515 Cisa Jobs - Page 4

Roles & Responsibilities: Be part of Banks GRC program and handle regulatory characteristics focused in cybersecurity Identify and Drive improvement initiatives to Enhance Risk posture of the Bank Face off to Various regulators and drive programs for compliance to the Regulatory requirements Be a champion of ITGC initiatives Provide guidance to group companies to ensure consistency in risk governance, cyber risk management and compliance. Be the focal of Group companies for all IRM requirements Collaborate with group companies on IT governance, cybersecurity and control measures across Groups IT landscape. Present cyber risk posture in quarterly IT Strategy meetings for group companies. Promote a strong risk culture within the bank and group companies fostering awareness of risk management principles. Validate Security Policies and Procedures in conjunction with IT controls Manage internal and external stakeholders Ability to endorse cyber risks through publication of dashboards and drive initiatives to Improve Risk posture Job Requirement: Experience required for the Job: 15+ years in information technology & security; Engineer / Post Graduate / MBA Strong understanding of IT governance frameworks, risk management practices and regulatory requirements. Industry acknowledged certifications like CISA / CISSP / CRISC Experience in Team handling / management is must Knowledge on Layered Security - Firewalls, Intrusion Detection, OS Hardening, Project Management, Security Training. Experience in handling regulatory matters will be an added advantage Strategic thinking and strong analytical skills Excellent communication and inter personal skills with focus on verbal, written communication & presentation skills

The first line Tech Risk function for business divisions CB, IB and Ops at Deutsche Bank sits within the Divisional Control Office. CB and IB front-to-back have the largest footprint as a risk bearing function within the banking divisions, and you will be part of a dynamic team which is consistently in demand for providing insights, assessments and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business. Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture and has a functional responsibility for providing a central point of oversight over the Risk & Control Assessments (RCA). This includes supporting the business by driving Risk & Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM (2LOD) guidelines. RCA is a key component of the bank's non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. As part of the team, you will join the Banks journey and contribute towards our strategic goal of managing technology risk within appetite whilst enabling adoption of emerging and new technologies for business growth. This role will specifically perform RCAs as related to the IB business. Knowledge of IB products/operations is a big plus Your key responsibilities Collaborate with businesses and support them in conducting Risk & Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business Coordinate with businesses/2LoD and assist in 2LoD challenges Prepare RCA reports and obtain business sign-offs Document risk mitigation decisions, if required, with consideration of risk appetite Deliver high quality Global Governance decks and reporting trends to support senior management Your skills and experience CISA/CRISC or relevant security qualifications with experience of Risk & Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks Experience in SOX/ ISO27001 control framework Knowledge related to risk management (including conducting Risk & Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks Proven people management skills with ability to lead activities independently Strong quantitative and analytical skills required to critically evaluate information for key risk assessments Strong project management skills and a proactive team partner Influencing, negotiation skills and stakeholder management expertise Strong verbal and written communication skills Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory

We are looking for someone who has good hands on experience in VAPT. This role is with one of the government department of Maharashtra. Education: B.E/B. Tech / M.Sc. (Comp. Sci) / MCA / MBA/ M. Tech degree or equivalent. Should be a certified auditor. 6 or more years of overall experience with at least 6 years of relevant experience in Vulnerability Analysis, Penetration Testing and/or forensics. Must have experience in managing at least 3 projects for large, enterprise scale Clients. should have at least two industry certifications as mentioned below: 1. Licensed Penetration Tester (LPT) 2. Certified Penetration Testing Professional (CPENT) 3. Certified Expert Penetration Tester (CEPT) 4. GIAC Penetration Tester (GPEN) 5. CompTIA PenTest+ 6. Certified Ethical Hacker (CEH) 7. Certified Mobile and Web App Penetration Tester (CMWAPT) 8. Computer Hacking Forensic Investigator (CHFI) 9. Certified Information System Auditor (CISA) 10. Certified Information Security Manager (CISM) 11. Other acceptable industry related certification in VAPT. 12. OSCP

Technical Responsibilities and Experience (6 to 8 years of relevant experience): Robust understanding and practical engagement with ISO 27001:2022, NIST, SOC2 Framework Strong Hands-on experience in conducting and facing various IT system Audits Experience and knowledge of various Regulatory and Statutory bodies and guidelines such as RBI, SEBI, IRDAI, NPCI etc. Experience and knowledge in Documentation and Reporting capabilities such as creating, maintaining and reviewing various Policies, Procedures, Guidelines etc. Experience and knowledge in conducting various critical activities such as BCP / DR Drills, Phishing Simulations, Table Top Exercises, Cyber Drills. Strong working experience with reviews of Contracts and MSAs. Supporting various pre-sales activities such as RFP reviews. Hands on technical knowledge and experience with various IT related systems and Tools such as AV, EDR, Firewalls, Network Devices, WAF, Proxy etc. Strong knowledge and conceptual understanding of various areas such as Application Security, Infrastructure Security, Physical Security. Knowledge of WAFs, DDoS mitigation (e.g., Akamai), and system hardening (e.g., CIS Benchmarks) Strong leadership, stakeholder engagement, and cross-functional communication skills. Excellent communication (written and oral) and interpersonal skills is very much required Knowledge of the Financial landscape would be an added advantage Manage escalations, ensure strong documentation, and adhere to project timelines. Qualifications: Bachelors degree in Information Security, or a related field. Masters Degree or BE would be an additional advantage. Proficient in MS Office tools Word, Excel, and PowerPoint. Certifications: (Preferred but not mandatory) CISA, CISSP, ISO 27001:2022 Lead Auditor, ISO 27001:2022 Lead Implementor Role & responsibilities

Internal Audit:Auditor - Information System INTERNAL USAGE No. of Vacancies Reports to IS Audit Head Is a Team leader? No Team Size Grade Manager Business Corporate Centre Department Internal Audit Sub - Department Location Corporate Office , Worli Mumbai About Department Internal Audit function of the Bank, operates independently under the supervision of the Audit Committee of the Board and is responsible for providing an independent view to the Board of Directors and Senior Management on the quality and efficacy of the internal controls, risk management systems, governance systems and processes in place on an on-going basis. This is provided to primarily ensure that the business and support functions are in compliance with both internal and regulatory guidelines About the Role To conduct Information Systems Audit for the Bank. Key Responsibilities Planning the audit, developing clear and concise risk/control matrices and audit programs, and reporting Demonstrate professionalism, competence and clarity of communication when dealing with the IT stakeholders Demonstrate reasonable knowledge of the industry or sector and be aware of technical issues or audit risks Qualifications Graduates/CAs/MBA with relevant certification such as CISA / CISM / CISSP / CIA 4+ years of work experience with prior experience in Internal or Statutory Audit / Risk Management / Regulatory / Compliance roles in the financial services (Banking, NBFC) industry Role Proficiencies Experience in conducting Information Systems and Security audits, application control reviews and application functionality reviews - Strong knowledge of regulations and circulars released by regulatory bodies (RBI, SEBI etc.) - Practical experience of audit methodology - Good written and oral communication skills - Good logical and reasoning skills - The ability to work effectively in team Technical skill set for Information systems auditor should have Solid base of computer skills in hardware and software Knowledge of various operating systems Knowledge of Databases Hands on experience on Network Architecture Knowledge of other IT infrastructure Application controls and Interfaces Knowledge on Computer Assisted Audit Techniques (CAATs) Knowledge on Information security governance Knowledge on Business Continuity and Disaster Recovery framework Professional Certifications: CISA, CISM, CISSP, CEH, ISO 27001, ISO22301

