537 Cisa Jobs - Page 3

At BlackStone eIT, we are seeking a passionate IT Security & Compliance professional to join our dynamic team. In this role, you will play a crucial part in ensuring the security of our IT infrastructure while aligning our practices with compliance standards. Your proactive approach will help us protect our data and systems from evolving cyber threats. Key Responsibilities: Establish and maintain security policies, compliance frameworks, and risk management strategies that meet industry standards. Perform regular audits and assessments of our IT systems to identify and mitigate security vulnerabilities. Investigate security incidents and ensure effective incident response and documentation. Work alongside various departments to ensure understanding and adherence to security policies and compliance regulations. Conduct training and awareness sessions for employees regarding security best practices and compliance obligations. Keep abreast of the latest trends in cybersecurity threats and compliance issues. Prepare detailed reports and presentations on security metrics and compliance audits for management. Collaborate with external auditors and regulatory agencies during assessments. Bachelors degree in Computer Science, Information Systems, Cybersecurity, or a related discipline. 3-5 years of experience in IT security, risk assessment, or compliance roles. Knowledge of security frameworks

Key Deliverables: Lead cyber risk assurance initiatives, including control testing and framework implementation Conduct system-level assessments and ensure remediation of security gaps Monitor cyber risk indicators and produce governance-level reporting Design and improve processes to strengthen enterprise-wide cybersecurity posture Role Responsibilities: Perform gap assessments across ISO 27001, NIST, CIS, PCI frameworks Review and validate evidence for control assurance from tech teams Build and maintain strong relationships with IT, business, and security stakeholders Mentor teams on cyber governance standards and risk assessment techniques

Role & responsibilities Requirement IT Risk Assessment Location : Mumbai/Gurgaon Work mode : 5 days WFO Experience 4+ years(AM), 7+ years(Manager) Budget max 15 LPA(AM), 24 LPA(Manager) Mandates IT Audit, Risk Assessment, ITGC, ITAC Have you executed client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Have you identified engagement related risks and escalate issues as appropriate. Have you actively establish & strengthen client (functional heads & key influencers) and internal relationships. Have you Identified & escalated potential business opportunities for the firm on existing client engagements. Are you a Qualified CA or MBA or BTech/BE. (Preferred CISA or equivalent certifications) Preferred candidate profile Core ITRA Roles & Responsibilities: Responsible for managing audit engagements with a focus on IT risks Manages a team of IT audit professionals involved in evaluating and testing ITGCs, conduct business and IT process reviews, IT Application Controls tests, IPEs. third party assurance (SOC1&2) and related areas; Is seen as a subject matter expert either on specific technology platforms (SAP, Oracle etc.) or industry (FS, Manufacturing, Retail etc.) Supports leadership in developing the ITRA team by coaching, providing technical guidance during audit engagements, ensuring completion of work within tight deadlines and delivers high quality audit results consistent with the firms expectations. Is well versed with latest technology updates in the field and encourages team members to constantly learn and adapt. Engages with the client senior management in articulating IT audit findings and can convince them his point of view Engages with firms internal stakeholders on how the findings relating to IT audits have a bearing on the financial reporting and internal controls. Supports the firms quality agenda and ensures zero defect audits during internal/external quality reviews Is viewed as a trusted advisor by the team and the clients alike Actively establish & strengthen client and internal relationships. Assists leaders in developing new methodologies and internal initiatives. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have excellent presentation & communication skills. High on personal integrity and work ethics and can be trusted without micro-level supervision from leaders Qualified CA, MBA, BTech/BE. / BSc IT (Preferred CISA or equivalent certifications)

1. Extensive experience working in the NBFC and Banking industry, with a solid understanding of the unique security challenges faced by these sectors. 2. Proven track record of conducting Cyber security reviews and performing gap assessments to identify and mitigate potential security risks. 3. Strong knowledge of DPDP and GDPR regulations, with the ability to ensure compliance and protect sensitive data. 4. Familiarity with Regulatory circulars related to Information security, Cyber Security, and Data Privacy, and the ability to stay informed on the latest developments in this rapidly evolving field. 5. Possession of certifications such as CISA, CISSP, ITIL, and ISO27000, demonstrating a commitment to professional excellence and ongoing education. 6. Excellent communication skills, with the ability to effectively communicate security requirements and risks to stakeholders at all levels of the organization. 7. Strong analytical skills, with the ability to assess complex security issues and develop practical solutions to address them. 8. Experience in implementing security policies and procedures to protect critical assets and ensure the confidentiality, integrity, and availability of information. 9. Ability to work independently and as part of a team, with a collaborative and proactive approach to problem-solving. 10. Commitment to ongoing professional development and staying abreast of industry trends and best practices. 11. One of the key skills required for this role is the ability to stay updated on the latest developments in the field of Information Security. The ideal candidate should have a deep understanding of emerging threats and vulnerabilities, as well as knowledge of best practices for mitigating risks. 12. In addition to technical skills, strong communication and interpersonal skills are also essential for this role. The consultant will be required to work closely with various stakeholders, including senior management, to implement Information Security measures and policies effectively. 13. Furthermore, the successful candidate should have a track record of successfully completing projects on time and within budget. They should be detail-oriented, proactive, and independent, with the ability to work well under pressure.

