728 Cisa Jobs - Page 13

SYX Services Pvt ltd SYX Services Private Limited is a subsidiary of a US based company called Company (NYSE: GIC). We are registered under the Companies Act, 1956, and provide information technology services solely to Company and its subsidiaries located in the United States and Canada. Our operations started in July, 2011 and we are now a 70-member team comprised of Java developers, SAP professionals, .net developers, Oracle developers, a creative team and a Web Chat team. For over 70 years Company through its operating subsidiaries has been an industry leader providing private label and brand name industrial equipment and supplies to businesses throughout North America Key Responsibilities Work with the IA manager to plan IT audits and develop work programs, timelines, risk assessments, and other planning documents. Work with IT leadership to document the IT processes and identify and test controls. Participate in recurring SOX testing activities and Internal Audit programs. Serve as a fieldwork leader by directing daily progress of IT fieldwork, informing the Management of audit status and issues. Demonstrate and apply a thorough understanding of complex information systems. Use knowledge of the current IT environment and IT risks, identifying potential audit issues and communicating this information to management through written correspondence and verbal presentations. Maintain through a continuing commitment to personal development, including an understanding of technology trends as well as statutory and legislative changes impacting IT throughout North America and Europe. To demonstrate and apply strong project management skills, collaborate with other audit team members, and use current technology and tools to enhance the effectiveness of deliverables. Competencies and skills Audit / risk experience in a $1B+ business. Experience with PCI-DSS Proficiency with ERP controls and security preferably SAP Knowledge and experience of COBIT and Sarbanes-Oxley One or more of the following certifications: CPA, CA, CISA, CISSP, CISM, CBCP, CIA or CFE Qualifications A degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline. Two to five years experience working as an auditor or risk adviser for a public accounting firm, professional services firm or within industry. Strong understanding of IT processes, risks, technologies and controls. Strong presentation abilities underpinned by effective verbal communication and report writing skills. Solid project management, teamwork and relationship skills. Important Facts Job Segment: Systems Engineer, Engineer, Engineering

Network Risk and Compliance Analyst:This role is positioned as a Network Risk and Compliance within the Production Assurance-Risk and Compliance Team. The Risk and Compliance team is responsible for proactively identifying and managing risks and to ensure oversight and accuracy of our audit and regulatory responses and remediation plans. Primary responsibilities will include:Develop and manage monitoring activities to ensure compliance with Information Security and Technology regulatory requirements and internal policies and standardsIdentify, develop and maintain key risk indicators to track and ensure compliance with established policies and standardsConduct targeted reviews to identify risks, opportunities, and areas for improvementProactively identify and report Information Security and Technology compliance risksEnsure risks are effectively identified, quantified, prioritized, communicated, and managed, including recommendations for risk mitigation, and identifying the root cause/key themesEffectively communicate findings and recommendations to management in detailed and organized format/process via presentations to stakeholders and senior managementAudit, Regulatory and Third-Part audits/risk assessmentsDevelopment of formal responses to Audit and Regulatory inquiries or assessments. This may be comprised of documentation gathering, drafting of documents, and researching past activity and reportsCentralize compliance responses/data to improve audit response time and create consistent responses across teamsInteract with Auditors and Regulators as neededDevelop and conduct ongoing risk and compliance training and education Role Requirements:Bachelor s degree in Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant fieldStrong technical background in order to communicate effectively with Network EngineersExperience in leading projects, preferably global projectsExperience with audits and/or compliance assessments/monitoringPMI, CISSP, CISM, CISA a plusAbility to operate in a fast-paced global environmentAbility to work under pressure, meet tight deadlines and embrace changeAbility to communicate clearly to various levels of management (including executive management), across various business functions (including engineering) More about the OpportunityThe Risk and Compliance Analyst is an excellent opportunity, and CACI Services India reward their staff well with a competitive salary and impressive benefits package which includes: Learning: Budget for conferences, training courses and other materials Health Benefits: Family plan with 4 children and parents covered Future You: Matched pension and health care packageWe understand the importance of getting to know your colleagues. Company meetings are held every quarter, and a training/work brief weekend is held once a year, amongst many other social events. CACI is an equal opportunities employer. Therefore, we embrace diversity and are committed to a working environment where no one will be treated less favourably on the grounds of their sex, race, disability, sexual orientation religion, belief or age. We have a Diversity & Inclusion Steering Group and we always welcome new people with fresh perspectives from any background to join the group

Job Description: Reporting to the IT SOX Senior Manager-Internal Audit, the IT SOX Associate Manager, Internal Audit will be primarily responsible for the day-to-day conduct and execution of the IT SOX efforts within the Internal Audit department to support the annual SOX compliance program. This role will be a key member of the Internal Audit team in helping management ensure controls and compliance activities are well designed and effective from implementation. This individual will gain broad exposure to the operations of Envista and will interact with leaders across the organization, as well as our external auditors and third-party internal audit co-source partner. This position is intended to be hybrid with 3 days on-site and 2 days remote. PRIMARY DUTIES & RESPONSIBILITIES: Manage IT SOX efforts in conjunction with the external audit team. Review existing SOX program scope and identify areas for control rationalization, control enhancement, and adjustments to testing approach strategy. Oversee and manage walkthroughs as well as review IT general controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as Oracle EBS, SAP, Oracle Hyperion Financial Management, and Workday. Monitor SOX testing approach and manage expectations with control owners and external auditors to ensure key risks are proactively addressed and facilitate the evaluation of process changes to ensure ongoing SOX compliance. Work with control owners to periodically update narratives and other standard operating procedures. Liaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are met. Manage communication with external auditors and serve as a liaison for IT stakeholders. Provide thought leadership to control owners and operators on best practices for control documentation and performance. Research and assess deficiencies and work with Management to identify an appropriate solution. Follow-up on remediation activities to verify appropriate resolution. The position may be hybrid or remote depending on the candidates location. This Job is also suitable for persons with disabilities; attendance required - disabled-accessible building. #LI-PG1 Job Requirements: REQUIRED QUALIFICATIONS: Bachelor s Degree in Management Information Systems, Finance, Accounting, or Business Administration is required. Prior role within Big-4 /internal audit function in IT SOX/compliance audit. Big-4 experience highly preferred. 5-7 years of experience with assessing and testing IT controls for complex ERP systems to support audits. US CPA, CISA, CISSP, CIA, or non-US equivalent certified is required. Familiarity with SAP and Oracle IT general and IT application controls (supporting revenue, general ledger, accounts receivables/payables, etc.). Strong IT background or working knowledge of application infrastructure (Hana/Oracle database, Windows/UNIX/Linux operating systems). Excellent project and time management skills with the ability to self-start, prioritize, and handle multiple tasks in a time-sensitive, team-oriented environment. Strong analytical and problem-solving skills, detailed-oriented and able to work well under pressure. High level of integrity and dependability with a strong sense of urgency and results-orientation. Effective verbal and written communication skills when interacting both internally across multiple business units with various levels of management and externally with auditors. Effective interpersonal skills with ability to influence peers, subordinates, and superiors. Flexibility to collaborate with team members in the PST (UTC-8) time zone. PREFERRED QUALIFICATIONS: Experience in the manufacturing industry is preferred. Experience in business process and control walkthroughs is preferred. Operating Company: Corporate Envista is a global family of more than 30 trusted dental brands, united by a shared purpose: to partner with professionals to improve lives. Envista helps its partners deliver the best possible patient care through industry-leading products, solutions, and technology. Our comprehensive portfolio, including dental implants and treatment options, orthodontics, and digital imaging technologies, covers an estimated 90% of dentists clinical needs for diagnosing, treating, and preventing dental conditions as well as improving the aesthetics of the human smile. Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate. Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes. An Agency must obtain advance written approval from Envistas internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening. Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.

