Get alerts for new jobs matching your selected skills, preferred locations, and experience range. Manage Job Alerts
4.0 - 6.0 years
4 - 8 Lacs
Hyderabad
Work from Office
We offer a fulfilling work environment that attracts top talent and encourages all associates to do their part in delivering premier service to internal and external customers alike. It s how we re transforming the healthcare industry for the better. We provide career advancement opportunities within the organization with multiple locations in Florida, California, Pennsylvania, Tennessee, Texas, Utah, and India. You might also like to know that NationsBenefits is also recognized as one of the fastest growing companies in America. We re proud of how far we ve come, and a career with us also gives you growth opportunities. Position Overview The Senior Compliance Analyst is responsible for leading the assessment, monitoring, and maintenance of the organization s internal control environment and compliance efforts related to key regulatory and industry standards, including HITRUST, SOC 2, and PCI DSS. This role will serve as a subject matter expert in audit readiness and compliance reporting, working closely with internal stakeholders, auditors, and assessors to ensure successful certification and audit outcomes. The Senior Compliance Analyst will also play a critical role in control testing, evidence gathering, and issue remediation tracking. Key Responsibilities 1. Regulatory and Framework Compliance Oversight Serve as the internal point of contact for all matters related to HITRUST, SOC 2, and PCI DSS compliance. Coordinate and support the execution of external audits and assessments. Monitor ongoing compliance activities across departments to ensure adherence to regulatory requirements and industry frameworks. Maintain up-to-date knowledge of changes in applicable standards and regulations, proactively updating policies and controls. 2. Internal Controls Monitoring and Testing Conduct routine internal control testing to validate design and operational effectiveness. Document findings, track remediation efforts, and escalate issues where necessary. Collaborate with control owners to ensure proper documentation, process alignment, and control maturity. Manage evidence collection and maintenance for audit readiness throughout the year. 3. Audit Readiness and Execution Own end-to-end preparation for compliance audits including control mapping, pre-audit checks, and facilitating walkthroughs. Partner with internal teams and external auditors to manage audit logistics, request responses, and evidence delivery. Lead corrective action plans in response to audit findings. 4. Policy and Procedure Support Assist in the development, review, and maintenance of compliance-related policies, procedures, and standard operating documents. Ensure controls and practices align with documentation and are consistently applied across the organization. 5. Reporting and Risk Tracking Maintain dashboards and reports tracking control health, audit status, and compliance program KPIs. Support the GRC Director with compliance reporting for internal and external stakeholders. Qualifications Education Bachelor s degree in information systems, Cybersecurity, Business Administration, or a related field. Master s degree or equivalent experience preferred. Experience 4-6 years of experience in a compliance, risk, or IT audit role. Hands-on experience supporting HITRUST, SOC 2, or PCI DSS audits. Familiarity with risk assessment, control testing, and remediation tracking processes. Certifications (Preferred) Certified Information Systems Auditor (CISA) HITRUST Certified CSF Practitioner (CCSFP) Certified in Risk and Information Systems Control (CRISC) CompTIA Security+ or similar Skills Strong knowledge of compliance frameworks and internal control principles. Excellent project management and organizational skills. Ability to communicate effectively with both technical and non-technical stakeholders. Comfortable managing multiple priorities in a fast-paced environment. Proficiency with GRC tools and audit management platforms. Key Competencies Attention to Detail : Ability to meticulously validate evidence and control execution. Analytical Skills : Identify compliance gaps and recommend practical solutions. Collaboration : Work cross-functionally to gather evidence and align processes. Accountability : Drive audit preparation and closure of compliance gaps. Adaptability : Stay current with evolving regulatory requirements and apply them effectively
Posted 4 weeks ago
1.0 - 5.0 years
8 - 15 Lacs
Bengaluru
Work from Office
'GRC expert with proven skills in internal audit, SOX, IFC, ERM, process transformation, and forensics. Drives risk-aligned, cost-efficient solutions. Added advantage: exposure to cybersecurity incl. VAPT, data security, and cyber assessments. Required Candidate profile Has a strong expertise in process transformation, cost optimization, & automation. Sharp analytical & problem-solving mindset with excellent communication, leadership, & stakeholder management skills.
Posted 4 weeks ago
1.0 - 7.0 years
12 - 17 Lacs
Bengaluru
Work from Office
*Please note: Pay will be based on several factors including but not limited to education, work experience, certifications, location of residence, etc. Senior Information Security Compliance Analyst Shell Recharge Solutions is a leader in delivering the new electric mobility future through innovative software, infrastructure, and professional services that empower utilities, cities, fleets, transit agencies, and automakers to deploy EV charging infrastructure at scale. Our technology is connecting EV infrastructure solutions with public and private charging needs in a safer, cleaner, and smarter way. Headquartered in Los Angeles, CA, the company s global footprint spans across three continents with deployments in 13 different countries. At Shell Recharge Solutions, we are looking for candidates who want to be a part of something bigger than themselves passionate, purpose-driven individuals who believe having a career means making a meaningful impact on our business and the world. We believe in creating and doing the right thing through responsible and sustainable EV deployment. We are looking for the innovative, driven to find a solution in a complex and dynamically evolving marketplace and look at no as just a challenge to find the next yes . Shell Recharge Solutions is seeking a Senior Information Security Compliance Analyst ! Shell Recharge Solutions is looking for a Senior Information Security Compliance Analyst to help develop and maintain the security compliance program. The Senior Information Security Compliance Analyst will join the Security Team that is responsible for delivering both internal and external audit with industry standard compliance frameworks like ISO 27001 and PCI-DSS as well as the Shell Control Framework. The candidate will work cross functionally across the organization to gather, assess, recommend, and implement technical and organizational controls. What you ll do: Assist in the development and maintenance of enterprise security policies and procedures Work with information security team to develop strategies and plans to enforce security requirements and address identified risks Ensure compliance by regularly leading internal audits and perform gap assessments to track compliance readiness. Lead annual external audits like ISO 27001 and PCI-DSS Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of assets and noncompliance Work with the information security team and application developers to identify, select and implement technical controls Maintain an awareness of security and control issues in emerging technologies What We re Looking For: Basic Qualifications 5-7 years professional experience in IT and/or Compliance (IT Audit, Risk, Compliance, IT Operations, Systems Administration, Systems Engineering 1-2 years experience participating in ISO 27001, SOC 2, or PCI-DSS certification and accreditation activities Bachelor s degree in a relevant technical field is preferred Preferred Qualifications Industry certifications like CISA, CISM, C-RISC, or similar Exposure to AWS cloud infrastructure, Linux/Unix OS Ability to work independently without supervision and collaboratively with other teams A self-motivated individual who pro-actively seeks out work to be done and follows through What We Offer: A work environment that allows you to work with and learn from some of the best and brightest in this emerging industry The ability to make a difference in a world that needs our technology to help reduce carbon emissions and enable a more sustainable energy future through the use of electric vehicle charging software, services and infrastructure The freedom to learn, suggest, and implement innovative new ideas applied to our systems, processes, programs and technologies Daily ownership of your role in a challenging, high-growth environment. A casual work environment and culture that support work life fit , enabling you to fit life into your work and work into your life, i.e. flexible scheduling, virtualization options, and a generous holiday package Competitive pay and benefits programs designed to enable you to thrive inside and outside of work Participation in Shell Recharge Solutions performance and rewards bonus program Health benefits for employees Innovative Paid Time Off Program 9/80 Flex Work schedule
