732 Cisa Jobs - Page 17

This is a remote position, so you ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings. Join Our Team Do you want to be an Information Security Leader at GoDaddyWe help solve large scale and cross-company issues, while ensuring that partnership with the development and operational communities remains front of mind. GoDaddy is looking for a Principal Security Engineer with security risk management experience, technical depth, strong leadership abilities, and experience with building and performing information security audits and gap assessments. You must be comfortable communicating with internal teams and external auditors, designing and leading security campaigns, prioritising resolution of audit findings while applying a risk-based approach. As a team, we will help identify any gaps in security control implementation, design solutions to manage security risks at scale and provide the information needed to make risk-based decisions and planning. What youll get to do... Build and manage a Security Controls framework that encompasses the regulatory and industry compliance frameworks we comply with. Perform detailed analysis and review of information security controls, as well as targeted gap assessments to identify any deviations from the framework. Propose and manage enterprise-wide security campaigns for managing deviations to reduce risk. Partner with other InfoSec and Engineering teams to define and prioritise security initiatives and investments using a risk-based approach. Align risk management initiatives with applicable compliance regulations. Your experience should include... 10+ years of experience in Information Security or related fields such as Software Development, System Administration, QA Engineer, IT Audit, etc. Minimum of 6+ years of progressive experience managing programs related to information security and information security audits. Experience with building unified security controls frameworks. Experience with managing audits utilizing compliance frameworks such as PCI DSS, NIST CSF, NIST 800-53, ISO, SOC-2 etc. Experience with Security Engineering concepts such as Threat modeling, architecture reviews, etc. You might also have... Certifications such as PCI QSA/ ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc. Prior experience with system administration, scripting, and/or automation techniques. Weve got your back... We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy s benefits vary based on individual role and location and can be reviewed in more detail during the interview process. We also embrace our diverse culture and offer a range of Employee Resource Groups ( Culture ). Have a side hustleNo problem. We love entrepreneurs! Most importantly, come as you are and make your own way.

Job Title - IT Audit Senior Analyst Management Level: ML10 Location: Bangalore Must have skills: IT Audit experience, Understanding of Security Standards like ISO27001, PCI DSS, HIPAA, NIST 800-53 Good to have skills: Possession of a one or more of these professional certifications (ISO27001 Lead Auditor, CISA, CISSP, CIA, CCSK, AWS Cloud Practitioner, Azure Fundamentals) is preferred. Job Summary : Roles & Responsibilities: Participate in execution of the risk-based audit plan, reporting results to Accenture Leadership and the Audit Committee of the Board of Directors Conduct a wide-ranging scope of audits with an emphasis on assessing emerging areas of risk including cyber security, artificial intelligence, cloud computing, robotic process automation, and the Internet of Things. Through advisory services, work with our business partners to help them proactively identify and manage risk in new technologies, new go-to-market offerings, and critical corporate initiatives. Shape the future of the Accenture Internal Audit through involvement in departmental initiatives that enable us to become more efficient and effective in everything we do. Ensure your technical skill set and business acumen stay current and relevant through participation in our robust training program. Professional & Technical Skills: Experience conducting IT external and internal audits or assessments, preferably for a global organization. Strong IT knowledge in infrastructure technologies (networking, data centers and hosting, virtualization, cloud etc.), application development and support, and emerging technologies. Experience leveraging predictive models and custom analytics in audit planning and execution is preferred. Technical knowledge and familiarity with control requirements in areas including ERP applications, Windows and Unix operating systems, cyber security, and vendor management. Strong verbal and written communication skills and proficiency with the English language. Demonstrated analytical thinking, teamwork, and collaboration skills. Possession of a relevant professional certification (CISA, CISSP, CIA, CPA, CCSK) is preferred. Ability to adopt flexible work hours to collaborate with global teams and travel (up to 20%). Additional Information: We Are: Accenture is helping transform leading organizations and communities around the world. Choose Accenture and make delivering innovative work part of your extraordinary career. Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. Accenture is consistently recognized onFORTUNEs 100 Best Companies to Work Forand DiversityIncs Top 50 Companies for Diversitylists. The Internal Audit Department provides the Audit Committee of the Board of Directors with an independent and objective assessment of the reliability and integrity of financial and select operating information, the effectiveness and efficiency of Accenture plc and its consolidated subsidiaries (the Company) systems and internal controls, and compliance with the Companys policies and procedures. Internal Audit Services also provides advisory services designed to add value and improve the Companys operations through bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, controls, operations, and governance processes. You Are: An agile, highly-motivated, innovative thinker with a background in audit, risk, or compliance looking to join a fast-paced, global internal audit organization that has embraced transformative capabilities including advanced analytics, dynamic risk assessment processes, and automation to retain its role as a trusted advisor to the business. Why Should I Join the Accenture Team You are looking for an internal audit role that provides you with exposure to senior levels of leadership, enables you to work with emerging technologies, provides opportunities for international travel and flexible work arrangements (work from home), requires little to no SOX testing, and offers a competitive salary and benefits package. About Our Company | AccentureQualification Experience: Minimum 2 years experience in IT auditing, testing IT General controls and information security controls, or related technical role focusing on security compliance activities Strong IT knowledge in infrastructure technologies (networking, data centers and hosting, virtualization, cloud etc.), application development and support, and emerging technologies. Educational Qualification: Undergraduate degree in Computer Science, Information Systems, Accounting, Business Administration, or Finance. MBA, Masters in Engineering.

Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Associate Qualifications: Any Graduation Years of Experience: 1 to 3 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing skill is required What are we looking for Commitment to qualityWritten and verbal communicationRisk managementAbility to work well in a teamAbility to meet deadlinesAutomated / IT control testing experience is must Roles and Responsibilities: In this role you are required to solve routine problems, largely through precedent and referral to general guidelines Your expected interactions are within your own team and direct supervisor You will be provided detailed to moderate level of instruction on daily work tasks and detailed instruction on new assignments The decisions that you make would impact your own work You will be an individual contributor as a part of a team, with a predetermined, focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Syensqo is all about chemistry. We re not just referring to chemical reactions here, but also to the magic that occurs when the brightest minds get to work together. This is where our true strength lies. In you. In your future colleagues and in all your differences. And of course, in your ideas to improve lives while preserving our planet s beauty for the generations to come. Job Summary: The Policy and Compliance Officer will be responsible for developing, implementing, and maintaining policies and procedures to ensure compliance with regulatory requirements and internal standards within the Unified Endpoint Management (UEM) team. This role will involve close collaboration with the Chief Information Security Officer (CISO) office and cybersecurity teams to ensure that all endpoint devices are managed and protected in accordance with security and compliance standards. Key Responsibilities: Policy Development and Implementation: Develop, review, and update policies and procedures related to endpoint management. Ensure policies are aligned with regulatory requirements, industry standards, and security best practices. Communicate and enforce policies across the organization. Compliance Monitoring and Reporting: Monitor compliance with established policies and procedures. Conduct regular audits and assessments to identify areas of non-compliance. Prepare and present compliance reports to the Unified Endpoint Manager, CISO office, and other stakeholders. Risk Management: Identify potential compliance and security risks and develop mitigation strategies. Collaborate with the IT security team and CISO office to ensure endpoint security measures are in place and effective. Stay updated on emerging threats, regulatory changes, and security trends that may impact endpoint management. Training and Awareness: Develop and deliver training programs to educate employees on compliance requirements, security best practices, and endpoint protection. Promote a culture of compliance and security awareness within the organization. Incident Management: Assist in the investigation and resolution of compliance and security-related incidents. Document incidents and corrective actions taken to prevent recurrence. Collaboration and Support: Work closely with IT, legal, CISO office, and cybersecurity teams to ensure a cohesive approach to compliance and security. Provide guidance and support to team members on compliance and security-related matters. Qualifications: Bachelor s degree in Information Technology, Cybersecurity, Business Administration, or a related field. Minimum of 3-5 years of experience in a compliance or policy development role, preferably within IT, cybersecurity, or endpoint management. Strong understanding of regulatory requirements, industry standards, and security best practices related to endpoint management. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Relevant certifications (e.g., CISA, CISM, CISSP) are a plus. About us Syensqo is a science company developing groundbreaking solutions that enhance the way we live, work, travel and play. Inspired by the scientific councils which Ernest Solvay initiated in 1911, we bring great minds together to push the limits of science and innovation for the benefit of our customers, with a diverse, global team of more than 13,000 associates. Our solutions contribute to safer, cleaner, and more sustainable products found in homes, food and consumer goods, planes, cars, batteries, smart devices and health care applications. Our innovation power enables us to deliver on the ambition of a circular economy and explore breakthrough technologies that advance humanity. At Syensqo, we seek to promote unity and not uniformity. We value the diversity that individuals bring and we invite you to consider a future with us, regardless of background, age, gender, national origin, ethnicity, religion, sexual orientation, ability or identity. We encourage individuals who may require any assistance or accommodations to let us know to ensure a seamless application experience. We are here to support you throughout the application journey and want to ensure all candidates are treated equally. If you are unsure whether you meet all the criteria or qualifications listed in the job description, we still encourage you to apply. Job ID 32365 Regular Pune, India View in Google Maps Apply to this job

IT Governance Risk & Compliance Senior Analyst Job Locations IN-KA-Bengaluru Requisition ID Category (Portal Searching) Information Technology Position Type (Portal Searching) Experienced Professional Overview Connecting clients to markets and talent to opportunity With 4,300 employees and over 400,000 retail and institutional clients from more than 80 offices spread across five continents, we re a Fortune-100, Nasdaq-listed provider, connecting clients to the global markets focusing on innovation, human connection, and providing world-class products and services to all types of investors. At StoneX, we offer you the opportunity to be part of an institutional-grade financial services network that connects companies, organizations, and investors to the global markets ecosystem. As a team member, youll benefit from our unique blend of digital platforms, comprehensive clearing and execution services, personalized high-touch support, and deep industry expertise. Elevate your career with us and make a significant impact in the world of global finance. StoneX, a Nasdaq-listed provider, connecting clients to the global markets focusing on innovation, human connection, and providing world-class products and services to all types of investors. Whether you want to forge a career connecting our retail clients to potential trading opportunities, or ingrain yourself in the world of institutional investing, The StoneX Group is made up of four segments that offer endless potential for progression and growth. Responsibilities Working within the IT organization and reporting to the Associate Director of Governance, Risk Compliance ( GRC ), the Governance, Risk & Compliance Analyst is responsible to help support the day to day assurance operations related to policy compliance, process and organizational policies and security requirements governance, as well as risk management functions. You will assist with the collection of data from multiple systems to allow for proper reporting of the Information Security program effectiveness . The Governance Risk & Compliance Analyst will create impact in the following ways: You will engage business personnel to ensure all requisite data and information is complete, accurate, and consistently delivered. You will use your experience and knowledge of security in working with a team to deliver on Governance, Risk and Compliance goals related to developing the complete perspective for operational and management visibility of overall compliance to the Information Security program, policies, and practices Reporting to the Manager of Governance, Risk Compliance (GRC), the Governance, Risk & Compliance Senior Analyst supports daily assurance operations related to policy compliance, governance, and risk management. You will gather data from multiple systems to report on the Information Security programs effectiveness. Major Responsibilities: Coordinate the development of best practice policies and standards based on various governance frameworks Ensure that all policies and standards are regularly reviewed and updated to be in line with regulatory and control requirements. Design and implement an effective exception process to facilitate and manage requests for non-compliance with policies and standards. Develop and lead information security awareness and training initiatives, including phishing exercises. Develop and implement relevant cyber and IT risk metrics and reporting to management and risk committees. Develop and manage an information security risk register to address risk issues and action plans from all sources, e.g., IT audit, technology risk assessments, vulnerability scans, penetration testing, etc. Implement GRC software platform for policy administration, compliance and risk management. Coordinate information security internal audit, external audit, regulatory and SOX reviews to help represent the company from an information security and technology risk perspective. Coordinate responses to RFI\RFPs and client security related questionnaires. Establish a compliance management framework to manage all third line of defense reviews and results. Maintain an up-to-date understanding of emerging trends in information security risks, and new techniques and trends, in-line with overall information security objectives and risk tolerance. Coordinate with legal, compliance functions to ensure proper implementation of data privacy legislation and disclosure Identify, analyze, respond to and monitor IT risk. Ensure that risk factors and events are addressed in a cost-effective manner and in line with business objectives. Conduct third part vendor risk assessments, make recommendations and perform periodic reviews. Manage tracking of identified findings and actions to closure and reporting to leadership. Develop and maintain a Cyber and IT Control Framework. Develop a Cyber and IT controls catalog to align with the organizations risk appetite and tolerance levels to support business objectives. Ensure all controls are assigned control owners to establish accountability. Design and implement Cyber and IT controls assessment and assurance process to ensure controls function effectively and efficiently. Qualifications The right candidate will do this by bringing their education and professional experience in the following spaces: Bachelor s degree. Master s degree a plus. Minimum over 5 years of relevant experience, preferably in financial services. Strong background in information technology with a clear understanding of the challenges of information security. Demonstrated understanding of secure, complex information systems environment in a global financial service sell side environment. Relevant experience in the GRC space. Good understanding of information security risk management frameworks such as ISO 27001, COBIT, NIST, NIST 800-53, etc. Direct experience with regulatory compliance reviews and examinations. Current Information Security Certification (e.g. CISSP, CISM, CISA, or related security certification) preferred. Project and program management skills. Strong written and verbal communication and presentation skills, and ability to work with all levels of the organization. Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff, security vendors, consultants and senior management. Excellent leadership and teamwork skills. Ability to influence others. Team player with the ability to work independently. Resourceful, energetic, self-starter, flexible, goal-oriented Strong personal integrity Preferred candidates will possess current Information Security Certifications (e.g., CISSP, CISM, CISA, or related). Options Apply for this job online Apply Share Email this job to a friend Refer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed

Job Title Internal Controls Lead Division WBS Location India Onsite Purpose of Role: Weir Company is seeking an experienced and dedicated Internal Controls Lead to join our Weir Global Business Services team in Bangalore. The successful candidate will be responsible for overseeing and enhancing the internal control environment, ensuring compliance with regulatory requirements, and supporting the companys strategic objectives across processes like OTC, PTP and RTR Why choose Weir: Be part of a global organization dedicated to building a better future: At Weir, the growing world depends on us. It depends on us constantly reinventing, quickly adapting and continually finding better, faster, more sustainable ways to access the resources it needs to thrive. And it depends on each of us doing the best work of our lives. It s a big challenge - but it is exciting. An opportunity to g row your own way: Everything moves fast in the dynamic world of Weir. This creates opportunities for us to take on new challenges, explore new areas, learn, progress and excel. Best of all, there is no set path that our people must take. Instead, everyone is given the support and freedom to tailor-make their own career and do the best work of their lives. Feel empowered to be yourself and belong : Weir is a welcoming, inclusive place, where each individual s contribution is recognized and all employees are encouraged to innovate, collaborate and be themselves. We continually focus on people and their wellbeing. We believe in fairness and choose to be honest, transparent and authentic in everything we do. Key Responsibilities: Make sure WBS internal controls team is working under policies and procedures defined by CoE Governance Risk & Controls to ensure compliance with regulatory requirements and company standards. Conduct regular risk assessments and identify areas for improvement in internal controls within WBS processes. Collaborate with various departments and cross towers to ensure the effective implementation of internal controls and provide guidance on control-related issues. Monitor and evaluate the effectiveness of internal controls and recommend enhancements as needed. Prepare and present reports on the status of WBS internal controls so this could be reported to audit committee and senior leadership. Lead and manage internal control projects, including the coordination of internal and external audits. Provide training and support to employees on internal control policies and procedures. Job Knowledge/Education and Qualifications: Bachelors degree in Accounting, Finance, Business Administration, or a related field. Professional certification such as CPA, CIA, or CISA is preferred. Minimum of 5 years of experience in internal controls, audit, or a related field. Strong knowledge of internal control frameworks, such as COSO or COBIT. Excellent analytical, problem-solving, and communication skills. Ability to work independently and manage multiple projects simultaneously. Proficiency in Microsoft Office Suite and familiarity with ERP systems. Preferred Skills: Experience in a global business services environment. Knowledge of industry-specific regulations and compliance requirements. Strong leadership and team management skills. For additional information about what it is like to work at Weir, please visit our Career Page and LinkedIn Life Page . Compensation: (Where compensation on the job posting is required) #esco or #minerals (division) #LI-remote (working option) #LI-AB1 (Recruiter personal #)

We are seeking a skilled Data Security Consultant with expertise in Data Loss Prevention (DLP) as the primary focus. The ideal candidate will also have experience with technologies such as Hardware Security Modules (HSM), Information Rights Management (IRM), Data Classification, and Public Key Infrastructure (PKI). Key Responsibilities: Develop and implement DLP strategies to protect sensitive data across various platforms. Administration of Data Security assets (Plan-Do-Check-Act cycle). Monitor and maintain existing jobs/tasks related to security solutions, including sync, backup, password management, and reporting. Oversee daily, weekly, monthly, and ad-hoc preconfigured notifications, reports, and dashboards. Perform health checks as scheduled; fine-tune and recommend fixes for any issues discovered during checks. Conduct periodic configuration reviews to ensure optimal performance and security. Undertake critical security patch management to keep Data Security Solutions up to date and secure. Onboard new assets, accounts, and user policies into the Data Security Solutions. Collaborate with OEM vendors for issue resolution and follow-up as needed. Assist Level 3 (L3) team members with their roles and responsibilities. Stay updated on industry trends and emerging threats related to data security. Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field. Minimum of 5 years of experience in Data security technologies. Proven experience in DLP technologies and strategies. Strong understanding of HSM, IRM, Data Classification, and PKI. Excellent analytical and problem-solving skills. Relevant certifications (e.g., CISSP, CISM, CISA, product certifications) are a plus.