Key Responsibilities: Ensure compliance with Indian and global data protection and security regulations, including DPDPA, IT Act, GDPR, ISO 27001, 27701 and SOC 2. Lead internal audits, regulatory assessments, and regulatory reporting to ensure the organization meets both security and privacy standards. Develop and implement comprehensive security and privacy policies and procedures, ensuring alignment with regulatory requirements and industry best practices. Collaborate with cross-functional teams (Legal, Security, Engineering) to implement technical and organizational controls that secure data and ensure privacy-by-design. Conduct regular privacy and security risk assessments to identify compliance gaps and ensure proactive risk management strategies are put in place. Ensure that security controls, including access management, encryption, and incident response, are in place and aligned with ISO 27001 and SOC 2. Support the DPO and InfoSec teams during breach management, including Root Cause Analysis (RCA), managing notifications to regulators, and reporting security incidents. Manage and oversee the timely processing of data subject rights requests (DSRs), coordinating with incident response teams to maintain compliance with applicable laws. Provide compliance training, workshops, and awareness programs on both privacy and security regulations across the organization. Stay updated with evolving privacy and security regulations, adapting internal policies and processes to remain compliant. Establish and maintain privacy and compliance effectiveness metrics, tracking performance against regulatory standards to ensure ongoing adherence and identify opportunities for improvement. Preferred Certifications: CISA, CISSP, ISO/IEC 27001,27701 Lead Implementer or Auditor ,Privacy Certified Expert (PCE)

Job Summary: We are seeking an experienced and strategic Chief Information Security Officer (CISO) with expertise in service delivery, solution architecture, and security operations. The ideal candidate will have a strong background in SIEM and SOAR tools, along with a proven track record of designing and implementing robust security solutions. This role will play a critical role in shaping our cybersecurity strategy and ensuring the protection of our digital assets. Key Responsibilities Cybersecurity Strategy: Develop and implement a comprehensive cybersecurity strategy that aligns with business goals and objectives. Service Delivery: Oversee the delivery of security services, ensuring they meet or exceed industry standards and regulatory requirements. Solution Architecture: Lead the design and implementation of security solutions, including SIEM, SOAR tools, and other cutting-edge technologies. Security Operations: Manage and optimize security operations, including incident response, threat hunting, and vulnerability management. Risk Management: Identify, assess, and mitigate cybersecurity risks, working closely with cross-functional teams to implement effective risk mitigation measures. Compliance: Ensure compliance with relevant cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR). Team Leadership: Build and lead a high-performing cybersecurity team, fostering a culture of continuous learning and development. Vendor Management: Collaborate with third-party vendors and partners to evaluate, select, and implement security solutions and services. Incident Response: Develop and oversee an effective incident response plan, including tabletop exercises and post-incident analysis. Security Awareness: Promote cybersecurity awareness and education among employees, contractors, and other stakeholders. Budget Management: Manage the cybersecurity budget effectively, ensuring optimal resource allocation. Qualifications: Bachelors degree in Computer Science, Information Security, or a related field (Masters degree preferred). A minimum of [X] years of experience in information security, with a focus on service delivery, solution architecture, and security operations. Proven expertise in SIEM and SOAR tools, with a deep understanding of their implementation and management. Industry certifications such as CISSP, CISM, or CISA preferred. Strong leadership and team management skills. Excellent communication and interpersonal abilities. Ability to collaborate with cross-functional teams and communicate complex technical issues to non-technical stakeholders. In-depth knowledge of cybersecurity regulations, standards, and best practices. Competitive salary and performance-based bonuses. Comprehensive health, dental, and vision insurance. Retirement savings plan with company matching. Professional development and training opportunities. Flexible work arrangements. Employee wellness programs. Exciting opportunities for career advancement.

In our Assurance (A&A) Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Leading / execution of Internal Audit / Advisory engagements Ability to effectively perform the technical components of risk assessments to provide an accurate view of the clients current risk state Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the client’s business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Ability to enhance quality and efficiency of recommended conduct risk solutions by applying relevant frameworks, conducting research, and performing analyses Ability to conduct internal audits by leveraging approved processes and methodologies Ability to set the stage for a successful assessment of client’s internal audit processes and controls by collecting and organizing data Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Ability to leverage industry leading frameworks, methods, and tools to increase effectiveness of technology and data risk solutions Desired qualifications Must have 5 – 7 years’ experience post qualification experience in Internal Audit CA/MBA/CIA/CISA Certifications/Qualifications Project Management • Decision making with engagement management and seek to understand the broader impact of current decisions • Lead engagement planning. economics, and billing • Generate innovative ideas and challenge the status quo • Participate in proposal development efforts Audit & Assurance/Assurance (A&A) Assurance (A&A) • Assist in pre-sales activities • Manage relationships with clients with the intention to exceed client expectations Well versed with Internal Audit requirement Managed end-to-end engagements for support on Internal Audit from planning to conclusion. Managed engagements with a team size of 6-10 members Experience in preparation of Business Development presentations, proposals Must be open to travel Location and way of working. • Base location: Chennai • Must have 5 – 7 years’ experience post qualification experience in Internal Audit • Well versed with Internal Audit requirement • This profile involves frequent travelling to client locations. • Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs.