At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. We are passionate about making a positive impact in the world, and we re looking for a highly skilled and experienced talent to join our dynamic team. Armor has unique offerings to the market so customers can a) understand their risk b) leverage Armor to co-manage their risk or c) completely outsource their risk to Armor. Learn more at: https://www.armor.com This position is a hybrid role located in Pune, India, requiring a combination of in-office and remote work. Applicants must be based in Pune or willing to commute to the office as needed. Summary Armor is seeking a talented and motivated individual to serve as a Security Operations Analyst L3. The Analyst would perform advanced, senior-level cybersecurity analysis work. The role involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. May supervise the work of others. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment. Essential Duties and Responsibilities (Additional duties may be assigned as required.) Performs deep-dive analysis of information systems, portable devices, and forensic recovery of data using assessment tools. Monitor, investigate, analyze, and remediate indications of compromised or breached systems and applications. Perform Incident Response triage of live hosts, interacting with various Operating Systems [Win/Linux]. Use and reporting of a large -scale SIEM and Data Analytics implementation in a dynamic cloud service provider environment. Work with customers through the Incident Management process based on NIST 800-53 and SANS best practices when issues are detected. Monitor and enforce guidelines for best practices in security and compliance in accordance with NIST 800-53. Research and investigate new and emerging threats and vulnerabilities. Participate in security communities. Review, maintain, and develop processes and procedures for information collection, analysis, and dissemination. Mentor junior analysts and serve as an escalation point during Incident Response activities. REQUIRED SKILLS Thorough understanding of Operating Systems [Win/Linux], Networking, and Information Security. Thorough understanding of security threats, threat analytics and current mitigation techniques. Skilled in Incident Response and network security monitoring. Public Cloud Administration and Cloud Security knowledge (Azure, AWS, GCP). Hands-on experience with a range of security tools such as IDS, WAF, Anti-malware, FIM, SIEM, EDR, and others. Technically proficient in network communication using IP protocols, system administration knowledge of computer network defense operations (proxy, firewall, IDS/IPS, route/switch). System security and SIEM operations experience. Proficient in use of EDR/XDR tools such as Defender for Endpoint for advanced threat investigation and containment. Collaborate with detection engineers or SMEs to refine and develop correlation rules, detection rules, scripting and automation playbooks. Experience with Threat Intelligence and Threat Hunting. Ability to work evenings/weekends shifts as required and to be on-call 24x7 to serve as the escalation point for your team. Experience in security incident reporting and procedures. Able to handle private and confidential information with physical and ethical care. Must have a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages and others. Understand threat actor tactics, techniques and procedures, have familiarity with the MITRE-ATT&CK Framework and different stages of an attack lifecycle. Able to conduct log analysis, network/email traffic assessment, assess the impact and blast radius and gather evidence for response and mitigation actions. Excellent communication (oral and written), interpersonal, organizational, and presentation skills including interactions with customers via phone calls, chat, incident tickets and emails. Creative problem solver with effective resolution ability and analytical skills. Able to articulate technical i deas at m ultiple levels, ability to establish and maintain credibility with business constituents at all levels. Must be effective in managing time, and service levels, and prioritizing tasks between a diverse set of assigned duties. Must possess or be able to obtain the following certifications within 90 days of starting: Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Identity and Access Administrator Associate (SC-300) Microsoft Certified: Azure Security Engineer Associate (AZ-500) 5-10 years of direct experience in the field of Information Security required including an educational background in a related technical discipline, or the equivalent combination of education, professional training, or work experience. Other desirable certifications include CISSP, CISA, OSCP, GIAC, GSEC and GCFA. Self-starter and self-learner with the ability to work in a flexible and production-orientated environment/ adaptability to change. Consistently leads with a curious mind to stay abreast of emerging trends, tactics, and an ever-changing technological landscape to enhance Armor s Security Posture. WHY ARMOR Join Armor if you want to be part of a company that is redefining cybersecurity. Here, you will have the opportunity to shape the future, disrupt the status quo, and be a part of a team that celebrates energy, passion, and fresh thinking. We are not looking for someone who simply fills a role we want talent who will help us write the next chapter of our growth story. Armor Core Values: Commitment to Growth: A growth mindset that encourages continuous learning and improvement with adaptability in the face of challenges. Integrity Always : Sustain trust through transparency + honesty in all actions and interactions regardless of circumstances. Empathy In Action : Active understanding, compassion and support to the needs of others through genuine connection. Immediate Impact : Taking initiative with swift, informed actions to deliver positive outcomes. Follow-Through : Dedication to delivering finished results with attention to quality and detail to achieve the desired outcomes. Work Environment The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment may be in either an office setting, at the company s data center, at a client location or at an industry trade event. Equal Opportunity Employer - It is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.

Qualifications. Proven experience in information security management roles. In-depth knowledge of information security principles and practices. Experience in developing and implementing information security policies and procedures. Familiarity with regulatory requirements and industry standards related to information security. Strong understanding of network security, cryptography, identity and access management, and security architecture. Experience with security risk assessments and vulnerability management. Knowledge of security technologies, such as firewalls, intrusion detection/prevention systems, antivirus, and endpoint security. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Bachelor’s degree or higher in Information Security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, CISA) are a plus. Demonstrated leadership skills and the ability to mentor and guide a team. Show more Show less

WHAT YOU DO AT AMD CHANGES EVERYTHING. We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives.. AMD together we advance_. The Staff Information Security Analyst will be responsible for identifying and defining requirements and engineering solutions to solve the existing threats and security issues of a global organization. This role will initial focus heavily on data protection, leading advancements in data loss prevention, and changing how AMD protects data going forward.. The Person. The ideal candidate will possess strong multi-tasking skills and enthusiasm for details and should think one step ahead of cyber-criminals. They should be well prepared to thrive in a fast-paced environment, possessing strong interpersonal and communication skills. You will use your critical thinking and sense of ownership to focus on long term quality IT security solutions. Are you self-motivated and a team player with proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry? If so, this is a great career opportunity!. Key Responsibilities. The Staff Information Security Analyst responsibilities include, but are not limited to:. Building and growing AMD’s data security capabilities to keep AMD data secure regardless of location.. Identifying, monitoring, and defining the requirements to reduce the overall risk to AMD data, systems, and infrastructure.. Implementing hardware and software solutions to help mitigate a wide variety of information security risks.. Collaborating with other IT teams to align initiatives across the company.. Preferred Experience. Minimum of 5 years of IT security related experience.. Professional experience as a Security Engineer with demonstrated successful leadership and delivery of data protection solutions.. Experience as a customer-facing technical lead, including working with both management-level and development teams.. Senior/advanced related IT or security experience working in one or more Security Domains.. Experience with CASB, DLP, CSPM, Web Proxy.. Hands on experience with Data Classification policies and technologies to address data leakage.. Working knowledge of network topology, protocols, components, and OSI model, and IAM technologies (e.g., PKI, Oauth, OIDC, SAML). Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment.. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.. Experience with cloud services (AWS, Google, Microsoft) and associated networking, as well as collaboration and integration with O365 products.. Hands on experience with Enterprise Linux platforms.. Experience with EDR solutions is a plus.. DLP, CASB. Nice to have: Client proxy, SIEM, File and Removable Media Protection [FRP]. It Would Be Nice If You Also Had. Experience with scripting language (python, PowerShell, etc.).. Strong documentation skills.. Academic Credentials. BS CS preferred but not required.. CISSP, CISA, CISM, CCSK. Benefits offered are described: AMD benefits at a glance.. AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.. Show more Show less