Job Title - Information Security Management System (ISMS) domains + 9/10 + CF Management Level: 09 or 10 Location: Bangalore Must have skills: Information Security Management System (ISMS) domains Good to have skills: Software/Application Development, Cloud /infrastructure concepts Must have skills: Excellent English communication skills both in speaking and writing Knowledge of Information Security concepts and Information Security Management System (ISMS) domains Information security risk analysis Able to confidently present and assert findings with global counterparts Able to handle and balance time when working on multiple tasks Good attention to details Experienced in auditing/assessment Willing to continuously learn Microsoft Office (Excel, Word, Outlook, MS Teams) Good to have skills: Basic knowledge or familiarity with Software/Application Development, Cloud /infrastructure concepts Knowledge on various data privacy regulations such as GDPR, PCI and HIPAA Job Summary : A Client Data Protection (CDP) assessment is a review of a client accounts CDP plan and implemented controls to ensure that the clients sensitive business and personnel data is safeguarded. The assessment is intended to address data protection issues related to applications, systems, and business processes. The CDP Assessor will: Gather relevant information via interviews, meetings with account teams, review of supporting artifacts, about the client account and their processes Identify by conducting Risk Analysis all areas or processes that are vulnerable and where client sensitive data may be compromised Identify, rate and document risks found in the assessment Recommend security measures to remediate assessment findings Follow-up with the account team to review progress for closing findings Learn and apply new data privacy regulations, risk on emerging technologies etc. Roles & Responsibilities: The CDP Assessor will: Gather relevant information via interviews, meetings with account teams, review of supporting artifacts, about the client account and their processes Identify by conducting Risk Analysis all areas or processes that are vulnerable and where client sensitive data may be compromised Identify, rate and document risks found in the assessment Recommend security measures to remediate assessment findings Follow-up with the account team to review progress for closing findings Learn and apply new data privacy regulations, risk on emerging technologies etc. Complete and submit timely required assessment deliverables Professional & Technical Skills: Holder of any of the following Certifications is preferred but not required: Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) Information Security Management System (ISMS) 27001 Lead Auditor Additional Information: Work involves virtually meeting with teams from various Accenture locations around the world so there is a need from time to time to find an overlapping time with those teams that may be outside of the home location time-zone. About Our Company | AccentureQualification Experience: Minimum 2 year(s) of experience on Information Security-related work is required Educational Qualification: Bachelors degree in any Information Technology or Information Security course

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Work with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Roles & Responsibilities:- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills- Proficiency in any Security Information and Event Management (SIEM)- Experience with Security Risk Assessment, Google SecOps- Strong understanding of security principles and practices- Experience in implementing security solutions- Knowledge of threat detection and incident response- Ability to analyze and interpret security data- Engage with multiple teams and contribute on key decisions- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Provide solutions to problems for their immediate team and across multiple teams- Verify custom reports, manage log source groups, and validate log sources with client- Maintain a close partnership with SIEM on feature requests, upgrade planning, and product roadmap alignment- Focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc.) of incoming data and for self-monitoring of the solution itself.- Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.- Identify and implement Automation opportunities in project- Troubleshoot issues with log sources or systems with vendor, and report system defects as needed- Coordinate & lead the technical discussions with Client/vendors.- Identify root cause of security incidents.- Implement SOC best practices to deliver business outcomes Professional & Technical Skills: -Experience in Information Security, Risk Management, Infrastructure Security and Compliance- Experience on SOC Operation-Experience in working UBA and Advanced Threat Detection- Any Security device Installations, Configuration, and troubleshooting (e.g., firewall, IDS, etc.)- Hands on experience in any SIEM tool- Mid-level expertise in UNIX, Linux, and Windows- Experience working in a diversified, virtual environment.-Scripting experience in any language- Experience in data manipulation and regular expressions- Experience with Database installation & configuration- Certifications such as CISSP, ITIL, CISA, CISM, GIAC-GCIA, AWS/Azure/Cloud based Certifications- Advanced Certification from any SIEM vendor on products such as ArcSight, QRadar, McAfee Nitro, RSA SA, SPLUNK, Google SecOps etc. Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Skills Required : Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Education/Qualification : B.Tech, MBA, CA Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for Application Security-Techno Manager -Mumbai Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates.(Apply for only Immediate to 30 days joiners) Job Description: Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Mumbai Only Notice Period: Apply only for Immediate to 30 days NP. DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program. Responsibilities Include: Work with peers to identify and assess Information Security risks Conduct risk assessments using CME Groups established GIS Third Party Risk Management assessment process Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc. Assist the GIS TPRM function with: Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions Assist in compiling and delivering business and operational metrics at regular intervals Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support Problem Solving: Objectively assess the impact, likelihood, and velocity of identified risks Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers Rapidly analyze complex technical details Synthesize detailed analysis into a big picture view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company Decision Making: Recommend risk treatment decisions Recommend remediation actions when risk mitigation is desired Recommend improvements to methods, instrumentation, training, documentation, and processes Recommend solutions for automating and streamlining GIS TPRM risk management practices Working Relationships: Interacts with peers across all elements of the Technology Division Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Interact occasionally with industry peers from other Systemically Important Financial MarketUtilities (SIFMUs),research organizations, solution providers, etc. Required Experience: Bachelors Degree or equivalent experience Minimum of 4 to 6 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.) Demonstrable knowledge of a broad range of InfoSec technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Additional preferred experience: Demonstrable knowledge of InfoSec risk management methods and practices Experience with operating GRC solutions Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.) CME Group: Where Futures are Made CME Group is the worlds leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And were looking for more.

