876 Cisa Jobs - Page 22

About Us At SentinelOne, we re redefining cybersecurity by pushing the limits of what s possible leveraging AI-powered, data-driven innovation to stay ahead of tomorrow s threats. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you re excited about solving complex challenges in bold, innovative ways, we d love to connect with you. Who are we looking for? Reporting to the Manager- Internal Audit, this position is a highly visible and an impactful role across the company. The Analyst- Internal Audit, based in India and will work with all levels of management to promote business integrity and robust internal control structures, compliance with Sarbanes-Oxley legislation, and recommendation for process improvements. Essential Functions/duties: Assist in both Business and IT SOX planning, scoping, and risk assessment process through close collaboration with external auditors and business process owners Conduct Business & IT walkthroughs and controls testing according to established audit standards Engage in Internal audit projects, ERM, operational and financial audits. Develop high-quality process and audit testing documentation for design effectiveness and operating effectiveness of Business process controls & ITGCs. Perform testing of application controls, key reports, interfaces, integrations, and segregations of duties rules Sound understanding of GAAP, COSO, SOX and PCAOB rules; experience in the use of auditing and assessment frameworks and the application of professional standards. Develop and maintain comprehensive documentation including flow charts, process narratives and risk and control matrices and any others required Evaluate audit findings and coordinate remediation of deficiencies Develop business relationships and proactively interact with process owners to gather information, resolve problems, and make recommendations for improvement and optimization Demonstrate initiative and provide timely updates to internal audit management Manage multiple tasks effectively and deliver projects timely Documentation and activities remain current and in compliance with the IIA s IPPF Standards and are consistent with best practices. Develop metrics for ongoing operational activities and leverage technology and data analytics to enhance IA operations. Help manage governance of the Internal Audit function and mature and evolve our audit methodology and operational audit program Perform other tasks and projects as assigned in support of the internal audit team and corporate objectives Qualifications: Bachelor s degree in Accounting, Finance, or related field preferred Recognized professional qualification(s): CA/CPA/CIA/CISA is preferred Minimum of 4-5 years of audit experience, preferably within the technology industry Positive attitude and willingness to learn Ability to take direction, learn quickly, work independently, and maintain a level of professional skepticism Ability to handle multiple priorities and deadlines, with high standards for quality, accuracy, and attention to detail Demonstrate basic research capabilities with strong analytical and creative problem-solving skills Working knowledge of data analysis and business intelligence tools is a plus (PowerBI, Tableau). Experience with Big 4 accounting firms or global public companies is strongly preferred. Strong written and verbal communication skills

Proficient in Risk assessment and analysis methodologies Risk management software and tools proficiency Knowledge of regulatory (GDPR,PCI-DSS, Anti-Money Laundering (AML)) requirements and compliance standards. Understanding of insurance principles and coverage. Industry-specific certifications (CRISC, CISM, ISO 27001:LA) Project management expertise. A thorough understanding of: ISO 27001 (Information Security Management) NIST Cybersecurity Framework SOC 1 and SOC 2 Standards

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, youll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. How will you make an impact in this role? Responsible for contacting clients with overdue accounts to secure the settlement of the account. Also they do preventive work to avoid future overdues with accounts that have a high exposure. As part of the Finance Data Governance Organization (FDG) within Corporate Controllership, this role is responsible for overseeing the end-to-end process of financial regulatory data attestation, ensuring the accuracy, completeness, and traceability of data submitted to regulatory bodies. The ideal candidate will have deep knowledge of financial regulations, a strong command of data governance principles, and proven experience implementing attestation processes in complex, regulated financial environments Responsibilities Lead the design, implementation, and ongoing execution of the regulatory data attestation framework across Finance. Establish standards, controls, and documentation protocols to ensure consistent and auditable sign-off on regulatory data submissions (e.g., FR Y-9C, CCAR, Basel, BCBS 239). Partner closely with various teams to define roles and responsibilities for data ownership, validation, and attestation. Develop and manage a formalized attestation process that includes data lineage, quality checks, control evidence, and sign-off workflows. Ensure alignment with internal policies, external regulatory expectations, and proactively highlight data quality issues that impact regulatory reporting. Drive continuous improvement through root cause analysis, remediation planning, and control enhancements. Lead a high-performing team of data governance professionals, data analysts, and regulatory specialists. Provide executive-level reporting on attestation status, data risks, and control effectiveness to senior leadership and regulators. Qualifications 10+ years of experience in regulatory reporting, finance data governance, or compliance roles in a large financial institution. Deep understanding of regulatory reporting processes, requirements, and controls across U.S. and global financial regulations. Proven experience establishing or managing attestation or data certification frameworks. Strong knowledge of data governance, control design, data quality, and lineage practices. Experience with data governance and workflow tools (e.g., Collibra, Informatica, Alation, ServiceNow). Excellent leadership, stakeholder engagement, and communication skills. Bachelor s degree in Finance, Accounting, Information Management, or related field; advanced degree or certifications (e.g., CA, CPA, CISA, CDMP) preferred.