Role & responsibilities: Testing the controls from regulatory guidelines/circulars/advisories on IT and Cyber Security issued by RBI, SEBI, NSDL, NPCI, UADAI by identifying the observations based on control implementation & its effectiveness. Follow up with stakeholder to ensure timely testing of regulatory guidelines, legacy Circulars, Advisories, Show cause notice/ Penalties/Displeasures. Prepare Annual testing plan based on Compliance risk and senior management directions. Support IT & InfoSec team during the onsite IT Examination Review conducted by RBI. Conduct Compliance Testing / Review of RAR, RMP & other regulatory observations related to IT, InfoSec & Digital Banking units to ensure that regulatory guidelines are complied with. Coordinate with stakeholder for seeking responses in respect of testing observations, submission of periodic update to ACB, Board and RBI & Follow up for closure of open issues & observations. Review of new product and process notes. Assist in preparation of monthly / quarterly / annual submission to the Board / Audit & Compliance Committee. Automation of testing related to regulations. Compliance Monitoring & Testing. Regulatory inspection & audit management. Preferred candidate profile In depth knowledge of the regulatory environment for the banks in India particularly in IT and Cyber Security Area. Knowledge of all regulatory compliance requirements in IT & Information Security areas. Good knowledge of IT Governance frameworks & Risk Assessment and mitigation. Good understanding of Digital Banking products and regulations pertaining to the same. Good Co-ordination skills. Good research capabilities and intelligent interpretation of regulatory guidelines. Good knowledge of all the elements (commercial, operational) of banking. Demonstrated ability to drive results and be very effective in a startup. Good interpersonal skills.

JOB DESCRIPTION JOB TITLE -AVP/ VP- Internal Audit GENERAL DESCRIPTION - He/ She will be responsible for evaluating the company's internal controls, risk management processes, and compliance with policies and regulations. This role ensures operational efficiency, identifies financial discrepancies, and recommends improvements to mitigate risks. DIVISION/DEPARTMENT - Finance & Accounts DETAILED JOB DESCRIPTION- 1. Executing transactional & Internal Audit. 2. Ability to effectively perform the technical components of risk assessments to provide an accurate view of the client's current risk state. 3. Ability to perform end-to-end business process analysis and design. 4. Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements. 5. Ability to enhance quality and efficiency of recommended risk solutions by applying relevant frameworks, conducting research, and performing analysis. 6 .Ability to conduct internal audits by leveraging approved processes and methodologies. 7. Ability to set the stage for a successful assessment of internal audit processes and controls by collecting and organizing data. 8. Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports. 9. Ability to leverage industry leading frameworks, methods, and tools to increase effectiveness of technology and data risk solutions 10. Ability to manage substantially large internal audit plan (4-5) and lead a team of 3-4 people. WORK EXPERIENCE REQUIREMENT - 10+ years experience in internal audit, preferably in real estate, construction, or infrastructure sectors EDUCATION REQUIREMENT - CA Qualified