About Us. At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.. What are we looking for?. Reporting to the ManagerInternal Audit, this position is a highly visible and impactful role across the company. The Sr. Analyst – IT Internal Audit, based in India and will work with all levels of management to promote business integrity and robust internal control structures, compliance with Sarbanes-Oxley legislation, and recommendation for process improvements and IT internal Audit projects.. What will you do?. Assist in IT SOX 404 planning, scoping, and risk assessment process through close collaboration with external auditors and business process owners. Engage in Internal audit projects, ERM, operational and IT audits.. Participate in the IT risk assessment process and development of the audit plan for assigned entities. Conduct IT walkthroughs and controls testing according to established audit standards. Develop high-quality process and audit testing documentation for design effectiveness and operating effectiveness of ITGCs, ITAC, SOC1 restricted access controls. Perform testing of application controls, key reports, interfaces, integrations, and segregations of duties rules. Develop and maintain comprehensive documentation including flow charts, process narratives and risk and control matrices and any others required. Evaluate audit findings and coordinate remediation of deficiencies. Strong understanding of US GAAP, SOX requirements, and internal audit standards. Understanding of SDLC principles.. Develop business relationships and proactively interact with process owners to gather information, resolve problems, and make recommendations for improvement and optimization. Demonstrate initiative and provide timely updates to internal audit management. Manage multiple tasks effectively and deliver projects timely. Documentation and activities remain current and in compliance with the IIA’s IPPF Standards and are consistent with best practices. Develop metrics for ongoing operational activities and leverage technology and data analytics to enhance IA operations.. Help manage governance of the Internal Audit function and mature and evolve our audit methodology and operational audit program. Perform other tasks and projects as assigned in support of the internal audit team and corporate objectives. What skills and knowledge should you bring?. Bachelor’s degree in Computer Science, Accounting & Finance, Information Systems, or related field preferred CA/CPA/CISA/CIA/CISSP/CISM. Minimum of 5+ years of audit experience, preferably within the technology industry.. Experience with Big 4 accounting firms or global public companies is strongly preferred.. Ability to take direction, learn quickly, work independently, and maintain a level of professional skepticism. Ability to handle multiple priorities and deadlines, with high standards for quality, accuracy, and attention to detail. Working knowledge of data analysis and business intelligence tools is a plus (PowerBI, Tableau). Data Governance and Management. Business Continuity and Planning and Disaster Recovery. Systems Development Life Cycle (SDLC), Project Management Life Cycle (PMLC), and Application Change Management. Websites and Mobile Applications. IT Asset Lifecycle Management. IT Problem Management, Help Desk and Service Level Management. Enterprise Applications including the following control areas:. Application security architecture. Application access, Server-level access and controls, Database-level access and controls. Why us?. You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.. Industry leading gender-neutral parental leave. Paid Company Holidays. Paid Sick Time. Employee stock purchase program. Disability and life insurance. Employee assistance program. Gym membership reimbursement. Cell phone reimbursement. Numerous company-sponsored events including regular happy hours and team building events. SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.. SentinelOne participates in the E-Verify Program for all U.S. based roles.. Show more Show less

As a Technology Auditor, you will be involved in auditing various technology systems / applications used within the firm to provide assurance on the application controls, data quality, data flows, data calculation processes used for regulatory reporting, along with other General Technology Controls including Application entitlements, Data Retention and Software Change Management. Your Impact As part of the third line of defense, you will be involved in independently assessing the firm s overall control environment, and communicating the results to the firm s local and global management the effectiveness of the firm s controls that mitigate current and emerging risks, and monitoring the management s implementation of control measures. In doing so, you are supporting the provision of independent, objective and timely assurance around the firm s internal control structure, and supporting the Audit Committee, the Board of Directors and Risk Committee in fulfilling their oversight responsibilities. Responsibilities You will play a vital role in audit execution focusing on the review of Technology processes and analyzing the risks involved and assessing the design and operating effectiveness of the controls implemented to This position description is intended to describe the duties most frequently performed by an individual in this position. It is not intended to be a complete list of assigned duties but to describe a position level. The role shall be performed within a professional office environment. Goldman Sachs has health and safety polices that are available for all workers upon request. There are no specific health risks associate with the role. mitigate the risk. You will be responsible in documenting the assessments and testing conducted and discussing the results with the firms local and global management. In addition, you will also monitor and follow up with management on the resolution of the open audit findings. Basic Qualifications BE/B Tech/MCA/MBA in Systems/MSc or equivalent University degrees in technology 3 - 6 years of experience as a Technology auditor covering IT applications and processes Strong written and verbal communication skills Understanding of software development concepts and system architecture Basic level understanding of Cloud infrastruture , databases, operating systems and messaging Proficiency in data analysis using Excel or SQL Must be highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly Preferred Qualifications Experience with Data Analytics tools and techniques and cyber security Relevant certification or industry accreditation (eg CISA) Knowledge of Financial Products and Services

Responsibilities for Internal Candidates Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Job Description Summary The Identity & Access Management Program Manager is responsible leading efforts to provide system users, system owners, and business leaders with identity & access management processes and procedures that adhere to regulatory requirements and uphold business governance in a compliant, reliable & user friendly method Job Description Roles and Responsibilities In this role, you will be responsible for supporting the development, implementation, and monitoring of identity compliance initiatives within the organization. This role involves ensuring that all identity-related processes, policies, and systems comply with relevant regulations and standards. The ideal candidate will have a strong understanding of identity management, regulatory compliance, risk management, knowledge and expertise in SOX and awareness of data privacy regulations. This role requires a strong technical background, with the ability to translate compliance requirements into actionable tasks. Project management skills will be advantageous. Key Responsibilities: Compliance Analysis: Analyze identity management processes to ensure compliance with relevant regulations, standards, and internal policies. Policy Support: Assist in the development, implementation, and maintenance of identity compliance policies and procedures. Data Collection: Collect and analyze data related to identity management to identify compliance gaps and areas for improvement. Audit Preparation: Support internal and external audits related to identity compliance by preparing necessary documentation and reports. Incident Response: Assist in investigating and responding to identity-related incidents, ensuring timely resolution and documentation. Training and Awareness: Support the development and delivery of training programs to educate employees on identity compliance requirements and best practices. Reporting: Generate regular reports on identity compliance status, issues, and improvements for review by senior management. Collaboration: Work closely with IT, Legal, HR, and other departments to ensure a cohesive approach to identity compliance. Continuous Improvement: Stay updated on industry trends, regulatory changes, and best practices in identity management and compliance. Qualifications: Education: Bachelor s degree in Information Security, Computer Science, Business Administration, or a related field. Experience: Minimum of 2-4 years of experience in identity management, compliance, or a related field. Certifications: Relevant certifications such as Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) are preferred. Knowledge: Strong understanding of identity management frameworks, regulatory requirements (e.g., SOX, GDPR), and industry standards (e.g., ISO 27001). Skills: Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Attention to Detail: High level of accuracy and attention to detail in all aspects of work. Relocation Assistance Provided: No