Unlock your potential as an experienced audit professional with our Information Technology audit team. Job Summary As a Corporate Technology (CT) Audit Vice President within the Corporate Technology Audit team, you are responsible for evaluating the sufficiency of control environments across various corporate functions, such as Global Finance, Corporate Treasury, Risk Management, Human Resources, Compliance, Legal, and the Corporate Administrative Office. You will accomplish this through a comprehensive audit program, executed and overseen by a global team of integrated technology and business audit specialists. Job Responsibilities Lead and participate on audit engagements, from planning to reporting, and produce quality deliverables to both department and professional standards, while ensuring audits are completed timely and within budget Work closely with global Audit colleagues in the early identification of emerging control issues, and report them in a timely manner to Audit management and business stakeholders Recognize the confidential nature of Internal Audit communications and access to information; exercise discipline in protecting the confidentiality and security of information in accordance with firm policy Partner with stakeholders, business management, other control groups (i.e. risk management, compliance, fraud prevention), external auditors, and regulators, establishing good working relationships while maintaining independence Finalize audit findings and use judgment to provide an overall opinion on the control environment by developing recommendations to enhance internal controls Communicate audit findings to management, and identify opportunities for improvement in the design and effectiveness of key controls Implement and execute an effective program of continuous auditing for assigned areas, including monitoring of key metrics to identify control issues and adverse trends Effectively manage teams where required, performing timely review of work performed and providing honest and constructive feedback Stay up-to-date with evolving industry/regulatory changes impacting the business and participate in appropriate control forums Find ways to improve efficiency with existing technical infrastructure through automation while embracing the innovative opportunities offered by new technologies Required qualifications, capabilities, and skills Minimum 7 years of internal or external auditing experience, or relevant business experience Bachelors degree (or relevant financial services experience) required Experience with internal audit methodology and applying concepts in audit delivery and execution Solid understanding of internal control concepts, with the ability to evaluate and determine the adequacy of controls by considering business and technology risks in an integrated manner Excellent written, verbal, and presentation skills; adept at presenting complex and sensitive issues to senior management Great interpersonal and influencing skills, with the ability to establish credibility and create partnerships with senior business and control partners Advanced analytical skills, particularly in regard to assessing the probability and impact of an internal control weakness Enthusiastic and self-motivated, with a keen interest in learning; effective under pressure and willing to take personal responsibility/accountability Adaptable to changing business priorities and ability to multitask in a constantly changing environment Willing to travel as needed Preferred qualifications, capabilities, and skills CISA Advanced Degree in Computer Science or Information Systems

Are you looking for an exciting opportunity to join a dynamic and growing team in a fast paced and challenging area? This is a unique opportunity for you to work in our Technology Audit team and partner with the various lines of business to provide risk and control assessments on Infrastructure Platforms Job Summary As an Infrastructure Audit Vice President within the Technology Audit team, you will be responsible for risk assessments, control identification, audit testing, control evaluation, and follow-up and verification of issue closure related to Global Technology Infrastructure. You will participate in or lead audits. In addition, you will be involved in assessing the adequacy of controls around various projects including major application development initiatives, infrastructure build-outs, and product development and will be expected to develop on-going relationships with senior technology leaders. This role will report locally into Audit Director in India and functionally to Audit Director onshore and will be based in Bengaluru (India). Job Responsibilities Establish strong relationships with management in technology, related control groups such as Risk Management, Compliance, and Audit colleagues. Lead audit engagements covering GTI including risk assessments, audit planning, audit testing, directing audit staff, control evaluation, audit report drafting, and follow-up and verification of issue closure. Accountable for meeting deliverables and adhering to department standards. Provide coaching and feedback to other team members. Monitor key risk indicators, significant change activities and escalation of emerging technology issues to management in a timely fashion. Stay up-to-date with evolving technology changes and market events impacting technology processes. Develop recommendations to strengthen internal controls and improve operational efficiency. Work closely with business and technology audit colleagues to ensure that key risks are identified and assessed in the program of audit coverage. Perform audit work in accordance with department and professional standards, and complete assignments in an efficient manner. Write audit work papers and reports with minimal intervention by the Audit manager and should have attention to detail to ensure accuracy and completeness of audit coverage. Partner with colleagues, stakeholders and control community members to evaluate, test and report on the adequacy and effectiveness of management controls with appropriate recommendations for improvement. This may be delivered through specific audit reviews or through ongoing involvement in major activities or projects. Required Qualifications, capabilities and skills Minimum 10 years of relevant experience in internal/external auditing, or consulting. Solid understanding of internal control concepts with the ability to evaluate and determine the adequacy of controls by considering business and technology risks. Knowledge of system development life cycle concepts with an ability to quickly learn a complex, distributed computing environment. Good understanding of controls related to operating system, networking and database platforms. Ability to manage multiple tasks concurrently in an efficient and effective manner with minimal supervision. Experience in planning and executing audits in accordance with professional standards. Excellent verbal and written communication skills. Also, good interpersonal skills with the ability to present complex and sensitive issues to senior management, and influence change. Team player who works well individually and in teams, shares information and collaborates with colleagues during execution of the audit plan. Enthusiastic, self-motivated, strong interest in learning, effective under pressure and willing to take personal responsibility / accountability Must have experience planning/leading/executing audits or similar projects, and providing staff with written and verbal feedback. Proficiency in risk analysis, and strong analytical skills particularly in regard to assessing the probability and impact of an internal control weakness. Working knowledge of IT controls and processes, such as Access Administration, Change Management, Security Configuration and Business Resiliency Preferred Qualifications, capabilities and skills Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) designation considered an advantage. Knowledge of distributed and cloud technologies considered a plus.

The Second line of Defense Controls Testing partner for the Cyber and Technology Risk Management (CTRM) division will be a team leader who will work closely with peers, stakeholders, and their manager on Second Line s Controls Testing program focused, on Cyber and Technology Controls Testing/Validations as well as Cyber and Technology related assessments. Responsibilities will include: Lead 2LOD Cyber and Technology Risk Management team in India focused on controls testing/validation, assessments, and overall support to Cyber and Technology Risk Management initiatives Manage testing/validation requirements for controls testing team, monitor progress, and ensure timeliness and quality of team s work Test, Validate, and Assert to Business and Application Owner control testing methodology and test procedures Perform 2LOD validation work, including plan preparation, workpapers, finding, and report results to risk committees Manage day-to-day risk issues, design, and implementation of new controls with various teams Examine cyber risk controls, evaluate the design and operational effectiveness, determine exposure to risk, and work with business to develop remediation strategies Assess risk as a Second-Line governance role through the Risk and Control testing; Risk Identification; and Change Initiative Risk Assessment processes, as applicable Provide Second-Line risks and control testing findings to Risk Management leadership and risk committees Understanding of the Three Lines of Defense governance model Ability to assess and effectively communicate the operational, and technical findings and control issues to executive and business leadership, using language that is relevant to and understandable by the business Strong risk assessment framework knowledge and experience performing risk assessments covering key risks and controls Strong project management skills, including the ability to adapt to change quickly, multi-task and demonstrate flexibility in prioritization based on requested tasks Strong working knowledge of banking/financial regulatory requirements to perform and ensure an appropriate level of testing Qualifications - External 10-12 years of IT Audit experience to include but not limited to: Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit 3+ years leading controls testing and/or audit teams CISSP, CISM, CISA, CRISC, or equivalent certifications highly preferred Familiarity with the NIST Cybersecurity Framework Strong working knowledge of the inherent cyber risks in the financial services industry Cloud, MFA, Password vaulting (e.g. CyberArk), and Secure SDLC experience Analytical and communication skills required to summarize and analyze information Organizational skills required to coordinate risk related activities with peers and senior executives Advanced Microsoft Office 365 skills