IT Audit Manager At Smith+Nephew, we design and manufacture technology that takes the limits off living. As a key member of the Internal Audit team, the IT Audit Manager will be responsible for: leading IT Reviews; supporting the Director to develop the end-to-end IT Audit Plan; developing stakeholder relationships across the Group; coaching and mentoring more junior team members; and acting as an ambassador for the Internal Audit Function across the Group. What will you be doing? Leads and conducts assigned audit engagements (specifically IT audits consisting of complex cyber security, IT, and programme assurance reviews) successfully in accordance with the Global Internal Audit Methodology and professional standards. Represents Group Internal Audit in global steering committees and IT leadership forums to provide governance, risk and control related input. Drafts the Terms of Reference, develops audit programs and testing procedures relevant to risk and audit / test objectives. Supervises senior auditors and co-source staff assigned to engagements providing guidance and overall review of deliverables. Communicates assigned tasks to engagement team in a manner that is clear and concise ensuring high quality, accurate, and efficient results. Obtains and reviews evidence ensuring audit conclusions are well-documented. Identifies and communicates issues, offering recommended solutions relevant to business and risk. Drafts the closing meeting presentation. Prepares draft audit reports, ensuring that audit conclusions are based on a complete understanding of the process, circumstances, and risk. Assesses and monitors managements progress in implementing agreed upon actions. Provides technical expertise in emerging digital risk areas and GBS SOX and MAPS control efficiency and effectiveness improvements. Provides data analytics thought leadership and support to the Group Internal Audit team to enable continuous assurance. Assists in preparation of Annual Audit plan for IT and audit committee papers Ensures adequate focus on personal professional growth relevant to taking on more challenging assignments, in line with standard audit career progression proactively seeks relevant education and training opportunities. Acting as an ambassador for Internal Audit across the business. Performs other related duties as assigned. What will you need to be successful? Education: Graduate + CISA certified Preferred - Qualified Accountant (i.e; ACA / ACCA / CA / CPA / CMA) or CISM, CISSP or equivalent preferred. Min 10-12 years post qualified experience gained in either the profession and / or a large corporate internal audit / risk management department. Experience auditing cybersecurity, cloud and digital technologies. Experience auditing IT General Controls or SOX IT controls. Significant experience auditing SAP or another ERP. Experience of auditing large scale international systems implementations and / or project management of international systems implementations. Thorough knowledge of audit procedures, including the IIA standards and guidelines and risk-based auditing techniques. Strong understanding of IT and Cyber Security risks and controls Ability to lead audits, present findings to senior management and resolve conflict. Ability to write audit reports and maintain comprehensive audit papers. Experience in Teammate ( or similar Audit Management software) administration. PowerBI certifications and /or Data Analytics qualifications an advantage (preferred). Strong Data Analytics skills and proven experience in using tools such as PowerBI, Alteryx, MS Fabric etc. Excellent communication skills; oral and written. Able to communicate audit findings and negotiates with others to agree audit findings and recommendations often requiring them to adopt a different point of view. You Unlimited. We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve. Inclusion, Diversity and Equity- Committed to Welcoming, Celebrating and Thriving on Diversity. Learn more about it on our website: https://www.smith-nephew.com/. Other reasons why you will love it here! Your Future: Major medical coverage + policy exclusions and insurance non-medical limit. Educational Assistance. Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave. Flexibility: Hybrid Work Model (For most professional roles)

About the Role: Core Responsibilities: Plan, execute, and report on internal IT audits. Evaluate the effectiveness of IT controls, identify risks, and provide recommendations for improvement. Conduct regular access reviews to ensure that users have appropriate access levels based on their roles. Evaluate the effectiveness of access controls in safeguarding sensitive information. Recommend improvements for identity and access management (IAM) processes. Perform internal risk assessments to identify vulnerabilities and ensure timely mitigation strategies. Work closely with IT, legal, and business teams to address audit findings and track remediation efforts. Preference and Experience: The candidate must have experience in IT auditing, IT risk management, or related fields. Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or other relevant standards. Hands-on experience conducting on-site and remote assessments of third-party vendors to evaluate their security posture and related controls. Proficiency in MS Office Suite with experience creating and presenting dashboards and reports. Must be CISA certified. Must have the capability to represent the audit reports to Management. Stay updated on the latest developments in IT audit and compliance practices. Comfortable traveling for on-site visits to the client side for audit purposes.

: Job TitleInformation Security Risk Specialist , AVP LocationMumbai, India Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (4+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

