847 Cisa Jobs

Job Description: In Scope of Position based Promotions (INTERNAL only) Job Title: General Auditor - AVP Location: Mumbai, India Role Description The Auditor participates in internal audits of a specific business/functional area in accordance with the Audit methodology and evaluates the adequacy and effectiveness of internal controls relating to risks within those business areas under moderate supervision. The Auditor participates in Concurrent Audit deliverables of Group Audit. The Auditor may also be required to participate in ad hoc projects and Special Investigations. The Auditor works in a cooperative manner with subject matter experts and other teams from across the function to provide front-to-back /SME audit coverage. The Auditor undertakes multiple audit assignments; drafts high-quality audit reports for review by audit management, facilitates issue tracking and validates the closure of audit Issues. The Auditor must typically proactively develop and maintain professional consultative working relationships with clients and respective support areas and will use a range of approaches to collect relevant and readily available information to assess risk, resolve issues or carry out tasks. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Executes day-to-day operational audit work and contributes to the delivery of audits (including risk assessment profiles and business monitoring). Undertakes audit assignments, drafts audit reports for review by audit management, facilitates issue tracking and validates closure of issues. Drafts high quality issues for review by audit lead/Principal Audit Manager, facilitates issue tracking and validates the closure of issues (as required). Executes audit fieldwork in line with the agreed audit approach e.g. documenting Activity Flows, identification of key risks, testing of key controls to determine whether they are properly designed and are operating effectively and documenting work in accordance with divisional standards. Partners with other divisional/teams during audit engagement to guarantee an integrated approach. Reviews and provides expert opinions on action plans provided by clients, helping them develop robust remediation plans. Completes all assigned audit work in line with agreed budgets, including ad hoc projects and special investigations. Proactively manages and executes day-to-day responsibilities with group audit deliverables on Concurrent Audit Acts as a challenger to clients in the issue closure process. Communicates openly with divisional management and the internal stakeholders; keeps them informed of potential issues and escalate problems/delays accordingly. Proactively keeps abreast of pertinent industry, regulatory and business practices. Proactively develops and maintains professional working relationships with colleagues, the business and respective support areas. Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution. Highlights performance issues within the team, where appropriate, to drive for high performance. Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of the new environment. Your skills and experience Audit/business knowledge and experience and an understanding of the risks and regulatory requirements in one or more of the following business/functional areas: Investment Banking, Transaction Banking, Retail & Corporate Banking, Asset & Wealth Management, Business Services (operations), Risk, Legal & Compliance, Finance and Information Technology. Familiarity with operational requirements of a global bank. Sound understanding of global banking control environment and compliance issues in the banking/finance industry. Solid communication skills, communicating with clarity, both orally and in writing, in a logical order and structured approach. Fluent in English (written and verbal) and local languages if necessary. Solid relationship management, analytical, problem solving, communication, influencing, planning and presentation skills. Good knowledge of auditing standards and concepts. Ability to work in a fast-paced business environment. Able to work in virtual, global teams in a matrix organisation, transfer knowledge and develop capability of team members. Education/Certification Bachelor Degree (or equivalent) from an accredited college or university (or equivalent) or equivalent work experience. Professional/industry recognised qualifications e.g. CISA (for IT auditors), Accounting qualifications such as ACA and CPA How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

Job Description: Job Title: DCO Risk Control Assessment (RCA) AVP Location: Mumbai, India Role Description Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture. The Corporate Bank (CB) DCO has functional responsibility for providing a central point of oversight over the CB Risk Control Assessments (RCA). This includes supporting the business by driving Risk Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM guidelines. RCA is a key component of the banks non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. What we will offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Flexible working arrangements Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Collaborate with businesses and support them in conducting Risk Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business Coordinate with businesses/2LoD and assist in 2LoD challenges Prepare RCA reports and obtain business sign-offs Document risk mitigation decisions, if required, with consideration of risk appetite Deliver high quality Global Governance decks and reporting trends to support senior management Your Skills Qualifications: CISA/CRISC or relevant security qualifications with experience of Risk Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks Experience in SOX/ ISO27001 control framework Knowledge related to risk management (including conducting Risk Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment Strong quantitative and analytical skills required to critically evaluate information for key risk assessments Familiarity with DB organization a plus, but not mandatory Strong project management skills and a proactive team partner Influencing, negotiation skills and stakeholder management expertise Strong verbal and written communication skills Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory How we ll support you Training and development to help you excel in your career Flexible working to assist you balance your personal priorities Coaching and support from experts in your team in Germany Pune A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams https: / / www.db.com / company / company.html