Location: Bangalore or Hyderabad Senior Digital Risk Advisor - DRG Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will have first-line responsibility for ensuring an effective and efficient risk and control framework is implemented across the different IT domains at Swiss Re. Whats more, youll be working in a hybrid setup, perfectly balancing work from home and the office premises. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who can define and develop an efficient first-line risk and control framework that supports a strong risk-aware culture within the company. In your role, you will Actively manage the implementation of the digital and technology risk framework Maintain oversight o n the quality of internal measures implemented to address digital risk, ensuring controls, processes and standards are appropriately designed and operating effectively Ensure compliance with rules, regulations, and policies - making sure we meet our risk appetite and driving corrective actions where opportunities exist Actively collaborate with key stakeholders across the three lines of defense to automate, measure performance and continuously improve our risk position U nderstand complex concepts and identif y solutions to problems Be someone who believes in continuous innovation, is curious and relentless in finding a better way every day Your qualifications A track record of successful delivery in IT risk and control -related roles, such as IT Governance, IT audit, or digital risk management Practical knowledge of external IT good practices - particularly NIST - but also others , such as ISO and COBIT Qualified in an appropriate discipline such as CISA, CGEIT, CRISC Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within and across different teams The ability to effectively communicate with a broad spectrum of stakeholders - from s enior m anage rs to IT engineers , developers and operations staff Be curious, proactive, result-oriented and confident in decision making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134243

Location: Bangalore or Hyderabad Digital Risk Advisor Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will be responsible for the first-line digital technology operations risk and control activities - ensuring risks are identified, controls applied, and performance is monitored, measured, and reported to our technology and business leaders. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who will help to drive the companys risk culture. In your role, you will Be part of a team of digital risk experts supporting Applications and Business stakeholders with applying digital risk governance principles and standards Actively contribute to the implementation of the digital risk framework as the trusted digital risk partner Ensure IT threats and risks are understood, issues handled timely, and IT controls designed and operating effectively Embed controls into operational procedures by collaborating with our digital technology teams to automate, measure performance, and continuously improve our risk position Build operational transparency with continuous monitoring and assessment of controls so that we meet our risk appetite and drive corrective actions where needed Be someone who believes in continuous innovation, is curious and adamant in finding a better way every day Your qualifications Nobody is perfect and meets 100% of our requirements. If you, however, meet some of the criteria below and are curious about the world of risk and control activities, well be more than happy to meet you! First experience s in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management CISA, CGEIT, CRISC or similar qualifications are an advantage Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within the team and across teams Capability to continuously build and maintain a strong collaborative network within the IT domains Be curious, proactive, result-oriented and confident in decision-making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134238

Location: Bangalore or Hyderabad Band: D Senior Digital Risk Advisor Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will be responsible for the first-line digital technology operations risk and control activities - ensuring risks are identified, controls applied, and performance is monitored, measured, and reported to our technology and business leaders. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who will help to drive the companys risk culture. In your role, you will Be part of a team of digital risk experts supporting Applications and Business stakeholders with applying digital risk governance principles and standards Actively contribute to the implementation of the digital risk framework as the trusted digital risk partner Ensure IT threats and risks are understood, issues are handled timely, and that IT controls are designed and operating effectively Embed controls into operational procedures by collaborating with our digital technology teams to automate, measure performance, and continuously improve our risk position Build operational transparency with continuous monitoring and assessment of controls so that we meet our risk appetite and drive corrective actions where needed Be someone who believes in continuous innovation, is curious and adamant in finding a better way every day Your qualifications A track record of successful delivery in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management Industry knowledge of insurance, reinsurance or banking business, and modern technology solutions General understanding of Risk Management Frameworks such as COBIT, ISO 31000 and COSO ERM CISA, CGEIT, CRISC or similar qualifications are an advantage Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within the team and across teams Capability to continuously build and maintain a strong collaborative network within the IT domains The ability to effectively communicate with a broad spectrum of stakeholders - from senior managers to IT engineers , developers and operations staff Be curious, proactive, result-oriented and confident in decision-making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134239