Posted 4 weeks ago
1.0 - 7.0 years
5 - 9 Lacs
Bengaluru
Work from Office
*Please note: Pay will be based on several factors including but not limited to education, work experience, certifications, location of residence, etc. Senior Information Security Compliance Analyst Shell Recharge Solutions is a leader in delivering the new electric mobility future through innovative software, infrastructure, and professional services that empower utilities, cities, fleets, transit agencies, and automakers to deploy EV charging infrastructure at scale. Our technology is connecting EV infrastructure solutions with public and private charging needs in a safer, cleaner, and smarter way. Headquartered in Los Angeles, CA, the company s global footprint spans across three continents with deployments in 13 different countries. At Shell Recharge Solutions, we are looking for candidates who want to be a part of something bigger than themselves passionate, purpose-driven individuals who believe having a career means making a meaningful impact on our business and the world. We believe in creating and doing the right thing through responsible and sustainable EV deployment. We are looking for the innovative, driven to find a solution in a complex and dynamically evolving marketplace and look at no as just a challenge to find the next yes . Shell Recharge Solutions is seeking a Senior Information Security Compliance Analyst ! Shell Recharge Solutions is looking for a Senior Information Security Compliance Analyst to help develop and maintain the security compliance program. The Senior Information Security Compliance Analyst will join the Security Team that is responsible for delivering both internal and external audit with industry standard compliance frameworks like ISO 27001 and PCI-DSS as well as the Shell Control Framework. The candidate will work cross functionally across the organization to gather, assess, recommend, and implement technical and organizational controls. What you ll do: Assist in the development and maintenance of enterprise security policies and procedures Work with information security team to develop strategies and plans to enforce security requirements and address identified risks Ensure compliance by regularly leading internal audits and perform gap assessments to track compliance readiness. Lead annual external audits like ISO 27001 and PCI-DSS Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of assets and noncompliance Work with the information security team and application developers to identify, select and implement technical controls Maintain an awareness of security and control issues in emerging technologies What We re Looking For: Basic Qualifications 5-7 years professional experience in IT and/or Compliance (IT Audit, Risk, Compliance, IT Operations, Systems Administration, Systems Engineering 1-2 years experience participating in ISO 27001, SOC 2, or PCI-DSS certification and accreditation activities Bachelor s degree in a relevant technical field is preferred Preferred Qualifications Industry certifications like CISA, CISM, C-RISC, or similar Exposure to AWS cloud infrastructure, Linux/Unix OS Ability to work independently without supervision and collaboratively with other teams A self-motivated individual who pro-actively seeks out work to be done and follows through What We Offer: A work environment that allows you to work with and learn from some of the best and brightest in this emerging industry The ability to make a difference in a world that needs our technology to help reduce carbon emissions and enable a more sustainable energy future through the use of electric vehicle charging software, services and infrastructure The freedom to learn, suggest, and implement innovative new ideas applied to our systems, processes, programs and technologies Daily ownership of your role in a challenging, high-growth environment. A casual work environment and culture that support work life fit , enabling you to fit life into your work and work into your life, i.e. flexible scheduling, virtualization options, and a generous holiday package Competitive pay and benefits programs designed to enable you to thrive inside and outside of work Participation in Shell Recharge Solutions performance and rewards bonus program Health benefits for employees Innovative Paid Time Off Program 9/80 Flex Work schedule
Posted 4 weeks ago
8.0 - 12.0 years
7 - 11 Lacs
Chennai
Work from Office
Position : Sr Risk Assessment Engineer Grade: F3/F4 Shift : US and ANZ Timezone Location : Chennai/Bangalore Position Summary: The Information Security Risk and Compliance lead is responsible for proposing, assessing and implementing various cybersecurity services in terms of risk management, ISO 27001, HIPAA, HITRUST. Need to have a strong understanding of security requirement in industry such healthcare, Pharma, patient services and life sciences. Job Description: Lead in assessing cybersecurity posture and maturity for client based on requirements and pain areas. Recommending cybersecurity strategy and architecture based on client's pain areas and risk assessments. Lead in performing information security risk assessment, tracking and monitoring the risk remediation. Collaborate with internal department of client in addressing and remediating various identified information security risk. Present complex cybersecurity solutions to clients in a clear, concise, and engaging manner, translating technical jargon into understandable benefits. Design and propose customized security solutions that address the client's unique challenge. Define and document security metrics and dashboard to measure and monitor cybersecurity KRI and KPIs. Develop, Implement, and maintain control requirement basis standards such as ISO 27001, HIPAA, HITRUST. Review and update current information security policies and procedures. Create and oversee the implementation of new security and compliance policies and procedures. Profile Description: Strong expertise in cybersecurity principles and best practices Thorough understanding of various security standards, framework, and certifications/attestations e.g., ISO 27001, HIPAA, HITRUST. Thorough understanding of various IT and Information security risk assessment framework/standards In-depth knowledge of various security tools and technologies In-depth understanding of various firewall and vulnerability assessment solutions Top-notch communication skills, both written and verbal, to deliver presentations and consult with diverse client. Excellent analytical and problem-solving skills. Ability to develop security standards and guidelines based on best practices and industry standards for existing and new technologies. Security certifications (e.g., CISSP, CISA) would be added advantage. Stay up to date on the latest cyber threats and vulnerabilities. Familiarity with common tech stacks Understanding of various virtualization tools like PowerBI, Tableau and tool like PowerShell, Python would be added advantage. Engineering in Computer Science, or relevant field We are Mindsprint! A leading-edge technology and business services firm that provides impact driven solutions to businesses, enabling them to outpace speed of change. For over three decades we have been accelerating technology transformation for the Olam Group and their large base of global clients. Working with leading technologies and empowered with the freedom to create new solutions and better existing ones, we have been inspiring businesses with pioneering initiatives. Awards bagged in the recent years: Best Shared Services in India Award by Shared Services Forum 2019 Asias No.1 Shared Services in Process Improvement and Value Creation by Shared Services and Outsourcing Network Forum 2019 International Innovation Award for Best Services and Solutions 2019 Kincentric Best Employer India 2020 Creative Talent Management Impact Award SSON Impact Awards 2021 The Economic Times Best Workplaces for Women 2021 & 2022 #SSFExcellenceAward for Delivering Business Impact through Innovative People Practices 2022 For more info: https://www.mindsprint.org/ Follow us in LinkedIn: Mindsprint Required abilities Physical: Other: Work Environment Details: Specific requirements Travel: Vehicle: Work Permit: Other details Pay Rate: Contract Types: Time Constraints: Compliance Related: Union Affiliation:
Posted 4 weeks ago
2.0 - 7.0 years
11 - 21 Lacs
Thane, Navi Mumbai, Mumbai (All Areas)
Work from Office