Job Description: Job Title: Information Security Specialist - AVP Location: Pune, India Role Description The Information Security Analyst is responsible for supporting the execution of the Information Security strategy. The Information Security Analyst provides data and analysis to measure the effectiveness of Information Security controls across group wide products and services. The Information Security Analyst identifies and evaluates potential areas of Information Security threats by assessing the probability and impact and facilitates feedback for mitigation. Roles within Information Security may cover one or more areas of specialty, e.g., Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.); Information Security ( IS ) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) and IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.) What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Review Risk Assessment (Application/Technical Risk profile) and Assurance spot checks for Compliance evaluation (e.g., IS/Cloud/SOx/MAS/Client Access Management/other regulatory controls) Analysis and verification of compliance issues Support stakeholder remediation activities Collect and review evidence (e.g., from de-centrally managed applications) Create compliance issue tickets and address issues to responsible stakeholders. Analyze and identify root causes. Provide and prepare data for management communication. Preparing reports for stakeholders and management Improvement and documentation of operational tracking activities Raise Business Requirements to Central Solutions run by other CSO teams. Your skills and experience Attitude of diligence and precision Ability to integrate in heterogeneous teams. Proactively driving topics, not shunning to address issues to higher management levels. Structured way of thinking and working Very good communicator Very good analytical and problem-solving skills Very good English (verbal and written) Experience in Excel (advanced) Good German skills beneficial Good Python programming skills beneficial Certifications in ISO 27001 or information security (e.g., CISSP, CISA) beneficial Practical experience in Governance or Compliance Monitoring beneficial. Knowledge about basic principles of Identity and Access Management beneficial How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams https: / / www.db.com / company / company.htm

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Risk Advisory is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Your work profile As a Manager in our Cyber - Extended Enterprise team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You will: Role Description Lead ISMS or Third-Party Risk Assessments Lead engagement team in delivering client engagements Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements Should be able to work as independently on short term engagements Perform quality reviews of work performed by team members Desired qualifications 8+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits and Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Location and way of working Base location: Pune This profile involves frequent / occasional travelling to client locations OR this profile does not involve extensive travel for work. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As an Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Role Description ISMS or Third-Party Risk Assessments Ability to effectively liaise with clients and manage stakeholder expectations Work with client teams from various departments such as compliance teams, auditing and regulators to identify and document various requirements/obligations Conducting risk assessments and audits with respect to people, process and technology Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures and standards Documenting information security risk, recommendation and compensating controls in the form of assessment/audit reports Collaborate with other members of the engagement team to plan and develop relevant work papers/deliverables for vendor information security reviews, define approach for vendor assessment and develop vendor evaluation model Handle key activities of assessment/ audit life cycle: planning, execution, reporting, quality review and tracking Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues Desired qualifications 8+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Location and way of working Base location: Bangalore Professional is required to work from office Your role as an Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