Job Title: Cyber Security Architect No. of years of experience: 8+ years Job Type: Contract Contract Duration: 12 months (potential to extend) Location: Hyderabad Work Type: Hybrid Start Date: Immediate (Notice period/joining within 1-2 weeks) Disaster Recovery Strategy: Develop and maintain the organization's disaster recovery plans, ensuring immediate and efficient recovery of critical systems in the event of cyber incidents or natural disasters. Business Continuity Planning: Assess and design business continuity frameworks, ensuring minimal disruption to operations and rapid restoration of services. Risk Assessment: Evaluate potential threats, vulnerabilities, and risks to the organizations infrastructure and recommend mitigation strategies. Architect Secure Systems: Design and implement secure systems and protocols to protect digital assets and sensitive information. Compliance and Standards: Ensure adherence to regulatory standards, such as ISO 22301, NIST SP 800-34, and other frameworks related to DR/BCP and cybersecurity. Testing and Exercises: Conduct regular tests and simulations of DR and BCP plans to identify gaps and improve recovery strategies. Incident Response: Collaborate with incident response teams to ensure proper handling of security breaches and align recovery efforts with continuity strategies. Vendor Management: Oversee and evaluate third-party disaster recovery services and tools to ensure alignment with organizational requirements. Training and Awareness: Provide training and guidance to employees and stakeholders on DR and BCP roles and responsibilities. Documentation: Maintain detailed documentation for all DR and BCP processes and procedures for audit and operational purposes. If you are interested for above role please share your updated cv to mounika.t@intuition-it.com

Roles & Responsibilities: Triage alerts and analyze security events/logs for threats such as computer viruses, exploits, and malicious attacks. Use critical thinking to bring together information from multiple sources to determine if a threat is present. Conduct security incident response and investigation. Conduct comprehensive security assessments and risk analysis on existing systems and applications. Analyze web traffic for suspicious patterns and potential security breaches. Perform vulnerability assessments and penetration testing. Prepare and provide security documentation and evidence for internal and external audits, ensuring compliance with regulatory requirements and security standards. Stay abreast of the latest cybersecurity trends, threats, and technologies to proactively address emerging risks. Bachelor s degree in computer science, Information Technology, cybersecurity, or a related field. 3+ years of relevant experience. Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing. Experience deploying and maintaining email security systems including anti-phishing, DLP, and encryption technologies to safeguard sensitive data and mitigate threats. Hands-on experience with security tools and technologies such as IDS/IPS, SIEM, and Penetration testing tools like Qualys/Tenable. Hands-on troubleshooting skills for security alerts related to Firewall (SonicWall & FortiGate), Microsoft Entra ID/O365, Windows and Linux Servers. Strong knowledge of GRC frameworks such as PCI-DSS ISO 27001:2022 & 9001:2015, SOC2 Type II CEH (Certified Ethical Hacker) AZ-500 Microsoft Azure Security Technoligies/Cloud Security Certifications with hands on experience Experience with evidence gathering for any of the compliances like PCI DSS, SOC2, HIPPA and ISO. Good understanding of the IT infrastructure architecture both on-prem and AWS and Azure clouds. Tools: Vulnerability management: Tenable, QualysGuard, Nessus Endpoint protection: Sophos, Bitdefender, Trend Micro, Windows Defender SIEM : Wazuh, DataDog, Splunk, Microsoft Sentinel, Sumo Logic Email Security : Zix email security, Exchange Online Protection, Defender for Office 365 Compliance standards : ISO ISMS, SOC2, PCI DSS, HIPAA Preferred: Any of the Certifications like - AWS Certified Security - Specialty, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), GIAC Certifications, or NIST Cybersecurity Framework (CSF)

Job Description: Reporting to the IT SOX Senior Manager-Internal Audit, the IT SOX Associate Manager, Internal Audit will be primarily responsible for the day-to-day conduct and execution of the IT SOX efforts within the Internal Audit department to support the annual SOX compliance program. This role will be a key member of the Internal Audit team in helping management ensure controls and compliance activities are well designed and effective from implementation. This individual will gain broad exposure to the operations of Envista and will interact with leaders across the organization, as well as our external auditors and third-party internal audit co-source partner. This position is intended to be hybrid with 3 days on-site and 2 days remote. PRIMARY DUTIES & RESPONSIBILITIES: Manage IT SOX efforts in conjunction with the external audit team. Review existing SOX program scope and identify areas for control rationalization, control enhancement, and adjustments to testing approach strategy. Oversee and manage walkthroughs as well as review IT general controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as Oracle EBS, SAP, Oracle Hyperion Financial Management, and Workday. Monitor SOX testing approach and manage expectations with control owners and external auditors to ensure key risks are proactively addressed and facilitate the evaluation of process changes to ensure ongoing SOX compliance. Work with control owners to periodically update narratives and other standard operating procedures. Liaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are met. Manage communication with external auditors and serve as a liaison for IT stakeholders. Provide thought leadership to control owners and operators on best practices for control documentation and performance. Research and assess deficiencies and work with Management to identify an appropriate solution. Follow-up on remediation activities to verify appropriate resolution. The position may be hybrid or remote depending on the candidates location. This Job is also suitable for persons with disabilities; attendance required - disabled-accessible building. #LI-PG1 Job Requirements: REQUIRED QUALIFICATIONS: Bachelor s Degree in Management Information Systems, Finance, Accounting, or Business Administration is required. Prior role within Big-4 /internal audit function in IT SOX/compliance audit. Big-4 experience highly preferred. 5-7 years of experience with assessing and testing IT controls for complex ERP systems to support audits. US CPA, CISA, CISSP, CIA, or non-US equivalent certified is required. Familiarity with SAP and Oracle IT general and IT application controls (supporting revenue, general ledger, accounts receivables/payables, etc.). Strong IT background or working knowledge of application infrastructure (Hana/Oracle database, Windows/UNIX/Linux operating systems). Excellent project and time management skills with the ability to self-start, prioritize, and handle multiple tasks in a time-sensitive, team-oriented environment. Strong analytical and problem-solving skills, detailed-oriented and able to work well under pressure. High level of integrity and dependability with a strong sense of urgency and results-orientation. Effective verbal and written communication skills when interacting both internally across multiple business units with various levels of management and externally with auditors. Effective interpersonal skills with ability to influence peers, subordinates, and superiors. Flexibility to collaborate with team members in the PST (UTC-8) time zone. PREFERRED QUALIFICATIONS: Experience in the manufacturing industry is preferred. Experience in business process and control walkthroughs is preferred. Operating Company: Corporate Envista is a global family of more than 30 trusted dental brands, united by a shared purpose: to partner with professionals to improve lives. Envista helps its partners deliver the best possible patient care through industry-leading products, solutions, and technology. Our comprehensive portfolio, including dental implants and treatment options, orthodontics, and digital imaging technologies, covers an estimated 90% of dentists clinical needs for diagnosing, treating, and preventing dental conditions as well as improving the aesthetics of the human smile. Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate. Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes. An Agency must obtain advance written approval from Envistas internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening. Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.