Hello, We are looking for candidates who are Currently serving Notice Period or 30 Days Job Title: Associate - IT Governance & Compliance Reports to: Lead - IT Governance & Compliance Location: Mumbai Experience: 2-6 Years Relevant 1. Role Overview: The Associate of IT Governance & Compliance will be part of the development, implementation, and oversight of the organization's IT Governance, and compliance framework. This role ensures stringent adherence to regulatory mandates, particularly those issued by the Reserve Bank of India (RBI). The ideal candidate must demonstrate a comprehensive understanding of RBI regulations, IT to Business strategy alignment, IT Policies & Processes and Governance best practices within the financial sector. With a keen focus on regulatory compliance, this role will fortify the organization's IT operations, IT project management and safeguard its reputation. 2. Duties & Responsibilities: IT Governance Facilitate implementation of enterprise-wide IT policies, procedures, and standards. Facilitate automation of IT Processes. Coordinate integration of IT governance with broader enterprise governance structures, ensuring alignment with corporate objectives. Facilitate maintenance of governance frameworks in alignment with COBIT, ITIL etc driving adherence and continuous improvement. Collate IT governance metrics and report to IT Senior Management Regulatory and Compliance Assurance Facilitate full compliance with RBI regulations, industry standards, and internal policies. Facilitate maintenance of comprehensive IT compliance programs, proactively addressing regulatory changes. Facilitate regular compliance assessments, ensuring timely resolution of identified issues. Coordinate with regulatory bodies, ensuring accurate and timely reporting and communication IT Risk Management Facilitate a robust IT risk management framework. Track mitigation for potential IT risks, ensuring alignment with organizational goals and regulatory requirements. Track IT risk management initiatives, providing insights and recommendations to the management team Incident Management Track the IT & Security incidents and breaches, ensuring minimal impact on operations. Facilitate implementation of incident response procedures. Coordinate with key stakeholders to mitigate the impact of IT incidents, ensuring swift and effectiveresolution Imbibe a culture of continuous improvement, adopting and integrating best practices in IT governance, and compliance 3. Job Requirements: Professional Qualification : - Bachelor's degree in Information Technology, Computer Science, Business Administration, or a related field. A Masters degree or professional certifications (e.g., CISA, CISSP, CRISC) is preferred. - Minimum of 5 years of experience in IT governance, and compliance, with Lead IT GRC role within a financial services organization. - Strong understanding of IT governance and compliance frameworks, regulatory requirements, and compliance standards (e.g., ISO 27001, NIST, PCI-DSS).
Posted 1 month ago
15.0 - 20.0 years
13 - 17 Lacs
Bengaluru
Work from Office
Experience Minimum of 15+ years of progressive experience in the BFS sector, focusing on retail banking, regulatory compliance, risk management, and strategic advisory. Qualifications Minimum Bachelor's degree in Finance, Business, Law, PGDBF or a related field. . The successful candidate will be a seasoned expert in BFS operations, possessing extensive knowledge of banking and financial services, combined with a profound understanding of the regulatory landscape in the Indian market. This role is pivotal in steering our organization toward strategic development in the realm of Digital Technologies BFS services. Key Responsibilities Act as a senior SME, providing expert guidance on Banking and Financial Services operations, products, and services within the Indian market. Collaborate seamlessly with cross-functional teams to optimise and enhance business processes. Provide strategic guidance to the team on IT and Digital Technologies Banking and Financial services. Conduct thorough assessments to identify and mitigate risks associated with BFS operations. Conduct in-depth analysis of business operations, processes, and challenges, identifying opportunities for improvement and innovation through interviews, workshops, and data analysis. Engage with senior leadership to offer strategic insights and recommendations. Contribute actively to the development and execution of business plans within the BFS domain. Foster and maintain effective relationships with regulatory bodies, industry associations, and other external stakeholders. Experience working in Banking Enterprise preferably in Retail Banking business. Possess a comprehensive understanding of the BFS sector in India. Exposure to IT services and product development within the BFS landscape. Showcase proven leadership skills with the ability to influence and guide cross-functional teams. Lead and mentor junior Business Analysts, fostering a collaborative and high-performing team environment. Exceptional communication and interpersonal skills, influencing stakeholders at all levels and building strong relationships. Proficiency in relevant tools and technologies, including Visio, UML, MS Office Suite, data analysis tools, and project management software. Excellent analytical and problem-solving skills with the ability to translate business needs into technical specifications. Proven ability to work independently and manage multiple projects concurrently. Familiarity with RBI regulations, SEBI guidelines, and other relevant laws governing the Indian financial services industry (AML, KYC, BSA, SOX, PCI DSS, CFPB, GDPR, SEC, FATF, Basel III) Qualifications Education: Minimum Bachelor's degree in Finance, Business, Law, PGDBF or a related field. Advanced degrees like MBA Finance, MFC, MFM, CFA or relevant certifications are preferred. Skills Desired Preferably having experience in Global BFS domain. Leverage an established network within the Indian BFS sector, including regulatory bodies, industry associations, and peer organizations. Ability to adapt seamlessly to a rapidly changing regulatory environment and evolving industry trends. Demonstrate a track record of thinking creatively and proposing innovative solutions to complex problems. Competencies Desired Technical / Functional: Relevant certifications in the BFS domain, risk management, compliance, or related fields (e.g. CRMA, CISA, CAMS, PRM, CFSA) will be considered a valuable advantage. Relevant BA certifications (e.g., CSPO, CBAP, PMI-PBA) would be an added advantage.
Posted 1 month ago
5.0 - 10.0 years
3 - 7 Lacs
Hyderabad
Work from Office
Job Summary As the Senior Analyst, Security Assurance you will work in a fast-paced environment fostering teamwork and open communication to focus on compliance with security standards and regulatory frameworks at Foundever. Your expertise will be vital in coordinating external audits, gathering evidence, validating compliance, and engaging stakeholders across the organization. Primary Job Responsibilities Maintain a comprehensive understanding of security compliance frameworks (HITRUST, PCI, DSS, SOC, ISO 27001, HIPAA, NIST) and their requirements Coordinate and support external IT audits, collecting, preparing and submitting necessary documentation and evidence in a timely manner Conduct regular risk assessments and gap analyses to identify areas of improvement Document compliance efforts and gaps, audit findings, and remediation plans, ensuring proper tracking and follow-through Prepare and present status updates, audit results, and risk assessments to leadership and stakeholders Utilize advanced data analytics techniques to assess compliance trends, identify potential risks, and uncover actionable insights that inform decision-making and strategic planning Develop and maintain interactive data visualization graphs and dashboards to effectively communicate compliance metrics, audit findings, and risk assessments to stakeholders Utilize Governance, Risk, and Compliance (GRC) tools to streamline compliance workflows and improve visibility Stay informed of industry trends, threats, and regulatory changes affecting information security Skills and Qualifications 5+ years of experience in information security with a focus on security assurance and compliance In-depth knowledge of security frameworks and standards such as HITRUST CSF, SOC 1/2, ISO 27001, NIST, PCI DSS, etc. Experience with data analytics and data visualization Experience with compliance software and external audit portals for evidence posting and collaboration Knowledge of audit cycles and certifications for cloud hosted applications Bachelor's degree in Computer Science, Information Technology, Security Management, or a related field Preferred Skills and Qualifications HIPAA experience Relevant security and framework certifications (e.g., CCSFP, CISM, CISSP, CISA, PCIP) AI experience About Us Foundever is a global leader in the customer experience (CX) industry. With 170,000 associates across the globe, we re the team behind the best experiences for +750 of the world s leading and digital-first brands. Our innovative CX solutions, technology and expertise are designed to support operational needs for our clients and deliver a seamless experience to customers in the moments that matter. #LI-MA1 #LI-Remote .
