723 Cisa Jobs - Page 22

: Job Title: NFRM Information Security & Technology Risk Specialist LocationMumbai, India Corporate TitleAVP Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (8+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 5+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controlsSDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

: Job Title Information Security Specialist Corporate Title Assistant Vice President LocationPune, India Role Description Everyday DB observes thousands of cyber security intrusion attempts. Deutsche Banks COO Chief Security Office (CSO) integrates both Corporate Security (CS) and Information Security (CISO) as both teams are responsible for mitigating these risks. The CSO team enables the business of Deutsche Bank by providing agile security operational capabilities. With their expertise in Threat Intelligence, Cyber Threat Analytics, Malware Response & Research, Security Monitoring, Incident Response, Forensics and Vulnerability Management, they provide global services from key locations in Frankfurt, Jacksonville and Singapore while leveraging offshore capabilities in Pune and Bucharest. Deutsche Bank AG is looking for Cyber Security professional to support the banks global security monitoring and threat detection capabilities. This role requires a heavy focus on all areas of security monitoring, risk management on privileged access management and familiarity with regulations impacting technology (e.g. MAS TRM Guidelines), requiring at least 5 to 8 years of experience. Candidate will be responsible to provide an oversight of the various security monitoring process to manage security risks and to drive the organizations compliance to regulatory and audit requirements including facilitation of audit activities, address process related queries and drive automation and audit remediation projects. The candidate will need to drive process improvements, procedure document updates, KPI monitoring and operations team management. Candidate will engage across all functional areas of business, operations, and global technologies working in a dynamic, multi-OS environment. This role will play a vital role in present organizations compliance to regulators and managing interactions with auditors. The chosen candidate will be required to provide a degree of strategic, tactical, and day-to-day operational experience to enhance the overall security monitoring, detection, and mitigation process. Candidate must also possess excellent soft skills and verbal communications dealing with senior executive management, customers, clients, auditors, and third-party vendors. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Oversee the performance, efficiency, and accuracy of security monitoring operations team ensuring SLAs are met. Proactively review, propose, and implement process changes and monitoring improvements to remediate most significant risks including audit findings, self-identified issues, compliance issues, control gaps and regulatory requirements. Identify opportunities for streamlining of control processes, develop and socialize potential risk mitigation strategies particularly in privileged access management (e.g., bypass monitoring, session log review), and work with various divisions to execute. Improve the delivery of effective control process through technical review and process quality checks. Provide support in the delivery of effective governance including tracking and reporting. Ensure proper training of monitoring teams on new coverage and use cases. Offer subject-matter expertise and act as escalation point when required. Prepare and present monthly functional and operational report. Manage stakeholder queries, facilitate audit activities, and address data requests in a timely manner. Collaborate across CSO and technology teams to respond to internal and external audits, and regulatory inquiries and assessments. Drive automation projects and manage audit remediation deliverables to closure. Practice and promote good risk culture and risk management to manage the risks within banks appetite. Act as primary point-of-contact for regulatory inquiries and engagements. Collaborate with internal and external auditors and stakeholders, providing necessary evidence and artefacts, to facilitate audit processes. Your skills and experience Minimum 5 to 7 years of working Experience with security monitoring platforms and workflows. Proven Experience in area of privileged access management specifically in session log review and bypass monitoring. Proven experience and In-depth knowledge of technology regulations and understanding of regulatory risk management specially of MAS requirements and guidelines. Proven experience and strong understanding of audit process and compliance monitoring and reporting. Analytical mindset and ability to identify, assess and address compliance gaps and security risks. Strong operational background in risk analysis and risk identification. Degree from a university or major course work in computer science, networking, engineering, or other computer-related field of study. One of the following certifications will be an advantageCISSP, CISM, CISA, CRISC Expectations It is the Banks expectation that employees hired into this role will work in the office at least 2-3 days a week in accordance with the Banks hybrid working model. How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

Job Description: IT GRC Analyst I Department: Information Technology Reports To: Senior IT GRC Analyst Location: 100% Remote Experience: 10+ Years Job Summary: We are seeking a dedicated IT GRC (Governance, Risk, and Compliance) Analyst I to join our dynamic IT team. The primary responsibility of this entry-level role is to assist in ensuring that IT operations are in compliance with regulatory requirements and internal policies, with a particular emphasis on supporting Sarbanes-Oxley (SOX) audits. The IT GRC Analyst I will support risk assessments, policy development, compliance monitoring activities, and SOX audit preparations. Key Responsibilities:* Assist in the development, implementation, and maintenance of IT policies and procedures. Conduct regular risk assessments and audits to ensure compliance with regulatory standards and internal policies, with a focus on SOX controls. Support the IT team in identifying, evaluating, and mitigating IT risks. Monitor compliance with security policies and procedures to ensure a secure environment. Collaborate with different departments to ensure integrated risk management practices. Assist in preparing and executing SOX IT control reviews, documenting compliance efforts, and maintaining records of SOX controls. Provide support in responding to internal and external SOX audits and regulatory assessments. Recommend improvements to SOX controls and processes to enhance the overall security posture. Maintain up-to-date documentation of IT GRC activities, compliance reports, and SOX audit evidence. Qualifications: Bachelor's degree in Information Technology, Computer Science, or a related field. Basic understanding of IT GRC principles, regulatory requirements, risk management frameworks, and SOX compliance. Strong analytical and problem-solving skills. Excellent written and verbal communication skills. Ability to work collaboratively in a team environment. Basic knowledge of security standards (e.g., ISO 27001, NIST, GDPR, HIPAA) and SOX compliance requirements is a plus. Relevant certifications (e.g., CISA, CRISC, CISSP) are desirable but not required for entry-level applicants. Experience: Entry level; 0-2 years of experience in IT risk management, compliance, or a related field, preferably with exposure to SOX compliance activities.