Job Title: Internal Audit Manager. Position:. Internal Audit Manager. About the job:. The Internal Audit Manager will report to the Director, Internal Audit and will provide strategic recommendations to improve business processes, enhance internal controls, and ensure the accuracy and integrity of financial reporting and operational business processes. This individual will collaborate and provide advice to global and regional functional teams (Finance, Information Management, HR, Commercial, etc,) with respect to internal audit and control topics. This individual will work with key leaders within management and must be an effective communicator and project manager and be able to document conclusions in a clear and concise manner. This position will be based in Radnor, PA but part of a global audit team, In your future role as Internal Audit Manager, you will. Assist in developing the risk-based internal audit plan. Drive continuous improvement of internal audit processes in planning, execution and reporting, Plan and scope audit engagements, including identifying key risks and controls. Develop audit programs and test procedures, Plan and allocate resources for audit projects, and manage audit fieldwork, ensuring timely and efficient completion. Conduct complex audit engagements of financial, operational, and IT process areas, and investigations as needed. Supervise and review the work of audit senior and staff ensuring it is thorough and meets the IIA standards; execute work as needed. Evaluate the adequacy and effectiveness of internal controls and risk management processes. Develop value-added audit recommendations that align to organizational goals and communicate audit findings and recommendations to management in a clear and concise manner. Oversee the preparation of detailed audit reports with findings, recommendations, and action plans. Monitor the implementation of audit recommendations. Develop, guide, and provide real-time coaching and guidance to audit senior and staff. Engage and manage relationships with key management stakeholder groups to influence a robust internal control governance structure. ". We believe you bring:. Bachelor’s degree in Accounting, Finance or related area. 6+ years of experience, with Public and Industry experience preferred. CPA, CISA and/or CIA certification preferred. Strong knowledge of internal control frameworks (e-g., SOX, COSO). Strong analytical, problem solving and internal auditor competencies. Experience with process/controls documentation. Demonstrated ability to work independently and under tight deadlines. Great if you have. SAP experience. Strong communication and collaboration skills to work effectively with cross-functional teams. Analytical thinking. Eagerness to learn. We Believe You Are:. Demonstrating Initiatives: A highly motivated individual looking for a challenge; Independent and self-led without being prompted; able to resolve issues without relying on extensive help from others; does more than is expected or asked. A clear communicator, on the page and on your feet. You’re candid yet discreet, open, and organized, trusting and trustworthy, Problem Solving: A premier problem-solver and understand how to improve a process through effective assessments and monitoring. Acquiring Information: Able to absorb new knowledge from a range of sources quickly and eagerly to assist and guide job activities; Consults with others on problems and activities; asks effective questions to obtain information to help you perform their job, Making Accurate Judgments and Decisions: Bases decisions on a systematic review of relevant facts and information; avoids making assumptions or rushing to judgment; provides clear rationale for decisions. Willing to work with people of all backgrounds and levels of expertise and encourage others to embrace change, work together, and lead with integrity, Technologically Savvy: Adept with tools and techniques related to the job; keeps up to date on technological changes; adapts work approach to keep pace with innovations in technology. Acting with Integrity: Clearly states goals and beliefs; lets people know your true intentions; does what you say you would do; follows through on commitments. Developing talent: Invests time and resources into building the capabilities of team members; helps people define career goals and establish development plans to achieve them; gives people constructive, developmental feedback and advice. Demonstrating Tenacity and Perseverance: Maintains high levels of energy and enthusiasm over an extended amount of time; does not give up when faced with challenging obstacles; completes what he/she starts; sees projects through to the end. Good to know:. This is a permanent position on a full-time basis and based in Radnor, PA, An attractive STI (Short term incentive) / bonus scheme. This role gives you a chance to engage with a variety of business leaders at Nouryon, including executive leaders, to develop a strong network and make a name for yourself. There will be ample opportunity to make lateral or upward movement across a high-performing organization. Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon,/careers/how-we-hire/. Show more Show less

SYX Services Pvt ltd SYX Services Private Limited is a subsidiary of a US based company called Company (NYSE: GIC). We are registered under the Companies Act, 1956, and provide information technology services solely to Company and its subsidiaries located in the United States and Canada. Our operations started in July, 2011 and we are now a 70-member team comprised of Java developers, SAP professionals, .net developers, Oracle developers, a creative team and a Web Chat team. For over 70 years Company through its operating subsidiaries has been an industry leader providing private label and brand name industrial equipment and supplies to businesses throughout North America Key Responsibilities Work with the IA manager to plan IT audits and develop work programs, timelines, risk assessments, and other planning documents. Work with IT leadership to document the IT processes and identify and test controls. Participate in recurring SOX testing activities and Internal Audit programs. Serve as a fieldwork leader by directing daily progress of IT fieldwork, informing the Management of audit status and issues. Demonstrate and apply a thorough understanding of complex information systems. Use knowledge of the current IT environment and IT risks, identifying potential audit issues and communicating this information to management through written correspondence and verbal presentations. Maintain through a continuing commitment to personal development, including an understanding of technology trends as well as statutory and legislative changes impacting IT throughout North America and Europe. To demonstrate and apply strong project management skills, collaborate with other audit team members, and use current technology and tools to enhance the effectiveness of deliverables. Competencies and skills Audit / risk experience in a $1B+ business. Experience with PCI-DSS Proficiency with ERP controls and security preferably SAP Knowledge and experience of COBIT and Sarbanes-Oxley One or more of the following certifications: CPA, CA, CISA, CISSP, CISM, CBCP, CIA or CFE Qualifications A degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline. Two to five years experience working as an auditor or risk adviser for a public accounting firm, professional services firm or within industry. Strong understanding of IT processes, risks, technologies and controls. Strong presentation abilities underpinned by effective verbal communication and report writing skills. Solid project management, teamwork and relationship skills. Important Facts Job Segment: Systems Engineer, Engineer, Engineering

Network Risk and Compliance Analyst:This role is positioned as a Network Risk and Compliance within the Production Assurance-Risk and Compliance Team. The Risk and Compliance team is responsible for proactively identifying and managing risks and to ensure oversight and accuracy of our audit and regulatory responses and remediation plans. Primary responsibilities will include:Develop and manage monitoring activities to ensure compliance with Information Security and Technology regulatory requirements and internal policies and standardsIdentify, develop and maintain key risk indicators to track and ensure compliance with established policies and standardsConduct targeted reviews to identify risks, opportunities, and areas for improvementProactively identify and report Information Security and Technology compliance risksEnsure risks are effectively identified, quantified, prioritized, communicated, and managed, including recommendations for risk mitigation, and identifying the root cause/key themesEffectively communicate findings and recommendations to management in detailed and organized format/process via presentations to stakeholders and senior managementAudit, Regulatory and Third-Part audits/risk assessmentsDevelopment of formal responses to Audit and Regulatory inquiries or assessments. This may be comprised of documentation gathering, drafting of documents, and researching past activity and reportsCentralize compliance responses/data to improve audit response time and create consistent responses across teamsInteract with Auditors and Regulators as neededDevelop and conduct ongoing risk and compliance training and education Role Requirements:Bachelor s degree in Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant fieldStrong technical background in order to communicate effectively with Network EngineersExperience in leading projects, preferably global projectsExperience with audits and/or compliance assessments/monitoringPMI, CISSP, CISM, CISA a plusAbility to operate in a fast-paced global environmentAbility to work under pressure, meet tight deadlines and embrace changeAbility to communicate clearly to various levels of management (including executive management), across various business functions (including engineering) More about the OpportunityThe Risk and Compliance Analyst is an excellent opportunity, and CACI Services India reward their staff well with a competitive salary and impressive benefits package which includes: Learning: Budget for conferences, training courses and other materials Health Benefits: Family plan with 4 children and parents covered Future You: Matched pension and health care packageWe understand the importance of getting to know your colleagues. Company meetings are held every quarter, and a training/work brief weekend is held once a year, amongst many other social events. CACI is an equal opportunities employer. Therefore, we embrace diversity and are committed to a working environment where no one will be treated less favourably on the grounds of their sex, race, disability, sexual orientation religion, belief or age. We have a Diversity & Inclusion Steering Group and we always welcome new people with fresh perspectives from any background to join the group