Posted 1 month ago
3.0 - 5.0 years
5 - 9 Lacs
Hyderabad
Work from Office
For over 30 years, Beghou Consulting has been a trusted adviser to life science firms. We combine our strategic consulting services with proprietary technology to develop custom, data-driven solutions that allow life sciences companies to take their commercial operations to new heights. We are dedicated to client service and offer a full suite of consulting and technology services, all rooted in advanced analytics, to enhance commercial operations and boost sales performance. Purpose of Job The Senior GRC Analyst is instrumental in advancing Beghou s governance, risk management, and compliance efforts. This role leads initiatives to proactively identify, assess, and mitigate risk, while ensuring rigorous adherence to internal policies and external regulatory requirements. As a key advisor across business and technology functions, the Senior GRC Analyst develops and maintains robust frameworks, controls, and processes that enable a secure and compliant operating environment. The ideal candidate brings strong analytical skills, deep GRC expertise, and the ability to translate complex regulatory and risk concepts into clear, actionable approaches. This role requires engagement across functions, including leadership, IT, HR, Finance, Commercial, and external stakeholders. We'll trust you to: Drive and support Beghou s GRC initiatives across both business and technical domains. Partner with GRC leadership to deliver strategic and operational risk and compliance objectives. Maintain and enhance policies, procedures, and controls in alignment with industry best practices, client requirements, and applicable regulations. Monitor compliance with Beghou s internal standards through internal and third-party assessments. Identify and execute on opportunities to improve compliance processes and align with evolving frameworks. Manage and maintain documentation for policies, controls, compliance activities, and risk assessments. Coordinate and support internal and external audit activities, including evidence collection and response management. Conduct risk assessments and vendor evaluations and manage associated mitigation and remediation plans. Leverage GRC tools and technologies to streamline documentation, risk tracking, evidence management, and audit support. Stay abreast of regulatory developments and emerging risks affecting Beghou and its clients. Serve as a liaison with business and technical stakeholders, as well as clients, auditors, and regulators. Champion compliance awareness and best practices through training and internal engagement. You'll need to have: Bachelor s degree or higher from an accredited institution. Minimum of 3 years of direct GRC experience (policy, risk, audits, assessments) and 5+ years of overall professional experience. Strong knowledge of formal assessment frameworks (SOC, ISO 27001, NIST). Familiarity with global data privacy and cybersecurity laws (e.g., GDPR, HIPAA, CCPA, GxP). Demonstrated ability to manage multiple workstreams simultaneously and independently. Excellent verbal and written communication skills with the ability to engage both technical and non-technical audiences. Strong organizational skills and a methodical approach to problem-solving. Experience in the life sciences or pharmaceutical consulting sector is a plus. Professional certifications (e.g., CISA, CRISC, CISSP, CIPM) are a plus. What you should know: We treat our employees with respect and appreciation, not only for what they do but who they are. We value the many talents and abilities of our employees and promote a supportive, collaborative, and dynamic work environment that encourages both professional and personal growth. You will have the opportunity to work with and learn from all levels in the organization, allowing everyone to work together to develop, achieve, and succeed with every project. We have had steady growth throughout our history because the people we hire are committed not only to delivering quality results for our clients but also to becoming leaders in sales and marketing analytics.
Posted 1 month ago
4.0 - 6.0 years
2 - 6 Lacs
Mumbai
Work from Office
Experience Required 4 to 6 Years or more with minimum 2 End-to-End Implementations Qualification MCS, MCA, BE/BTECH from Reputed University Certification- SAP GRC/CISA/CISSP Knowledge & Experience: In-depth knowledge of SAP GRC AC Configuration Min -1 End to end implementation of SAP GRC AC all modules. Min- 1 implementation of Large scale SAP Authorizations Min- 2 Large/global Support projects on SAP GRC or SAP Authorizations Understanding of business process for all the areas/modules of SAP modules (for example in FI, MM, HR,SD,CRM,BI/BW.) Knowledge of Risk Analysis & mitigation in SAP Expert in SAP Authorizations Understand SAP/ Internal Audits/ Statutory (ITGC) audits Well versed with presentation tools PowerPoint, MS-word, MS-Excel Strong Analytical, communication, coordination & collaboration skills
Posted 1 month ago
5.0 - 10.0 years
7 - 10 Lacs
Hyderabad
Work from Office
AVIVYS is a platform where talent meets opportunities to unlock their potential. A place to learn, upskill, showcase their talents, gain CV points & get hired while unlocking their true potential. This enables professionals to eventually get hired by their dream employers. AVIVYS believes that you can unlock your dreams with genuine efforts Opportunity to work with our esteemed client Finnish IT software and service company providing IT services and product engineering services We are seeking an experienced Internal Auditor Manager to lead and execute internal audits,with a strong focus on SOX compliance, IT General Controls (ITGC), Information Security, and Cloud Security audits. The ideal candidate will have over seven years of hands-on experience in evaluating risks, assessing controls, and ensuring compliance with regulatory standards. Key Responsibilities: 1. SOX Compliance & IT General Controls (ITGC) - Plan, execute, and manage SOX audits, including control design assessments, testing, and remediation tracking. - Evaluate IT General Controls (ITGC) related to financial reporting, including access controls, change management, and data integrity. - Collaborate with finance and IT teams to ensure compliance with SOX 404 requirements and other financial regulations. - Identify control deficiencies and recommend improvements to strengthen the control environment. 2. Information Security Audits - Conduct information security audits to assess compliance with ISO 27001, NIST, CIS benchmarks, and other security frameworks. - Evaluate the effectiveness of organizational security policies, procedures, and technical controls. - Identify vulnerabilities in IT systems and recommend security enhancements. - Perform risk assessments and ensure alignment with industry best practices. 3. Cloud Security Audits - Audit cloud-based infrastructure (AWS, Azure, and Google Cloud) to ensure compliance with security best practices. - Assess cloud service providers\u2019 controls and adherence to CSA (Cloud Security Alliance) guidelines. - Evaluate data privacy, encryption, identity & access management (IAM), and cloud governance frameworks. - Ensure cloud environments meet regulatory and internal security requirements. 4. Risk Management & Reporting - Prepare detailed audit reports with findings, risks, and actionable recommendations. - Present audit results to senior management and stakeholders. - Monitor remediation efforts and validate control improvements. Qualifications and Skills: - 5+ years of experience in internal audit, IT audit, or risk management, with a focus on SOX, ITGC, and security audits. - Strong knowledge of SOX compliance, IT General Controls, and financial reporting risks. - Experience auditing information security frameworks (ISO 27001, NIST, CIS benchmarks). - Familiarity with cloud security (AWS, Azure, GCP) and related compliance standards (CSA, SOC 2, etc.). - Preferred certifications: CISA (Certified Information Systems Auditor), CISSP, CIA, or equivalent. - CA (Chartered Accountant) qualification is a plus but not mandatory. - Strong analytical, communication, and project management skills.