Your Impact Youll be responsible for engaging with senior customer representatives including CISO and other C-suite stakeholders to engage on topics around CyberSecurity, adjacent technical areas, and application of technology and programs in the business. Provides trusted support, advice and guidance on the latest trends and developments in CyberSecurity and how these can be used to provide lasting business value and impact for our customers. Applying your wide and deep experience in solving these challenges elsewhere youll help our customers with their journey, articulating Ciscos unique value proposition and architecture for CyberSecurity and how Cisco can help our customers succeed with their CyberSecurity goals. By establishing yourself as a trusted advisor and building lasting relationships, youll help bridge the communications gap between customer needs and what Cisco can offer. Identifies opportunities for Cisco to provide additional products and services that are aligned to achieving the customers CyberSecurity goals. Results and Outcomes Youll proactively strengthen and expand Ciscos presence and technology leadership in the CyberSecurity domain through externally visible activities such as blog posts, social media posts, papers, external speaking engagements and serving on external forums and boards. Youll continually acquire the knowledge and expertise necessary to pioneer new thinking and approaches. Youll contribute new materials and innovative articles rather than solely parroting existing materials or campaigns. Youll have a strongly accretive impact on Ciscos CyberSecurity business as evidenced by pipeline generation and supporting sales of products. Youll actively contribute to talent development, ensuring the principals of improving inclusion and diversity are honoured and promoted. Minimum Qualifications: * Bachelor or Masters degree in a relevant area, an MBA is preferred * CertificationsCISSP, CRISC, CISA and CISMand advantage. * Telco expertise and hands on implementation * 15+ years relevant experience with at least five (5 )years as: a CISO, Head of Risk or equivalent in a major organization; Partner or Associate, Principal, or Managing Director in a big 4+1 company or other leading consulting organization; or a combination thereof. * Proven experience and recognized as a thought leader in CyberSecurity in one or more industry verticals such as Financial Services; Service Provider; Manufacturing, Mining, Transportation, Oil and Gas, or Utilities; or Technology. * A proven record of business leadership in a technical domain and experience in transformational or strategic programs, with evidence of where past contributions have a significant impact on business. * Proven track record of C-suite engagement with an extensive personal contact base. * Published author, conference speaker and social media presence. Preferred Skills * Proven experience and recognized as a thought leader in CyberSecurity in Service Provider is highly desired * Proven experience in delivering security solutions, knowing cisco security solution is a plus.

. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the As a Risk management specialist at ZS Associates, youll be responsible for identifying, and mitigating compliance and operational risks in line with the firms standards. Youll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Youll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. What youll do: Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to: Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What youll bring: Bachelor s degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment Perks & Benefits: . Travel: . Considering applying? . To Complete Your Application:

SUMMARY: This position is reporting to the Director or Sr Manager/Manager, IT Internal Audit and part of a strong, dynamic global internal audit function. This Senior position will be a member of the Internal Audit IT team focusing on global projects based in our offices. ESSENTIAL DUTIES AND RESPONSIBILITIES: Reporting to the Director or Sr Manager/Manager, IT Internal Audit, the Senior will assist leading and executing projects for the IT Audit & Data Analytics pillars, assisting in Internal Audit function improvement projects, and collaborating with the other internal audit pillars - Finance & Operations audit, Internal Controls, Channel audit, and Audit Operations. Execution of projects in the IT audit pillar including: Assisting in performance of annual risk assessment of the business, development of an overall audit plan, and periodic refreshes of the risk assessment and the audit plan Executing projects on the internal audit plan including IT, operational, compliance, site, and cross functional audits across the global business Assisting in executing project risk assessments, planning, and scoping decisions on individual audit and advisory projects Executing controls documentation, testing, and fieldwork for audit and advisory projects Assisting in drafting audit and advisory observations and reports Assisting in coordinating, planning, reviewing, and executing on Management s assessment of Internal Controls over Financial Reporting (SOX) Developing, cultivating, and growing relationships with key stakeholders across various business functional and operational areas Developing relationships with the external auditor Taking ownership of career and skill development, including coaching and mentoring opportunities and attending training Identifying opportunities and helping the maturation of the data analytics function, including working to audit robotic process automations, application controls, and other IT dependent controls in close coordination with the finance & operations audit and Data Analytics pillar teams Qualifications Required and preferred knowledge and job skills: Work experience: 3+ years of relevant work experience required. Strong preference for experience with public account

Job Summary: The Cyber Security Team Lead will support the Head of Information Security in the development, implementation, and management of the organisation s information security strategy. This role involves overseeing daily operations, ensuring the security of information assets, managing security incidents, and fostering a security-conscious culture within the organisation. Key Responsibilities: Strategic Support: Assist in the development and execution of the organisations information security strategy and policies. Provide strategic guidance and leadership in all areas of information security. Operational Management: Oversee day-to-day security operations, including monitoring, threat management, and incident response. Ensure effective 24/7 monitoring and incident handling. Risk Management: Identify and assess security risks, and develop mitigation strategies. Conduct regular security audits and vulnerability assessments. Incident Response: Lead the response to security incidents and breaches, ensuring timely and effective resolution. Develop and maintain the incident response plan, including conducting regular drills. Compliance and Governance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR). Maintain up-to-date documentation of security policies, procedures, and incidents. Team Leadership: Supervise and mentor the information security team, providing guidance and support. Foster a collaborative and high-performance team environment. Training and Awareness: Develop and deliver security training and awareness programs for employees. Promote a culture of security awareness throughout the organisation. Stakeholder Collaboration: Collaborate with IT, legal, HR, and other departments to ensure cohesive security practices. Serve as a key point of contact for security-related matters with external partners and vendors. Qualifications: Education: Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master s degree is a plus. Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Experience: Minimum of 10 -15 years of experience in information security, with at least 3 - 5 years in a leadership role. Proven experience in managing security operations, incident response, and risk management. Skills and Competencies: Technical Expertise: Strong knowledge of information security principles, technologies, and best practices. Experience with security tools and technologies such as SIEM, firewalls, IDS/IPS, and endpoint protection. Analytical Skills: Ability to analyse complex security issues and develop effective solutions. Strong risk assessment and management skills. Leadership and Communication: Excellent leadership and team management skills. Strong verbal and written communication skills, with the ability to convey complex security concepts to non-technical stakeholders. Problem-Solving: Strong critical thinking and problem-solving abilities. Ability to remain calm and effective in high-pressure situations. Additional Requirements: Availability for on-call duties and to respond to security incidents outside regular working hours. Willingness to travel as needed. Hybrid Policy - 2 to 3 days in a month work from Office* #LI-Hybrid What we offer Benefits We offer excellent benefits including an incentive programme, generous annual and parental leave policies, volunteering days and well-being support throughout the year, as well as free access to all Economist content. Country specific benefits are also offered. Our Values Our values are a collective set of beliefs and behaviours that strengthen The Economist Groups purpose and demonstrate where we want to be as an organisation. They reflect on our mission to pursue progress for individuals, organisations and the world. Independence We are not bound to any party or interest and encourage exploration and free-thinking. We champion freedom, both within our organisation and around the world. Integrity We are bold in our efforts to uncover the truth and stand up for what we believe in. We inspire trust through our rigour, fact-checking and transparency. Excellence We aspire to the highest standards in all we do. We are ambitious and inquisitive in our pursuit of continuous progress and innovation. Inclusivity We value diversity in thought and background and encourage healthy debate with a breadth of perspectives. We treat our colleagues and customers fairly and respectfully. Openness