Description Rightpoint, a Genpact company (NYSE: G) is a global experience leader. Over 500 employees work with clients end-to-end, from defining and enabling vision to ensuring ongoing market relevance. Our diverse teams lead with empathy, data and creativity always in service of the experience. From whiteboard to roll-out, we help our clients embed experience across their operations from front to back office to accelerate digital transformation through a human-centric lens. Are you someone who wants to create change in the way business is doneDo you want to work with inspired and like-minded intrapreneursUs too! We take our work very seriously, but we have fun doing it. And we re searching for passionate, talented people to join the Rightpoint team. Our Commitment to You No matter who you are, where you come from, who you love, what you believe, or what you get excited about, we bring people together to make phenomenal work. Thats what makes us Rightpoint! Job Title : Information Security and Compliance Analyst Location : India Introduction Reporting to the IT Security and Compliance lead, the person in this role will support our Information Security Management System and be instrumental in driving and organizing our ongoing SOX and ISO 27001 compliance efforts. This person will help analyze and track vulnerability findings and conduct vulnerability management efforts. The Ideal candidate will have exceptional written communication skills and the ability to manage complex documentation and audit requests. We are looking for a person with a passion for ensuring security best practices are followed consistently across the organization. What You ll Be Doing and the Impact You ll Make: Coordinate and track SOX and ISO 27001 compliance efforts, including control reviews, evidence collection, process documentation, and internal readiness assessments Organize and conduct comprehensive searches to determine the applicability of data security policies to client contracts Serve as the point of contact for auditors and internal stakeholders during compliance reviews, ensuring clear and timely communication Maintain and organize a central repository of compliance documentation, policies, and procedures with a high standard of clarity and accuracy Review, triage, and analyze vulnerability findings from internal scans and external tools; prioritize and categorize based on risk and potential business impact. Work closely with IT and application owners to coordinate remediation efforts, follow up on open vulnerabilities, and ensure timely resolution Assist in developing security policies, procedures, and user guidance aligned with industry best practices Generate concise and meaningful reports and dashboards for internal leadership and auditors Track exceptions, manage control gaps, and help drive risk mitigation strategies Contribute to security awareness and training efforts by preparing clear documentation and guidance materials What We d Love to See: 3+ years of experience in information security, IT compliance, or related roles Demonstrated experience supporting or managing SOX, ISO 27001 or similar compliance activities Familiarity with vulnerability management tools Outstanding written communication skills, especially in drafting audit responses, procedures, and internal documentation Meticulous attention to detail, with a strong ability to manage and organize complex deadline-driven tasks Comfortable working independently in a remote or distributed team environment. Preferred Qualifications Certifications such as CISA, ISO 27001 Implementation, CISSP, or Security+ Experience working with compliance frameworks such as NIST, GDPR, or SOC 2 Prior experience in a multinational or regulated environment. Familiarity with project tracking tools (e.g. JIRA, Confluence, SharePoint). This is a global role requiring frequent flexibility for meetings with US-based colleagues. Role may include occasional after-hours (or before-hours) support during incidents or critical remediation windows. Work Environment and Expectations This is a global role requiring frequent flexibility for meetings with US-based colleagues Role may include occasional after-hours (or before-hours) support during incidents or critical remediation windows Required Education: Bachelors Degree in Computer Science, MIS, or related field. Benefits and Perks at Rightpoint 30 Paid leaves Public Holidays Casual and open office environment Flexible Work Schedule Family medical insurance Life insurance Accidental Insurance Regular Cultural Social Events including Diwali Party, Team Parties, Team outings, etc. Continuous Training, Certifications, and Learning Opportunities First-hand experience dealing with security incidents. EEO Statement Rightpoint, a Genpact Company, is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. We are committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.

Conduct comprehensive IT audits to evaluate the effectiveness and efficiency of IT systems and processes. Assess and document IT Governance, Risks and Compliance's vulnerabilities and control deficiencies. Ensure compliance with RBI guidelines and industry standards (e.g., ISO 27001, NIST, COBIT, COSO). Develop and implement audit plans and methodologies. Review and analyze evidence, document audit findings, and propose practical solutions. Collaborate with IT and business teams to improve IT governance and control frameworks. Prepare detailed audit reports and present findings to senior management. Rigor in tracking and follow-up of IS audit open points on the implementation of audit recommendations. Evaluate and test IT General Controls (ITGCs), automated controls, and key reports. Participate in risk assessments and design audit programs. Review regulatory submissions and ensure timely and accurate documentation. Perform IT vendor audits and assist in IT Governance audits. Stay updated on industry trends, emerging threats, and regulatory changes. Required Qualifications, Capabilities, and Skills: A bachelor's or masters degree in computer science, Information Technology, or Engineering, with at least 5 years of experience in IT Technical and Process Audit, along with at least one industry-recognized certification such as CISA, CRISC, or CISM. Strong understanding of RBI guidelines for NBFCs. Knowledge of Governance, Risk & Compliance function, Software development processes, IT systems, Network architecture, Databases, and Cybersecurity measures. Extensive knowledge of industry security frameworks (e.g., NIST, CIS) and ISO 27001/2 standards. Proven experience in implementing or testing IT General Controls. Basic understanding of AI-ML models, their risks, and audit testing procedures. Excellent verbal and written communication skills to effectively present audit findings and recommendations. Ability to analyze complex data, identify risks, and provide actionable recommendations. Experience in identifying and evaluating IT risks and developing mitigation strategies. Ability to identify issues and develop practical solutions. Experience in planning and managing audit projects to ensure timely completion. Meticulous in documenting audit processes and findings. Ability to work effectively with cross-functional teams and stakeholders. Capable of managing multiple audits simultaneously and meeting deadlines in a dynamic, fast-paced environment. Highly motivated, enthusiastic, performs well under pressure, and takes personal responsibility and accountability. Upholds the highest standards of professionalism, integrity, and ethical conduct.

The IS/IT Internal Auditor is part of a global team and will primarily be responsible for executing IT SOX testing. On occasion, the IS/IT Auditor may also participate in internal audits that are focused on IT, financial, or operational risks globally across Nokia. The candidate will be spending the majority of their time focused on IT controls testing, including but not limited to IT General Controls (ITGCs), as well as IT application controls, operational controls, and other topics as needed. The candidate will be tasked with presenting conclusions related to their testing and will need to be able to present and support the results of their testing to leadership functions across Nokia. You have: Bachelors degree in information technology, Management Information Systems,Computer Science 4-5 years of prior IT SOX experience, and/or 2-3 years of IS/IT experience, and/or 2-3 years of internal or external audit experience required. Hands-on experience in IT General Controls, SOX controls including User access management, Logical access, Change management, Data Protection, and other entity level controls. Knowledge or experience working with, or auditing the SAP Business Suite (e.g. ERP, CRM, SCM, MDM, PLM) is highly desirable. Experience working with Wdesk platform or similar is desirable. It would be nice if you also had: Working knowledge or experience in Information Technology as a developer or tester highly desirable. Engineering, or other IT/business related field most desired. Experience with data analytics and visualization tools (e.g., ACL, IDEA, PowerBI, Tableau, etc) is desirable. Professional certifications helpful- e.g., CISA, or SOX equivalent. Test Internal IT controls identified as relevant for the adherence to Sarbanes Oxley 404. Majority of work will be focused on technology and applications. The candidate will participate in IT system walkthroughs, and request, obtain and test IT SOX related evidence. The individual will perform tests of IT operative effectiveness, all while meeting the deadlines and budget under the direction of the Lead/Manager, IT Internal Audit - SOX. Complete necessary documentation supporting testing conclusions and meeting or exceeding Nokia documentation standards. Assist in evaluating, re-enforcing and/or promoting the IT SOX program standards and approaches as it relates to documentation, control design, evaluation, and effectiveness testing. Assist in IT SOX scoping and risk assessment activities.Candidate is responsible for identifying issues and making recommendations which help drive process improvements and efficiencies. Candidate will follow-up on IT SOX identified issues and test remediation efforts. Provide assurance that operations and processes conform to Nokia policies and procedures. Contribute to the improvement of the IT SOX testing program through automation/analytics.