Job Description: Reporting to the IT SOX Senior Manager-Internal Audit, the IT SOX Associate Manager, Internal Audit will be primarily responsible for the day-to-day conduct and execution of the IT SOX efforts within the Internal Audit department to support the annual SOX compliance program. This role will be a key member of the Internal Audit team in helping management ensure controls and compliance activities are well designed and effective from implementation. This individual will gain broad exposure to the operations of Envista and will interact with leaders across the organization, as well as our external auditors and third-party internal audit co-source partner. This position is intended to be hybrid with 3 days on-site and 2 days remote. PRIMARY DUTIES & RESPONSIBILITIES: Manage IT SOX efforts in conjunction with the external audit team. Review existing SOX program scope and identify areas for control rationalization, control enhancement, and adjustments to testing approach strategy. Oversee and manage walkthroughs as well as review IT general controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as Oracle EBS, SAP, Oracle Hyperion Financial Management, and Workday. Monitor SOX testing approach and manage expectations with control owners and external auditors to ensure key risks are proactively addressed and facilitate the evaluation of process changes to ensure ongoing SOX compliance. Work with control owners to periodically update narratives and other standard operating procedures. Liaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are met. Manage communication with external auditors and serve as a liaison for IT stakeholders. Provide thought leadership to control owners and operators on best practices for control documentation and performance. Research and assess deficiencies and work with Management to identify an appropriate solution. Follow-up on remediation activities to verify appropriate resolution. The position may be hybrid or remote depending on the candidates location. This Job is also suitable for persons with disabilities; attendance required - disabled-accessible building. #LI-PG1 Job Requirements: REQUIRED QUALIFICATIONS: Bachelor s Degree in Management Information Systems, Finance, Accounting, or Business Administration is required. Prior role within Big-4 /internal audit function in IT SOX/compliance audit. Big-4 experience highly preferred. 5-7 years of experience with assessing and testing IT controls for complex ERP systems to support audits. US CPA, CISA, CISSP, CIA, or non-US equivalent certified is required. Familiarity with SAP and Oracle IT general and IT application controls (supporting revenue, general ledger, accounts receivables/payables, etc.). Strong IT background or working knowledge of application infrastructure (Hana/Oracle database, Windows/UNIX/Linux operating systems). Excellent project and time management skills with the ability to self-start, prioritize, and handle multiple tasks in a time-sensitive, team-oriented environment. Strong analytical and problem-solving skills, detailed-oriented and able to work well under pressure. High level of integrity and dependability with a strong sense of urgency and results-orientation. Effective verbal and written communication skills when interacting both internally across multiple business units with various levels of management and externally with auditors. Effective interpersonal skills with ability to influence peers, subordinates, and superiors. Flexibility to collaborate with team members in the PST (UTC-8) time zone. PREFERRED QUALIFICATIONS: Experience in the manufacturing industry is preferred. Experience in business process and control walkthroughs is preferred. Operating Company: Corporate Envista is a global family of more than 30 trusted dental brands, united by a shared purpose: to partner with professionals to improve lives. Envista helps its partners deliver the best possible patient care through industry-leading products, solutions, and technology. Our comprehensive portfolio, including dental implants and treatment options, orthodontics, and digital imaging technologies, covers an estimated 90% of dentists clinical needs for diagnosing, treating, and preventing dental conditions as well as improving the aesthetics of the human smile. Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate. Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes. An Agency must obtain advance written approval from Envistas internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening. Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.

At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. We are passionate about making a positive impact in the world, and we re looking for a highly skilled and experienced talent to join our dynamic team. Armor has unique offerings to the market so customers can a) understand their risk b) leverage Armor to co-manage their risk or c) completely outsource their risk to Armor. Learn more at: https://www.armor.com This position is a hybrid role located in Pune, India, requiring a combination of in-office and remote work. Applicants must be based in Pune or willing to commute to the office as needed. Summary Armor is seeking a talented and motivated individual to serve as a Security Operations Analyst L3. The Analyst would perform advanced, senior-level cybersecurity analysis work. The role involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. May supervise the work of others. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment. Essential Duties and Responsibilities (Additional duties may be assigned as required.) Performs deep-dive analysis of information systems, portable devices, and forensic recovery of data using assessment tools. Monitor, investigate, analyze, and remediate indications of compromised or breached systems and applications. Perform Incident Response triage of live hosts, interacting with various Operating Systems [Win/Linux]. Use and reporting of a large -scale SIEM and Data Analytics implementation in a dynamic cloud service provider environment. Work with customers through the Incident Management process based on NIST 800-53 and SANS best practices when issues are detected. Monitor and enforce guidelines for best practices in security and compliance in accordance with NIST 800-53. Research and investigate new and emerging threats and vulnerabilities. Participate in security communities. Review, maintain, and develop processes and procedures for information collection, analysis, and dissemination. Mentor junior analysts and serve as an escalation point during Incident Response activities. REQUIRED SKILLS Thorough understanding of Operating Systems [Win/Linux], Networking, and Information Security. Thorough understanding of security threats, threat analytics and current mitigation techniques. Skilled in Incident Response and network security monitoring. Public Cloud Administration and Cloud Security knowledge (Azure, AWS, GCP). Hands-on experience with a range of security tools such as IDS, WAF, Anti-malware, FIM, SIEM, EDR, and others. Technically proficient in network communication using IP protocols, system administration knowledge of computer network defense operations (proxy, firewall, IDS/IPS, route/switch). System security and SIEM operations experience. Proficient in use of EDR/XDR tools such as Defender for Endpoint for advanced threat investigation and containment. Collaborate with detection engineers or SMEs to refine and develop correlation rules, detection rules, scripting and automation playbooks. Experience with Threat Intelligence and Threat Hunting. Ability to work evenings/weekends shifts as required and to be on-call 24x7 to serve as the escalation point for your team. Experience in security incident reporting and procedures. Able to handle private and confidential information with physical and ethical care. Must have a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages and others. Understand threat actor tactics, techniques and procedures, have familiarity with the MITRE-ATT&CK Framework and different stages of an attack lifecycle. Able to conduct log analysis, network/email traffic assessment, assess the impact and blast radius and gather evidence for response and mitigation actions. Excellent communication (oral and written), interpersonal, organizational, and presentation skills including interactions with customers via phone calls, chat, incident tickets and emails. Creative problem solver with effective resolution ability and analytical skills. Able to articulate technical i deas at m ultiple levels, ability to establish and maintain credibility with business constituents at all levels. Must be effective in managing time, and service levels, and prioritizing tasks between a diverse set of assigned duties. Must possess or be able to obtain the following certifications within 90 days of starting: Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Identity and Access Administrator Associate (SC-300) Microsoft Certified: Azure Security Engineer Associate (AZ-500) 5-10 years of direct experience in the field of Information Security required including an educational background in a related technical discipline, or the equivalent combination of education, professional training, or work experience. Other desirable certifications include CISSP, CISA, OSCP, GIAC, GSEC and GCFA. Self-starter and self-learner with the ability to work in a flexible and production-orientated environment/ adaptability to change. Consistently leads with a curious mind to stay abreast of emerging trends, tactics, and an ever-changing technological landscape to enhance Armor s Security Posture. WHY ARMOR Join Armor if you want to be part of a company that is redefining cybersecurity. Here, you will have the opportunity to shape the future, disrupt the status quo, and be a part of a team that celebrates energy, passion, and fresh thinking. We are not looking for someone who simply fills a role we want talent who will help us write the next chapter of our growth story. Armor Core Values: Commitment to Growth: A growth mindset that encourages continuous learning and improvement with adaptability in the face of challenges. Integrity Always : Sustain trust through transparency + honesty in all actions and interactions regardless of circumstances. Empathy In Action : Active understanding, compassion and support to the needs of others through genuine connection. Immediate Impact : Taking initiative with swift, informed actions to deliver positive outcomes. Follow-Through : Dedication to delivering finished results with attention to quality and detail to achieve the desired outcomes. Work Environment The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment may be in either an office setting, at the company s data center, at a client location or at an industry trade event. Equal Opportunity Employer - It is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.