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, youll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. The SOX Governance and Advisory team within Controllership (1LOD) plays a critical role in supporting the enterprise by developing and executing a risk-based plan to assess and enhance the company s internal controls over financial reporting. The team utilizes a robust governance framework and testing program to manage financial reporting risk in compliance with the company s 2LOD objectives and requirements of the Sarbanes Oxley Act. This is an Analyst position in the SOX Governance and Advisory team, responsible for supporting the Sarbanes-Oxley (SOX) compliance program across American Express in addition to compliance with the Company s Operational Risk Management framework for the Finance organization. Reporting to the Manager of SOX Assurance, the successful candidate will be responsible for testing, monitoring and optimization of internal controls over financial and regulatory reporting including associated Information Technology (IT) systems. The individual should possess excellent communication, presentation and stakeholder management skills. Primary responsibilities include : Validate design and operating effectiveness of SOX controls through testing, across all Business Units (BUs) to support Control Owners / Process Owners in quarterly SOX certification process IT control testing including interface inputs, key reports, applications, business continuity and third parties Collaborate with key stakeholders including Business Process teams, BU Control Management, Operational Risk Management, Internal Audit, etc. for quarterly SOX testing and reporting Perform year-end control testing to support our external auditors, PwC, for their annual SOX audit Partner closely with internal stakeholders and external auditors to resolve testing related observations / queries Drive enhancements in control environment by identifying the improvement opportunities to SOX Controls High degree of organization, individual initiative, results and solution oriented, and personal accountability and resiliency. Exemplify strength in the American Express Leadership Model: set the agenda, bring others with you and do it the right way, and put enterprise thinking first. Preferred Qualifications Qualified Professional (Chartered Accountant / MBA Finance from a premier institute) with 4+ years of relevant experience in SOX compliance, Internal Audit, etc. typically from a Big 4 firm. Certified Information Systems Auditor (CISA) qualification preferred. Knowledge of the Sarbanes Oxley Act (including Sections 302 & 404) and in-depth understanding of COSO Framework, Risk Assessment and Internal Controls Over Financial Reporting (ICFR) Understanding of the testing methodology, controls / test procedures interpretation and to conclude on testing results Excellent communication skills, both written and verbal, with the ability to clearly and concisely articulate issues in a timely and effective manner. Demonstrated strong abilities in key Financial Reporting skills, including financial reporting risk management/ program, risk assessment, internal audit coordination, and external fraud risk management/ program.

: Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About the role: As a Vendor Risk Operations team member, you will play a critical role in safeguarding Paytm from potential risks associated with our vendor ecosystem. You will be responsible for conducting comprehensive vendor risk assessments, ensuring compliance with internal policies and regulatory requirements, and actively contributing to the continuous improvement of our vendor risk management framework. This role requires a keen eye for detail, strong analytical skills, and the ability to collaborate effectively with various stakeholders. Conduct end-to-end vendor risk assessments across various risk domains (e.g., Vendor deduplication, information security, financial stability, business continuity, regulatory compliance, data privacy). Collaborate with business units to understand their vendor requirements and associated risks. Review vendor-provided documentation, certifications, and audit reports to identify potential vulnerabilities. Conduct Mystery-shopping wherever required Track and monitor vendor remediation efforts to ensure timely closure of identified risks. Maintain accurate and up-to-date vendor risk profiles and assessment records. Assist in the development and enhancement of vendor risk assessment methodologies, tools, and processes. Contribute to the ongoing development and implementation of Paytm's vendor risk management framework. Generate regular reports on vendor risk posture and assessment progress for internal stakeholders. Participate in ad-hoc projects and initiatives related to vendor risk management as required. Expectations/: Educational QualificationBachelor's degree in Business Administration, Finance, IT, Risk Management, or a related field. Experience2-5 years of experience in vendor risk management, third-party risk management, internal audit, compliance, or a similar risk-focused role. Domain KnowledgeStrong understanding of various risk domains, including information security, data privacy (e.g., GDPR, local data protection laws), financial risk, operational risk, and regulatory compliance. Understanding of Technology and User ExperienceAn appreciation for how technology solutions are built and how they impact user experience will be valuable in assessing vendor capabilities and potential risks. Analytical & Problem-Solving Skills: Excellent analytical and problem-solving skills with the ability to conduct deep dives, identify, assess, and mitigate risks effectively. Advanced Knowledge of Excel is required for data analysis and reporting. Basic knowledge of MySQL would be an added advantage for data retrieval and manipulation. Communication & Interpersonal Skills: Good communication and interpersonal skills, with the ability to present complex information clearly and concisely to diverse audiences. Strong written communication for documentation and reporting. High level of drive, initiative, and self-motivation. Ability to work independently, prioritize tasks, and manage multiple assessments simultaneously in a fast-paced environment. A willingness to experiment, learn quickly, and continuously improve processes and personal skills. Certifications (Preferred but not mandatory)CISA, CRISC, CISM, or other relevant certifications in risk management or information security. Why join us: A collaborative output driven program that brings cohesiveness across businesses through technology Improve the average revenue per use by increasing the cross-sell opportunities A solid 360 feedbacks from your peer teams on your support of their goals CompensationIf you are the right fit, we believe in creating wealth for you with enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it