: Job Title Risk & Control Specialist, AVP LocationBangalore, India Role Description Risk, Finance, Treasury (RFT) Technology is the technology partner to the CRO (Chief Risk Office) and CFO (Chief Financial Office) divisions. The Chief Risk Office is responsible to identify, aggregate, manage and mitigate Financial and Non-Financial risks and includes Market & Valuation Risk Management (MVRM), Credit Risk Management and Non-Financial Risk Management (NFRM). The Chief Finance Office includes Finance and Treasury and is responsible for a broad range of activities designed to ensure the financial and regulatory integrity of the Deutsche Bank Group including official production of PnL, Financial control, Group & Local Financial Reporting, Capital Management, Balance Sheet Management and Planning, and Liquidity & Treasury Reporting and Analysis. RFT Technology support the definition of the IT strategy and provision of solutions to allow CRO and CFO to manage all aspects of the Risk and Finance processes. Over the last couple of years, the regulatory landscape and associated demand to meet the mandated regulatory standards and reporting expectations has exponentially increased in complexity requiring Deutsche bank to significantly invest in its infrastructure and platform capability. The Risk and Control Specialist role supports RFT Technology Management managing all aspects of the Audit lifecycle. This includes (i) ensuring all identified risks (Audit Findings) and proactively managed and closed on time and (ii) identifying and assessing risks and their impact (self identified issues), planning remediation actions, and monitoring and reporting of their progress. The role requires strong stakeholder engagement, including close interaction with the Divisional Risk Leads, Regional leads, 2LoD such as Non-Financial Risk Management (NFRM) and 3LoD Group Audit as well as the groups frontline technology groups. This will include Chief Information Officers (CIOs), Development & Infrastructure Leads, Programme managers, Architects, and Production Support areas This is an exciting opportunity for a high-performing and motivated individual who is looking to contribute to the banks priority to reduce risk in a sustainable way. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Managing findings life-cycle events (e.g. closures, risk downgrades, risk acceptances) with finding owners/ risk leads to ensure they are addressed, appropriately documented within agreed timelines. Collaboration with internal teams to educate and promote Risk and Controls standards, Finding Management Procedure and Central Function checkliststo ensure successful handling oflife cycle events Understand and advocate DB Policies, Procedures, Controls and standards, Finding Management Procedure and Central Function checkliststo ensure successful remediation and handling oflife cycle events with stakeholder Coordinate with Portfolio Owners/risk leads for the upcoming audit schedule and request if any potential SIIs are to be raised for the audit scope. Conduct reviews of all Life Cycle Events before submission to CAF (Central Approval Function), assist with edits to improve quality of documentation Participate in Risk and Control meetings with Portfolio owners / CIO-1 totrack and review the status of remediationagainst risk topics Coordination and management with Portfolio Owners/Delegates, Embedded Risk Team (ERT), Control Owners, CAF members & collaboratively work together to ensure Risk is addressed in a sustainable way, be able to troubleshoot to eliminate blockers. Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums. Identify and evaluate potential areas of non-compliance or risk, assessing impact, probability and present self-identified findings and proposals for risk mitigation Your skills and experience Overall 8+ years of experience in any of the SDLC/STLC engagement and minimum 2 years on risk and audit related experience in IT Risk. Previous experience with IT risk assessment, audit, controls validation and emerging risk identification. A strong team player who can collaborate with people at all levels in a global matrix organization The ability to manage multiple tasks and efficiently prioritize workload with limited supervision and resilient under pressure. The ability to quickly build a network across RFT and among subject matter experts. Strong analytical and problem-solving skills to evaluate risk Result oriented and ability to deliver under tight timelines. Excellent communication, both written and verbal Desire to learn about new and emerging technologies and continuous upskilling. Must be comfortable with navigating ambiguity to extract meaningful risk insights. Ability to assimilate large quantities of information in short periods of time. How well support you . . .

Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.)

Develop and implement Cyber security and Cyber Crime Programs Implement Security functions like Risk Management, Audit Management, BC/DR Management, Vulnerability management, IAM, End-point Security, etc.

- Act as the primary support contact for payment partners (e.g., Payfacs, ISOs). - Handle inquiries related to settlements, transaction statuses, integration, and account settings. - Troubleshoot issues related to transaction processing, reconciliations, chargebacks, and payout delays. - Support partners with onboarding processes, including technical integration (API or host-to-host integrations). - Guide partners through KYC documentation processes and regulatory compliance requirements. - Monitor payment flows and flag any inconsistencies or performance degradation across payment channels. - Deliver periodic performance and transaction reports to partners. - Work closely with product, risk, finance, and engineering teams to enhance partner experience and provide feedback. What you will need to have: - 5+ years of experience in payment operations or financial services. - Strong understanding of payment flows and industry standards (e.g., 3DS, PCI-DSS, chargebacks). - Familiarity with payment gateways, acquiring, issuing, and payment APIs. - Experience with support tools and reporting tools. - Bachelors degree in a relevant field or an equivalent combination of education, work, and/or military experience. What would be great to have: - 7+ years of relevant experience in payment operations. - Proven track record of managing SLAs and prioritizing tasks. - Ability to stay composed under pressure and manage multiple projects simultaneously. - Excellent communication and problem-solving skills.