Posted 1 month ago
10.0 - 12.0 years
40 - 50 Lacs
Bengaluru
Remote
If Interested, please share your CV at dhanashree.kumbhare@randstad.in This is a remote Opportunity. Position: Information Security Lead Educational Qualification and Certifications Certifications: Preferably Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) Computer Science, Information Technology, Cybersecurity or allied degree Required Skill Set 12+ years experience in Information Security domain leading Info Sec functional responsibilities Experience in security technologies and processes Experience managing organizational cyber risk management Experience in applicable data and cyber related regulations and compliance requirements Job Description/ Responsibilities This role will be responsible for developing and implementing information security strategies, policies, procedures, managing the security architecture and infrastructure and ensuring compliance with relevant regulations and industry standards. Info Sec Leader will directly oversee activities to protect Companys data and systems. Strategic Planning and Risk Management: Manage information security strategy, policies, procedures, including a comprehensive risk management framework. Identify, assess, and mitigate information security risks. Proactively, identify gaps and address vulnerabilities. Maintain policies for data governance, access control, and acceptable use of assets. Ensure data security especially around PII/ sensitive data. Work closely with the IT/ Network/ Infrastructure and Product teams to monitor Company assets on a regular basis and ensure end points are secure per Companys established policies. Security Architecture: Review, manage and maintain security architecture of Company assets, ensuring it aligns with business needs and security requirements. Work closely with the product development stakeholders to develop and maintain security architecture for overall DvSum applications. Security Compliance: Ensure compliance with relevant laws, regulations, industry standards and certifications such as SOC2, HIPAA, and GDPR. Security Incident Response: Manage security incident response plan and procedures. Establish crisis communication framework and disaster recovery plan to respond and recover from security breaches. Security Awareness and Training: Manage security awareness and training programs for employees. Technology Monitoring and Evaluation: Monitor and evaluate technologies and solutions which can enhance Companys security system. Communication and Collaboration: Communicate security risks and status reports to stakeholders. Team Leadership: Lead Info Sec activities in collaboration with cross functional stakeholders from IT/ Infrastructure/ Product Development functions. Provide Info Sec guidance and mentorship to team members.
Posted 1 month ago
5.0 - 7.0 years
5 - 9 Lacs
Bengaluru
Work from Office
Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality CheckConduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls EvaluationTest and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing DocumentationDocument control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and ReportingIdentify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance ReportingPrepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional CollaborationCollaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team CertificationCISA preferred Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: GRC Consulting. Experience5-8 Years.
Posted 1 month ago
15.0 - 20.0 years
17 - 22 Lacs
Mumbai
Work from Office
Roles & Responsibilities: Be part of Banks GRC program and handle regulatory characteristics focused in cybersecurity Identify and Drive improvement initiatives to Enhance Risk posture of the Bank Face off to Various regulators and drive programs for compliance to the Regulatory requirements Be a champion of ITGC initiatives Provide guidance to group companies to ensure consistency in risk governance, cyber risk management and compliance. Be the focal of Group companies for all IRM requirements Collaborate with group companies on IT governance, cybersecurity and control measures across Groups IT landscape. Present cyber risk posture in quarterly IT Strategy meetings for group companies. Promote a strong risk culture within the bank and group companies fostering awareness of risk management principles. Validate Security Policies and Procedures in conjunction with IT controls Manage internal and external stakeholders Ability to endorse cyber risks through publication of dashboards and drive initiatives to Improve Risk posture Job Requirement: Experience required for the Job: 15+ years in information technology & security; Engineer / Post Graduate / MBA Strong understanding of IT governance frameworks, risk management practices and regulatory requirements. Industry acknowledged certifications like CISA / CISSP / CRISC Experience in Team handling / management is must Knowledge on Layered Security - Firewalls, Intrusion Detection, OS Hardening, Project Management, Security Training. Experience in handling regulatory matters will be an added advantage Strategic thinking and strong analytical skills Excellent communication and inter personal skills with focus on verbal, written communication & presentation skills
Posted 1 month ago
6.0 - 11.0 years
6 - 11 Lacs
Mumbai, Maharashtra, India
On-site
The first line Tech Risk function for business divisions CB, IB and Ops at Deutsche Bank sits within the Divisional Control Office. CB and IB front-to-back have the largest footprint as a risk bearing function within the banking divisions, and you will be part of a dynamic team which is consistently in demand for providing insights, assessments and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business. Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture and has a functional responsibility for providing a central point of oversight over the Risk & Control Assessments (RCA). This includes supporting the business by driving Risk & Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM (2LOD) guidelines. RCA is a key component of the bank's non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. As part of the team, you will join the Banks journey and contribute towards our strategic goal of managing technology risk within appetite whilst enabling adoption of emerging and new technologies for business growth. This role will specifically perform RCAs as related to the IB business. Knowledge of IB products/operations is a big plus Your key responsibilities Collaborate with businesses and support them in conducting Risk & Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business Coordinate with businesses/2LoD and assist in 2LoD challenges Prepare RCA reports and obtain business sign-offs Document risk mitigation decisions, if required, with consideration of risk appetite Deliver high quality Global Governance decks and reporting trends to support senior management Your skills and experience CISA/CRISC or relevant security qualifications with experience of Risk & Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks Experience in SOX/ ISO27001 control framework Knowledge related to risk management (including conducting Risk & Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks Proven people management skills with ability to lead activities independently Strong quantitative and analytical skills required to critically evaluate information for key risk assessments Strong project management skills and a proactive team partner Influencing, negotiation skills and stakeholder management expertise Strong verbal and written communication skills Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory
Posted 1 month ago
4.0 - 9.0 years
14 - 24 Lacs
Mumbai
Work from Office
We are looking for someone who has good hands on experience in VAPT. This role is with one of the government department of Maharashtra. Education: B.E/B. Tech / M.Sc. (Comp. Sci) / MCA / MBA/ M. Tech degree or equivalent. Should be a certified auditor. 6 or more years of overall experience with at least 6 years of relevant experience in Vulnerability Analysis, Penetration Testing and/or forensics. Must have experience in managing at least 3 projects for large, enterprise scale Clients. should have at least two industry certifications as mentioned below: 1. Licensed Penetration Tester (LPT) 2. Certified Penetration Testing Professional (CPENT) 3. Certified Expert Penetration Tester (CEPT) 4. GIAC Penetration Tester (GPEN) 5. CompTIA PenTest+ 6. Certified Ethical Hacker (CEH) 7. Certified Mobile and Web App Penetration Tester (CMWAPT) 8. Computer Hacking Forensic Investigator (CHFI) 9. Certified Information System Auditor (CISA) 10. Certified Information Security Manager (CISM) 11. Other acceptable industry related certification in VAPT. 12. OSCP
Posted 1 month ago
6.0 - 8.0 years
7 - 14 Lacs
Pune
Work from Office