Some careers open more doors than others. If you re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. ROLE DESCRIPTION - Deliver assigned work within the given timeframes, standards, methodology, budget, and where applicable, lead and deliver audits. Confirm that audit findings and recommendations are understood and with proposed mitigations. Demonstrate knowledge of the applicable Business, Functional, and Regulatory environment, including developing trends, risks, controls, and expectations. Support a strong risk and conduct culture across the Group and promote awareness and sound operational and strategic decision-making. Critically analyse and determine key drivers of change for area of coverage and assess how these will impact audits. Use insights, industry knowledge and current developments to assess areas of concern. Coherently articulate audit exceptions and findings to GIA team members and management, and as necessary to business and/or functional stakeholders. Effectively discuss potentially challenging matters and ability to communicate with impact and articulated in a meaningful way to wide and varied audiences. Be an analytical and critical thinker, who can effectively manage competing priorities and complex challenges to deliver positive outcomes. Apply qualitative and quantitative methods to analyze and investigate challenging scenarios and situations. Be a proactive team player, who leads by example and works constructively across GIA. Effective communication and ability to maintain constructive relationships with stakeholders, team members, and GIA Management. Actively promote collaboration and sharing of ideas across GIA Produce smart, simple, and pragmatic solutions. Requirements Minimum Graduation or as required for the role, whichever is higher 2 5 years relevant work experience in the Financial Services Sector, consultancy, and external audit will be considered, but is not always essential. Applicable regulatory experience and product knowledge. Relevant accounting, audit, analytical, financial, project management, programming, quantitative, risk, and technology skills, qualifications or certifications. Undergraduate or graduate degree. Preference given to qualified accounts, CIA, CISA, CFE, or ACAMS. Fluency in English. Willingness to travel. Mature team player who is highly professional. Useful Link Link to Careers Site: Click HERE

Some careers open more doors than others. If you re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. Responsibilities: Deliver assigned work within the given timeframes, standards, methodology, budget, and where applicable, lead and deliver audits. Confirm that audit findings and recommendations are understood and with proposed mitigations. Demonstrate knowledge of the applicable Business, Functional, and Regulatory environment, including developing trends, risks, controls, and expectations. Support a strong risk and conduct culture across the Group and promote awareness and sound operational and strategic decision-making. Critically analyse and determine key drivers of change for area of coverage and assess how these will impact audits. Use insights, industry knowledge and current developments to assess areas of concern. Coherently articulate audit exceptions and findings to GIA team members and management, and as necessary to business and/or functional stakeholders. Effectively discuss potentially challenging matters and ability to communicate with impact and articulated in a meaningful way to wide and varied audiences. Be an analytical and critical thinker, who can effectively manage competing priorities and complex challenges to deliver positive outcomes. Apply qualitative and quantitative methods to analyze and investigate challenging scenarios and situations. Be a proactive team player, who leads by example and works constructively across GIA. Effective communication and ability to maintain constructive relationships with stakeholders, team members, and GIA Management. Actively promote collaboration and sharing of ideas across GIA Produce smart, simple, and pragmatic solutions. Requirements The ideal candidate for this role will have the below experience and qualifications: Minimum of 8 to 10 years internal or external audit, business, and/or accounting experience or equivalent, and external audit will be considered, but is not always essential. We also welcome exceptional talent with data analytics or data science background who are keen to work in a leading audit function. Minimum of a bachelor s degree in business, accounting, finance, related field or equivalent experience. Strong understanding of financial services business, risks (e. g. regulatory compliance) and related controls, with a specific focus on retail banking and wealth management. Good analytical skills in identifying risks and control implications. Good communication skills (written and verbal) for managing multiple stakeholders to drive consensus and influence the outcomes. Broad knowledge of the Company, Group and financial services industry, business supported and the regulatory framework they operate in. Knowledge of Data Analytics and ability to apply technology or expertise to business issues or operational problems is desirable, but not essential. Prior International work experience is a plus. Fluency in English. Mature team player who is highly professional. Willingness to travel (max 20%). Ideally hold role relevant qualifications, or pursuing professional qualification (e. g. , CISA, CPA, CFA, CIA, ACAMs etc. ). Useful Link Link to Careers Site: Click HERE

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets IT Risk , ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets Stakeholder Management , Team Management Years of Experience required 3 + Years Education Qualification BE, B.Tech , M.Tech , MCA, MBA graduates . Education Degrees/Field of Study required Bachelor of Technology Degrees/Field of Study preferred Required Skills Stakeholder Management Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations , partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Re quirement Candidate with a good understanding of Japanese Read/Write/Speak. Bachelors or masters degree in computer science, Information Technology, or a related field. Experience and Knowledge of Information Technology and Software domain. Preferably 3 to 7 years of working experience. Knowledge of basic cybersecurity and Information Security will be very good to have. Location preference would be Hyderabad however other locations in India also works. Familiarity with cloud security concepts and practices is advantageous . Industry certifications such as ISO, CISSP, or CISA will be an added advantage. Strong analytical skills and attention to detail . Excellent communication (English and Japanese) and interpersonal abilities Responsibilities To interact with clients in Japanese, understand their requirements, and convey responses effectively. Initiate and facilitate discussions with clients to gather comprehensive information regarding their requirements. Engage with clients to understand their requirements, queries, and concerns. Draft comprehensive responses in Japanese based on the knowledge repository and expertise in the IT and cybersecurity domain. Translate client requirements and responses from English to Japanese, ensuring accuracy and clarity in communication. Verify the accuracy and completeness of translated content, conducting thorough reviews to identify and rectify any errors or discrepancies. Provide language support during meetings, presentations, or conference calls with Japanesespeaking clients, facilitating seamless communication and understanding between all parties involved. Type Of Employment One year full time contract Mandatory skill sets Candidate with a good understanding of Japanese Read/Write/Speak, IT/Cybersecurity background Preferred skill sets Core Cybersecurity experience Years of experience required 3 + Education qualification Any graduation/ post graduation Education Degrees/Field of Study required Bachelor Degree, Master Degree Degrees/Field of Study preferred Required Skills Japanese Language Optional Skills Cybersecurity Travel Requirements Government Clearance Required?