Position Purpose To conduct audit work in accordance with the IG methodology and ensure high standard of deliverables To contribute to risk assessment of audit units based on knowledge obtained through assignments as well as day-to-day contact with auditees To follow through with auditee on implementation of recommendations Responsibilities Direct Responsibilities 1. Participate in the audit team assignments and special reviews (when required by regulators, business lines, or senior management) Head of Assignment -Lead the assignment / review in accordance with BNPP Internal Audit Guidelines, International Professional Practices and established internal communication protocol. -Plan, oversee and co-ordinate the work performed to ensure optimal resource allocation and efficient completion of assignment by preparing the methodology, collating raw data, obtaining past recommendations, preparing meetings with auditees, etc. -Assess the key risks of the audited areas and coordinate the team to identify weaknesses in governance, risk management and control in those areas and raise appropriate findings and recommendations. -Review work done by audit team to ensure that the work scope objectives are achieved. -Complete the audit report within the recommended timeline. -Escalate to the Supervisor unresolved matters or disputes with the auditees for timely resolution. Auditor of Assignment -Assist in documentation gathering for the assignment. - Assist in assessing the key risks of the audited areas and identify weaknesses in governance, risk management and control in those areas by carrying out appropriate evaluation and tests. - Raise appropriate findings and provide appropriate value-added recommendations to mitigate identified risks. - Complete and file investigation working papers for easy retrieval to substantiate work performed. 2. Review the implementation of the Inspection Gnrale recommendations -Validate the implementation of recommendations and maintain audit trail of correspondences with auditees in respect of all implementation. 3. Contribute to the periodic risk assessment of covered activities and planning Perform a periodic and comprehensive risk assessment of the covered activities as per the Group guidelines. Keep abreast of change/new development of regulatory requirements that are relevant to the covered activities and related functions. Assist in the elaboration of the audit planning following a risk-based approach. Contributing Responsibilities Contribute to the improvement of the Inspection Gnrale practices through the elaboration and update of our methodologies. Technical & Behavioral Competencies Is conversant with and applies appropriately audit methodology/standards and control concepts Possesses knowledge of business, products, risks, practices, policies and regulations Practically adapts theory and experience to circumstances of assignment Demonstrates planning, organizing and communication / interpersonal skills in conducting assignments and dealing with auditees Be analytical and able to anticipate problems/obstacles, able to distinguish material from non-material items in making decisions Is mindful about deadlines and disciplined in completing deliverables at the required level of standard Team Work spirit Good written and oral communication skills in English Specific Qualifications (if required) Possess experience in external auditing / internal auditing / credit / risk / compliance / internal control / operations in the financial services industry with a minimum of 5 years in internal audit. Possess a Bachelors / Masters degree in related disciplines; Professional Qualification/Certificate in Audit / Accounting, e.g. CA, CIA, CISA, is a plus. Skills Referential Behavioural Skills(Please select up to 4 skills) Ability to collaborate / Teamwork Attention to detail / rigor Communication skills - oral & written Critical thinking Transversal Skills: (Please select up to 5 skills)Analytical AbilityAbility to manage / facilitate a meeting, seminar, committee, trainingAbility to anticipate business / strategic evolutionAbility to manage a projectAbility to understand, explain and support changeEducation Level:Master Degree or equivalentExperience LevelAt least 7 years Other/Specific Qualifications (if required)

Arora.rajat@sammaancapital.com. Job Description Lead - IT Regulatory Compliance & Audit Location [Gurgaon] Key Purpose of the Role The Lead - IT Regulatory Compliance & Audit will be responsible for ensuring the organizations full compliance with applicable IT and Cybersecurity laws, regulations, and supervisory expectations, specifically those outlined by the Reserve Bank of India (RBI), including the Master Directions on Information Technology and Cyber Security Framework and IT Outsourcing guidelines. This role will also lead the IT Infra and cybersecurity audit management process, ensuring the timely closure of observations and proactive compliance monitoring. Key Responsibilities IT Regulatory Compliance (RBI & Other Regulatory Bodies) Ensure ongoing compliance with RBIs IT and Cybersecurity Master Directions, circulars, notifications, and guidelines. Track and analyze IT regulatory updates and assess their impact on IT operations, security, and governance. Implement a compliance monitoring framework specific to IT and cybersecurity, including regulatory checklists, gap assessments, and periodic testing. Ensure timely submission of IT-related regulatory returns, filings, and disclosures as required under various laws and RBI guidelines. Maintain a regulatory IT compliance register and evidence of adherence. Coordinate with IT, Information Security, Risk, and Legal teams to ensure regulatory alignment across technology and operations. IT Policy Management Draft, review, and update IT policies, processes, and internal control frameworks in line with regulatory changes. Provide guidance to IT and business units on the interpretation and implementation of IT regulatory requirements. IT Audit & Cybersecurity Review Management Lead and manage IT audits, assessments, statutory audits, and regulatory inspections. Liaise with IT auditors, statutory auditors, and regulatory examiners. Track and ensure timely closure of all IT audit observations and regulatory inspection findings. Prepare and present periodic reports to senior management and the Board on IT audit and compliance status. Stakeholder Reporting Prepare IT Compliance Risk Management Reports, Quarterly IT Compliance Reviews, and other Board-level presentations. Report material IT regulatory breaches or significant non-compliance incidents. Training & Awareness Conduct regular training sessions for employees on IT regulatory compliance requirements and updates. Promote a strong IT compliance culture across the organization. Desired Candidate Profile Education & Certifications Graduate/Post-Graduate in Information Technology, Computer Science, Cybersecurity, Law, or related fields. Certification in IT Compliance / Cybersecurity / Risk Management preferred (e.g., CISA, CISM, CISSP, ISO 27001 LA, IIBF Certified Compliance Professional). Experience Minimum 8-12 years of relevant experience in IT regulatory compliance and audit functions within Banking, NBFCs, or Financial Services. Hands-on experience with RBI IT compliance management. Hands on IT infra services specially VAPT, AD, Messaging etc.. Key Skills & Competencies In-depth understanding of RBIs IT and Cybersecurity regulations, circulars, and guidelines. Strong knowledge of IT compliance and IT risk management practices. Excellent analytical, communication, and stakeholder management skills. Strong leadership and team management capabilities. Proficiency in preparing IT regulatory and Board-level reports. Proficiency in managing the VAPT related to IT infra services Key Interfaces Internal IT - Infra Information Security Risk Management Legal & Secretarial Internal Audit External Reserve Bank of India (RBI) IT Auditors Cybersecurity Consultants Legal Counsel & Consultants Employment Type Full-Time / Permanent Thanks Rajat Arora 98735 66771

Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management

Role & responsibilities Professional responsibilities for this manager position include but are not limited to: Applying internal control principles and technical knowledge, including Application Controls and IT General Controls; Developing and/or supervising the execution of detailed audit work plans for the IT audit component of the IA team through resource allocation, stakeholder coordination and quality review; Managing the identification of key risks and controls, including evaluation of control design; Evaluation of operational effectiveness of IT System Controls, utilizing appropriate testing techniques and professional skepticism; Providing regular status reports to IA management and internal clients/stakeholders, when necessary, to keep relevant parties informed of progress and potential issues; Assessing audit results, translating findings into level of risk, to produce meaningful insights and recommendations; Communicating risk findings, verbally and written, to clients in a pragmatic and helpful manner; Driving follow up and remediation of reported issues in a timely manner; Building meaningful relationships with clients through client engagements and networking; Managing and delivering against deadlines while working on multiple projects; Participating in development and delivery of training curriculum; and Coaching team members and reviewing their work. Minimum years of experience: 5+ year(s) of external/ internal audit experience (big four experience is preferred) Minimum Degree Required: Bachelors or master’s degree in accounting, Management Information Systems, Computer Science, Engineering or business related field Preferred Certifications: CISA, CISM, CISSP, CA and/or CIA Preferred Knowledge/ skills: Demonstrates extensive knowledge and/or proven record of success in the following areas: Security and controls for various on-premise and cloud-based technologies; Control standards (COSO, COBIT), control testing strategies; Public accounting practices and internal audit processes i.e., technology and tools for planning, testing and reporting; IT general controls concepts in the areas of system development, change management, computer operations and access to programs; Identifying and assessing business process controls and linkage to IT systems; and, IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, investigations and ethics. Additionally, candidates should have excellent communication (written and verbal) skills and should be able to work with global teams independently with minimal supervision. Flexible work hours are required to align with US and UK hours as agreed upon. SHift-2pm-11pm