IT SOX Compliance Analyst - Docusign1 Job Title: IT SOX Compliance Analyst (Second Shift) : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities: Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications: Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.

About NCR Atleos Position Summary At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our companys internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelors or Masters degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 3 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

1. Information Security Management Assist CISO in implementation and management of entire ISMS life cycle Responsible for development, Periodic review, control and management of ISMS policies and procedure Monitor the adequacy of operational procedures, policies and process, create and monitor compliance Coordinate the Organizations ISO 27001:2013 recertification and SOC2 attestation process in terms of Planning, Coordination with Business owners and stakeholders and scheduling Audit meetings, Audit execution and Closure. Ensure compliance at an organizational level, achieved through identifying the applicable requirements which in the case of Quinnox are the ISO 27001 standard, Customer Contractual Security obligations and defined internal policies and procedures. Monitor performance of GDPR controls and respond to the quarterly compliance checklist. Ensure GDPR Data Processing Impact assessments are carried out periodically and gaps are addressed Plan and conduct the annual Management Review meeting. Demonstrate the performance of ISMS through the year and seek feedback / advice from the Leadership Council. Review and respond to risk assessment questionnaire by our clients Review MSA Security clauses of the existing clients and prospects Participate in POC of new security tools and implementation 2. Information Security Risk Management Carrying out Organization Wide Information Security Risk Management exercise on an Annual Basis to Quantify the Risks associated with the Information Assets and accordingly devise the Risk Mitigation strategies. Developing and Maintaining Risk Registers of all the Projects/Support Functions. Creating a Risk Summary report for the executive management. 3. Technical Vulnerability Management Monitor and review anti-virus and patch report across all endpoints and ensure that all endpoints are up-to-date with latest AV patches. Ensure SIEM and DLP alerts are monitored and corrective actions taken to address potential threats Ensure monthly scanning of infrastructure is carried out and vulnerabilities are remediated in time Defining the Scope of external VAPT and facilitating the VAPT vendor personnel with the requisite information. Facilitate the external VAPT exercise at org level, reviewing the VAPT findings for verifying the authenticity of the reported observations and ensure timely mitigation. 4. Audit Management: Act as point of contact for all external audits of ITIM to define scope and parties necessary to participate. Act as a repository of audit data to prevent duplication of audited processes Based on known annual audits, develop a schedule for audits which allows for distribution of audits throughout the course of the year Plan, schedule and execute internal ISMS audits twice a year Record the audit findings and track the closure of NC after following up with the concerned departments Summarize the audit findings and associated CAPA to include in steering committee meetings. Act as point contact during external audits and ensure smooth execution through careful planning ahead of time. 5. Change Management; Incident Management; ISMS Document Control: Ensure that all changes to critical infrastructure takes place through appropriate change control Reviewing change records for appropriateness and ensure that all they are filled in with the correct and relevant information by the responsible teams. Approve or reject changes in line with our change control policy Work and Incident Response Coordinator who, in consultation of IT head/CISO will be responsible for timely escalation and reporting of security incidents. Reviewing incident records for appropriateness and ensure that RCA and corrective actions are captured appropriately. Ensure all Incidents and security events are reviewed on an ongoing basis and appropriate corrective measures taken to remediate the issues. Maintaining, tracking and updating Change and Incident records (Record Management). Control of ISMS Documents and Records 6. Information Security Training & Awareness: Ensure dissemination of knowledge on our ISMS policies and procedures through awareness campaigns. Ensure the ISMS training compliance across all locations. Publishing security updates through newsletters on a periodic and ongoing basis. 7. Business Continuity: Perform business impact analysis, risk assessment, mitigation plans / recovery strategies and BCP testing for the company's critical business processes, operations and the technology that supports them. Ensure BCP tests, DR Drills conducted as per schedule Conduct BCP training to the crisis response team and project managers at least once a year Identify single point of failures through risk assessment and propose controls Competencies/Skills required: Must have managed Information Security in a medium / large size organization. Should be well versed with all aspects of Information security and risk management. Could have worked as an information security consultant in any of the consultancy service provider firms. Qualifications and Education Requirements: Minimum education Bachelor of Engineering Certifications such as CISSP, ISO 27001 (ISMS) Implementer / Lead Auditor, CISA, CISM will be an added advantage. Additional Notes: Ideal candidate for this position would be one who has completed an entire lifecycle of Information Security Management System in a medium or large organization. External Job Title