Qualifications. Proven experience in information security management roles. In-depth knowledge of information security principles and practices. Experience in developing and implementing information security policies and procedures. Familiarity with regulatory requirements and industry standards related to information security. Strong understanding of network security, cryptography, identity and access management, and security architecture. Experience with security risk assessments and vulnerability management. Knowledge of security technologies, such as firewalls, intrusion detection/prevention systems, antivirus, and endpoint security. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Bachelor’s degree or higher in Information Security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, CISA) are a plus. Demonstrated leadership skills and the ability to mentor and guide a team. Show more Show less

WHAT YOU DO AT AMD CHANGES EVERYTHING. We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives.. AMD together we advance_. The Staff Information Security Analyst will be responsible for identifying and defining requirements and engineering solutions to solve the existing threats and security issues of a global organization. This role will initial focus heavily on data protection, leading advancements in data loss prevention, and changing how AMD protects data going forward.. The Person. The ideal candidate will possess strong multi-tasking skills and enthusiasm for details and should think one step ahead of cyber-criminals. They should be well prepared to thrive in a fast-paced environment, possessing strong interpersonal and communication skills. You will use your critical thinking and sense of ownership to focus on long term quality IT security solutions. Are you self-motivated and a team player with proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry? If so, this is a great career opportunity!. Key Responsibilities. The Staff Information Security Analyst responsibilities include, but are not limited to:. Building and growing AMD’s data security capabilities to keep AMD data secure regardless of location.. Identifying, monitoring, and defining the requirements to reduce the overall risk to AMD data, systems, and infrastructure.. Implementing hardware and software solutions to help mitigate a wide variety of information security risks.. Collaborating with other IT teams to align initiatives across the company.. Preferred Experience. Minimum of 5 years of IT security related experience.. Professional experience as a Security Engineer with demonstrated successful leadership and delivery of data protection solutions.. Experience as a customer-facing technical lead, including working with both management-level and development teams.. Senior/advanced related IT or security experience working in one or more Security Domains.. Experience with CASB, DLP, CSPM, Web Proxy.. Hands on experience with Data Classification policies and technologies to address data leakage.. Working knowledge of network topology, protocols, components, and OSI model, and IAM technologies (e.g., PKI, Oauth, OIDC, SAML). Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment.. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.. Experience with cloud services (AWS, Google, Microsoft) and associated networking, as well as collaboration and integration with O365 products.. Hands on experience with Enterprise Linux platforms.. Experience with EDR solutions is a plus.. DLP, CASB. Nice to have: Client proxy, SIEM, File and Removable Media Protection [FRP]. It Would Be Nice If You Also Had. Experience with scripting language (python, PowerShell, etc.).. Strong documentation skills.. Academic Credentials. BS CS preferred but not required.. CISSP, CISA, CISM, CCSK. Benefits offered are described: AMD benefits at a glance.. AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.. Show more Show less

About Us. At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.. What are we looking for?. Reporting to the ManagerInternal Audit, this position is a highly visible and impactful role across the company. The Sr. Analyst – IT Internal Audit, based in India and will work with all levels of management to promote business integrity and robust internal control structures, compliance with Sarbanes-Oxley legislation, and recommendation for process improvements and IT internal Audit projects.. What will you do?. Assist in IT SOX 404 planning, scoping, and risk assessment process through close collaboration with external auditors and business process owners. Engage in Internal audit projects, ERM, operational and IT audits.. Participate in the IT risk assessment process and development of the audit plan for assigned entities. Conduct IT walkthroughs and controls testing according to established audit standards. Develop high-quality process and audit testing documentation for design effectiveness and operating effectiveness of ITGCs, ITAC, SOC1 restricted access controls. Perform testing of application controls, key reports, interfaces, integrations, and segregations of duties rules. Develop and maintain comprehensive documentation including flow charts, process narratives and risk and control matrices and any others required. Evaluate audit findings and coordinate remediation of deficiencies. Strong understanding of US GAAP, SOX requirements, and internal audit standards. Understanding of SDLC principles.. Develop business relationships and proactively interact with process owners to gather information, resolve problems, and make recommendations for improvement and optimization. Demonstrate initiative and provide timely updates to internal audit management. Manage multiple tasks effectively and deliver projects timely. Documentation and activities remain current and in compliance with the IIA’s IPPF Standards and are consistent with best practices. Develop metrics for ongoing operational activities and leverage technology and data analytics to enhance IA operations.. Help manage governance of the Internal Audit function and mature and evolve our audit methodology and operational audit program. Perform other tasks and projects as assigned in support of the internal audit team and corporate objectives. What skills and knowledge should you bring?. Bachelor’s degree in Computer Science, Accounting & Finance, Information Systems, or related field preferred CA/CPA/CISA/CIA/CISSP/CISM. Minimum of 5+ years of audit experience, preferably within the technology industry.. Experience with Big 4 accounting firms or global public companies is strongly preferred.. Ability to take direction, learn quickly, work independently, and maintain a level of professional skepticism. Ability to handle multiple priorities and deadlines, with high standards for quality, accuracy, and attention to detail. Working knowledge of data analysis and business intelligence tools is a plus (PowerBI, Tableau). Data Governance and Management. Business Continuity and Planning and Disaster Recovery. Systems Development Life Cycle (SDLC), Project Management Life Cycle (PMLC), and Application Change Management. Websites and Mobile Applications. IT Asset Lifecycle Management. IT Problem Management, Help Desk and Service Level Management. Enterprise Applications including the following control areas:. Application security architecture. Application access, Server-level access and controls, Database-level access and controls. Why us?. You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.. Industry leading gender-neutral parental leave. Paid Company Holidays. Paid Sick Time. Employee stock purchase program. Disability and life insurance. Employee assistance program. Gym membership reimbursement. Cell phone reimbursement. Numerous company-sponsored events including regular happy hours and team building events. SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.. SentinelOne participates in the E-Verify Program for all U.S. based roles.. Show more Show less