Location: Kolkata Designation: Assistant Manager Audit & Assurance - Assurance Assistant Manager - Internal audit What impact will you make? Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential. The Team Discover the various Internal Audit services, we offer to help organizations look below the surface to achieve superior performance through a full range of outsourcing, co-sourcing, and advisory services including with respect to technology and data analytics . We enhance the overall value delivered by IA functions through strengthening quality, flexibility, efficiency, and value. Additionally, Deloitte helps clients extend their IA oversight to gain greater understanding of key enterprise risks such as evolving IT systems, applications, and other technologies. Work you ll do As Assistant Manager in our Internal Audit team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Key Job Responsibilities As a part of our team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Ability to effectively perform the technical components of risk assessments to provide an accurate view of the client s current risk state Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the client s business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Ability to enhance quality and efficiency of recommended conduct risk solutions by applying relevant frameworks, conducting research, and performing analyses Ability to conduct internal audits by leveraging approved processes and methodologies Ability to set the stage for a successful assessment of client s internal audit processes and controls by collecting and organizing data Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Ability to form a core Extended Enterprise Risk Management (EERM) skillset through proactively conducting research, and participating in internal and external initiatives Qualifications CA BBM / BBA / B. Com Must have one of the certifications - CFE, CPA, CIA, CISA Experience in Advanced Analytics and ERP is preferred Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. In addition to living our purpose, Assistant Manager across our organization: Builds own understanding of our purpose and values; explores opportunities for impact Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent Understands expectations and demonstrates personal accountability for keeping performance on track Actively focuses on developing effective communication and relationship-building skills Understands how their daily work contributes to the priorities of the team and the business How you ll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Centre. Audit & Assurance - Assurance Assistant Manager - Internal audit Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our purpose Deloitte is led by a purpose: To make an impact that matters . Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloittes impact on the world Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Join us as a Security Consultant This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information As our Security Consultant, you ll be providing advice and guidance on the best course of action needed to manage and solve security risks As well as the opportunity to enhance your security knowledge, you ll also be exposed to a wide range of stakeholders across the wider bank Were offering this role at associate level What youll do Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains. We ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible. You ll also be: Acting as the interface with security experts when needed Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation The skills youll need To be successful in this role, you ll need knowledge of one or more security subject areas and experience of setting risk appetites. You ll also demonstrate experience of, or a willingness to learn risk management frameworks. Additionally, you ll need: A background of at least 4 years in security assessment in information system An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc Industry certification such as CISSP, CISM, CISA Experience in c onducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines S trong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions Hours 45 Job Posting Closing Date: 01/08/2025

Role & responsibilities Perform internal audits as per the Risk Based Audit Plan approved by the Audit Committee of the Board Maintain audits and relevant work papers in accordance with the documented Audit Methodology in Audit software. Discuss with Line managers identified control gaps before finalising the audit reports. Follow up for open audit actionables on a periodic basis Co-ordinate / manage co-sourced audits, concurrent audits to ensure the work is completed as per agreed timelines and as per requisite quality. Assist in developing / maintaining audit analytics and utilising the exception reports during audit execution. Keep abreast of technological innovations, regulatory updates, etc in the financial domain especially for digital payments.

Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk & Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web & mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing & cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / Certification: ISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

Role & responsibilities Audit IT Infrastructure: Evaluate systems, processes, and controls in place. Ensure compliance with IT-specific laws, policies, ISMS policies, and standards. Identify vulnerabilities in IT systems and associated management. Discuss findings with the auditee department and finalize audit reports. Submit reports to the reporting manager. Collect auditee replies and present them to management (PRM). Follow up on findings from previous internal audits. Risk-Based Audits: Analyze applications or processes when there is a process change or weakness in controls. Present risks to management. External Audit Support: Present external audit status to management as required Support other Manappuram group audit teams as needed. Sample Audits: Vendor Risk Management Audit Software License Audit Software and Hardware Asset Inventory Audit Business Continuity Plan and Disaster Recovery Audit Software Patch Management and Hardening Tech-Specs Audit Physical and Environmental Security Audit Information Security and Management Systems (ISMS) Audit of HR, Administration, Facilities, Access Control, and Password Policy. System Audit of PPI MAKASH as per RBI norms. Audit of IT Governance Information and Cyber Security Audit as per RBI Master Direction on NBFC IT Framework. IT Operations Audit as per RBI Master Direction on NBFC IT Framework. Managing Audit of Outsourced IT Services

Position Summary : At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our company's internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelor's or Master's degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 4 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment Role: IT & Information Security - Other Industry Type: IT Services & Consulting Department: IT & Information Security Employment Type: Full Time, Permanent Role Category: IT & Information Security - Other Education UG: B.Tech/B.E. in Any Specialization PG: M.Tech in Any Specialization