Hi , As per response to your profile which is uploaded in Job portals. Excellent job openings for Enterprise Security Archite ct in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Please Note:-please refer your friends who are looking for job changes. Job Description: Enterprise Security Architect. JD:- Required Experience & Education:- Experience Minimum of 10 years of experience in enterprise architecture. Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management 5. Certification Requirements /any-1. Required Certification in at least one of the common architecture frameworks (TOGAF, Zachman, DODAF, FEAF or FEAC) 2. Preferred Certifications in multiple common architecture frameworks such as TOGAF, Zachman, DODAF, FEAF, FEAC is preferred. Security industry certifications, such as CISSP, CISM etc Those who have relevant experience and Skills, as mentioned above please revert back ur updated resume to - Sreenivasa.k@happiestminds.com. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: Degree: Regards, Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Essential Services : Role & Location fungibility About the role We are looking for a skilled professional to join our Information Security Team as a DevSecOps Manager. As a DevSecOps Manager, you will be responsible for implementation of Security tools in DevOps CI/CD (Continuous integration/Continuous Delivery) pipeline and publish security standards and best practices for Developers teams. Key Responsibilities Identifying Vulnerabilities Enable automated security scanning process to identify the known vulnerabilities in source code, Open-source library, and configuration. Provide technical leadership and direction in the DevSecOps domain. Analysis Troubleshoot DevSecOps pipeline implementation issue and support for successful deployment. Implement DevSecOps with multiple agile teams across various platforms, environments, and instances. Implement Automated DevSecOps template-based solutions for cloud environments. Implement Security Measures Understand the Security Requirements & Implement the new DevSecOps process. Integrate, Monitor and Improve Cloud Security controls via DevSecOps process in existing DevOps process. Perform assessment and help to mitigate Security findings and implement improvement Security measures. Configure Cloud Security Tools/Systems in a CI/CD Pipelines. Implementing Security scanning into Jenkins, Code Pipeline, and DevOps workflows. Define gating process metrics for security and implement in DevSecOps. Employ infrastructure as code to increase automation, scalability, and reliability. Reporting Prepare and provide necessary metrics, detailed reports, artifacts, executive summary and dashboard to leadership on a regular frequency. Build and maintain a set of tools that enable developers to self-serve for remediation. Monthly Dashboard Reporting for Leadership. Collaborate Capable of working in a dynamic environment, multi-department coordination and attaining the target. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications CSSLP, CISSP, GPEN, ECSA, CEH, CISM, CISA, or equivalent. Compliance Good understanding of cyber security trends & hacking techniques. Experience in analysing threats of cloud and application components. Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance. Ability to review assessment reports to provide risk mitigation & recommendations on that basis. Technical Skills Experience with various application security tools including SAST, DAST, Software composition analysis and application Penetration testing. Experience with Automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, Gitlab, Bitbucket, etc. Knowledge of Agile and Scrum processes. Understanding of virtualization and container technologies (Docker, Kubernetes, etc). Communication Skills Outstanding communication abilities. Ability to effectively communicate the required recommendations.

The Associate Manager, Internal Audit plays a critical role within the Risk and Audit Services team, serving as a trusted advisor responsible for the planning, execution, and reporting of diverse internal audit and risk advisory engagements, including SOX control testing. You will assess the efficacy of our organizations governance, risk management, and control processes across the organization. This position demands strong analytical and problem-solving skills and business acumen, as we'll as excellent communication and interpersonal skills. Job Responsibilities: Plan, execute and report on risk-based internal audit engagements to evaluate the effectiveness of governance, risk management, and control processes across the organization focused on financial, operational, compliance, and IT and cybersecurity risks. Conduct comprehensive Sarbanes-Oxley Act (SOX) testing to evaluate the design and operating effectiveness of internal control over financial reporting (ICFR) and disclosure controls & procedures (DC&P), including walkthroughs of material processes, testing of controls, and identification of control deficiencies. Lead or contribute to assigned real-time assessments and risk advisory engagements in adherence to the Risk and Audit Services methodology. Build relationships and collaborate with regional management teams to promote and support the implementation and maintenance of effective governance, risk management, and control processes. Identify and assess control deficiencies, potential risks, and areas for process improvement by applying the organization s 4S Principles: Simplify, Standardize, Scalable and Save Costs. Prepare engagement reports with clear findings, conclusions, and actionable recommendations for improvement. Communicate engagement results effectively to senior management and other key stakeholders. Collaborate closely with management to help remediate identified control deficiencies and ensure the timely completion of corrective actions. Collaborate closely with external auditors throughout SOX testing by, for example, conducting joint walkthroughs and ensuring to meet professional standards to maximize their reliance on the work performed by Risk and Audit Services. Requirements: Chartered Accountant (CA) or equivalent professional designation, or Certified Internal Auditor (CIA) designation. Certified Information Systems Auditor (CISA) is a plus. Minimum of 6-7 years of directly related work experience, with at least 3 of those years being risk-based internal audit experience. Strong understanding of the SOX requirements, internal control frameworks (COSO), and internal control testing methodologies. Excellent analytical and problem-solving skills. Strong business acumen, with the ability to understand and analyze business operations, as we'll as related risk and control interdependences and impact A self-motivated team player with the ability to adapt to a fast-paced, changing environment while effectively managing time and deliverables. Strong written and verbal communication skills, with the ability to effectively present complex matters to diverse stakeholders at all levels. Demonstrated ability to build and maintain strong, collaborative relationships across diverse teams and stakeholders. Proven capability to influence without direct authority and foster a culture of accountability. Experience with Enterprise Risk Management (ERM), fraud risk management, Business Continuity Management (BCM), and/or a Governance, Risk, Compliance (GRC) system is a plus. Limited travel (10% or less)