Maintains, populates and reviews vulnerability, risk, control and issue management tools. Engages with management to ensure vulnerabilities, risks, controls and issues are dealt with escalating as needed. Serves as liaison and point of contact for new risk issues, including process assistance, tools, tracking status and status of issues advancing to closure. Escalating and facilitating discussions to explore risk acceptance, waivers or policy deviations ensuring traction of issues; Collaborates with various levels of management, teams, security, corporate risk. Conducts deep dives on risk, compliance, and security-related processes including vulnerability management reporting, policy compliance reporting, and other projects as assigned; Provides statistical information to various levels of management, Develops control processes and works closely with key stakeholders on writing and documenting processes. Collaborate with internal audit team to review controls that owners document prior to scheduled audits; Performs policy compliance reviews for policies such as Technology Lifecycle Management (TLMP), Third Party Risk Management (TPRM), Cloud. Develops plans and manage implementation of annual policy compliance tracking such as TLMP or TPRM.Assists personnel in compliance actions or raises non-compliance issues Creates and reports metrics for policy compliance; maintains documentation standards; communicates compliance solutions; supports internal audits; provides TSSI compliance training; evaluates EITS RCSA. Skill/competency required: University bachelor degree in Computer Science or related field, Posses technical professional certifications CRISC, CISM, CISA, CISSP. 5 years experience of working in an IT governance role, Advanced English level Experience of cross-regional work for a regulated multinational company, regional regulation awareness and/or management. About Experian Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money. We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.co m Experience and Skills University Bachelor Degree Additional Information Our uniqueness is that we celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experians people first approach is award-winning; Worlds Best Workplaces 2024 (Fortune Global Top 25), Great Place To Work in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site and Glassdoor to understand why. Benefits Experian care for employees work life balance, health, safety and wellbeing. In support of this endeavor, we offer best-in-class family well-being benefits, enhanced medical benefits and paid time off. This is a hybrid remote/in-office role and reporting to Director. This is individual contributor (Non-Managerial) role Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here

Fynd is India s largest omnichannel platform and multi-platform tech company with expertise in retail tech and products in AI, ML, big data ops, gaming+crypto, image editing and learning space. Founded in 2012 by 3 IIT Bombay alumni: Farooq Adam, Harsh Shah and Sreeraman MG. We are headquartered in Mumbai and have 1000+ brands under management, more than 10k stores and servicing 23k + pin codes. We are seeking a highly skilled Data Protection Officer (DPO) / GRC Officer responsible for ensuring compliance with global security and data protection regulations. The ideal candidate will oversee governance, risk, and compliance (GRC) programs, implement security frameworks, and safeguard sensitive data across the organization. What will you do at Fynd ? 1. Governance, Risk, and Compliance (GRC): Develop, implement, and maintain GRC frameworks to align with regulatory and industry standards. Establish risk assessment methodologies and ensure mitigation strategies are in place. Conduct IT General Controls (ITGC) assessments to ensure effective security controls and processes. Oversee third-party risk assessments, ensuring vendors comply with security policies. 2. Data Protection & Privacy Compliance: Implement and oversee compliance with DPDP (Digital Personal Data Protection Act, India) and GDPR regulations. Act as the point of contact for data protection authorities and internal privacy matters. Conduct Data Protection Impact Assessments (DPIAs) and privacy risk assessments. Develop and enforce privacy policies, data retention, and protection measures. 3. Information Security Compliance & Certifications: Lead and maintain compliance with ISO 27001, ensuring policies and controls meet certification requirements. Manage SOC 2 compliance efforts, including security, availability, processing integrity, confidentiality, and privacy principles. Oversee PCI-DSS compliance for handling cardholder data securely. Ensure alignment with NIST security frameworks for risk management and cybersecurity resilience. 4. Business Continuity & Incident Management: Develop and maintain a Business Continuity Management (BCM) program, including disaster recovery plans. Lead security incident response and investigations to mitigate data breaches and cybersecurity threats. Conduct regular tabletop exercises and audits to test resilience and readiness. Some Specific Requirements Bachelor s/Master s degree in Information Security, Cybersecurity, Compliance, or a related field. Professional certifications such as CIPP/E, CIPM, CISSP, CISM, CISA, ISO 27001 Lead Auditor, or CRISC are highly preferred. 5+ years of experience in Data Protection, Compliance, GRC, or Cybersecurity roles. Strong knowledge of regulatory frameworks (SOC2, ISO27001, GDPR, DPDP, PCI-DSS, NIST, ITGC, Third-Party Risk Management). Experience in implementing GRC tools and automating compliance processes. Excellent stakeholder management skills with the ability to work cross-functionally. Strong analytical, problem-solving, and decision-making skills. What do we offer? Growth Growth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially. Flex University We help you upskill by organising in-house courses on important subjects Learning Wallet: You can also do an external course to upskill and grow, we reimburse it for you. Culture Community and Team building activities Host weekly, quarterly and annual events/parties. Wellness Mediclaim policy for you + parents + spouse + kids Experienced therapist for better mental health, improve productivity & work-life balance We work from the office 5 days a week to promote collaboration and teamwork. Join us to make an impact in an engaging, in-person environment!