The role requires to interact closely with first line Business Unit (BU) leaders, First Line Risk Managers (FRM) and other stakeholders in First Citizens India and/or in US, for their day-to-day work. Strong communication and interpersonal skills are necessary to achieve the required objectives. The person in this role will be responsible for updating the status of their work to support relevant and meaningful reporting. Additionally, the person in this role will assist with adhoc and special projects. Exposure to performing review and challenge activities as part of second line risk management in a bank or large financial institutions is preferred. Primary Responsibilities: The Lead Advisor Operational Risk Management in this role assumes responsibility to provide oversight QC on various operational and compliance risk topics and deliver the following: Complete the Quality Control review on assigned tasks as it relates to various risk programs mentioned above. Ensure all aspects of compliance to associated standards are adequately assessed Ensure the quality of documentation meets the required standards Communicate the results of oversight QC to relevant stakeholders and ensure necessary buy in Monitor and follow-up of remediation plans and their statuses to ensure effective risk mitigation This role provides an opportunity to identify risks that could impede the scalability of operations and an important role in working with Bank operations to deliver solutions for challenges faced by the growth of the organization. Knowledge Knowledge of operational and compliance risks in a banking environment and key controls mitigating those risks Well versed with effective challenge or QC process within banks second line of defense. Knowledge of consumer, commercial and other banking processes and related risks and controls. Knowledge of corporate functions in a banking set-up such as human resources, marketing and strategy, finance, etc Knowledge of technology, cyber security, business continuity, business disruption, incident management and technology risks. Knowledge of IT General controls testing, Cyber Security, Software Development lifecycle, Patch and Vulnerability Management, Cloud Security, Network Security, Data Privacy, Server and Database hardening Skills Organized and structured Strong communicator with excellent written and oral skills Critical thinking skills with eye for details Team orientation and collaboration Project management and multi-tasking Required Education and Experience Bachelors Degree preferably in accounting or finance Experience in banking and financial services with exposure to control testing Working knowledge of Microsoft products required Overall experience of 5 - 7 years with 3-5 year in second Line Effective Challenge Certifications CIA, CAMS, CGSS, CFE, CISA, ISO 27001 (These are good to have but not mandatory)

Job description Experian Consumer Services - Careers That Define "The Next Big (Data) Thing" for Consumers What could be more exciting - personally and professionally - than being part of a "disruptive" business? Consider taking your career to the next level by joining the Leader that continues to disrupt the competition. As the "disruptor" and market leader, we pride ourselves on building new markets, leading the pack through continuous evolution and innovation. Its a position Experian Consumer Services has enjoyed for more than a decade, and were always looking for the talent that can help expand that lead. When youre the leader, its always urgent, important, and market-changing. We think that defines the true "disruptive" business. Join us and create some chaos for the competition. The Manager Information Security at Experian is a pivotal role responsible for safeguarding the organizations information assets and ensuring compliance with industry standards. This position involves leading a regional information security team and overseeing various security operations to protect sensitive data, particularly within AWS cloud environments. About Experian Experience and Skills Qualifications Education: Bachelors or Masters degree in Computer Science, Information Security, Information Technology, or a related field. Certifications: CISSP (Certified Information Systems Security Professional) is required. Additional certifications like CISM, CISA, or PCI-DSS are a plus. Experience: Extensive experience in information security management, including hands-on experience with SOC and PCI audits. Experience with AWS cloud environments and security automation. Skills: Strong analytical, communication, and leadership skills. Proficiency in security technologies and practices, especially in cloud security and automation. Additional Information Our uniqueness is that we celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experians people first approach is award-winning; Worlds Best Workplaces 2024 (Fortune Top 25), Great Place To Work in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experians DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations , partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Strong communication , presentation skills with stakeholder management Good Information Security background both technical and functional. Technical background managing network security, endpoint security, threat intelligence, and risk and incident management. Experience with compliance frameworks and standards, such as PCI DSS, NIST, ISO27001, etc. Prior IT risk management experience a must Have experience with ISO 27001 implementation engagements. Experience with NIST CSF assessments. Exposure to data privacy assessments Plan, evaluate, and direct complex security programs covering multiple and inparallel projects. Understand key Cyber Security considerations including key Cyber Security Risks and projects and innovations Track projects/remediation activities Work independently and prioritize multiple tasks and adapt to needed changes Handle and track remediation of open findings/action items with relevant teams Good to have requirements Prior Big4 experience a plus Certifications such as CISSP, CISM,CISA , ISO 27001 , a plu s Mandatory Skill Sets Experience on network security, endpoint security, threat intelligence, and risk and incident management. Compliance frameworks and standards, such as PCI DSS, NIST, ISO27001, etc. Prior IT risk management ISO 27001 implementation NIST CSF assessment D ata privacy assessments Preferred Skill Sets Prior Big4 experience a plus Certifications such as CISSP, CISM,CISA , ISO 27001 , a plu s Years of Experience Required 3 + Years Education Qualification Bachelor s degree in C omputer S cience , Information Technology, Cybersecurity, or a related field Advanced degrees and relevant professional certifications are highly desirable. Education Degrees/Field of Study required Bachelor of Technology Degrees/Field of Study preferred Required Skills IT Network Security, Network Security Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

Audit Analyst - Toro Technology Center India Job Duties & Responsibilities*: Review, document, and test internal controls to support compliance with the Sarbanes-Oxley Act (SOX) Execute testing of internal controls for IT automated controls, SOC 1 controls, and ITGC controls Proactively identifies risks or gaps in internal controls and provides recommendations to mitigate risks and improve internal controls Identifies opportunities to improve business processes Execute the annual audit plan including financial and operational audits Assist in preparation of timely and accurate reports of audit findings Develop and execute audit procedures and enhancements to procedures Assist in research, design and implementation of audit analytics Assist in fraud risk assessments Build strong relationships with auditees and business units Perform other related duties and special projects as assigned Job Qualifications: Degree in Accounting, Finance or Business Having a CISA qualification/Pursuing CISA or DISA will be an added advantage. 2-4 years experience preferably Public Accounting, Internal Audits, SOX Audits, SOX Compliance, Statutory Audits Understanding of GAAP, SEC and SOX requirements preferred Excellent written and verbal communication skills in English The ability to develop trusted relationships with internal and external customers in a hybrid environment The ability to self-manage multiple tasks/projects and deadlines simultaneously Other Job-Related Components: CPA, CIA, or CISA (If certified, please provide certification number) Knowledge of and experience working with SAP Experience with AuditBoard SOXHub, OpsAudit, Risk Oversight, and/or Cross Comply modules Experience auditing manufacturing, engineering, or retail organizations Additional language proficiency