Jul 24, 2025 Location: Pune Designation: Assistant Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The Team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As an Assisstant Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Youll : Role Description : 1. ISMS or Third-Party Risk Assessments 2. Lead engagement team in delivering client engagements 3. Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities 4. Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations 5. Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology 6. Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements 7. Should be able to work as independently on short term engagements 8. Perform quality reviews of work performed by team members Desired qualifications 1. 3+ Relevant years of experience in Third party risk management 2. Relevant years of experience in IT Audits, Cloud security 3. Experience with ISO22301 implementation and audits 4. Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ 5. Understanding of Third party/vendor/supplier risk management considerations 6. Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management 7. Excellent written/verbal communication 8. Excellent documentation and presentation skills 9. Highly motivated and willing to work in local and global environments 10. Security certifications like CISSP, CISA, CISM, CEH, ISO27001 11. Work experience in Infrastructure / Application Security 12. Work experience in IT Audit 13. Work experience in Information Risk Management Location and way of working Base location: Pune 5 days work from Office Your role as an AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Assistant Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Job Title: Deputy Manager IS Audit Department: Information Systems Audit Location: Mumbai/Hyderabad Interview Date Reference: Candidate qualifications & certifications must be valid as of 30.06.2025 Basic Qualifications (As on 30.06.2025): Educational Qualification: B.E. / B.Tech. in Computer Science / Software Engineering / IT / Electronics or equivalent discipline Minimum 50% aggregate marks Degree must be from a Govt. of India recognized university / institution / board or one approved by a government regulatory body. Professional Certifications: Mandatory: CISA (Certified Information Systems Auditor) from ISACA, USA (Must be valid on the date of interview) Desirable: CEH (Certified Ethical Hacker) from EC-Council, USA Experience (Post-Education) (As on 30.06.2025): Essential: Minimum 4 years of work experience in BFSI / IT / Information Security Consultancy Out of which, 2 years must be in IS Audit / Cyber Security Audit / Information Security Consultancy Note: Training / Teaching experience will not be considered All claimed experience should be supported by employer-issued certificates Desired Technical Skills: Proficiency in Vulnerability Assessment & Penetration Testing (VAPT) tools such as: Nessus, Retina, SAINT, Kali Linux Key Responsibilities: Conduct Information Systems (IS), Cyber Security, and IS Concurrent Audits. Perform IT Outsourced Activities Audit in line with organizational and regulatory standards. Evaluate compliance with internal IS / IT / Cyber Security Policies, RBI & regulatory guidelines, and international best practices. Identify system vulnerabilities and support mitigation actions to enhance the Banks security posture. Execute Compliance, Migration, and Special audits as directed. Draft and maintain detailed audit synopsis reports and value statements as per policy and audit guidelines. Liaise with various auditee departments for evidence-based compliance and timely closure of audit observations. Regularly upgrade knowledge and share insights with the IS Audit team to build team capability. Key Result Areas (KRA): Timely and efficient conduct of all assigned Information System Audits. Ensuring prompt follow-ups for compliance reporting. Achieving timely audit report closure in line with internal timelines. Submitting accurate and regular audit status reports to senior management. Contributing to knowledge-sharing, mentoring, and skill development within the IS Audit team. Periodically reviewing and updating audit frameworks and checklists to reflect current regulatory and cyber trends.