Technical Responsibilities and Experience (6 to 8 years of relevant experience): Robust understanding and practical engagement with ISO 27001:2022, NIST, SOC2 Framework Strong Hands-on experience in conducting and facing various IT system Audits Experience and knowledge of various Regulatory and Statutory bodies and guidelines such as RBI, SEBI, IRDAI, NPCI etc. Experience and knowledge in Documentation and Reporting capabilities such as creating, maintaining and reviewing various Policies, Procedures, Guidelines etc. Experience and knowledge in conducting various critical activities such as BCP / DR Drills, Phishing Simulations, Table Top Exercises, Cyber Drills. Strong working experience with reviews of Contracts and MSAs. Supporting various pre-sales activities such as RFP reviews. Hands on technical knowledge and experience with various IT related systems and Tools such as AV, EDR, Firewalls, Network Devices, WAF, Proxy etc. Strong knowledge and conceptual understanding of various areas such as Application Security, Infrastructure Security, Physical Security. Knowledge of WAFs, DDoS mitigation (e.g., Akamai), and system hardening (e.g., CIS Benchmarks) Strong leadership, stakeholder engagement, and cross-functional communication skills. Excellent communication (written and oral) and interpersonal skills is very much required Knowledge of the Financial landscape would be an added advantage Manage escalations, ensure strong documentation, and adhere to project timelines. Qualifications: Bachelors degree in Information Security, or a related field. Masters Degree or BE would be an additional advantage. Proficient in MS Office tools Word, Excel, and PowerPoint. Certifications: (Preferred but not mandatory) CISA, CISSP, ISO 27001:2022 Lead Auditor, ISO 27001:2022 Lead Implementor Role & responsibilities
Posted 1 month ago
7.0 - 9.0 years
9 - 11 Lacs
Mumbai
Work from Office
Internal Audit:Auditor - Information System INTERNAL USAGE No. of Vacancies Reports to IS Audit Head Is a Team leader? No Team Size Grade Manager Business Corporate Centre Department Internal Audit Sub - Department Location Corporate Office , Worli Mumbai About Department Internal Audit function of the Bank, operates independently under the supervision of the Audit Committee of the Board and is responsible for providing an independent view to the Board of Directors and Senior Management on the quality and efficacy of the internal controls, risk management systems, governance systems and processes in place on an on-going basis. This is provided to primarily ensure that the business and support functions are in compliance with both internal and regulatory guidelines About the Role To conduct Information Systems Audit for the Bank. Key Responsibilities Planning the audit, developing clear and concise risk/control matrices and audit programs, and reporting Demonstrate professionalism, competence and clarity of communication when dealing with the IT stakeholders Demonstrate reasonable knowledge of the industry or sector and be aware of technical issues or audit risks Qualifications Graduates/CAs/MBA with relevant certification such as CISA / CISM / CISSP / CIA 4+ years of work experience with prior experience in Internal or Statutory Audit / Risk Management / Regulatory / Compliance roles in the financial services (Banking, NBFC) industry Role Proficiencies Experience in conducting Information Systems and Security audits, application control reviews and application functionality reviews - Strong knowledge of regulations and circulars released by regulatory bodies (RBI, SEBI etc.) - Practical experience of audit methodology - Good written and oral communication skills - Good logical and reasoning skills - The ability to work effectively in team Technical skill set for Information systems auditor should have Solid base of computer skills in hardware and software Knowledge of various operating systems Knowledge of Databases Hands on experience on Network Architecture Knowledge of other IT infrastructure Application controls and Interfaces Knowledge on Computer Assisted Audit Techniques (CAATs) Knowledge on Information security governance Knowledge on Business Continuity and Disaster Recovery framework Professional Certifications: CISA, CISM, CISSP, CEH, ISO 27001, ISO22301
Posted 1 month ago
8.0 - 12.0 years
25 - 30 Lacs
Mumbai
Work from Office
Key Responsibilities: Ensure compliance with Indian and global data protection and security regulations, including DPDPA, IT Act, GDPR, ISO 27001, 27701 and SOC 2. Lead internal audits, regulatory assessments, and regulatory reporting to ensure the organization meets both security and privacy standards. Develop and implement comprehensive security and privacy policies and procedures, ensuring alignment with regulatory requirements and industry best practices. Collaborate with cross-functional teams (Legal, Security, Engineering) to implement technical and organizational controls that secure data and ensure privacy-by-design. Conduct regular privacy and security risk assessments to identify compliance gaps and ensure proactive risk management strategies are put in place. Ensure that security controls, including access management, encryption, and incident response, are in place and aligned with ISO 27001 and SOC 2. Support the DPO and InfoSec teams during breach management, including Root Cause Analysis (RCA), managing notifications to regulators, and reporting security incidents. Manage and oversee the timely processing of data subject rights requests (DSRs), coordinating with incident response teams to maintain compliance with applicable laws. Provide compliance training, workshops, and awareness programs on both privacy and security regulations across the organization. Stay updated with evolving privacy and security regulations, adapting internal policies and processes to remain compliant. Establish and maintain privacy and compliance effectiveness metrics, tracking performance against regulatory standards to ensure ongoing adherence and identify opportunities for improvement. Preferred Certifications: CISA, CISSP, ISO/IEC 27001,27701 Lead Implementer or Auditor ,Privacy Certified Expert (PCE)
Posted 1 month ago
15.0 - 20.0 years
50 - 60 Lacs
Hyderabad, Bengaluru
Work from Office
Job Summary: We are seeking an experienced and strategic Chief Information Security Officer (CISO) with expertise in service delivery, solution architecture, and security operations. The ideal candidate will have a strong background in SIEM and SOAR tools, along with a proven track record of designing and implementing robust security solutions. This role will play a critical role in shaping our cybersecurity strategy and ensuring the protection of our digital assets. Key Responsibilities Cybersecurity Strategy: Develop and implement a comprehensive cybersecurity strategy that aligns with business goals and objectives. Service Delivery: Oversee the delivery of security services, ensuring they meet or exceed industry standards and regulatory requirements. Solution Architecture: Lead the design and implementation of security solutions, including SIEM, SOAR tools, and other cutting-edge technologies. Security Operations: Manage and optimize security operations, including incident response, threat hunting, and vulnerability management. Risk Management: Identify, assess, and mitigate cybersecurity risks, working closely with cross-functional teams to implement effective risk mitigation measures. Compliance: Ensure compliance with relevant cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR). Team Leadership: Build and lead a high-performing cybersecurity team, fostering a culture of continuous learning and development. Vendor Management: Collaborate with third-party vendors and partners to evaluate, select, and implement security solutions and services. Incident Response: Develop and oversee an effective incident response plan, including tabletop exercises and post-incident analysis. Security Awareness: Promote cybersecurity awareness and education among employees, contractors, and other stakeholders. Budget Management: Manage the cybersecurity budget effectively, ensuring optimal resource allocation. Qualifications: Bachelors degree in Computer Science, Information Security, or a related field (Masters degree preferred). A minimum of [X] years of experience in information security, with a focus on service delivery, solution architecture, and security operations. Proven expertise in SIEM and SOAR tools, with a deep understanding of their implementation and management. Industry certifications such as CISSP, CISM, or CISA preferred. Strong leadership and team management skills. Excellent communication and interpersonal abilities. Ability to collaborate with cross-functional teams and communicate complex technical issues to non-technical stakeholders. In-depth knowledge of cybersecurity regulations, standards, and best practices. Competitive salary and performance-based bonuses. Comprehensive health, dental, and vision insurance. Retirement savings plan with company matching. Professional development and training opportunities. Flexible work arrangements. Employee wellness programs. Exciting opportunities for career advancement.