Job Description Job Title: Network & Security Pre-Sales Engineer Division : Govt. Team Grade : L1+ Department : Pre-Sales Section : Pre-Sale Location : Noida Unit: 1 Report to : Head Pre Sales Working Conditions : Day shift Job Purpose : Responsible for developing Business solution in the sales cycle for Govt Bids & GeM Bids, based on understanding customer needs and aligning the OEM and uploading Products for GeM bidding. Shall support the sales team with the required product information, communicate sales strategies effectively and support sales team. Make relation with OEMs to finalize solution as per customer need and make available entire solution to the customer. Should meet customer time to time for awareness about orbit proposed latest solutions. Key Responsibilities: Work with Product Manager/Pre Sales Team and Sales team to help define / refine customer requirement through Should have knowledge of complete range of Networking & Security products across OEMs Knowledge of security products will be added advantage & will be given preference Work with Sales personnel to provide product, business and technical knowledge in support of pre sales activities Should have hands on experience in making bill of material as per required technical compliance Should have experience of all Tools available from OEM for configuration and making BOQ like Cisco, Mcafee, Trendmicro & HPE etc Should have good relationship with industry leader Networking OEMs like Cisco / HPE / Juniper / Arista / Extreem Etc Preference will be given for CCNP, CISA, MCSE and CISSP certifications Responsible for understanding business and technical problems addressed by the products including key regulations, business drivers, evolving business needs etc. Responsible for staying on competitive analyses and understanding differentiators between the company and its competitors Develop product centric selling strategies Qualifications & Certifications B.Tech/B.E Degree /MCA/Graduate, or equivalent and applicable experience of 3 to 5 years . Strong communication, listening and presentation skills. Relevant experience in technical product configuration or technology related experience. Experience : Must be experienced Telecom or IT related companies Must be a Team player and adaptive to the competitive market environment First rate network and services support experience Experience of working to strict KPI and SLA (Internal and External) Sound applied theoretical knowledge of core and access network infrastructure, data and voice services Exceptional communicational and interpersonal skills Fully aware of the contemporary, evolving technologies in the field of IT.

Key Responsibilities: Conduct comprehensive audits of IT systems, networks, and applications to assess their security, integrity, and compliance with regulatory requirements. Candidate should have experience in IT audits of ERP applications, interfaces, Access controls, Segregation of Duties analysis, ITGC, ITAC and audit trail review of various applications as part of IT audit support for statutory audits / external clients. Candidate should have good understanding of audit methodology and legal / regulatory requirements from statutory perspective. Evaluate IT policies, procedures, and controls to identify weaknesses, gaps, and areas for improvement. Perform risk assessments and vulnerability scans to identify potential security threats and vulnerabilities. Analyze audit findings and data to develop recommendations for mitigating risks and improving IT processes and controls. Prepare detailed audit reports documenting findings, recommendations, and corrective actions. Communicate audit results and recommendations to management and stakeholders, including technical and non-technical audiences. Collaborate with IT and business stakeholders to implement corrective actions and remediation plans. Stay current with industry best practices, emerging technologies, and regulatory requirements related to IT security and compliance Qualifications: Required: CA/ Btech 1-8 years of experience in the same domain Preferred: CISA/ DISA certified Experience with using data techniques such as IDEA or ACL, Tableau, Qlik, Power BI, SAS or similar SAP certification, reviews of OS (Linux,etc) and database (Oracle,SQL, etc) Good communication skills (Verbal & Written) Skills and Competencies: Need to have extensive experience in Statutory IT Audit / External IT Audit, as an IT auditor support for Financial Statement Audit. Have deep knowledge and experience of testing ITGCs, ITACs (IT Automated) include control testing of domains such as change management, program development, logical access and computer operations Should have relevant experience of working with ERP accounting systems such as SAP, Oracle and other home grown systems Experience in SOC 1 & 2 testing and reporting as well as worked on SoX 404 engagements Should have experience in handling large engagements (private/listed) in India or other geographies with overseeing work of 2 or more people. Monitor time and manage timelines as you would be expected to work on multiple projects at a point of time Good communication skills (Verbal & Written) Flexibility to adapt to a variety of engagement types, working hours and work environments

Company: Wipro Job location: Hyderabad, Chennai, Bangalore Virtual drive on 31st May and 1st June As a team member in Application Governance, you will be challenged to deliver on key team goals and manage demands from multiple customers/stakeholders under tight deadlines. You would also be expected to contribute to enterprise wide initiatives. This involves interacting with the Application Owners / Risk Leads / Program Owner teams and multiple support functions to be able to proactively identify the business needs, establish shared goals and execute tactical plans. Experience of Application Governance Deliverables, Control Function, MS-Office, SharePoint Skills Good Analytical/Problem Solving. Perform Reporting of the Application Owner program deliverables. KPI Dashboard and Reports. Generate reporting for the streamlined metrics End to End knowledge of Application Management Deliverables and Governance