Provide guidance and direction to the planning process and the execution of fieldwork such as overseeing interviews and walkthroughs, reviewing materials, the design and execution of audit testing, analyzing results, drawing conclusions within the allotted time scheduled. Manage the audit lifecycle, staffing, scheduling, methodology and approach to testing and fieldwork and finally, the quality and timeliness of all work products you oversee. You will be expected to provide weekly, monthly, or periodic status reporting and work with the CAAS leadership team to ensure the appropriate allocation and assignment of resources. Assist the Audit Director in the development and mentoring of Senior and Staff Auditors by providing regular and timely feedback regarding their execution of tasks performed during each audit engagement and their overall performance. What you will need to have: 7+ years of audit experience applying Auditing principles, methodology and standards in a risk-based environment across a variety of audit areas at varying degrees of complexity 5 + years of financial services industry experience and/or experience working in a public accounting firm 2+ years of experience managing other professionals Active professional Audit certification such as CPA, CIA, CISA, CFE Bachelors degree or an equivalent combination of education, work, and/or military experience What would be great to have: Experience working with risk assessment methodologies, control activities, control monitoring, control evaluations and measurement of control effectiveness in accordance with regulatory compliance requirements such as corporate governance, consumer protection, AML/CTF and Financial Crimes, data protection/data privacy, ethics or conduct risk Important info about this role: Were better together. This role is fully on-site. This is a full-time, direct-hire position, and no contract options for unsolicited agency submissions will be considered.

Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.)

Project Management Working as a team leader & resource management. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Conduct comprehensive Cyber and Technology controls audits, IT General controls (ITGC) audits. Planning, conducting technology domain/controls related walkthroughs, drafting, and reviewing process understanding and its controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Reviewing Test of Designs and Test of Effectiveness controls Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Validations of audit issues. Conducting special reviews / investigations. Carrying out audit planning including scheduling and resource allocation Conducting discussions with Management representatives on the audit observations/ findings and preparation of Audit Committee Submissions. Conducting internal staff trainings Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., What will you need to know: Experience: At least 5 years of managerial experience (overall 10 years of IT Audit experience) in the areas of IT Internal Audit, ITGC, Cyber security, Infrastructure/Network, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Should possess strong understanding, capability and skillsets in auditing IT controls, IT risk mitigation and technology related processes reviews. Should be proficient and have good knowledge in testing IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, team management and drafting skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.)

We are seeking a highly skilled and experienced Contract Security Auditor to join our team for a 1-year engagement. This critical role will be instrumental in enhancing our organization's security posture. The ideal candidate will be an unbiased expert, capable of meticulously assessing our current security controls against various global standards. If you thrive in an environment where you can make a significant impact and demonstrate exceptional performance, this contract offers a unique pathway to a permanent position within our core security team. Responsibilities: As our Contract Security Auditor, you will be responsible for: Comprehensive Security Assessments: Conducting in-depth security audits of our current systems, processes, and controls against established frameworks and regulations including, but not limited to, ISO 27001, SOC 2, HIPAA, and GDPR. Gap Analysis & Risk Identification: Identifying gaps, vulnerabilities, and non-compliance issues within our information security management system (ISMS) and operational procedures. Corrective Action Planning: Developing detailed, actionable recommendations for corrective actions and control improvements, collaborating with relevant teams to ensure practical and effective solutions. Implementation Oversight & Verification: Monitoring and confirming the successful implementation of corrective actions, ensuring that identified deficiencies are fully remediated and bring the organization into compliance. Documentation & Reporting: Creating clear, concise, and comprehensive audit reports, detailing findings, recommendations, and evidence of compliance or non-compliance. Preparation: Assisting in the preparation of documentation, evidence, and personnel for future internal and third party audits Stakeholder Communication: Effectively communicating audit findings, risks, and progress directly to senior management Policy & Procedure Review: Reviewing and providing input on the adequacy and effectiveness of existing security policies, standards, and procedures. Continuous Improvement: Contributing to the continuous improvement of the organization's overall security program and compliance efforts. Qualifications: Experience: Minimum of 7 years of dedicated experience in information security auditing, compliance, or risk management. Demonstrable experience leading and executing audits against multiple frameworks, specifically ISO 27001, SOC 2, HIPAA, and GDPR. Proven track record of successfully identifying control deficiencies and recommending effective remediation strategies. Technical Skills: Strong understanding of information security principles, technologies, and best practices (e.g., access control, network security, data encryption, incident response). Familiarity with common enterprise IT environments, cloud services, and BPO operational models. In depth understanding of US security best practices and requirements Certifications (Highly Preferred): Relevant industry certifications such as CISA, CISSP, CRISC, Lead Auditor certifications (ISO 27001, SOC 2), or similar. Soft Skills: Unbiased & Objective: Proven ability to conduct audits impartially and provide objective assessments. Analytical & Problem-Solving: Exceptional analytical skills with the ability to interpret complex data, identify root causes, and propose practical solutions. Communication: Excellent written and verbal communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences. Interpersonal: Strong interpersonal skills to build rapport and collaborate effectively with diverse teams. Project Management: Ability to manage multiple audit engagements concurrently, prioritize tasks, and meet deadlines. Contract Details: Term: 1-year contract with potential for conversion to a permanent full-time position. Location: Remote Start Date: Immediate availability preferred. Why Join Us? This is an exciting opportunity to play a pivotal role in strengthening the security foundation of a dynamic US based BPO. You will have the autonomy to drive significant change and see the direct impact of your work. For a high-performing individual, this contract serves as a direct pipeline to a long-term career with our growing security team, offering stability and continued professional development. Application Process: To apply, please submit your resume and a cover letter detailing your relevant experience along with your self-introduction video at Navnita.chakravarty@ardem.com About ARDEM Data Services ARDEM is a leading Business Process Outsourcing and Business Process Automation Service provider. For over twenty years ARDEM has successfully delivered business process outsourcing and business process automation services to our clients in USA and Canada. We are growing rapidly. We are constantly innovating to become a better service provider for our customers. We continuously strive for excellence to become the Best Business Process Outsourcing and Business Process Automation company.