Posted 1 month ago
6.0 - 11.0 years
15 - 30 Lacs
Chennai
Work from Office
In our Assurance (A&A) Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Leading / execution of Internal Audit / Advisory engagements Ability to effectively perform the technical components of risk assessments to provide an accurate view of the clients current risk state Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the client’s business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Ability to enhance quality and efficiency of recommended conduct risk solutions by applying relevant frameworks, conducting research, and performing analyses Ability to conduct internal audits by leveraging approved processes and methodologies Ability to set the stage for a successful assessment of client’s internal audit processes and controls by collecting and organizing data Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Ability to leverage industry leading frameworks, methods, and tools to increase effectiveness of technology and data risk solutions Desired qualifications Must have 5 – 7 years’ experience post qualification experience in Internal Audit CA/MBA/CIA/CISA Certifications/Qualifications Project Management • Decision making with engagement management and seek to understand the broader impact of current decisions • Lead engagement planning. economics, and billing • Generate innovative ideas and challenge the status quo • Participate in proposal development efforts Audit & Assurance/Assurance (A&A) Assurance (A&A) • Assist in pre-sales activities • Manage relationships with clients with the intention to exceed client expectations Well versed with Internal Audit requirement Managed end-to-end engagements for support on Internal Audit from planning to conclusion. Managed engagements with a team size of 6-10 members Experience in preparation of Business Development presentations, proposals Must be open to travel Location and way of working. • Base location: Chennai • Must have 5 – 7 years’ experience post qualification experience in Internal Audit • Well versed with Internal Audit requirement • This profile involves frequent travelling to client locations. • Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs.
Posted 1 month ago
9.0 - 14.0 years
20 - 35 Lacs
Hyderabad, Pune, Bengaluru
Hybrid
Job Title: Cyber Security Architect No. of years of experience: 8+ years Job Type: Contract Contract Duration: 12 months (potential to extend) Location: Hyderabad Work Type: Hybrid Start Date: Immediate (Notice period/joining within 1-2 weeks) Disaster Recovery Strategy: Develop and maintain the organization's disaster recovery plans, ensuring immediate and efficient recovery of critical systems in the event of cyber incidents or natural disasters. Business Continuity Planning: Assess and design business continuity frameworks, ensuring minimal disruption to operations and rapid restoration of services. Risk Assessment: Evaluate potential threats, vulnerabilities, and risks to the organizations infrastructure and recommend mitigation strategies. Architect Secure Systems: Design and implement secure systems and protocols to protect digital assets and sensitive information. Compliance and Standards: Ensure adherence to regulatory standards, such as ISO 22301, NIST SP 800-34, and other frameworks related to DR/BCP and cybersecurity. Testing and Exercises: Conduct regular tests and simulations of DR and BCP plans to identify gaps and improve recovery strategies. Incident Response: Collaborate with incident response teams to ensure proper handling of security breaches and align recovery efforts with continuity strategies. Vendor Management: Oversee and evaluate third-party disaster recovery services and tools to ensure alignment with organizational requirements. Training and Awareness: Provide training and guidance to employees and stakeholders on DR and BCP roles and responsibilities. Documentation: Maintain detailed documentation for all DR and BCP processes and procedures for audit and operational purposes. If you are interested for above role please share your updated cv to mounika.t@intuition-it.com
Posted 1 month ago
3.0 - 8.0 years
6 - 10 Lacs
Bengaluru
Work from Office
Roles & Responsibilities: Triage alerts and analyze security events/logs for threats such as computer viruses, exploits, and malicious attacks. Use critical thinking to bring together information from multiple sources to determine if a threat is present. Conduct security incident response and investigation. Conduct comprehensive security assessments and risk analysis on existing systems and applications. Analyze web traffic for suspicious patterns and potential security breaches. Perform vulnerability assessments and penetration testing. Prepare and provide security documentation and evidence for internal and external audits, ensuring compliance with regulatory requirements and security standards. Stay abreast of the latest cybersecurity trends, threats, and technologies to proactively address emerging risks. Bachelor s degree in computer science, Information Technology, cybersecurity, or a related field. 3+ years of relevant experience. Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing. Experience deploying and maintaining email security systems including anti-phishing, DLP, and encryption technologies to safeguard sensitive data and mitigate threats. Hands-on experience with security tools and technologies such as IDS/IPS, SIEM, and Penetration testing tools like Qualys/Tenable. Hands-on troubleshooting skills for security alerts related to Firewall (SonicWall & FortiGate), Microsoft Entra ID/O365, Windows and Linux Servers. Strong knowledge of GRC frameworks such as PCI-DSS ISO 27001:2022 & 9001:2015, SOC2 Type II CEH (Certified Ethical Hacker) AZ-500 Microsoft Azure Security Technoligies/Cloud Security Certifications with hands on experience Experience with evidence gathering for any of the compliances like PCI DSS, SOC2, HIPPA and ISO. Good understanding of the IT infrastructure architecture both on-prem and AWS and Azure clouds. Tools: Vulnerability management: Tenable, QualysGuard, Nessus Endpoint protection: Sophos, Bitdefender, Trend Micro, Windows Defender SIEM : Wazuh, DataDog, Splunk, Microsoft Sentinel, Sumo Logic Email Security : Zix email security, Exchange Online Protection, Defender for Office 365 Compliance standards : ISO ISMS, SOC2, PCI DSS, HIPAA Preferred: Any of the Certifications like - AWS Certified Security - Specialty, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), GIAC Certifications, or NIST Cybersecurity Framework (CSF)
Posted 1 month ago
5.0 - 7.0 years
15 - 19 Lacs
Mumbai
Work from Office
Job Description: Reporting to the IT SOX Senior Manager-Internal Audit, the IT SOX Associate Manager, Internal Audit will be primarily responsible for the day-to-day conduct and execution of the IT SOX efforts within the Internal Audit department to support the annual SOX compliance program. This role will be a key member of the Internal Audit team in helping management ensure controls and compliance activities are well designed and effective from implementation. This individual will gain broad exposure to the operations of Envista and will interact with leaders across the organization, as well as our external auditors and third-party internal audit co-source partner. This position is intended to be hybrid with 3 days on-site and 2 days remote. PRIMARY DUTIES & RESPONSIBILITIES: Manage IT SOX efforts in conjunction with the external audit team. Review existing SOX program scope and identify areas for control rationalization, control enhancement, and adjustments to testing approach strategy. Oversee and manage walkthroughs as well as review IT general controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as Oracle EBS, SAP, Oracle Hyperion Financial Management, and Workday. Monitor SOX testing approach and manage expectations with control owners and external auditors to ensure key risks are proactively addressed and facilitate the evaluation of process changes to ensure ongoing SOX compliance. Work with control owners to periodically update narratives and other standard operating procedures. Liaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are met. Manage communication with external auditors and serve as a liaison for IT stakeholders. Provide thought leadership to control owners and operators on best practices for control documentation and performance. Research and assess deficiencies and work with Management to identify an appropriate solution. Follow-up on remediation activities to verify appropriate resolution. The position may be hybrid or remote depending on the candidates location. This Job is also suitable for persons with disabilities; attendance required - disabled-accessible building. #LI-PG1 Job Requirements: REQUIRED QUALIFICATIONS: Bachelor s Degree in Management Information Systems, Finance, Accounting, or Business Administration is required. Prior role within Big-4 /internal audit function in IT SOX/compliance audit. Big-4 experience highly preferred. 