At EY, you will have the opportunity to shape your future with confidence by joining a globally connected powerhouse of diverse teams. As part of our highly successful Cyber Security team, we are currently seeking Security Architects with varying levels of experience. Whether you are considering a career change now or in the future, we invite you to connect with us and explore this exciting opportunity to contribute to building a better working world. As a Security Architect at EY, you will play a crucial role in leading the implementation of security solutions for our clients. You will work alongside an international team of specialists to address complex information security needs and enhance our clients" business resilience. Your responsibilities will include designing security solutions, developing security policies and guidelines, evaluating existing security controls, and collaborating with stakeholders to ensure effective security measures are in place. To excel in this role, you must possess expert-level knowledge in technical IT security domains such as infrastructure, networks, databases, security monitoring, and cloud security. Additionally, you should have experience in assessing solution architectures for security issues, managing multiple stakeholders, and implementing security vulnerability remediation strategies. Industry certifications such as CISSP, CISA, CISM, and experience in areas like Cyber Threat Management, Identity & Access Management, and Data Protection will be advantageous. To qualify for this role, you should have 8-10 years of professional experience in cyber security consulting, strong project management skills, and advanced communication abilities. While technical skills are essential, we value candidates who demonstrate strong interpersonal skills, relationship-building capabilities, and a commitment to delivering excellence in client service. Joining EY offers you the opportunity to work on inspiring projects, receive support and coaching from engaging colleagues, and develop new skills to progress your career. You will be part of a diverse and interdisciplinary environment that promotes knowledge exchange and emphasizes high quality in all endeavors. At EY, you will have the freedom and flexibility to shape your role in a way that suits you best, supported by a culture that values individual growth and personal development. If you are looking to be part of a market-leading team of professionals, collaborate with leading businesses globally, and contribute to building a better working world, we invite you to explore the exciting opportunities available at EY.,

The role of Senior Technology Auditor at Booking Holdings involves planning and executing IT operational, governance, and compliance related audits at Booking.com and other Booking Holdings companies. This position is based in Bangalore COE and may require occasional travel to other Booking Holdings companies. In this role, you will be responsible for planning and executing SOX control testing across Booking Holdings companies, as well as IT operational audits covering a wide range of topics. You will coordinate with stakeholders such as Risk & Compliance, Product Development & Engineering, Central Security & Technology teams, External Auditors, and others. Additionally, you will assist in conducting risk assessments, identifying controls to mitigate risks, and documenting audit results in accordance with internal audit department and Institute of Internal Auditors (IIA) standards. Furthermore, you will support in preparing audit reports for senior management and leadership teams, provide advice on internal control, participate in enhancing control procedures for Holdings companies, and drive continuous improvement of the internal audit function. The ideal candidate for this role should have strong knowledge of various IT environments gained through at least 5 years of relevant experience in IT. They should possess an understanding of risk definitions and controls implementation in an IT environment, negotiation skills, relationship building skills, problem-solving abilities, and timely problem escalation skills. Excellent analytical, report writing, oral communication, time management, and organizational skills are essential, along with a minimum of a Bachelor's degree preferably in Technology and certifications such as CISA/CISM/CISSP or equivalent. The successful candidate should be a culture fit for the energetic and fast-paced environment at Booking Holdings, displaying a self-starter attitude, commercial awareness, results-oriented approach, data-driven decision-making skills, stakeholder management abilities, relationship-building skills, and a commitment to self-development. Being detail-oriented while grasping the bigger picture is crucial for this role. Booking Holdings values diversity and inclusivity within its team, aiming to provide an environment that fosters innovation, creativity, and collaboration. The Global Internal Audit function at Booking Holdings plays a key role in providing assurance, analysis, insights, and advice on key risks, working towards making the company stronger and more successful. GIA operates globally, partnering with brands and individuals across cultures to drive positive change and growth within the company.,

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security #Eviden

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security Let s grow together.

