to be part of a workplace with a greater purpose. Reasonable Accommodation: Northern Trust is committed to providing reasonable accommodations to individuals with disabilities. If you need an accommodation during the employment process, please contact our HR Service Center. We are excited about the role and the opportunity to work with you. We value an inclusive workplace and understand that flexibility means different things to different people. Apply today and share your flexible working requirements with us for a greater achievement together.,

As a Director of Audit Operations within the Business Area of Audit in the BIA (Barclays Internal Audit) department, your primary responsibility is to oversee and ensure the successful delivery of Attestation Audits and RAUP Audits. You will be accountable for the end-to-end audit process, ensuring compliance with Regulatory requirements and Audit Methodology. Additionally, you will play a crucial role in developing audits that align with the Bank's standards and objectives by collaborating with colleagues, providing accurate information, and adhering to policies and procedures. In this role, you will lead collaborative assignments, guide team members through structured tasks, and identify the need for specialized expertise to complete assignments. As a People Leader, you will demonstrate leadership behaviors such as Listening, Energizing, Aligning, and Developing others. You will train, guide, and coach less experienced specialists, providing strategic advice to key stakeholders and senior management. Your responsibilities will also include stakeholder management, leading discussions with Auditees, building relationships, and developing a network of contacts across the organization. You will be expected to engage and motivate team members, provide constructive feedback, and contribute to talent development and recruitment processes. To excel in this role, you should possess a minimum of 20+ years of experience in Risk-Based Auditing in Retail and/or Wholesale Banking, strong interpersonal and leadership skills, and a track record of managing teams across regions. Professional qualifications such as CIA, MIIA, ACCA, ACA, or CISA are required. Additionally, experience in data analysis, strategic initiatives, and department-wide leadership is desirable. As a Director of Audit Operations, you will play a critical role in supporting the development of audits aligned with the Bank's standards, driving strategic initiatives, and fostering a culture of excellence and continuous improvement within the BIA department. Your expertise, leadership, and strategic vision will be essential in ensuring the success of audit assignments and contributing to the overall goals of the organization.,

IT SOX Compliance Analyst - Docusign1 Job Title: IT SOX Compliance Analyst (Second Shift) : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities: Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications: Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.

Role Purpose : As GRC (Governance, Risk, and Compliance) Manager is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. This role involves ensuring that all risk and compliance activities are performed effectively by various control functions. The GRC Manager also serves as an internal consultant, providing guidance to operating functions and business lines on risk-related matters. Additionally, they are tasked with identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to ensure the organization's overall security and compliance posture. Responsibilities: Ensure strong governance on risk and compliance performed by various control functions. Manage risk assessment, remediation, and monitoring of information and technology process risks. Serve as an internal risk consultant to operating functions and business lines. Identify, assess, quantify, report, communicate, mitigate, and monitor process risks. Support the implementation of information security policies. Discuss risk closure, mitigation, and acceptance with stakeholders. Ensure periodic entitlement reviews are completed, and risks are managed to an acceptable level. Collaborate with control functions to track and mitigate identified risks. Work with technology leaders to identify control gaps. Act as a subject matter expert for risk and controls related to operations. Maintain strong working relationships with stakeholders. Review and refine policies and processes based on industry best practices. Track identified risks and ensured their closure within defined timelines. Prepare and maintain risk heat maps and risk registers. Required Skills: Excellent executive-level communication skills. Strong working relationships with team members and the ability to motivate them. Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits. Solid understanding of Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, NIST Control, etc. Understanding of Security incident response aspects is desirable. Good analytical, problem-solving, and interpersonal skills. B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience. Industry-recognized certification in information security such as CISSP, CISM, CISA, etc.

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Conduct Cyber Risk reviews for the organizational clients in a swift and thorough manner Assist in understanding common cyber threats and vulnerabilities Assist in understanding common cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations Assist in understanding Business continuity and disaster recovery planning methodologies Assist in understanding risk management methodologies and procedures Understand Underwriting Insights for Risk Report Creation Assist to prepare a risk report based on organizational internal cyber resilience network, which can become the primary basis of underwriting the cyber risk. Assist in understanding qualitative and quantitative methods for analyzing, interpreting, and synthesizing raw data into intelligence for deriving insights for liability underwriting Roles and Responsibilities 2