Since our launch in 2015, we ve lent over 10bn to ambitious entrepreneurs up and down the UK. That s led to the creation of over 40,000 new jobs and over 29,000 new homes - and we re not about to stop there. We re dedicated to helping trailblazing businesses thrive and our Finance team are the drivers of our growth. As an IT and Cyber Security Auditor , you will be responsible for planning, executing, and reporting on a wide range of audits covering IT security, business automation, cloud infrastructure, and digital transformation across OakNorth Bank plc. You will provide independent assurance to senior management that the Bank s technology environment including its growing use of Generative AI is secure, resilient, and well-governed. This role also includes guiding the Bank s responsible adoption of Generative AI (GenAI) technologies while helping build capabilities within the Internal Audit team, including mentoring and developing junior staff members. This is a fantastic opportunity to join a fast-paced, growing bank with a reputation for doing things differently. We don t want another cog in the machine, we re looking for self-starters and bold thinkers who want to pave their own career paths. Are you ready to step up to the challenge? Key Responsibilities: Lead and Deliver Audits : Plan, execute, and report IT and cyber security audits covering ITGCs, cloud (AWS/Azure), networks, data protection, automation, and digital transformation initiatives. Manage audits independently or with co-sourced partners, ensuring end-to-end delivery. Support GenAI Risk Assurance : Assess risks and controls related to the Bank s adoption of Generative AI covering governance, data integrity, ethical usage, access controls, and operational safeguards. Leverage GenAI tools to enhance audit execution and insight generation. Evaluate Cybersecurity and Resilience : Review threat detection capabilities, cybersecurity controls (e.g., IAM, DLP, IDS/IPS), and response readiness. Challenge business continuity, disaster recovery, and incident response plans, including backup processes and RPO/RTO targets. Stakeholder Engagement and Reporting : Provide clear, actionable reporting to senior management and collaborate with Technology, Risk, and Operations teams to strengthen control environments and drive improvements. Team Development and Methodology Improvement : Guide, coach, and mentor junior auditors; contribute to the evolution of IT audit methodology to reflect emerging technologies, risks, and regulatory expectations. What We re Looking For: Must-Haves: Overall experience of 8 years with Minimum 3 years of experience in IT audit or cyber risk, ideally within banking, fintech, or a Big 4 advisory firm. Degree in Information Technology, Computer Science, or a related field with a strong academic record. At least one globally recognized IT audit/security certification (e.g., CISA, CISSP, ISO 27001 LA); Familiarity with GenAI use cases and associated risks in an enterprise setting. Strong understanding of frameworks like NIST, ISO 27001, COBIT, COSO, and ITIL. Experience using GRC tools and a passion for applying technology in audit work. Preferred Traits: High drive and bias for action brings energy and momentum to audit delivery. Clear and structured communicator who simplifies complexity and delivers insights. A collaborative leader who uplifts others coaches, mentors, and supports junior colleagues. Operates with integrity and directness say it as it is mindset. Trusted and respected by peers and stakeholders at all levels of the organization. Fast learner and problem-solver who thrives in a changing environment. 0 - 0 a year Benefits & Perks: Equity. We want people to have a stake in the business so that all our interests are aligned Health Insurance for employee and dependents Wellbeing and social events Support causes that matter to you - Volunteering time off

Job Title Security Analyst Role and Responsibilities The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies.The Security analyst will be professional, independent, impartial, and fair in all interactions. The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units\u2019 information, applications, and infrastructure. Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts; change detection (FIM) alerts application firewall alerts; malware alerts rogue wireless network alerts security system health alerts; exploit attempt alerts Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to audits of system security to ensure compliance with Corporate security framework NIS 2, NIST 800-53, ISO 27001/2, PCI-DSS emerging country, state, and Federal privacy laws Primary POC in a vulnerability management program of the account that includes external and internal vulnerability scans of applications and systems external and internal penetration tests of applications and systems documentation and remediation of identified vulnerabilities and exploits routinely monitoring various communication avenues for security vulnerabilities and security patches taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement Acts as the initial point of contact to facilitate the handling of security audits and client requests Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills Creating and Maintaining NIST 800-53-rev5 based SSP and POAM Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks).

Job Area: Finance & Accounting Group, Finance & Accounting Group > Internal Audit General Summary: Auditor, IT Internal Audit- Hyderabad Qualcomm is a company of inventors that unlocked 5G - ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. This is a unique opportunity to join Qualcomms finance and accounting organization based in Hyderabad in the Corporate Internal Audit & Advisory Services (IA & AS) team. The department focuses on assisting the Audit Committee and management teams in the improvement of processes that manage risks related to achieving Qualcomms business objectives. Using Qualcomms risk-based audit methodology, the IT auditor will assist in the execution of internal audits. Specifically, the responsibilities include: Providing U.S. based time zone coverage as needed (up to 50% of time) Supporting the creation of initial planning memos and process flowcharts Identifying and assessing initial risks and control activities Designing audit procedures to evaluate control effectiveness Performing audit testing, identifying deviations from expected control activities, and effectively communicating observations to the audit team Leveraging data analytics throughout the audit process where feasible Staying abreast of changes in the business and industry to assess impacts to the companys risk profile Contributing to the development of new concepts, techniques, and making continuous process improvements for the overall IA team All Qualcomm employees are expected to actively support diversity on their teams, and in the Company. One to three years of relevant experience in internal auditing, external auditing, or SOX compliance within a global public company (preferably in the high-tech industry), Big 4/mid-tier accounting firm or other fast-paced corporate setting Strong understanding of IT general controls, cybersecurity frameworks (e.g. NIST, COBIT), and ERP systems Fluent English; multi-lingual capability is a plus Successful candidate will possess the following characteristics: As feasible, ability to travel (infrequently) to Qualcomms domestic and international locations (e.g., U.S., Europe) Semiconductor business experience or familiarity Strong communication (oral and written) and presentation skills Fast learner with strong interpersonal, organization, analytical, critical thinking, and problem-solving skills Ability to work in a flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Comfortable with ambiguity Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously and multi-task to meet deadlines with high-quality deliverables Controls, risk assessment, risks, internal audit, IT Bachelor's degree in Accounting, Finance, Computer Science, cyber security, or related field. CPA, CA, CIA, CISA, CFE, or other credentials, a plus. Minimum Qualifications: Bachelor's degree. 1+ year of Finance, Accounting, or related work experience. *Completed advanced degree in a relevant field may be substituted for up to one year (Masters = one year) of work experience.