Ready to be pushed beyond what you think you re capable of? At Coinbase, our mission is to increase economic freedom in the world. It s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform and with it, the future global financial system. To achieve our mission, we re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company s hardest problems. Our work culture is intense and isn t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Team/ Role Paragraph: The Internal Audit Function at Coinbase works to enhance and protect organizational value by providing independent, risk-based, objective assurance and advisory services designed to add value and improve the Companys operations. The Internal Audit Function helps Coinbase accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, compliance, risk management, and control processes. The Coinbase Internal Audit function is looking for a highly Internal Audit Findings Senior to help set up a Findings Validation Function. This role is based in India (Remote) and will be reporting to an Internal Audit Manager. The individual will be responsible for learning and supporting all aspects of the Finding validation process, including validation, testing and reporting. What you ll be doing (ie. job duties): To be completed by all business teams except Eng. Meticulously assessing managements corrective actions to ensure they are sufficient, implemented promptly, and are sustainable. This includes findings from internal audits, external exams, and regulatory bodies. Proactively engaging with auditees and business stakeholders to efficiently acquire necessary evidence for testing and validation. Partnering with cross-functional teams and global internal audit colleagues across the US, APAC and EMEA to facilitate and align remediation efforts. Producing comprehensive reports on the status of findings remediation for various legal entities Serve as a value-add and advisory function to business partners by identifying ways to address audit findings or opportunities for enhancements with the goal of mitigating risk and improving technology, security, and operational performance without compromising 3rd Line of Defense independence and objectivity. Assist with responses to regulatory inquiries as they relate to internal audit matters. Communicate with and educate process owners effectively, including non-finance individuals, on the importance of controls, an effective control environment, and the role of Internal Auditor Findings. Remain current and increase knowledge of regulatory requirements that impact the organization, as well as in the areas of internal control, technology, security, business, company products and company information. Championing new ideas and innovative solutions to enhance the efficiency and effectiveness of the findings validation process and overall internal infrastructure. What we look for in you (ie. job requirements): To be completed by all business teams except Eng. Professional Internal Audit / IT Audit qualification (e.g., CA, CIA, CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice 6+ years of experience in Internal Audit, Risk Management, Compliance or Management Consulting Excellent understanding of an internal control environment Working knowledge of laws, regulations, risk management practices for the financial services industry Relevant industry experience and/or public accounting experience preferred Solid analytical and problem solving skills, with high standards for quality, accuracy and attention to detail Excellent written and verbal communication skills Demonstrated proficiency in leveraging Google Suite, GRC Tools and AI tools. Nice to haves: Experience working in a fast paced organization Experience with Regulatory Finding/Issue Validation Entrepreneurial attitude and experience with, or the ability to adapt to, a rapidly growing start-up with associated complexities and ambiguities Experience working with/in an out-sourced or co-sourced internal audit function Ability to work across functions and time zones Understanding of crypto, payments and/or financial services industry and experience in auditing information systems and controls Professional Internal Audit / IT Audit qualification (e.g., CA, CIA, CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice ID: P71685 #LI-Remote Pay Transparency Notice: The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision). Pay Range: 2,755,300 2,755,300 INR Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbases roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here) . Global Data Privacy Notice for Job Candidates and Applicants Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here . By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. AI Disclosure For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment . To request a reasonable accommodation due to disability, please contact accommodations@coinbase.com .

TempHtmlFile Job Title : Analyst Function : Governance, Risk and Compliance Services (GRCS) Location : Pune OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes Oxley 404 Assistance Compliance Assistance Contracts and regulations Corporate Governance Advisory Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Analysts are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Consistently deliver quality client services Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes Demonstrate basic accounting and process related knowledge. Demonstrate ability to assimilate to new knowledge Remain current on new developments in advisory services capabilities and industry knowledge The job would require travel to client locations within India and abroad THE INDIVIDUAL Have basic understanding of process consulting/ internal audit/ risk consulting Strong analytical and problem solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage Strong written and verbal communication skills Ability to work well in teams Basic understanding of IT systems, Knowledge of MS office ( MS Excel, PowerPoint, Word etc) Have the ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours Be willing to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic Qualification Graduates (BE/B.Tech, BCom, BMS, BBM or similar degree) with 1 - 2 years of related audit, business or sector experience Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desk Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential KPMG Advisory Services is for you! .