As a Technology Auditor, you will be involved in auditing various technology systems / applications used within the firm to provide assurance on the application controls, data quality, data flows, data calculation processes used for regulatory reporting, along with other General Technology Controls including Application entitlements, Data Retention and Software Change Management. Your Impact As part of the third line of defense, you will be involved in independently assessing the firm s overall control environment, and communicating the results to the firm s local and global management the effectiveness of the firm s controls that mitigate current and emerging risks, and monitoring the management s implementation of control measures. In doing so, you are supporting the provision of independent, objective and timely assurance around the firm s internal control structure, and supporting the Audit Committee, the Board of Directors and Risk Committee in fulfilling their oversight responsibilities. Responsibilities You will play a vital role in audit execution focusing on the review of Technology processes and analyzing the risks involved and assessing the design and operating effectiveness of the controls implemented to This position description is intended to describe the duties most frequently performed by an individual in this position. It is not intended to be a complete list of assigned duties but to describe a position level. The role shall be performed within a professional office environment. Goldman Sachs has health and safety polices that are available for all workers upon request. There are no specific health risks associate with the role. mitigate the risk. You will be responsible in documenting the assessments and testing conducted and discussing the results with the firms local and global management. In addition, you will also monitor and follow up with management on the resolution of the open audit findings. Basic Qualifications BE/B Tech/MCA/MBA in Systems/MSc or equivalent University degrees in technology 3 - 6 years of experience as a Technology auditor covering IT applications and processes Strong written and verbal communication skills Understanding of software development concepts and system architecture Basic level understanding of Cloud infrastruture , databases, operating systems and messaging Proficiency in data analysis using Excel or SQL Must be highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly Preferred Qualifications Experience with Data Analytics tools and techniques and cyber security Relevant certification or industry accreditation (eg CISA) Knowledge of Financial Products and Services

Responsibilities for Internal Candidates Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Job Description Summary The Identity & Access Management Program Manager is responsible leading efforts to provide system users, system owners, and business leaders with identity & access management processes and procedures that adhere to regulatory requirements and uphold business governance in a compliant, reliable & user friendly method Job Description Roles and Responsibilities In this role, you will be responsible for supporting the development, implementation, and monitoring of identity compliance initiatives within the organization. This role involves ensuring that all identity-related processes, policies, and systems comply with relevant regulations and standards. The ideal candidate will have a strong understanding of identity management, regulatory compliance, risk management, knowledge and expertise in SOX and awareness of data privacy regulations. This role requires a strong technical background, with the ability to translate compliance requirements into actionable tasks. Project management skills will be advantageous. Key Responsibilities: Compliance Analysis: Analyze identity management processes to ensure compliance with relevant regulations, standards, and internal policies. Policy Support: Assist in the development, implementation, and maintenance of identity compliance policies and procedures. Data Collection: Collect and analyze data related to identity management to identify compliance gaps and areas for improvement. Audit Preparation: Support internal and external audits related to identity compliance by preparing necessary documentation and reports. Incident Response: Assist in investigating and responding to identity-related incidents, ensuring timely resolution and documentation. Training and Awareness: Support the development and delivery of training programs to educate employees on identity compliance requirements and best practices. Reporting: Generate regular reports on identity compliance status, issues, and improvements for review by senior management. Collaboration: Work closely with IT, Legal, HR, and other departments to ensure a cohesive approach to identity compliance. Continuous Improvement: Stay updated on industry trends, regulatory changes, and best practices in identity management and compliance. Qualifications: Education: Bachelor s degree in Information Security, Computer Science, Business Administration, or a related field. Experience: Minimum of 2-4 years of experience in identity management, compliance, or a related field. Certifications: Relevant certifications such as Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) are preferred. Knowledge: Strong understanding of identity management frameworks, regulatory requirements (e.g., SOX, GDPR), and industry standards (e.g., ISO 27001). Skills: Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Attention to Detail: High level of accuracy and attention to detail in all aspects of work. Relocation Assistance Provided: No

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, youll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. The SOX Governance and Advisory team within Controllership (1LOD) plays a critical role in supporting the enterprise by developing and executing a risk-based plan to assess and enhance the company s internal controls over financial reporting. The team utilizes a robust governance framework and testing program to manage financial reporting risk in compliance with the company s 2LOD objectives and requirements of the Sarbanes Oxley Act. This is an Analyst position in the SOX Governance and Advisory team, responsible for supporting the Sarbanes-Oxley (SOX) compliance program across American Express in addition to compliance with the Company s Operational Risk Management framework for the Finance organization. Reporting to the Manager of SOX Assurance, the successful candidate will be responsible for testing, monitoring and optimization of internal controls over financial and regulatory reporting including associated Information Technology (IT) systems. The individual should possess excellent communication, presentation and stakeholder management skills. Primary responsibilities include : Validate design and operating effectiveness of SOX controls through testing, across all Business Units (BUs) to support Control Owners / Process Owners in quarterly SOX certification process IT control testing including interface inputs, key reports, applications, business continuity and third parties Collaborate with key stakeholders including Business Process teams, BU Control Management, Operational Risk Management, Internal Audit, etc. for quarterly SOX testing and reporting Perform year-end control testing to support our external auditors, PwC, for their annual SOX audit Partner closely with internal stakeholders and external auditors to resolve testing related observations / queries Drive enhancements in control environment by identifying the improvement opportunities to SOX Controls High degree of organization, individual initiative, results and solution oriented, and personal accountability and resiliency. Exemplify strength in the American Express Leadership Model: set the agenda, bring others with you and do it the right way, and put enterprise thinking first. Preferred Qualifications Qualified Professional (Chartered Accountant / MBA Finance from a premier institute) with 4+ years of relevant experience in SOX compliance, Internal Audit, etc. typically from a Big 4 firm. Certified Information Systems Auditor (CISA) qualification preferred. Knowledge of the Sarbanes Oxley Act (including Sections 302 & 404) and in-depth understanding of COSO Framework, Risk Assessment and Internal Controls Over Financial Reporting (ICFR) Understanding of the testing methodology, controls / test procedures interpretation and to conclude on testing results Excellent communication skills, both written and verbal, with the ability to clearly and concisely articulate issues in a timely and effective manner. Demonstrated strong abilities in key Financial Reporting skills, including financial reporting risk management/ program, risk assessment, internal audit coordination, and external fraud risk management/ program.

: Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About the role: As a Vendor Risk Operations team member, you will play a critical role in safeguarding Paytm from potential risks associated with our vendor ecosystem. You will be responsible for conducting comprehensive vendor risk assessments, ensuring compliance with internal policies and regulatory requirements, and actively contributing to the continuous improvement of our vendor risk management framework. This role requires a keen eye for detail, strong analytical skills, and the ability to collaborate effectively with various stakeholders. Conduct end-to-end vendor risk assessments across various risk domains (e.g., Vendor deduplication, information security, financial stability, business continuity, regulatory compliance, data privacy). Collaborate with business units to understand their vendor requirements and associated risks. Review vendor-provided documentation, certifications, and audit reports to identify potential vulnerabilities. Conduct Mystery-shopping wherever required Track and monitor vendor remediation efforts to ensure timely closure of identified risks. Maintain accurate and up-to-date vendor risk profiles and assessment records. Assist in the development and enhancement of vendor risk assessment methodologies, tools, and processes. Contribute to the ongoing development and implementation of Paytm's vendor risk management framework. Generate regular reports on vendor risk posture and assessment progress for internal stakeholders. Participate in ad-hoc projects and initiatives related to vendor risk management as required. Expectations/: Educational QualificationBachelor's degree in Business Administration, Finance, IT, Risk Management, or a related field. Experience2-5 years of experience in vendor risk management, third-party risk management, internal audit, compliance, or a similar risk-focused role. Domain KnowledgeStrong understanding of various risk domains, including information security, data privacy (e.g., GDPR, local data protection laws), financial risk, operational risk, and regulatory compliance. Understanding of Technology and User ExperienceAn appreciation for how technology solutions are built and how they impact user experience will be valuable in assessing vendor capabilities and potential risks. Analytical & Problem-Solving Skills: Excellent analytical and problem-solving skills with the ability to conduct deep dives, identify, assess, and mitigate risks effectively. Advanced Knowledge of Excel is required for data analysis and reporting. Basic knowledge of MySQL would be an added advantage for data retrieval and manipulation. Communication & Interpersonal Skills: Good communication and interpersonal skills, with the ability to present complex information clearly and concisely to diverse audiences. Strong written communication for documentation and reporting. High level of drive, initiative, and self-motivation. Ability to work independently, prioritize tasks, and manage multiple assessments simultaneously in a fast-paced environment. A willingness to experiment, learn quickly, and continuously improve processes and personal skills. Certifications (Preferred but not mandatory)CISA, CRISC, CISM, or other relevant certifications in risk management or information security. Why join us: A collaborative output driven program that brings cohesiveness across businesses through technology Improve the average revenue per use by increasing the cross-sell opportunities A solid 360 feedbacks from your peer teams on your support of their goals CompensationIf you are the right fit, we believe in creating wealth for you with enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it

Position Purpose To conduct audit work in accordance with the IG methodology and ensure high standard of deliverables To contribute to risk assessment of audit units based on knowledge obtained through assignments as well as day-to-day contact with auditees To follow through with auditee on implementation of recommendations Responsibilities Direct Responsibilities 1. Participate in the audit team assignments and special reviews (when required by regulators, business lines, or senior management) Head of Assignment -Lead the assignment / review in accordance with BNPP Internal Audit Guidelines, International Professional Practices and established internal communication protocol. -Plan, oversee and co-ordinate the work performed to ensure optimal resource allocation and efficient completion of assignment by preparing the methodology, collating raw data, obtaining past recommendations, preparing meetings with auditees, etc. -Assess the key risks of the audited areas and coordinate the team to identify weaknesses in governance, risk management and control in those areas and raise appropriate findings and recommendations. -Review work done by audit team to ensure that the work scope objectives are achieved. -Complete the audit report within the recommended timeline. -Escalate to the Supervisor unresolved matters or disputes with the auditees for timely resolution. Auditor of Assignment -Assist in documentation gathering for the assignment. - Assist in assessing the key risks of the audited areas and identify weaknesses in governance, risk management and control in those areas by carrying out appropriate evaluation and tests. - Raise appropriate findings and provide appropriate value-added recommendations to mitigate identified risks. - Complete and file investigation working papers for easy retrieval to substantiate work performed. 2. Review the implementation of the Inspection Gnrale recommendations -Validate the implementation of recommendations and maintain audit trail of correspondences with auditees in respect of all implementation. 3. Contribute to the periodic risk assessment of covered activities and planning Perform a periodic and comprehensive risk assessment of the covered activities as per the Group guidelines. Keep abreast of change/new development of regulatory requirements that are relevant to the covered activities and related functions. Assist in the elaboration of the audit planning following a risk-based approach. Contributing Responsibilities Contribute to the improvement of the Inspection Gnrale practices through the elaboration and update of our methodologies. Technical & Behavioral Competencies Is conversant with and applies appropriately audit methodology/standards and control concepts Possesses knowledge of business, products, risks, practices, policies and regulations Practically adapts theory and experience to circumstances of assignment Demonstrates planning, organizing and communication / interpersonal skills in conducting assignments and dealing with auditees Be analytical and able to anticipate problems/obstacles, able to distinguish material from non-material items in making decisions Is mindful about deadlines and disciplined in completing deliverables at the required level of standard Team Work spirit Good written and oral communication skills in English Specific Qualifications (if required) Possess experience in external auditing / internal auditing / credit / risk / compliance / internal control / operations in the financial services industry with a minimum of 5 years in internal audit. Possess a Bachelors / Masters degree in related disciplines; Professional Qualification/Certificate in Audit / Accounting, e.g. CA, CIA, CISA, is a plus. Skills Referential Behavioural Skills(Please select up to 4 skills) Ability to collaborate / Teamwork Attention to detail / rigor Communication skills - oral & written Critical thinking Transversal Skills: (Please select up to 5 skills)Analytical AbilityAbility to manage / facilitate a meeting, seminar, committee, trainingAbility to anticipate business / strategic evolutionAbility to manage a projectAbility to understand, explain and support changeEducation Level:Master Degree or equivalentExperience LevelAt least 7 years Other/Specific Qualifications (if required)