Business Title Lead - Zero Trust and IAM Region APAC Country India What we look for 8+ years experience implementing enterprise Identity and Access Management (IAM), Privileged Access Management (PAM) solutions (e. g. Saviynt, Okta, SailPoint, Ping Identity, Omada, Microsoft Identity Manager, Beyond Trust, CyberArk or equivalent IAM solution) in client environments. Familiarity with Zero Trust Network Architecture is desirable Familiarity with service now Ticketing and CMDB is desirable Design, build, operate and automate security solutions and processes to protect the integrity of the organizations networks, systems, applications and data. Experience developing technical strategies, architectures, and roadmaps. Outstanding communication and presentation skills. Able to articulate complex, technical concepts to non-technical audiences. Respond to security incidents, including data breaches, and coordinate with other IT teams to mitigate the impact of any security breaches. Preferred Experience hardening security for Active Directory, Windows, *nix OS. Experience with IDaaS providers such as Microsoft, Okta, Ping Identity, Google Cloud Identity Experience with cloud architectures particularly Azure, AWS, GCP native IAM controls. Experience with Identity Governance processes and solutions such as Saviynt, SailPoint, Ping Identity or equivalent. Experience with Microsoft 365, Active Directory, SAML, OIDC Knowledge of Applied Cryptography and PKI Manage and network security infrastructure Firewall configuration and rule management Cloud proxies services Network Access control Employee and Partner remote access VPN services Cloud based Web application firewall Development knowledge e. g. Python, Java, C#, . NET, Web Services (SOAP/REST/RESTful, APIs), Shell programming/scripting Preferred Network Infrastructure Security background in both on prem physical security components (firewalls, IDS/IPS , remote access and internet proxies) as well as cloud security services (Zscaler , Azure, GCP). Strong experience of working on SIEM tools like Splunk to analyse logs and correlate events. Experience with User Behaviour Analytics Workday, SAP, Salesforce Experience with MDM capabilities such as Intune or AirWatch Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR) Certifications CISSP or SANS, GIAC, CIMP, CEH, CISM or CISA certifications is a plus OKTA - Professional or Consultant is a plus Google/AWS/Microsoft Professional Cloud Architect is a plus Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law . If you are an individual with a disability and you require an accommodation during the application process, please visit www. johnsoncontrols. com/careers .

Job Code Job Code Name Business Title Zero Trust and IAM Eng II Region APAC Country India Grade 172 What we look for 5+ years experience implementing enterprise Identity and Access Management (IAM), Privileged Access Management (PAM) solutions (e. g. Saviynt, Okta, SailPoint, Ping Identity, Omada, Microsoft Identity Manager, Beyond Trust, CyberArk or equivalent IAM solution) in client environments. Familiarity with Zero Trust Network Architecture is desirable Familiarity with service now Ticketing and CMDB is desirable Design, build, operate and automate security solutions and processes to protect the integrity of the organizations networks, systems, applications and data. Experience developing technical strategies, architectures, and roadmaps. Outstanding communication and presentation skills. Able to articulate complex, technical concepts to non-technical audiences. Respond to security incidents, including data breaches, and coordinate with other IT teams to mitigate the impact of any security breaches. Preferred Experience hardening security for Active Directory, Windows, *nix OS. Experience with IDaaS providers such as Microsoft, Okta, Ping Identity, Google Cloud Identity Experience with cloud architectures particularly Azure, AWS, GCP native IAM controls. Experience with Identity Governance processes and solutions such as Saviynt, SailPoint, Ping Identity or equivalent. Experience with Microsoft 365, Active Directory, SAML, OIDC Knowledge of Applied Cryptography and PKI Manage and network security infrastructure Firewall configuration and rule management Cloud proxies services Network Access control Employee and Partner remote access VPN services Cloud based Web application firewall Development knowledge e. g. Python, Java, C#, . NET, Web Services (SOAP/REST/RESTful, APIs), Shell programming/scripting Preferred Network Infrastructure Security background in both on prem physical security components (firewalls, IDS/IPS , remote access and internet proxies) as well as cloud security services (Zscaler , Azure, GCP). Strong experience of working on SIEM tools like Splunk to analyse logs and correlate events. Experience with User Behaviour Analytics Workday, SAP, Salesforce Experience with MDM capabilities such as Intune or AirWatch Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR) Certifications CISSP or SANS, GIAC, CIMP, CEH, CISM or CISA certifications is a plus OKTA - Professional or Consultant is a plus Google/AWS/Microsoft Professional Cloud Architect is a plus Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law . If you are an individual with a disability and you require an accommodation during the application process, please visit www. johnsoncontrols. com/careers .