As a Staff member in our team, your primary responsibility will be to perform and document testing on consulting, compliance, and internal audit engagements within financial institutions, specifically focusing on IT risk, strategy, and governance. Additionally, you will provide training and supervision to other Staff members involved in the engagements. Your role will involve identifying findings and documenting opportunities for process improvement, as well as researching technical issues that may arise during the engagement. You will collaborate with Managers and Senior Managers to develop strategic solutions that meet client needs and assist in engagement planning, execution, and final report issuance within client deadlines. Furthermore, you will play a crucial role in laying the groundwork for building strong relationships with clients, which includes participation in networking and business development activities. Your dedication to meeting client deadlines and delivering exceptional client service will be key to your success in this role. To be considered for this position, you must hold a Bachelor's degree. While certifications such as CISA, CISM, or CISSP are preferred, candidates who are not certified must meet educational requirements to obtain a license upon hire in their state of employment. Additional certifications such as CPA, CIA, CRCM, CAMS, CFIRS, CFE, and/or CFF are advantageous. Ideally, you should have a minimum of 3 years of experience in information systems, internal audit, regulatory compliance, or consulting services. Experience in network engineering/administration with a security focus is desirable. Knowledge of IT control and service management standards like CObIT, ITIL, and ISO is preferred, along with SOX IT audit experience. Previous experience in banking or credit unions would be a plus. We are looking for individuals who can work effectively both as part of a team and independently, demonstrating creative problem-solving skills and strong research capabilities. Excellent verbal and written communication skills, along with proficient use of Microsoft Office tools, are essential. The ability to manage multiple priorities, tasks, and projects simultaneously is also crucial for success in this role.,

Job Area: Finance & Accounting Group, Finance & Accounting Group > Internal Audit General Summary: Auditor, IT Internal Audit- Hyderabad Qualcomm is a company of inventors that unlocked 5G - ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. This is a unique opportunity to join Qualcomms finance and accounting organization based in Hyderabad in the Corporate Internal Audit & Advisory Services (IA & AS) team. The department focuses on assisting the Audit Committee and management teams in the improvement of processes that manage risks related to achieving Qualcomms business objectives. Using Qualcomms risk-based audit methodology, the IT auditor will assist in the execution of internal audits. Specifically, the responsibilities include: Providing U.S. based time zone coverage as needed (up to 50% of time) Supporting the creation of initial planning memos and process flowcharts Identifying and assessing initial risks and control activities Designing audit procedures to evaluate control effectiveness Performing audit testing, identifying deviations from expected control activities, and effectively communicating observations to the audit team Leveraging data analytics throughout the audit process where feasible Staying abreast of changes in the business and industry to assess impacts to the companys risk profile Contributing to the development of new concepts, techniques, and making continuous process improvements for the overall IA team All Qualcomm employees are expected to actively support diversity on their teams, and in the Company. One to three years of relevant experience in internal auditing, external auditing, or SOX compliance within a global public company (preferably in the high-tech industry), Big 4/mid-tier accounting firm or other fast-paced corporate setting Strong understanding of IT general controls, cybersecurity frameworks (e.g. NIST, COBIT), and ERP systems Fluent English; multi-lingual capability is a plus Successful candidate will possess the following characteristics: As feasible, ability to travel (infrequently) to Qualcomms domestic and international locations (e.g., U.S., Europe) Semiconductor business experience or familiarity Strong communication (oral and written) and presentation skills Fast learner with strong interpersonal, organization, analytical, critical thinking, and problem-solving skills Ability to work in a flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Comfortable with ambiguity Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously and multi-task to meet deadlines with high-quality deliverables Controls, risk assessment, risks, internal audit, IT Bachelor's degree in Accounting, Finance, Computer Science, cyber security, or related field. CPA, CA, CIA, CISA, CFE, or other credentials, a plus. Minimum Qualifications: Bachelor's degree. 1+ year of Finance, Accounting, or related work experience. *Completed advanced degree in a relevant field may be substituted for up to one year (Masters = one year) of work experience. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on small to medium complexity deals. Lead or work as Lead Solution Architect on small to medium complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approvers. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solution. Work on building the cost model for the solution. Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done.Roles & Responsibilities:Frequently interacts with senior client leadership.Develop statement of workPerforms Peer ReviewsAssists in performing QAHas led solution development for multiple deal typesWork with delivery leads for the approval of solution/effortsBring out technical differentiators and value in the solutionAble to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 3 years in leading solution development in a reputed organizationDeep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessaryShould be a good presenterShould have leadership qualitiesShould keep himself/herself up to date on various SA Cost models and processes, work independently to develop costing and pricingGood communication and collaboration skills Prior experience in leading solution development will be an advantageExperience in leading delivery and solution planning of large, complex dealsComfortable in using relevant tools and estimatorsComfortable working in extended working hoursCISSP, CISM, CISA Cloud Security knowledge and certification AWS, AzureSolution Architect Core TrainingSolution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have a minimum of 8 years of experience This position is based at our Pune office. Qualification 15 years full time education

Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Associate Qualifications: Any Graduation Years of Experience: 1 to 3 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing skill is required What are we looking for Commitment to qualityWritten and verbal communicationRisk managementAbility to work well in a teamAbility to meet deadlinesAutomated / IT control testing experience is must Roles and Responsibilities: In this role you are required to solve routine problems, largely through precedent and referral to general guidelines Your expected interactions are within your own team and direct supervisor You will be provided detailed to moderate level of instruction on daily work tasks and detailed instruction on new assignments The decisions that you make would impact your own work You will be an individual contributor as a part of a team, with a predetermined, focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

RoRR Roles & Responsibilities: Discuss with Business & IT on new process / system / activity before Onboarding / Go-Live Conduct risk assessments to identify information security risks Propose controls to business and / or work with business to plan risk mitigation Prepare Risk Assessment & Recommended Control Report Follow-ups for mitigation of identified risks & maintain Risk Assessment Tracker Release Monthly dashboards Ensure all recommendations made in RA are implemented Maintain and update Risk Assessment Procedure & Process documents Manage and address any escalations related to risk assessments Assess risk and provide timely approvals / rejections for requests such as firewall port opening, external data sharing, data movement, new software installations Provide status reports to CISO and Sr. Management on periodic basis Dashboards & Presentations for Information Security Review / Board Notes Handle periodic audits from regulator / government agencies / internal audits independently for respective work areas Job Requirement: Experience required for the Job8-10 years in information technology & security; MSc IT / BSc IT / Engineer / Post Graduate / MBA Good understanding of IT/Cyber Security Risk Certification like ISO27001 / ITIL / CISA / CISSP / CRISC (Preferable) Knowledge on Layered Security - Firewalls, Intrusion Detection, OS Hardening, Malicious Code Security, Security Policies and Procedures, IT controls implementation, DLP, Security Training. Knowledge of cloud technologies and security practices for cloud Experience in Third-party Risk Management; Experience in Banking (Preferable) Good interaction and communication ability Capability for aggressive follow-ups and work with deadlines Excellent verbal, written communication & presentation skills

Technology Risk and Governance Professional Lead and act as SPOC for the Internal and External audits as part of Information Technology function. Provide clarity to IT stakeholders pertaining to requirements/queries raised by auditor wherever required. Ensure timely submission of data to auditors Ensure appropriate management responses provided along with reasonable and achievable timelines for the observations Publish progress tracker and ensure timely completion of audit as per plan Lead or conduct regular assessments of IT processes and systems to identify areas for improvement (In terms of security and compliance) which are identified as part of Assurance program. Ensure closure of open findings with technology leaders and auditors Create awareness among IT teams for Audits, compliance and legal requirements Prepare IT audit Assurance program in collaboration with Risk, Security and Compliance Team considering Design and implementation of IT Controls Skills Required: Min 4-12 years of Work Experience as Internal Auditor/GRC team Knowledge of Internal controls, auditing standards and statutory compliance (RBI, UIDAI, NCIIPC regulations) Sound understanding of Banking/Fintech industry and frameworks such as COSO, COBIT Ability to add value and improve operations by bringing a systematic approach to the effectiveness of Risk management, control and governance processes Certification ISO 27001/CISA or equivalent Certification

As a Deputy Manager in VAPT & Governance at our Consulting firm in Navi Mumbai, you will be responsible for leading and managing VAPT projects for our BFS clients. Your role will involve scoping, executing, reporting, and tracking remediation of these projects. Additionally, you will deliver technical and governance-driven security assessments across various environments such as infrastructure, applications, cloud, and network. Your expertise in security governance frameworks, controls, and compliance (including RBI, ISO 27001, NIST, etc.) will be crucial in this role. You will play a key part in reviewing and developing security policies, procedures, and risk assessment frameworks. Collaborating with cross-functional teams and managing client relationships will be essential to ensure successful project outcomes. Timely reporting and communication of critical findings to stakeholders will also be part of your responsibilities. Moreover, you will have the opportunity to mentor junior team members and contribute to the development of our practice. To excel in this role, you should hold a Bachelors or Masters degree in IT, Cybersecurity, or a related field. Possessing relevant certifications such as OSCP, CEH, CISA, or CISSP would be advantageous. Your extensive consulting experience in the Banking and Financial Services industry, along with strong hands-on knowledge of VAPT tools and methodologies, will be highly valued. A deep understanding of governance, risk, and compliance specific to the BFSI sector is essential. Excellent presentation, reporting, and client communication skills are also necessary for success in this position.,