We help the world run better At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. What you`ll do We are seeking an Audit and Compliance Specialist to uphold the integrity of our certification processes for SAP s external accreditations, including SOC, NIST, PCI, C5, and ISO frameworks. This pivotal role involves a blend of technology and strategy, requiring hands-on engagement with auditing tools and methodologies to ensure compliance and remediation measures are top-notch. Your key responsibilities will be: Streamlining audit support in collaboration with SAP teams. Overseeing the execution and continuous improvement of external audits. Crafting insightful audit dashboards and communicating findings effectively to leadership. Enhancing operational protocols through vigilant monitoring, analysis, and evaluation. Spearheading audit procedures across SAP s diverse global business sectors. Elevating expertise in cutting-edge audit standards, cybersecurity trends, AI and cloud innovations. Aligning audit practices with overarching business goals and visions. Shaping policy through robust internal control dialogues. Fostering a collaborative environment for sharing best practices in audit support. Driving policy innovation by developing new processes, controls, methodologies. This role is an opportunity to make a significant impact on the integrity of our operations and contribute to our commitment to excellence. We look forward to welcoming a dedicated professional who is ready to take on this exciting challenge. What you bring (maximum character count 750): We re seeking a dynamic professional with: 8-12 years of audit, consulting, or industry experience, ideally from a Big 4 Audit firm. A Bachelor s/Master s degree in Business Administration, Computer Science, or related fields. Knowledge in IT/Cloud Audit frameworks such as C5, SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, and ISO 27001. Understanding of business and IT processes, systems, controls, and emerging technologies. Strong English communication skills and ability to work collaboratively. German proficiency is a plus. A strong personality for effective interaction with customers. A team player mindset with a can do attitude. CISA, PMP, CISM, ISO27001, CCSP, or CISSP certification, or the willingness to obtain them. Join our dynamic team and make a significant impact. We look forward to welcoming you. #SecurityT3 Bring out your best SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best. We win with inclusion SAP s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone - regardless of background - feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world. SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy . Specific conditions may apply for roles in Vocational Training. EOE AA M/F/Vet/Disability: Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability. Successful candidates might be required to undergo a background verification with an external vendor. Requisition ID: 422281 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid. Requisition ID: 422281 Posted Date: Jun 7, 2025 Work Area: Information Technology Career Status: Professional Employment Type: Regular Full Time Expected Travel: 0 - 10% Location:

About New Relic New Relic is a leader in observability, empowering engineers with real-time insights to build better software, faster. We are deeply committed to fostering an environment of innovation and collaboration, where our technology and people thrive. Our mission is to be the observability platform of choice & the system of intelligence for customers. As the Lead Product Security & Compliance Manager at New Relic, you will play a critical role in ensuring our innovative products meet global compliance standards and customer expectations. You will be a key partner to our product, engineering, legal, and security teams, providing guidance and oversight on a wide range of compliance and regulatory matters. This is an exciting opportunity to build and scale a product compliance program in a fast-paced, high-growth SaaS environment at the forefront of the observability and AI-powered analytics space. This role requires a deep understanding of the evolving regulatory landscape, a strong technical foundation, and proven experience in partnering with engineering teams to embed compliance into the software development lifecycle. What you ll do Serve as the central point of contact for product compliance, working closely with Product Management, Engineering, Legal, Security, and Sales to integrate compliance requirements into the entire product lifecycle, from design to launch and beyond. Shape product capabilities to proactively balance compliance requirements with speed-to-market. Review product features and internal architecture to assess against compliance requirements. Identify and evaluate risks, including oversight and monitoring of our risk program in relation to product features. Stay abreast of global regulatory trends and translate them into actionable insights and requirements for product teams. Identify automation opportunities to enhance the review process in partnership with security and legal teams, incorporating minimum requirements that all capabilities must meet. This role requires: Bachelors degree in Computer Science, Information Security, or related field. Minimum of 8 years of experience as a Security & Compliance Product Manager, Security and Compliance manager, audit experience, FedRAMP experience. Strong knowledge of and experience in security risk management and with frameworks including related regulatory compliance requirements (e.g., SOC 2, ISO 27001, HITRUST, HIPAA, PCI-DSS, and NIST). Knowledge of or experience working with, Cloud technologies/environments, AWS, Azure, GCP, or other related cloud experience. Use creative and critical-thinking skills and, through the development of automation and implementation of procedures that minimize operational overhead, help your stakeholders meet the spirit of security controls. Minimum of 8 years of experience as a Security & Compliance Product Manager, Security and Compliance manager, technical/engineering product manager, audit experience, FedRAMP experience Bonus points if you have List nice-to-have criteria, such as attributes/behavioral values, strongly desired qualifications, and working conditions. Experience with compliance in the context of AI/ML-powered products. Knowledge of government compliance standards such as FedRAMP. Knowledge of/experience working in heavily regulated software or software as a service industry. Familiarity with the observability and application performance monitoring (APM) market. Familiarity with New Relic products and capabilities Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other relevant certifications. Fostering a diverse, welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best, most authentic selves to work every day. We celebrate our talented Relics different backgrounds and abilities, and recognize the different paths they took to reach us - including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. We re looking for people who feel connected to our mission and values, not just candidates who check off all the boxes. If you require a reasonable accommodation to complete any part of the application or recruiting process, please reach out to resume@newrelic.com . We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success, including fully office-based, fully remote, or hybrid. Our hiring process In compliance with applicable law, all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers means that a criminal background check is required to join New Relic. We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including, but not limited to, the San Francisco Fair Chance Ordinance . Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic. Candidates are evaluated based on qualifications, regardless of race, religion, ethnicity, national origin, sex, sexual orientation, gender expression or identity, age, disability, neurodiversity, veteran or marital status, political viewpoint, or other legally protected characteristics. Review our Applicant Privacy Notice at https: / / newrelic.com / termsandconditions / applicant-privacy-policy

IT Infrastructure Compliance Manager job consist of creation of IT Compliance Framework, track all compliances as per regulatory requirements and to ensure IT Compliance adherence to regulatory requirements. To identify Technology Compliance requirement for IT Infrastructure Units To draft Compliance policies & procedure To work with IT Infra Units to implement compliance controls. To track Status of compliance To remediate noncompliance as per the governance structure To interface with External Auditors for all IT Infra Units To ensure all audit points are closed as per the defined TAT Key Decisions / Dimensions Compliance Status of Control as per the documented policy and procedure Major Challenges To identify all compliance requirement Create a horizontal control framework and track it across IT Infra Units Required Qualifications and Experience a) Qualifications Engineering / Computer Graduate with 3-5 years of Information Security Governance / IT Compliance Experience/IT Audit in BFSI organization Relevant Certifications like CISA/ISO 27001 LA b) Work Experience Prior Experience of RBI/SEBI/IRDA Regulatory requirements for Technology Compliances Prior experience of Implementation & Sustenance of Technology Compliance requirements Working Knowledge of Security Governance Practices across Datacenter, Cloud, Servers, Endpoints, Security Technologies, Application & Database Good Written and Verbal Communication with Presentation Skills Good Team Player and sound in stakeholder management

manage&improve Governance,Risk,and Compliance,GRC frameworks,setting up and leading assessments,implementing strategies,advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements

Roles and Responsibilities : Conduct regular security testing and vulnerability assessments to identify potential risks and threats to the organization's IT systems. Develop and implement effective mitigation strategies to address identified vulnerabilities, ensuring compliance with relevant regulations such as SOX, PCI DSS, GDPR, CCPA, etc. Collaborate with cross-functional teams to ensure seamless integration of security controls into software development lifecycle (SDLC) using tools like CCM/CSCF/OWASP. Provide expert guidance on cybersecurity best practices to stakeholders across the organization. Job Requirements : 7-15 years of experience in Cyber Security Testing & Vulnerability Assessment. Strong understanding of regulatory frameworks such as SOX, PCI DSS, GDPR, CCPA etc. . Proficiency in tools like Bis/CCM/CSCF/OWASP for conducting security tests. Certifications like CISSP/CISA/CEH are desirable.