IT AUDIT

Eviden, part of the Atos Group, with an annual revenue of circa " 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. RoleGRC Consultant Location: Bangalore (JP Nagar), Navi Mumbai (Mahape) Experience: 3+ years Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk & Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web & mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing & cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / CertificationISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Job Title: Client Data Protection Opportunity Support (CDPOS) Specialist + Level 09/10 + CF Location: India Management Level: 09 Specialist/10 Senior Analyst Must have skill :Information Security process and procedures As part of the CDPOS Client Response team, the CDPOS RFP Specialist is primarily responsible for supporting Accenture business development teams to respond to a) client Information Security (IS) and Vendor questionnaires (which are commonly issued as part of Request for Proposal (RFP) process), b) reviewing client Information Security policies / standards, c) completing client Risk Management market surveys, and d) supporting IS and DP conversations with both Client and Accenture Account teams. The role sits within the pre-contract, business development space interfacing with multiple stakeholders common to the contract development process (Solution Architects, Legal, Contract Management and Security leads). The Specialist will act as an Information Security Subject Matter Expert who will support multiple Accenture business development teams (operating across multiple countries) to respond to client information security and data privacy requests related to Accenture IS policies / standards / processes and recognized security frameworks. Key Responsibilities: Respond to client security questionnaires and management market surveys Liaise with account business development team, IT and technical teams to understand specific client security requirements set out in security questionnaire / market survey and determine appropriate responses that meet both client technical requirements and Accenture Information Security standards. Agree a project schedule to respond to requirements and communicate progress with key stakeholders. Perform quality checks on final information security submission Participate in client meetings focused on Information Security controls (if required) Establish and maintain effective working relationships across multiple stakeholders who interact with the Accenture business development process - account management, business development, technical / solution leads, Information Security, Legal and Finance representatives Contribute to the creation of high-quality and reusable IS solutions by updating the CDPOS RFP database with new information security related proposal data (new product release documents / new responses created / changes to Accenture IS Standards & Policies and other Accenture wide developments) Continually build own knowledge on the features of Accenture products, IS practice, services and commonly used IT concepts to respond to client and account questions that are technical in nature Skills and Experience: Possess an understanding and awareness of typical information security framework and common information security standards Demonstrate working knowledge of the Accenture business development process (with practical experience working with stakeholders in the process being an advantage) Be comfortable challenging account executives who are most commonly above peer group - influencing executive decisions and addressing conflicts and challenges Developed an appreciation of Information security best practices, auditing, and overall risk management Possess strong organizational skills with the ability to handle multiple work activities under tight, short-term deadlines (whilst meeting account and qualitative expectations) Demonstrate effective prioritization and time management capability Achieved work experience assessing and implementing information security and data protection controls Strong relationship development skills with an ability to influence and interact with organizational leadership and account executive across multiple countries Preferably hold at least one recognized security certification such as ISO 27001 LA, CISSP, CISA, CISM or CRISC Demonstrate good verbal and written communication skills Possess a good knowledge of MS Office applications (Excel, Word, Power Point) About Our Company | AccentureQualification Good to have skill: Overview on ITIL Experience: Minimum of 1yr

This is a remote position, so you ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings. Join Our Team Do you want to be an Information Security Leader at GoDaddyWe help solve large scale and cross-company issues, while ensuring that partnership with the development and operational communities remains front of mind. GoDaddy is looking for a Principal Security Engineer with security risk management experience, technical depth, strong leadership abilities, and experience with building and performing information security audits and gap assessments. You must be comfortable communicating with internal teams and external auditors, designing and leading security campaigns, prioritising resolution of audit findings while applying a risk-based approach. As a team, we will help identify any gaps in security control implementation, design solutions to manage security risks at scale and provide the information needed to make risk-based decisions and planning. What youll get to do... Build and manage a Security Controls framework that encompasses the regulatory and industry compliance frameworks we comply with. Perform detailed analysis and review of information security controls, as well as targeted gap assessments to identify any deviations from the framework. Propose and manage enterprise-wide security campaigns for managing deviations to reduce risk. Partner with other InfoSec and Engineering teams to define and prioritise security initiatives and investments using a risk-based approach. Align risk management initiatives with applicable compliance regulations. Your experience should include... 10+ years of experience in Information Security or related fields such as Software Development, System Administration, QA Engineer, IT Audit, etc. Minimum of 6+ years of progressive experience managing programs related to information security and information security audits. Experience with building unified security controls frameworks. Experience with managing audits utilizing compliance frameworks such as PCI DSS, NIST CSF, NIST 800-53, ISO, SOC-2 etc. Experience with Security Engineering concepts such as Threat modeling, architecture reviews, etc. You might also have... Certifications such as PCI QSA/ ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc. Prior experience with system administration, scripting, and/or automation techniques. Weve got your back... We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy s benefits vary based on individual role and location and can be reviewed in more detail during the interview process. We also embrace our diverse culture and offer a range of Employee Resource Groups ( Culture ). Have a side hustleNo problem. We love entrepreneurs! Most importantly, come as you are and make your own way.

Job Title - IT Audit Senior Analyst Management Level: ML10 Location: Bangalore Must have skills: IT Audit experience, Understanding of Security Standards like ISO27001, PCI DSS, HIPAA, NIST 800-53 Good to have skills: Possession of a one or more of these professional certifications (ISO27001 Lead Auditor, CISA, CISSP, CIA, CCSK, AWS Cloud Practitioner, Azure Fundamentals) is preferred. Job Summary : Roles & Responsibilities: Participate in execution of the risk-based audit plan, reporting results to Accenture Leadership and the Audit Committee of the Board of Directors Conduct a wide-ranging scope of audits with an emphasis on assessing emerging areas of risk including cyber security, artificial intelligence, cloud computing, robotic process automation, and the Internet of Things. Through advisory services, work with our business partners to help them proactively identify and manage risk in new technologies, new go-to-market offerings, and critical corporate initiatives. Shape the future of the Accenture Internal Audit through involvement in departmental initiatives that enable us to become more efficient and effective in everything we do. Ensure your technical skill set and business acumen stay current and relevant through participation in our robust training program. Professional & Technical Skills: Experience conducting IT external and internal audits or assessments, preferably for a global organization. Strong IT knowledge in infrastructure technologies (networking, data centers and hosting, virtualization, cloud etc.), application development and support, and emerging technologies. Experience leveraging predictive models and custom analytics in audit planning and execution is preferred. Technical knowledge and familiarity with control requirements in areas including ERP applications, Windows and Unix operating systems, cyber security, and vendor management. Strong verbal and written communication skills and proficiency with the English language. Demonstrated analytical thinking, teamwork, and collaboration skills. Possession of a relevant professional certification (CISA, CISSP, CIA, CPA, CCSK) is preferred. Ability to adopt flexible work hours to collaborate with global teams and travel (up to 20%). Additional Information: We Are: Accenture is helping transform leading organizations and communities around the world. Choose Accenture and make delivering innovative work part of your extraordinary career. Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. Accenture is consistently recognized onFORTUNEs 100 Best Companies to Work Forand DiversityIncs Top 50 Companies for Diversitylists. The Internal Audit Department provides the Audit Committee of the Board of Directors with an independent and objective assessment of the reliability and integrity of financial and select operating information, the effectiveness and efficiency of Accenture plc and its consolidated subsidiaries (the Company) systems and internal controls, and compliance with the Companys policies and procedures. Internal Audit Services also provides advisory services designed to add value and improve the Companys operations through bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, controls, operations, and governance processes. You Are: An agile, highly-motivated, innovative thinker with a background in audit, risk, or compliance looking to join a fast-paced, global internal audit organization that has embraced transformative capabilities including advanced analytics, dynamic risk assessment processes, and automation to retain its role as a trusted advisor to the business. Why Should I Join the Accenture Team You are looking for an internal audit role that provides you with exposure to senior levels of leadership, enables you to work with emerging technologies, provides opportunities for international travel and flexible work arrangements (work from home), requires little to no SOX testing, and offers a competitive salary and benefits package. About Our Company | AccentureQualification Experience: Minimum 2 years experience in IT auditing, testing IT General controls and information security controls, or related technical role focusing on security compliance activities Strong IT knowledge in infrastructure technologies (networking, data centers and hosting, virtualization, cloud etc.), application development and support, and emerging technologies. Educational Qualification: Undergraduate degree in Computer Science, Information Systems, Accounting, Business Administration, or Finance. MBA, Masters in Engineering.

Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Associate Qualifications: Any Graduation Years of Experience: 1 to 3 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing skill is required What are we looking for Commitment to qualityWritten and verbal communicationRisk managementAbility to work well in a teamAbility to meet deadlinesAutomated / IT control testing experience is must Roles and Responsibilities: In this role you are required to solve routine problems, largely through precedent and referral to general guidelines Your expected interactions are within your own team and direct supervisor You will be provided detailed to moderate level of instruction on daily work tasks and detailed instruction on new assignments The decisions that you make would impact your own work You will be an individual contributor as a part of a team, with a predetermined, focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Syensqo is all about chemistry. We re not just referring to chemical reactions here, but also to the magic that occurs when the brightest minds get to work together. This is where our true strength lies. In you. In your future colleagues and in all your differences. And of course, in your ideas to improve lives while preserving our planet s beauty for the generations to come. Job Summary: The Policy and Compliance Officer will be responsible for developing, implementing, and maintaining policies and procedures to ensure compliance with regulatory requirements and internal standards within the Unified Endpoint Management (UEM) team. This role will involve close collaboration with the Chief Information Security Officer (CISO) office and cybersecurity teams to ensure that all endpoint devices are managed and protected in accordance with security and compliance standards. Key Responsibilities: Policy Development and Implementation: Develop, review, and update policies and procedures related to endpoint management. Ensure policies are aligned with regulatory requirements, industry standards, and security best practices. Communicate and enforce policies across the organization. Compliance Monitoring and Reporting: Monitor compliance with established policies and procedures. Conduct regular audits and assessments to identify areas of non-compliance. Prepare and present compliance reports to the Unified Endpoint Manager, CISO office, and other stakeholders. Risk Management: Identify potential compliance and security risks and develop mitigation strategies. Collaborate with the IT security team and CISO office to ensure endpoint security measures are in place and effective. Stay updated on emerging threats, regulatory changes, and security trends that may impact endpoint management. Training and Awareness: Develop and deliver training programs to educate employees on compliance requirements, security best practices, and endpoint protection. Promote a culture of compliance and security awareness within the organization. Incident Management: Assist in the investigation and resolution of compliance and security-related incidents. Document incidents and corrective actions taken to prevent recurrence. Collaboration and Support: Work closely with IT, legal, CISO office, and cybersecurity teams to ensure a cohesive approach to compliance and security. Provide guidance and support to team members on compliance and security-related matters. Qualifications: Bachelor s degree in Information Technology, Cybersecurity, Business Administration, or a related field. Minimum of 3-5 years of experience in a compliance or policy development role, preferably within IT, cybersecurity, or endpoint management. Strong understanding of regulatory requirements, industry standards, and security best practices related to endpoint management. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Relevant certifications (e.g., CISA, CISM, CISSP) are a plus. About us Syensqo is a science company developing groundbreaking solutions that enhance the way we live, work, travel and play. Inspired by the scientific councils which Ernest Solvay initiated in 1911, we bring great minds together to push the limits of science and innovation for the benefit of our customers, with a diverse, global team of more than 13,000 associates. Our solutions contribute to safer, cleaner, and more sustainable products found in homes, food and consumer goods, planes, cars, batteries, smart devices and health care applications. Our innovation power enables us to deliver on the ambition of a circular economy and explore breakthrough technologies that advance humanity. At Syensqo, we seek to promote unity and not uniformity. We value the diversity that individuals bring and we invite you to consider a future with us, regardless of background, age, gender, national origin, ethnicity, religion, sexual orientation, ability or identity. We encourage individuals who may require any assistance or accommodations to let us know to ensure a seamless application experience. We are here to support you throughout the application journey and want to ensure all candidates are treated equally. If you are unsure whether you meet all the criteria or qualifications listed in the job description, we still encourage you to apply. Job ID 32365 Regular Pune, India View in Google Maps Apply to this job