Some careers have more impact than others. If you re looking for a career where you can make a real impression, join HSBC and discover how valued you ll be. HSBC is one of the largest banking and financial services organizations in the world, with operations in 62 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions. We are currently seeking an experienced professional to join our team in the role of Manager Business Financial Crime Risk INTELLIGENCE Principal responsibilities Financial crime risk intelligence team will act as a central pivot coordinating with regions and Data Analytics Office, scoping / enhancing requirements, scoping reviews, maintain / further develop CIBs thematic review framework The role holder will develop thematic enquiries with stakeholders and then assess data outputs provided by DAO to perform deep dive thematic reviews targeted at specific Customer populations, across financial crime risk typologies or emerging risks covering Anti-money laundering Team will perform un-structured, data-led testing and analysis to identify new typologies and clusters of risk within the CIB portfolio. Across non-financial risk taxonomy, the role holder will seek to pre-emptively spot emerging risk to crystalize or identify control gaps/ risk in order to quickly remediate issues. Findings will be shared across the Business, to inform senior management of emerging issues and to support additional actions such as cultural assessments and / or control enhancements. Cross non-financial risk typologies / taxonomy would include financial crime risk (product, sector and Client risk), Fraud risk (cross typologies), Sustainability & Climate risk, Operational risk, including product and sector risk across Commercial and Global Banking businesses and Ops. resilience and information security risk (at user level) Facilitating the planning and execution of Business Risk assessment activity and recommending ways to enhance CIB s ability to recognize and manage Business Risks Oversight for the identification of financial crime risk, undertaking all actions necessary to mitigate potential risks via thematic / adhoc reviews Contribute to the strengthening of critical thinking by providing SME guidance to frontline colleagues to develop understanding and management of Non-Financial Risk exposure, through ongoing feedback from assessments Support CIB Senior Management on Business Risk management and generally assisting them with the resolution of compliance and operational risk problems in liaison with local risk stewards, FIU and other SMEs Provide guidance and support to CIB sites in conjunction with experts across the financial crime divisions, and other offices Collaborate with audit, compliance and Business risk counterparties in CIB sites to achieve objectives on a global level Develop and Execute detailed thematic testing plans in line with Thematic Review Operating Framework and LoBP. Maintain an in-depth understanding of at least 2/ 3 areas of cross risk typologies within CIB Business Risk Contribute towards meeting Key Risk Indicators (KRIs) so that the business effectively controls and mitigates risk The job holder exercises a high degree of autonomy to perform the responsibilities independently. He/she will operate under guidance from the Thematic Review Team to uphold and enhance the quality with which Business Risk is identified and mitigated by CIB FLOD (First Line of Defense) Requirements Experience of Business risk, Corporate & Institutional Banking. Solid knowledge and experience in processes, Bank systems and/or project management Experience in Anti-money laundering investigations Ability to manage a technical risk team Evidence of leading project implementation or performing a business analyst role for risk management in one or more risk typologies Experience and knowledge of of deep dive / risk investigation, assurance, compliance and forensic audit Ability to understand and interpret large set of risk data Certifications in one or more risk typologies CFE, ACAMS, FRM GARP, PRIMIA Ops. risk management, CIA, CISA etc. Experience in working with data tools analysis tools such as Python, SQL, SAS or similar essential Ability to apply judgement and critical through to identify risks and issues in customer profiles/ transactions/ financial statements Ability to communicate with senior members of frontline teams, Business Risk / Risk Stewards, Compliance and Audit Adequate understanding of risk and controls Strong verbal & written communication skills that translates to asking the right questions, understanding the tasks, and communicating ideas and actions clearly. Presentation skills: reporting progress, issues, dependencies, and risks to working groups and decision-making forums. Strong problem-solving & data proficiency skills with proven expertise in MS excel, PowerPoint, etc. You ll achieve more at HSBC HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc. , We consider all applications based on merit and suitability to the role. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

We seek a professional with 5-7 years of postgraduate experience in IT General Controls, SOX 404, GRC,SOC & ITAC, preferably CISA certified. Apply now at heena@yeslandmark.com or call 7019111984

The ideal candidate should be responsible for security analysis by connecting the loose ends using security information from various tools and processes to improve the cyber processes and for protecting the Bank from cyber-attacks. To manage Cybersecurity Incident response within the Bank To manage Red/ Blue Team exercises, VAPT of Applications and Infrastructure, review the reports and ensure closure. Creation/ Review of Information Systems Security Policies and procedures Periodic Review of security tools and processes like Firewall / IDS & IPS / WAF / DAM logs / PIM logs / System logs To understand, implement, monitor and review of various regulatory/ compliance frameworks like ISO 27001, PCI DSS, etc., on need basis. To ensure compliance with various Cybersecurity controls as per the regulatory framework. Vendor management periodic MIS & SLA reviews, payments & penalties, renewal of support contracts and licenses in timely manner. recognized university. Desirable: Certifications like: CISM / CISSP / CISA / CRISC / ISO 27001:2013 / PCI DSS / CEH / OSCP/ etc. 8+ years of Experience Knowledge of RBI Guidelines on IS/ Cybersecurity. Prior experience in IT Governance, Policy & procedures, Application security assessment / VAPT (preferably Hands On).

We are seeking an Identity & Access Management Analyst to join our IAM Governance Team. As an IAM Governance Analyst, you will be responsible for maintaining Prioritys secondary controls regarding access security. Duties include executing daily, weekly, and monthly reviews of user access across multiple applications, deploying and managing large scale review packages associated with semi annual SOX audits, and compiling and providing evidence to third-party auditors. You will also be expected to pull reports and provide data to stakeholders on a scheduled or ad-hoc basis. You will work with critical and sensitive information on a daily basis, and shall be relied upon to maintain user security safeguards. This position level works on technology and security administration issues of limited scope and complexity. The position requires a basic level systems administration proficiency and analytical capability to exercise judgment within defined procedures and practices to determine appropriate action. In order to be successful, you must have the ability to provide a broad level of support to relevant parties, both internal and external, to identify potential areas of risk in our current controls, and recommend improvements for efficiency and enhanced security in the IAM space. As a member of Prioritys Security and Compliance group, you will drive, develop, and maintain solutions for clients and colleagues. This is an exciting time of technology advancement and innovation across the organization, particularly within our technology teams. Responsibilities: Partnering with internal business units to address security and access control operational issues and requirements, including periodic reviews of access control lists for verification of users. Providing audit-related evidence on time. Coordinate with Internal Audit and Security teams to compile evidence packages for third party auditors. Build and maintain proficiency with applicable security and IT systems through a combination of on-the-job training, self-paced coursework, and formal training courses provided by the bank for ongoing professional development. Participate in other security support projects and duties as needed or requested. Requirements Minimum Requirements: Minimum of 2 years experience in IT system administration, application software support and basic operations. Demonstrated experience providing end-user support for large corporate applications in a networked environment. Strong knowledge of Windows server operating systems and environments, Working proficiency of Microsoft IIS and Microsoft Active Directory Excellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with internal clients. Strong commitment to working as a team and providing excellent customer service. Preferred Requirements: Exposure to the financial industry or equivalent highly controlled IT systems environment. Understanding of common security frameworks (NIST, CIS, ISO). Familiarity with the Sarbanes-Oxley (SOX) auditing standard Previous experience writing simple automation scripts using any language (VBScript, PowerShell, etc.). A Bachelor's degree in business or computer science is highly desired. Security certifications (CISSP, CISA, etc.) are highly desired. System administration certifications (CCNA, MCSA, etc.) highly desired.