Role & responsibilities Key highlights of the role are listed below (purely indicative and not limiting):This position would include the mentioned set of responsibilities but not limited to: Develop and execute the Information Security Audit Plan based on a risk-based approach. Conduct IT security audits, risk assessments, and compliance reviews across applications, infrastructure, and third-party vendors. Evaluate IT / Information Security policies, procedures, and controls to ensure compliance with ISO 27001, PCI-DSS, DPDPA, SOC 2, and other relevant standards. Identify security risks, control weaknesses, and process inefficiencies, providing recommendations for mitigation. Work closely with IT, IS, cybersecurity, and other business teams to ensure audit findings are addressed in a timely manner. Perform security assessments of cloud environments (AWS, Azure, GCP), network security, and application security Prepare detailed audit reports, executive summaries, and presentations to relevant stakeholders Monitor industry trends, regulatory changes, and emerging cyber threats to enhance the organizations security posture. Lead and conduct internal and external IT / security compliance audits, ensuring adherence to company policies and industry best practices. Mentor and guide the team in audit methodologies and best practices. Assist in IT and cybersecurity audits by external regulators (RBI, PCI-DSS, etc.). Applicants should possess the following attributes: Experience in ISO 27001, SOC 2, PCI-DSS or RBI, SEBI guidelines compliance. Knowledge of penetration testing, vulnerability assessments, and security operations. Hands-on experience with SIEM, DLP, IAM, and other security tools. Prior experience in a Big 4 audit firm or financial services sector is an advantage. Effective Team Management Excellent communication skills with the ability to present technical findings to nontechnical stakeholders Strong understanding of IT security frameworks, governance, risk, and compliance (GRC) principles. Familiarity with financial, regulatory or other requirements related to information security. Experience in performing security assessments of cloud environments (AWS, Azure, GCP), network security, and application security Strong analytical, problem-solving, and leadership skills.

Role & responsibilities: Lead planning, fieldwork, and reporting phases for assigned SOX ITGC audit engagements. Design and execute detailed testing for IT General Controls and Automated Controls. Validate Test of Design (ToD) and Test of Effectiveness (ToE) for key control areas including Logical Access, Change Management, Backup & Restoration, and Incident Management. Manage and mentor a team, taking full responsibility for performance reviews, appraisals, and goal setting. Ensure audit documentation meets professional standards and internal quality benchmarks. Preferred candidate profile: CISA certification is a must. Bachelors or advanced degree in Information Technology or a related field. Minimum 5 years of experience in SOX ITGC audits. At least 2 years of hands-on team management experience , including appraisal and performance management. Strong knowledge of IT General and Automated Controls. Proficiency in validating ToD/ToE documentation. Excellent interpersonal and stakeholder communication skills. If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at rimjhim.sharma@crescendogroup.in

Hi, Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Bangalore . We are looking for candidates with 10+ years of experience in internal audit. Qualification: CA qualified OR having relevant certification (CISA/CIA/CISM/ISO/CISSP) Job Description: 10+ years of post-qualification experience in IT internal audit. Working in third line of defense. Should be comfortable with yearly international travel. Hands-on experience with global on-site audits. Interested candidates for above position kindly share your CVs on sneh.ne@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Your day at NTT DATA The Senior Infrastructure and Operations Engineer is an advanced subject matter expert, responsible for ensuring the availability of the infrastructure service platforms and/or software. This role responds to situations where standard procedures have failed to fix problems in non-functioning infrastructure service platforms and/or software. This role designs system configurations, documents and manages the installation of a new network, and maintains and upgrades existing systems as necessary and later support the operation of overall IT services offered by the company. What youll be doing Key Responsibilities: Performs operational tasks to resolve all incidents / requests in a timely manner and within agreed Service Level Agreement (SLA). Update tickets with resolution tasks performed. Maintains network and services availability by performing maintenance and health checks. Supports, assists or leads engineering, design and problem isolation. Provides third level support to all incidents, requests and identify the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Escalates all tickets to seek right focus from other teams, if needed continue the escalations to management. Establishes monitoring for platform infrastructure. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Performs any other related task as required. Knowledge and Attributes: Advanced knowledge in Microsoft Solutions, i.e. design and implementation of Windows Server platforms, Office 365 migrations, Active Directory, Group Policy, System Centre Configuration. Advanced understanding of network switches, network routing, MPLS, network administration, network integration, network security and network advancement. Advanced knowledge in architecture, design, configuration, and deployment within the Microsoft Azure platform. Advanced understanding of server and desktop hardware/operating systems, networks, firewalls. Excellent oral, written and presentation communication skills. Advanced knowledge of IT infrastructure management processes, techniques, risks and best practices. Advanced knowledge of infrastructure technologies such as system management, system/network administration and development. Advanced knowledge of server administration, data center operations, project and change management principles and practices. Ability to facilitate discussions in order to address emerging problems and opportunities. Ability to handle multi-task, set priorities and meet deadlines. Advanced knowledge and understanding of information systems technology areas. Academic Qualifications and Certifications: Bachelors degree or equivalent in Information Technology or a related field. Relevant certifications such as CCIE/CCNP/ITIL/COBIT/PMP/CISA/CISM certifications. Required Experience: Advanced experience in similar IT roles, with a focus on IT infrastructure engineering and operations. Proven working experience in a large-scale organization. Advanced experience with IT frameworks ITIL, MoF, CoBIT, Run SAP. Advanced experience supporting IT infrastructure and service delivery. Advanced experience working with vendors and/or service providers. Advanced experience, judgment and drive to plan, make decisions and accomplish individual and team goals. Advanced experience working in a team-oriented, collaborative environment. Workplace type On-site Working