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Tertiary -> Technology | Cybersecurity Principles, Best Practices and Threat Landscape | Level 4 Support | 4 - Advanced Primary -> Technology | Project Management Skills | Level 5 Support | 5 - Expert Primary -> Technology | Risk Management | Level 5 Support | 5 - Expert Secondary -> Technology | Leadership skills to guide and motivate Cybersecurity Teams | Level 5 Support | 5 - Expert Secondary -> Technology | Incident Response Coordination | Level 5 Support | 5 - Expert Certification : Technology | ITIL F/CompTIA Project+/Certified ScrumMaster/CISSP/CISA/AWS Certified Solutions Architect/Microsoft Certified: Azure Administrator Associate/Project Management Professional/Certified Kubernetes Administrator/CRISC Delivery Skills required are: - Project and Program Management: - *Overseeing large-scale and complex technology projects and programs. *Allocating resources effectively, including personnel, budget, and technology infrastructure. *Conducting comprehensive risk assessments specific to technology operations. *Developing and implementing risk mitigation strategies to minimize disruptions and ensure continuity. Communication and Stakeholder Engagement: - *Communicating complex technical concepts and strategies to stakeholders at all levels of the organization. *Tailoring communication approaches to meet the needs of diverse audiences, both technical and non-technical. *Building and maintaining relationships with key stakeholders to ensure their support and alignment with technology operations initiatives. Strategic Leadership and Management: - *Developing and implementing long-term technology strategies aligned with organizational goals and industry trends. *Aligning technology initiatives with business objectives and ensuring they support overall organizational strategy. *Leading organizational change initiatives related to technology transformations, upgrades, and process improvements. Continuous Improvement and Innovation: - *Driving innovation initiatives within technology operations to enhance efficiency, effectiveness, and competitiveness. *Identifying opportunities to streamline processes, automate tasks, and improve operational efficiencies within technology operations. *Promoting a culture of innovation and knowledge sharing across technology teams. Team Leadership and Development: - *Building and leading high-performing technology operations teams. *Cultivating a culture of collaboration, innovation, and continuous improvement. *Setting strategic performance goals and objectives for technology operations teams. *Resolving conflicts and addressing challenges within technology teams and with stakeholders.

Transforming the Future of Enterprise Planning At o9, our mission is to be the Most Value-Creating Platform for enterprises by transforming decision-making through our AI-first approach By integrating siloed planning capabilities and capturing millions even billions in value leakage, we help businesses plan smarter and faster This not only enhances operational efficiency but also reduces waste, leading to better outcomes for both businesses and the planet Global leaders like Google, PepsiCo, Walmart, T-Mobile, AB InBev, and Starbucks trust o9 to optimize their supply chains Role Overview: We are seeking a skilled and detail-oriented Security Engineer II Compliance to help manage and maintain our global compliance framework You will play a key role in implementing and sustaining information security and data privacy programs across the organization, with a strong focus on ISO 27001 and GDPR compliance Key Responsibilities: Own and manage compliance initiatives for ISO 27001 and GDPR frameworks (must-have) Contribute to alignment with additional frameworks like SOC 2 and NIST (preferred) Maintain and update compliance documentation: Risk assessments Statement of Applicability (SoA) Control implementation records Conduct and document Data Protection Impact Assessments (DPIAs) Support internal and external audits , including evidence collection and stakeholder coordination Identify gaps in compliance and work with relevant teams to close them effectively Draft, review, and update security and privacy policies, procedures, and internal standards Promote principles such as privacy by design , data classification , and data retention Collaborate with cross-functional teams to ensure a strong compliance culture across the organization Required Skills & Experience: 3 6 years of hands-on experience with ISO 27001 and GDPR compliance programs Familiarity with SOC 2 and NIST frameworks is a plus Strong knowledge of data protection concepts and security control implementation Experience managing audits and regulatory assessments Excellent skills in documentation, organization, and communication Ability to work independently and manage multiple priorities in a dynamic environment Preferred Certifications: ISO 27001 Lead Implementer / Auditor CIPP/E (Certified Information Privacy Professional/Europe) CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) Why Join o9 Solutions in Bangalore Be part of a fast-growing global company making a real impact Collaborate with smart, driven, and passionate people Competitive compensation and benefits A culture that values innovation, transparency, and ownership More about us At o9, transparency and open communication are at the core of our culture Collaboration thrives across all levels hierarchy, distance, or function never limit innovation or teamwork Beyond work, we encourage volunteering opportunities, social impact initiatives, and diverse cultural celebrations With a $37 billion valuation and a global presence across Dallas, Amsterdam, Barcelona, Madrid, London, Paris, Tokyo, Seoul, and Munich, o9 is among the fastest-growing technology companies in the world Through our aim10x vision, we are committed to AI-powered management, driving 10x improvements in enterprise decision-making Our Enterprise Knowledge Graph enables businesses to anticipate risks, adapt to market shifts, and gain real-time visibility By automating millions of decisions and reducing manual interventions by up to 90%, we empower enterprises to drive profitable growth, reduce inefficiencies, and create lasting value o9 is an equal-opportunity employer that values diversity and inclusion We welcome applicants from all backgrounds, ensuring a fair and unbiased hiring process Join us as we continue our growth journey!