Key Responsibilities: Participate in planning, execution, and reporting phases of technical cyber based audits in line with industry standards and best practices. Ensure the timely and effective execution of all planned cyber and tech risk audits. Majorly drive the execution of audits fieldwork to ensure thorough and effective assessments of IT and cybersecurity controls by utilizing appropriate audit methodologies and tools (e.g., risk-based auditing, data analytics). Follow up on Management Action Plans (MAPs) / audit findings to ensure timely and effective remediation of identified issues. Assist the leadership in Risk Assessment activities and collaborate with stakeholders to help identify and prioritize key IT and cyber risks. Use of Data Analytics to analyse artifacts and derive the audit findings. Stay updated on emerging IT risks and controls, including cloud computing, cybersecurity threats, and data privacy regulations. Help document audit findings, audit reports, and participate in stakeholder meetings. Required Technical Skills: Proficiency in Networking, DLP, Endpoint and Cloud technologies (AWS, Azure, Google Cloud). Knowledge of cybersecurity principles and practices as well as sound understanding of Artificial Intelligence and its applications. Proficiency in Vulnerability Assessment and Penetration Testing (VAPT) and Red-teaming exercises. Extensive experience with IT Infrastructure technologies as well as sound understanding of Disaster Recovery and Resiliency. Proficiency in using audit tools and techniques (e.g., data analytics, risk assessment software). Soft Skills: Excellent interpersonal and communication skills. Strong report writing and documentation abilities. Ability to multi-task and work collaboratively with cross-functional teams. Strong project management and organizational skills. Qualifications: Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field. Relevant certifications such as CISA, CISSP, or equivalent are preferred. Minimum of 6 years of experience in a similar role. Experience in technology audits, added advantage with a background in Big4 audit firms. Proven track record of leading technology audit projects and teams. What we offer: High visibility to leadership and the opportunity to make a significant impact. A collaborative and innovative environment. The chance to work on state-of-the-art technologies and solutions. A role that combines strategic thinking with hands-on execution.

Information Security Risk Analyst - TDI CSO The Technology Data Innovation (TDI) Chief Security Office (CSO) comprises both Corporate Security and Information Security. We run security operations globally to protect the banks people, infrastructure, processes, and information. CSO Governance and Control conducts proactive Information Security (IS) controls assess ability and applicability reviews for the emerging technologies to design adaptable IS assessment framework to appropriately assess the security requirement for relevant applications and infrastructures. The role holder would mainly be working on assessments and remediation across the globe to ensure that the Information Securityrequirements for various assets within the Bank are safeguarded and mitigated from any potential risks which can include - Reputational, Financial & Regulatory. Your key responsibilities: Display strong knowledge of Information Security as this is an SME role for reviewing Risk & Control Assessments as per IS policy and ISO 27001. Work with governance, risk, and compliance (GRC) tools such as ServiceNow, should be familiar with national and international regulatory frameworks like NIST, ISO, SOX, EU DPD, PCI DSS, and GDPR and additional knowledge on Regulatory requirements/controls like MAS, CAM and PSDII to support stakeholder requirement. Display strong knowledge and understanding of Information security controls (ISO) and mitigation/remediation solutions. SME Knowledge on the BAU activities and have mentality to contribute for the daily BAU task as and when required. Take the responsibility/ownership to cover the portfolio end to end. Collaborate with process owners, internal auditors, external auditors, and other stakeholders to assist in reviewing, monitoring, and resolving findings. Ability to successfully manage third-party audits, compile evidence, and organize audit responses. Manage scope of deliverables and expectations and ensure clear and concise communication to onshore team members and other stakeholders. Provide process improvement inputs to various stakeholders. Build strong relationships with various stakeholders, including but not limited to: Portfolio Owners, Divisional ISOs, Business owners, Application & Technology owners, Risk Managers to complete Information Security Risk & Control Assessments and Remediation management. Design strategic programs and solutions to implement effective information security objectives throughout the organization. Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions. Communicates openly with management and the internal stakeholders; keeps them informed of potential risk and escalate problems/delays accordingly to avoid / minimize the impact. Work with multiple, distributed teams (across different locations) Develop key operational procedures and policies where necessary and ensure adherence to all such defined policies. Represent the process in other forums, provide inputs for the monthly and quarterly dashboards with performance and with any challenges faced or suggestions to improve the quality. Proactively develop and maintain professional consultative working relationships with the CSO function, stakeholders and respective support areas and will use a range of approaches to collect relevant information to assess key risks. Your skills and experience: Significant work experience in the Information Technology / Information Security area Proven capabilities / competencies in mitigating the Information Security / Application Governance / IT Control etc. Clear understanding of the relationship between IS risk and how this applies to business processes. Professional / industry recognized certifications (e.g., CISA, CISM, CRISC etc.) are highly beneficial to cover a broad range of Information Security areas where relationship with the business or IT is required. Strong understanding of service delivery and relationship management Project management, Agile methodology, analytical and practical problem-solving skills. Ability to monitor, track and clearly communicate progress, escalate issues when appropriate. Good understanding of data and skillset to produce effective reports using Excel, Macro, or other reporting tools. Experience with data visualization tools like Tableau, Power BI, etc., Proficiency in Data Analytics Skills in Python, added advantage to languages such as SQL for data manipulation and analysis. Ability to understand the latest cybersecurity threats, attack vectors, attack techniques and emerging trends through threat intelligence sources and communities. Experience in global teams across different time zones and within a matrix environment. Professional and strong verbal and written communication skills and the ability to communicate on all hierarchy levels. Self-driven, eager to learn and well-organized team player.