IT Governance Risk & Compliance Senior Analyst Job Locations IN-KA-Bengaluru Requisition ID Category (Portal Searching) Information Technology Position Type (Portal Searching) Experienced Professional Overview Connecting clients to markets and talent to opportunity With 4,300 employees and over 400,000 retail and institutional clients from more than 80 offices spread across five continents, we re a Fortune-100, Nasdaq-listed provider, connecting clients to the global markets focusing on innovation, human connection, and providing world-class products and services to all types of investors. At StoneX, we offer you the opportunity to be part of an institutional-grade financial services network that connects companies, organizations, and investors to the global markets ecosystem. As a team member, youll benefit from our unique blend of digital platforms, comprehensive clearing and execution services, personalized high-touch support, and deep industry expertise. Elevate your career with us and make a significant impact in the world of global finance. StoneX, a Nasdaq-listed provider, connecting clients to the global markets focusing on innovation, human connection, and providing world-class products and services to all types of investors. Whether you want to forge a career connecting our retail clients to potential trading opportunities, or ingrain yourself in the world of institutional investing, The StoneX Group is made up of four segments that offer endless potential for progression and growth. Responsibilities Working within the IT organization and reporting to the Associate Director of Governance, Risk Compliance ( GRC ), the Governance, Risk & Compliance Analyst is responsible to help support the day to day assurance operations related to policy compliance, process and organizational policies and security requirements governance, as well as risk management functions. You will assist with the collection of data from multiple systems to allow for proper reporting of the Information Security program effectiveness . The Governance Risk & Compliance Analyst will create impact in the following ways: You will engage business personnel to ensure all requisite data and information is complete, accurate, and consistently delivered. You will use your experience and knowledge of security in working with a team to deliver on Governance, Risk and Compliance goals related to developing the complete perspective for operational and management visibility of overall compliance to the Information Security program, policies, and practices Reporting to the Manager of Governance, Risk Compliance (GRC), the Governance, Risk & Compliance Senior Analyst supports daily assurance operations related to policy compliance, governance, and risk management. You will gather data from multiple systems to report on the Information Security programs effectiveness. Major Responsibilities: Coordinate the development of best practice policies and standards based on various governance frameworks Ensure that all policies and standards are regularly reviewed and updated to be in line with regulatory and control requirements. Design and implement an effective exception process to facilitate and manage requests for non-compliance with policies and standards. Develop and lead information security awareness and training initiatives, including phishing exercises. Develop and implement relevant cyber and IT risk metrics and reporting to management and risk committees. Develop and manage an information security risk register to address risk issues and action plans from all sources, e.g., IT audit, technology risk assessments, vulnerability scans, penetration testing, etc. Implement GRC software platform for policy administration, compliance and risk management. Coordinate information security internal audit, external audit, regulatory and SOX reviews to help represent the company from an information security and technology risk perspective. Coordinate responses to RFI\RFPs and client security related questionnaires. Establish a compliance management framework to manage all third line of defense reviews and results. Maintain an up-to-date understanding of emerging trends in information security risks, and new techniques and trends, in-line with overall information security objectives and risk tolerance. Coordinate with legal, compliance functions to ensure proper implementation of data privacy legislation and disclosure Identify, analyze, respond to and monitor IT risk. Ensure that risk factors and events are addressed in a cost-effective manner and in line with business objectives. Conduct third part vendor risk assessments, make recommendations and perform periodic reviews. Manage tracking of identified findings and actions to closure and reporting to leadership. Develop and maintain a Cyber and IT Control Framework. Develop a Cyber and IT controls catalog to align with the organizations risk appetite and tolerance levels to support business objectives. Ensure all controls are assigned control owners to establish accountability. Design and implement Cyber and IT controls assessment and assurance process to ensure controls function effectively and efficiently. Qualifications The right candidate will do this by bringing their education and professional experience in the following spaces: Bachelor s degree. Master s degree a plus. Minimum over 5 years of relevant experience, preferably in financial services. Strong background in information technology with a clear understanding of the challenges of information security. Demonstrated understanding of secure, complex information systems environment in a global financial service sell side environment. Relevant experience in the GRC space. Good understanding of information security risk management frameworks such as ISO 27001, COBIT, NIST, NIST 800-53, etc. Direct experience with regulatory compliance reviews and examinations. Current Information Security Certification (e.g. CISSP, CISM, CISA, or related security certification) preferred. Project and program management skills. Strong written and verbal communication and presentation skills, and ability to work with all levels of the organization. Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff, security vendors, consultants and senior management. Excellent leadership and teamwork skills. Ability to influence others. Team player with the ability to work independently. Resourceful, energetic, self-starter, flexible, goal-oriented Strong personal integrity Preferred candidates will possess current Information Security Certifications (e.g., CISSP, CISM, CISA, or related). Options Apply for this job online Apply Share Email this job to a friend Refer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed

Job Title Internal Controls Lead Division WBS Location India Onsite Purpose of Role: Weir Company is seeking an experienced and dedicated Internal Controls Lead to join our Weir Global Business Services team in Bangalore. The successful candidate will be responsible for overseeing and enhancing the internal control environment, ensuring compliance with regulatory requirements, and supporting the companys strategic objectives across processes like OTC, PTP and RTR Why choose Weir: Be part of a global organization dedicated to building a better future: At Weir, the growing world depends on us. It depends on us constantly reinventing, quickly adapting and continually finding better, faster, more sustainable ways to access the resources it needs to thrive. And it depends on each of us doing the best work of our lives. It s a big challenge - but it is exciting. An opportunity to g row your own way: Everything moves fast in the dynamic world of Weir. This creates opportunities for us to take on new challenges, explore new areas, learn, progress and excel. Best of all, there is no set path that our people must take. Instead, everyone is given the support and freedom to tailor-make their own career and do the best work of their lives. Feel empowered to be yourself and belong : Weir is a welcoming, inclusive place, where each individual s contribution is recognized and all employees are encouraged to innovate, collaborate and be themselves. We continually focus on people and their wellbeing. We believe in fairness and choose to be honest, transparent and authentic in everything we do. Key Responsibilities: Make sure WBS internal controls team is working under policies and procedures defined by CoE Governance Risk & Controls to ensure compliance with regulatory requirements and company standards. Conduct regular risk assessments and identify areas for improvement in internal controls within WBS processes. Collaborate with various departments and cross towers to ensure the effective implementation of internal controls and provide guidance on control-related issues. Monitor and evaluate the effectiveness of internal controls and recommend enhancements as needed. Prepare and present reports on the status of WBS internal controls so this could be reported to audit committee and senior leadership. Lead and manage internal control projects, including the coordination of internal and external audits. Provide training and support to employees on internal control policies and procedures. Job Knowledge/Education and Qualifications: Bachelors degree in Accounting, Finance, Business Administration, or a related field. Professional certification such as CPA, CIA, or CISA is preferred. Minimum of 5 years of experience in internal controls, audit, or a related field. Strong knowledge of internal control frameworks, such as COSO or COBIT. Excellent analytical, problem-solving, and communication skills. Ability to work independently and manage multiple projects simultaneously. Proficiency in Microsoft Office Suite and familiarity with ERP systems. Preferred Skills: Experience in a global business services environment. Knowledge of industry-specific regulations and compliance requirements. Strong leadership and team management skills. For additional information about what it is like to work at Weir, please visit our Career Page and LinkedIn Life Page . Compensation: (Where compensation on the job posting is required) #esco or #minerals (division) #LI-remote (working option) #LI-AB1 (Recruiter personal #)