Job Posting Title: Internal Audit IT Location: Thane What does a successful Internal Audit IT do at FISERV? Efficiently manage and conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Project Management Working as a team leader & resource management. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Conduct comprehensive Cyber and Technology controls audits, IT General controls (ITGC) audits. Planning, conducting technology domain/controls related walkthroughs, drafting, and reviewing process understanding and its controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Reviewing Test of Designs and Test of Effectiveness controls Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Validations of audit issues. Conducting special reviews / investigations. Carrying out audit planning including scheduling and resource allocation Conducting discussions with Management representatives on the audit observations/ findings and preparation of Audit Committee Submissions. Conducting internal staff trainings Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., What will you need to know: Experience: At least 5 years of managerial experience (overall 10 years of IT Audit experience) in the areas of IT Internal Audit, ITGC, Cyber security, Infrastructure/Network, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Should possess strong understanding, capability and skillsets in auditing IT controls, IT risk mitigation and technology related processes reviews. Should be proficient and have good knowledge in testing IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, team management and drafting skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals Qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree]

As an Internal Fraud Risk Manager at Tide, you'll be instrumental in building a new global internal fraud function. Reporting to the Head of Internal Fraud, you'll collaborate with stakeholders such as the CRO, CAO, Director of Financial Crime Risk, and CISO, and engage directly with Tide's Executive and Senior Leadership Team. This role spans all of Tide's markets, offering broad exposure and the chance to help shape a fraud-resilient culture in a high-growth fintech environment. Key Responsibilities Support the design and implementation of Tide's internal fraud risk management framework Conduct internal fraud risk assessments to identify and mitigate vulnerabilities across the business Work with leadership to implement fraud prevention strategies, policies, and controls Design and monitor Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) Provide subject matter expertise on internal fraud risks and evolving threat landscapes Contribute to the development and delivery of fraud awareness training and communications Build and maintain a monitoring program leveraging system logs and data analytics to identify fraud indicators Conduct and manage internal fraud investigations aligned with industry standards Advise the business on remediation strategies to reduce recurrence and risk exposure What We're Looking For 5+ years of experience in internal fraud risk management and investigations Recognized as a subject matter expert in internal fraud Relevant certifications such as: Certified Fraud Examiner (CFE) Certificate in Fraud Risk Management (CFRM) ICA Diploma in Financial Crime Prevention Certified Internal Auditor (CIA) Accounting qualifications (e.g., CA, ACCA, CIMA) Certified Information Systems Auditor (CISA) Experience operating across multiple jurisdictions/geographies Strong background in fraud frameworks, forensic investigations, and regulatory compliance Proven ability to collaborate and influence at all levelsinternally and externally Organized, resilient, and comfortable with high-paced, high-volume environments Passionate about cultivating a culture of risk awareness and integrity

Core Responsibilities Assist with technical control design, implementation and monitoring, support incident responses and assist with providing root cause analysis support for incidents. Monitor for attacks, intrusions, and un-usual, unauthorised or illegal activities when the Security Analysts are finding the instance challenging. Keep an eye on the alerts from systems including SEIM solutions and vulnerability monitoring services and check if the Analysts are able to handle the flow appropriately, if not then jump in and investigate if there are any abnormality in the inflow. Monitor identity and access management, including monitoring for abuse of permissions by authorised systems users if the stats are fluctuating or when you see a spike in the alerts. Assist with Information Security Reporting and metrics, providing input into improving information security reporting and metrics. Identify/recommend improvements on internal investigation capabilities via tool and process building/automation. Provide support to recovering from security breaches; participate in investigation and remediation of security incidents, which may include working as part of a team Assist in perform deep-dive incident analysis, determining if critical systems or data sets has been impacted. Assist with the definition and configuration of compliance policies for security technologies. Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases. Support the incident response of minor incidents by advising on remediation actions, escalating major incidents to the designated parties. Recording lessons learnt whilst supporting on improving existing processes and procedures. Providing support of new analytic methods for detecting threats. Continuously seeking to identify potential service and process improvements. Participate in the implementation of technologies and platforms supporting the corporate infrastructure. Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility. Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility. Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations. Monitoring technical controls that are in place Addressing quires raised by the Security Analysts during investigation or other BAU. Assist Security Analysts in decision making and help in setting up standards. Will be responsible to suggest new fine tunings in the environment to the vendor or to the technical counterparts. Process review and upgradation recommendation when required. Setting up simplified and effective steps in BAU that in turn improves the quality of the work Implementation of new process based on business requirements and communicating the same with the team Team building and team management activities will be one of the key responsibility.