Business Development will spearhead the efforts to establish and grow a network of business partners delivering cybersecurity training courses in Eastern and North-Eastern India Partnership Development, Building and Managing a Regional Team, Spreading Regional Awareness of Cybersecurity Certifications, Organising Webinars, Conferences, and Events, Strategic Market Engagement Ability to build and lead teams effectively in a dynamic and competitive environment. Strong event management and marketing acumen. Data-driven decision-making with excellent reporting and analysis capabilities. Readiness for extensive travel across Eastern and North-Eastern India. CISSP, CEH (Certified Ethical Hacker), and CISA, CompTIA Security+, strategic roadmap

Number of Openings 1 Offshore ECMS ID in sourcing stage Demand Id - 103863Y25 Assignment Duration 6+ months Total Yrs. of Experience 10+ Relevant Yrs. of experience 6+ Detailed JD (Roles and Responsibilities) ### **Job Overview:** We are seeking a highly skilled **CyberArk Implementation Specialist** to join our growing team. The ideal candidate will be responsible for implementing, configuring, and supporting the deployment of CyberArk Privileged Access Management (PAM) solutions. The candidate will work closely with IT teams and stakeholders to ensure that CyberArk solutions meet organizational security requirements and are properly integrated with existing systems. ### **Key Responsibilities:** - Lead the implementation and deployment of CyberArk solutions for Privileged Access Management (PAM). - Design, configure, and implement CyberArk components (including Vault, Central Policy Manager (CPM), and Password Vault Web Access (PVWA), PSM, CCP, CP, HTML5GW, PSMP, PTA etc.). - Integrate CyberArk with existing enterprise systems, including Active Directory, SIEM, and other IAM tools. - Familiarity with SIEM systems such as Splunk, ArcSight, or QRadar. - Provide guidance and best practices for the design and configuration of CyberArk components. - Conduct CyberArk security assessments and ensure the solution adheres to security best practices. - Troubleshoot and resolve issues related to CyberArk components, including Vault, CPM, PVWA, PSM, CCP, CP, HTML5GW, PSMP, PTA etc. - Knowledge on creating custom PSM web connectors using Auto IT and webforms. - Collaborate with database administrators and IT teams to integrate CyberArk CPM for managing privileged credentials across a wide range of database environments (e.g., Oracle, SQL Server, MySQL, PostgreSQL, MSSQL, MongoDB etc.). - Configure PSMs properly to work with different database environments (e.g., Oracle, SQL Server, MySQL, PostgreSQL, MSSQL, MongoDB etc.). - Develop and deliver training for internal teams on CyberArk use and security best practices. - Maintain detailed documentation for CyberArk implementations, configurations, and procedures. - Monitor and ensure the continuous health and performance of CyberArk systems. - Work with security and compliance teams to ensure that the solution is fully compliant with regulatory requirements (e.g., SOX, PCI, HIPAA). - Assist with CyberArk upgrades, patches, and version control. - Report Generation: Experience using CyberArks Client Reporter and Telemetry tools to generate and analyze operational reports. - Policy and Reporting: Experience in creating/modifying master policies, and generating reports on safes and user activity. - Health Checks & Monitoring: Performing health checks on CyberArk infrastructure and monitoring various components to ensure system integrity and uptime. - Change Management: Proven experience in managing change processes, including preparing and executing delivery plans during Change Advisory Board (CAB) reviews. - Incident Handling: Responsible for managing complex and escalated incidents and requests with a focus on resolving issues efficiently. - KPI Compliance: Ensuring adherence to KPI metrics for incident and service request resolution, including timely communication and escalation procedures. - Stakeholder Communication: Providing input and updates to stakeholders involved in critical incidents, particularly during outages or system failures. - Disaster Recovery & Failover: Solid knowledge of CyberArk disaster recovery, failover and failback mechanisms to ensure availability and business continuity. - Vault Data Backup: Experience in Vault Data Backup processes for ensuring critical data is securely backed up and protected. **Certifications:** - CyberArk Certified PAM-Defender - CyberArk Certified PAM-Sentry (preferred) - CyberArk Certified PAM-CDE (preferred) - Other relevant security certifications (CISSP, CISM, CISA) are a plus. Mandatory skills **Experience:** - Minimum 3-5 years of experience with CyberArk Privileged Access Management (PAM) solution implementations. - Strong understanding of CyberArk components such as Vault, CPM, PVWA, PSM, CCP, CP, HTML5GW, PSMP, PTA etc. - Experience integrating CyberArk with Active Directory, SIEM, and other enterprise security systems. - Familiarity with IT security best practices, especially around privileged access and identity management. - **Technical Skills:** - Strong knowledge of Windows and Linux operating systems. - Experience with scripting languages (PowerShell, Python, AutoIT etc.) for automation and customization. (Good to have) - Experience with various authentication protocols (LDAP, RADIUS, etc.). - Understanding of IAM (Identity and Access Management) concepts, including RBAC (Role-Based Access Control) and least privilege access. - Server Administration: Proficient in Linux Red Hat 7/8, Windows Server 2016/2019/2022 administration. Desired/ Secondary skills Soft Skills:** - Strong problem-solving and troubleshooting skills. - Excellent communication and collaboration skills. - Ability to work independently and as part of a team. - Detail-oriented with strong organizational skills. Domain Cyber Security Max Vendor Rate in Per Day (Currency in relevance to work location) 12000 INR / Day Work Location given in ECMS ID Hybrid WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) Pre onboarding Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO Yes

Key Responsibilities: Conduct ISMS (ISO 27001) follow-up audits to verify compliance and track remediation efforts. Perform Gap Assessments against ISO 27001 and other security standards to identify control deficiencies. Lead or support BCMS (ISO 22301) audits and assessments, providing clear insights and recommendations. Prepare and deliver professionally written reports with actionable findings and clear summaries. Collaborate with internal teams and stakeholders to communicate risks, gaps, and proposed improvements. Support the design and enhancement of security governance processes as required. Requirements Qualifications: Minimum 5 years of experience in Information Security, GRC, or Risk & Compliance roles. Proven expertise in ISO 27001, including implementation, audits, and compliance reporting. Good knowledge of ISO 22301 and BCMS frameworks. Familiarity with other standards such as NIST CSF, ISO 27005, or local regulatory frameworks is a plus. Strong analytical and documentation skills, with the ability to write professional audit/assessment reports. Excellent communication and stakeholder engagement skills. Relevant certifications such as ISO 27001 Lead Auditor, ISO 22301 Lead Auditor, CISA, or CISM are highly desirable.