5-7 years of experience with assessing and testing IT controls for complex ERP systems to support audits. US CPA, CISA, CISSP, CIA, or non-US equivalent certified is required. Familiarity with SAP and Oracle IT general and IT application controls (supporting revenue, general ledger, accounts receivables/payables, etc.). Strong IT background or working knowledge of application infrastructure (Hana/Oracle database, Windows/UNIX/Linux operating systems). Excellent project and time management skills with the ability to self-start, prioritize, and handle multiple tasks in a time-sensitive, team-oriented environment. Strong analytical and problem-solving skills, detailed-oriented and able to work well under pressure. High level of integrity and dependability with a strong sense of urgency and results-orientation. Effective verbal and written communication skills when interacting both internally across multiple business units with various levels of management and externally with auditors. Effective interpersonal skills with ability to influence peers, subordinates, and superiors. Flexibility to collaborate with team members in the PST (UTC-8) time zone. PREFERRED QUALIFICATIONS: Experience in the manufacturing industry is preferred. Experience in business process and control walkthroughs is preferred. Operating Company: Corporate Envista is a global family of more than 30 trusted dental brands, united by a shared purpose: to partner with professionals to improve lives. Envista helps its partners deliver the best possible patient care through industry-leading products, solutions, and technology. Our comprehensive portfolio, including dental implants and treatment options, orthodontics, and digital imaging technologies, covers an estimated 90% of dentists clinical needs for diagnosing, treating, and preventing dental conditions as well as improving the aesthetics of the human smile. Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate. Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes. An Agency must obtain advance written approval from Envistas internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening. Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.
Posted 1 month ago
4.0 - 7.0 years
8 - 12 Lacs
Mumbai
Work from Office
Job Title: Internal Audit Manager. Position:. Internal Audit Manager. About the job:. The Internal Audit Manager will report to the Director, Internal Audit and will provide strategic recommendations to improve business processes, enhance internal controls, and ensure the accuracy and integrity of financial reporting and operational business processes. This individual will collaborate and provide advice to global and regional functional teams (Finance, Information Management, HR, Commercial, etc,) with respect to internal audit and control topics. This individual will work with key leaders within management and must be an effective communicator and project manager and be able to document conclusions in a clear and concise manner. This position will be based in Radnor, PA but part of a global audit team, In your future role as Internal Audit Manager, you will. Assist in developing the risk-based internal audit plan. Drive continuous improvement of internal audit processes in planning, execution and reporting, Plan and scope audit engagements, including identifying key risks and controls. Develop audit programs and test procedures, Plan and allocate resources for audit projects, and manage audit fieldwork, ensuring timely and efficient completion. Conduct complex audit engagements of financial, operational, and IT process areas, and investigations as needed. Supervise and review the work of audit senior and staff ensuring it is thorough and meets the IIA standards; execute work as needed. Evaluate the adequacy and effectiveness of internal controls and risk management processes. Develop value-added audit recommendations that align to organizational goals and communicate audit findings and recommendations to management in a clear and concise manner. Oversee the preparation of detailed audit reports with findings, recommendations, and action plans. Monitor the implementation of audit recommendations. Develop, guide, and provide real-time coaching and guidance to audit senior and staff. Engage and manage relationships with key management stakeholder groups to influence a robust internal control governance structure. ". We believe you bring:. Bachelor’s degree in Accounting, Finance or related area. 6+ years of experience, with Public and Industry experience preferred. CPA, CISA and/or CIA certification preferred. Strong knowledge of internal control frameworks (e-g., SOX, COSO). Strong analytical, problem solving and internal auditor competencies. Experience with process/controls documentation. Demonstrated ability to work independently and under tight deadlines. Great if you have. SAP experience. Strong communication and collaboration skills to work effectively with cross-functional teams. Analytical thinking. Eagerness to learn. We Believe You Are:. Demonstrating Initiatives: A highly motivated individual looking for a challenge; Independent and self-led without being prompted; able to resolve issues without relying on extensive help from others; does more than is expected or asked. A clear communicator, on the page and on your feet. You’re candid yet discreet, open, and organized, trusting and trustworthy, Problem Solving: A premier problem-solver and understand how to improve a process through effective assessments and monitoring. Acquiring Information: Able to absorb new knowledge from a range of sources quickly and eagerly to assist and guide job activities; Consults with others on problems and activities; asks effective questions to obtain information to help you perform their job, Making Accurate Judgments and Decisions: Bases decisions on a systematic review of relevant facts and information; avoids making assumptions or rushing to judgment; provides clear rationale for decisions. Willing to work with people of all backgrounds and levels of expertise and encourage others to embrace change, work together, and lead with integrity, Technologically Savvy: Adept with tools and techniques related to the job; keeps up to date on technological changes; adapts work approach to keep pace with innovations in technology. Acting with Integrity: Clearly states goals and beliefs; lets people know your true intentions; does what you say you would do; follows through on commitments. Developing talent: Invests time and resources into building the capabilities of team members; helps people define career goals and establish development plans to achieve them; gives people constructive, developmental feedback and advice. Demonstrating Tenacity and Perseverance: Maintains high levels of energy and enthusiasm over an extended amount of time; does not give up when faced with challenging obstacles; completes what he/she starts; sees projects through to the end. Good to know:. This is a permanent position on a full-time basis and based in Radnor, PA, An attractive STI (Short term incentive) / bonus scheme. This role gives you a chance to engage with a variety of business leaders at Nouryon, including executive leaders, to develop a strong network and make a name for yourself. There will be ample opportunity to make lateral or upward movement across a high-performing organization. Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon,/careers/how-we-hire/. Show more Show less
Posted 1 month ago
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Accenture
31458 Jobs | Dublin
Wipro
16542 Jobs | Bengaluru
EY
10788 Jobs | London
Accenture in India
10711 Jobs | Dublin 2
Amazon
8660 Jobs | Seattle,WA
Uplers
8559 Jobs | Ahmedabad
IBM
7988 Jobs | Armonk
Oracle
7535 Jobs | Redwood City
Muthoot FinCorp (MFL)
6170 Jobs | New Delhi
Capgemini
6091 Jobs | Paris,France