Step into the role of Assistant Vice President at Barclays Internal Audit (BIA) in Mumbai, where you'll support the Audit Lead on audit executions to ensure timely and efficient delivery of audit results As an independent contributor, youll support collaborative audit reviews and guide junior team members in the completion of these reviews, You may be assessed on the key critical skills relevant for success in role, such as experience in either Global Markets and/or Corporate Banking business, as well as job-specific skillsets, Basic/ Essential Qualifications Experience in audit and business monitoring, Understanding of relevant regulatory and compliance environment in India, Relevant professional certifications, e-g CIA, CPA, or CISA, is preferred, Job Location is Mumbai, Purpose of the role To support the development of audits aligned to the banks standards and objectives by working collaboratively with colleagues, providing accurate information and recommendations, and complying with policies and procedures, Accountabilities Audit development and delivery support, including financial statements, accounting practices, operational processes, IT systems and risk management, Identification of operational risks to support the delivery of the Barclays Internal Audit (BIA) Audit Plan through risk assessments, Assessment of internal control effectiveness and their capability to identify and mitigate risk aligned to regulatory requirements, Communication of key findings and recommendations to stakeholders, including the Audit Owner, senior managers and directors, Identification of regulatory news and industry trends/developments to provide timely insight and recommendations for best practice, Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness Collaborate closely with other functions/ business divisions, Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard The four LEAD behaviours are: L Listen and be authentic, E Energise and inspire, A Align across the enterprise, D Develop others, OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes, Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues, Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda, Take ownership for managing risk and strengthening controls in relation to the work done, Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function, Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy, Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc) to solve problems creatively and effectively, Communicate complex information 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience, Influence or convince stakeholders to achieve outcomes, All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship our moral compass, helping us do what we believe is right They will also be expected to demonstrate the Barclays Mindset to Empower, Challenge and Drive the operating manual for how we behave,

Are you passionate about cybersecurity and data securityIf your answer is a resounding yes, then we are hunting for you. As an Information Security Lead, your primary role will be to play a crucial role in protecting its information assets and ensure the confidentiality, integrity, and availability of data. In addition, your goal will stretch to ensure a holistic and effective approach to information security. The role requires a combination of technical expertise, leadership skills, and a deep understanding of the organizations business processes and objectives. Furthermore, your collaboration with cross-functional teams will contribute to the development and maintenance of an enterprise Business Continuity and Disaster Recovery Program, safeguarding our ability to navigate challenges and disruptions effectively. If you are a dynamic, results-oriented Information Security Lead who comes with a proven track record in steering MNCs toward unprecedented success, we invite you to seize this opportunity and make a profound impact on our global presence. Do you possess all the aforementioned skills and wish to make a difference in the world of food and technologyJoin us now! Develop, update, and maintain comprehensive information security and data privacy policies aligned with industry standards and regulatory requirements. Utilize strong IT administration skills to support and optimize our technical operations, ensuring a secure and efficient IT environment Plan, coordinate, and execute internal audits across diverse functions, evaluating adherence to information security policies and procedures Identify and mitigate information security risks through meticulous risk assessment, proposing effective mitigation strategies and overseeing their implementation Exhibit proficiency in vendor management, conducting vendor risk assessments, and establishing secure and reliable vendor relationships Design and manage enterprise-wide security awareness training programs, imparting knowledge and best practices to our global workforce Implement and manage the IT Security Risk Management Framework, aligning security efforts with organizational goals and risk appetite Coordinate security assessments and audits conducted by external certification bodies and clients, ensuring ongoing compliance and effective incident resolution Establish information security objectives, provide monthly measurement and analysis reports to management, and continually enhance our security posture Conduct BIA, risk assessment and develop business continuity and disaster recovery programs, coordinating with the Crisis management & BCP team and actively participating in periodic annual DR tests Collaborate with cross-functional teams to develop and maintain an Enterprise Business Continuity and Disaster Recovery Program Qualifications: Bachelor s degree in computer science, Information Technology, or a related field. Masters degree is a plus. Minimum 8+ years of experience in information security or related role Experience with cyber traceability frameworks and diligent adherence to principles of security components Proficiency in audit-ready protocols to ensure compliance and regulatory requirements are met Cloud security knowledge and experience, including securing cloud-based infrastructures, serverless architecture and services Demonstrated ethical hacking capabilities to proactively identify and address vulnerabilities, organizing and maintaining artifacts for documentation and accountability Skilled in training and mentoring teams to enhance security awareness and practices Strong understanding of secure design principles and their application in the development lifecycle Industry-recognized certifications such as CISSP, CISM, CISA, or equivalent is a plus Strong knowledge of security frameworks, standards, and best practices (ISO 27001, NIST, CIS, etc.) Experience with security technologies and tools, including firewalls, IDS/IPS, SIEM, VAPT, encryption, and multi-factor authentication Strong problem-solving skills and the ability to make decisions under pressure Experience with security incident response and business continuity planning Message from CEO: .

Calling all innovators find your future at Fiserv, Were Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day quickly, reliably, and securely Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, were involved If you want to make an impact on a global scale, come make a difference at Fiserv, Job Title Senior Manager, Audit What does a successful Senior Audit Manager do at Fiserv At Fiserv, within the dynamic world of our Corporate Assurance & Advisory Services (CAAS) department, we are dedicated to delivering world class audit and advisory services that elevate the performance of Fiserv and our clients This international team covers a wide range and scope of audit activities in the highly regulated payments and card industry! By joining the Audit team, you will be a key player in refining a diverse range of audits?spanning operational, compliance, financial, and info-security/cybersecurity, What You Will Do Provide guidance and direction to the planning process and the execution of fieldwork such as overseeing interviews and walkthroughs, reviewing materials, the design and execution of audit testing, analyzing results, drawing conclusions within the allotted time scheduled, Manage the audit lifecycle, staffing, scheduling, methodology and approach to testing and fieldwork and finally, the quality and timeliness of all work products you oversee You will be expected to provide weekly, monthly, or periodic status reporting and work with the CAAS leadership team to ensure the appropriate allocation and assignment of resources, Assist the Audit Director in the development and mentoring of Senior and Staff Auditors by providing regular and timely feedback regarding their execution of tasks performed during each audit engagement and their overall performance, What You Will Need To Have 7+ years of audit experience applying Auditing principles, methodology and standards in a risk-based environment across a variety of audit areas at varying degrees of complexity 5 + years of financial services industry experience and/or experience working in a public accounting firm 2+ years of experience managing other professionals Active professional Audit certification such as CPA, CIA, CISA, CFE Bachelors degree or an equivalent combination of education, work, and/or military experience What Would Be Great To Have Experience working with risk assessment methodologies, control activities, control monitoring, control evaluations and measurement of control effectiveness in accordance with regulatory compliance requirements such as corporate governance, consumer protection, AML/CTF and Financial Crimes, data protection/data privacy, ethics or conduct risk Important Info About This Role Were better together This role is fully on-site, This is a full-time, direct-hire position, and no contract options for unsolicited agency submissions will be considered, Thank You For Considering Employment With Fiserv Please Apply using your legal name Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable), Our Commitment To Diversity And Inclusion Fiserv is proud to be an Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law, Note To Agencies Fiserv does not accept resume submissions from agencies outside of existing agreements Please do not send resumes to Fiserv associates Fiserv is not responsible for any fees associated with unsolicited resume submissions, Warning About Fake Job Posts Please be aware of fraudulent job postings that are not affiliated with Fiserv Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information Any communications from a Fiserv representative will come from a legitimate Fiserv email address,