Why Join Us To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win. We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees passion for travel and ensure a rewarding career journey. We re building a more open world. Join us. Introduction to Our Team The Senior Internal Auditor would be reporting to the Operational Audit Senior Manager, and would perform the tactical end-to-end execution of financial and operational risk management, compliance, assurance and audit projects, including discovery, scoping, planning, fieldwork, development/design of recommendations, report writing, tracking of audit issues, and verification of management action items, under the guidance/direction of managers. In this role you will: Acquire and demonstrates a solid understanding of how the department operates and fits into the larger organization Acquire a solid understanding of the various functions/organizations within the broader enterprise Demonstrate solid awareness of the policies, practices, trends and information that impact the organization and its customers Demonstrate solid understanding of the financial, operational, and technical impact of decisions/solutions on the organization and its customers Keep relevant stakeholders informed of key progress toward or significant changes to task timing that impacts the project schedule Assist team members in the creation of routine technical communication materials (e.g., policies & procedures, guidelines, presentations, messages) Apply a solid understanding of electronic workpapers and/or GRC and Audit Management systems Apply a solid understanding of IIA framework Plan and execute audit and consultancy projects, including but not limited to audit planning, facilitation of process interviews, identification of risks, internal controls testing, identification of issues, and communication of audit/consultancy results to Company management; Demonstrate understanding of key business process risks and controls, and perform evaluation of design and effectiveness of controls; Perform advisory work for key processes or projects being implemented consisting of evaluating gaps and risk and providing guidance prior to implementation; Participate in enterprise-wide risk assessment interviews with key partners; Demonstrate strong project management skills and the ability to multi-task on quality work deliverables; and Build and maintain strong positive relationships with Expedia personnel as a representative of the Corporate Audit Team Apply a solid understanding of operational, regulatory and technical compliance Apply practical data analysis methods and procedures including the collection, analysis and developing of insights of data Apply solid understanding of risks and controls to develop audit planning documents, including Risk and Control Matrices (RCM), process and data flow diagrams, and executive-level planning memos Prepare relevant audit workpapers and reports for senior management on the results of financial and operational audits or other risk-based assessments Leverage proper techniques and solid knowledge to interpret basic audit analyses and reports. Experience and Qualifications: 3-5 years of relevant experience in financial, regulatory or operational risk/assurance consulting or internal audit Bachelors degree in related field or equivalent related professional experience Big 4 public accounting experience preferred, but not required CPA/CA, CIA, CISA, CISM, CISSP, CFE, CMA, RICS APC, CCIM or similar certification desired Excellent written and verbal communication skills with previous experience in writing internal audit reports Understanding, developing, interpreting process models, flowcharts, narratives; Operational business processes and best practices; Accounting and finance concepts, processes and standards; Data governance (e.g., frameworks, policies, third-party data risks, and data security and protection) Data privacy compliance including GDPR, CCPA and other regulations Big Data (e.g. data analysis and visualization tools, data engineering modeling, scripting language such as SQL or Python) Accommodation requests If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request . We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others. Expedia Groups family of brands includes: Brand Expedia , Hotels.com , Expedia Partner Solutions, Vrbo , trivago , Orbitz , Travelocity , Hotwire , Wotif , ebookers , CheapTickets , Expedia Group Media Solutions, Expedia Local Expert , CarRentals.com , and Expedia Cruises . 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. . Never provide sensitive, personal information to someone unless you re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs . Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" Director, Cyber Security. What Youll Contribute 3+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.