Senior Internal Auditor India, Chennai Hybrid, Office-Based ICON plc is a world-leading healthcare intelligence and clinical research organization Were proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development, Reporting to the Senior Manager of Internal Audit, you will join a fast paced and dynamic internal audit team supporting ICON's mission to help its clients accelerate the development of drugs and medical devices that save patient lives and improve their quality of life, As a key member of the ICON Group Internal Audit team, you will perform internal control, financial and operational audits for ICON plc, with emphasis on global project governance and risk assurance, What You Will Be Doing Manage various Sarbanes-Oxley (Sox) testing and reporting requirements across ICON's Divisions globally, Lead walkthroughs and risk assessments with process owners Review documentation and assess results to ensure adequate control design and identification of ?key? controls Serve as a main SOX contact for coordination with external auditors related to testing requirements/requests and issues Perform risk based internal audit assignments across ICON's Divisions globally, Consistently evaluate the adequacy and effectiveness of internal controls and compliance, relating to risks across all aspects of ICON, Co-ordinate & deliver quality audit reports containing realistic recommendations, agreed with Management ensuring they are achievable, cost effective and contribute to the business, Play an active role in ensuring any potential operational risk issues and matters, are monitored and communicated effectively, Collaborate with the Senior Manager of Internal Audit on relevant Audit Committee engagements, Analyse large amounts of data in an efficient and accurate manner, using your IT acumen, Familiarise yourself with the In-house SOX tool and look for ways of enhancing its use, Foster good working relationships with global cross-function teams in the business, Promote the Internal Audit brand internally and encourage stakeholders to engage with Internal Audit, Motivate, coach and develop more junior team members to excel in their roles and advance professionally, Your Profile Bachelor's degree in Accounting, Finance, or a related field (Relevant certifications such as CPA, CIA, or CISA are a plus), Must have extensive SOX experience to be considered for this role Big 4 trained preferred 3 years + Audit experience required Post qualification experience in industry preferred Strong Analytical Skills with Good IT Acumen, Strong report writing skills, excellent attention to detail and time management skills What ICON Can Offer You Our success depends on the quality of our people Thats why weve made it a priority to build a diverse culture that rewards high performance and nurtures talent, In addition to your competitive salary, ICON offers a range of additional benefits Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family, Our Benefits Examples Include Various annual leave entitlements A range of health insurance offerings to suit you and your familys needs, Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead, Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your familys well-being, Life assurance Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others, Visit our careers site to read more about the benefits ICON offers, At ICON, inclusion & belonging are fundamental to our culture and values Were dedicated to providing an inclusive and accessible environment for all candidates ICON is committed to providing a workplace free of discrimination and harassment All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status, If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here Interested in the role, but unsure if you meet all of the requirementsWe would encourage you to apply regardless theres every chance youre exactly what were looking for here at ICON whether it is for this or other roles, Are you a current ICON EmployeePlease click here to apply

At least two-year experience in a similar Information Security position Vulnerability research skills Experience in security assessments, pentesting web applications and infrastructure. Experience developing security tools and open source projects Attention to detail and good problem solving skills Very good knowledge of the technical foundations behind networking, operating systems and applications (TCP/IP, Linux, Windows, Web Technologies) Good understanding of Information Security processes and theory Good communication skills and customer-facing experience Experience in the following areas: Vulnerability management Risk management Qualifications Desired Security Certification (GIAC, OSCP, etc.) or similar qualification Experience integrating systems and tools via API's (programming, automation) Online Gaming security experience Experience in Application Security Regulatory and industry standards work: ISO27001, PCI-DSS, etc. Additional Information Additional information With the capacity to display initiative as part of a very strong Technology Governance team, this position plays a key role in ensuring the continued alignment of our Technology department with business objectives. The Candidate should be able to think laterally; suggest process improvements; drive results; Confident with other team members and able to engage with Vendor third parties to ensure Entain's data and confidentiality is maintained to the highest of security standards. Qualification Criteria Qualifications Security Certification (GIAC, OSCP, etc.) or similar qualification Experience integrating systems and tools via API's (programming, automation) Online Gaming security experience Experience in Application Security Regulatory and industry standards work: ISO27001, PCI-DSS, etc. Other relevant professional qualifications will be considered, although not a requirement, e.g. CISA, CISM, CISSP, GIAC, etc.

Cyber Security Auditor Location: Mumbai Leading Bank Work From office mail at manjeet.kaur@mounttalent.com whatsap at 8384077438 Roles and Responsibilities 4 years of experience (upto 12 yrs.) in the field of information security operations, Information System Audits encompassing experience into any of the Banking Technologies Domains Application Security, Database management and administration, / Network security and SOC / Payment systems in addition to IT General controls (ITGC). Exposure to the Banking / Finance / Payment industry domains would be preferrable. Hands-on experience in the following areas: Writing Information security policies, procedures, and processes Conducting risk assessment covering Cyber Security domains as noted below: Application Security: Mobile application assessment, OWASP security practices for applications, VA/PT/AppSec, source-code review, black/grey/white box testing, application SDLC, Strong knowledge of programming languages for applications. Database Security: Database administration and management - Oracle, MS SQL etc., Database Activity Monitoring tools, data security and localization. Payments Systems Security: Understand payment systems and architecture such as SWIFT, UPI, IMPS, ATM, Internet Banking, Mobile Banking, Core Banking System, payment gateway, ATM switch and terminal. Experience in PCI DSS implementation/assessment and ATM end-point security and Cards data security and operations. Networks Security: Managing firewalls, routers, proxy, WAF, email filtering, DLP, DDoS protection, data encryption, IPS/IDS, Incident response and investigate security breaches, VA-PT for networks. Security Operations Centre- Implementation and review. IT General Controls: Familiarity with Technical Security controls of Identity & Access Management, Network, Server, Application, Change management, Backup and Restoration etc. and process controls reviews. Understand BCP and DR processes and architecture. Experience in conducting reviews based on ISO standards and regulatory guidelines in banking sector for a medium to large sized organization would be preferred. Experience in conducting Information System Audits Must have experience in preparing quality deliverables such as audit reports, presentations etc. Excellent written, oral communication and presentation skills Excellent organizational and interpersonal skills Ability to work independently or as part of a team Information technology / Banking and Financial services / Auditing / Cyber Security consulting Candidate will have to travel extensively within Mumbai and across the country for performing audits, as per RBI requirements. Conducting audit of Information security policies, procedures, and processes to identify process/design gaps. Conduct audits of information security systems and infrastructure to verify systems are secure and support the related applications/business processes. Conducts audits in different banking technology domains such as Active Directory, WAF, Network access security, End-point security, Application VA/PT/AppSec, SDLC, Database management and security, PCI-DSS, ATM controls, Cards (Debit/Credit) security, Payment-gateway, Cloud and API Security and IT General Controls etc. Additional weightage will be given to candidates with experience in domains such as Cloud Security, API security. Developing project plans, work programs, evaluating system controls, identify risks and audit gaps, documenting results in proper audit report format, making recommendations, and communicating information to stakeholders. Support in maintaining audit checklist and documents, trend analysis, preparing presentations etc. Should be a self-learner and must keep updated with the latest security guidelines issued by regulators, international standards for information security, threats and vulnerabilities researched/discovered. Research public domain to keep up to date knowledge on latest banking applications / technologies and emerging technologies Cloud, Virtualisation, AI-ML, IOT etc. and ensure continuous learning in identified security competencies and new/emerging technologies. Experience into people management / team management will be preferred.