728 Cisa Jobs - Page 5

Job Title: Assistant Manager Function: Governance, Risk and Compliance Services (GRCS) Location: Mumbai OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes - Oxley 404 Assistance Compliance Assistance - Contracts and regulations Corporate Governance Advisory- Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Executives are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Executives may lead a small team of analysts/trainees on engagements. Consistently deliver quality client services and take charge of the project area assigned to him/her. Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes. Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge. Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge. The job would require travel to client locations within India and abroad. THE INDIVIDUAL Have experience in process consulting/ internal audit/ risk consulting. Possess strong domain knowledge, understanding of business processes and possible risks in operations of various Sectors. Ability to perform and interpret process gap analysis. Understanding of control rationalization, optimization, effectiveness, and efficiency Strong analytical and problem-solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage. Strong written and verbal communication skills (presentation skills) Ability to work well in teams. Basic understanding of IT systems, Knowledge of MS office (MS Excel, PowerPoint, Word etc) Have the ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours. Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic. Qualification Qualified CAs/ MBAs with 0 - 2 years OR Graduates with 7 - 9 years of relevant experience in risk consulting/ operations or compliance function role (Understanding of internal audit, business processes, sector understanding). Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage. SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills. Compensation Compensation is competitive with industry standards. Details of the compensation breakup will be shared with short-listed candidates only. People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desks. Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - KPMG Advisory Services is for you! .

We are currently looking for an ambitious and dynamic IT SOX/Internal Auditor to join our Global SOX Team based in Bangalore. The main purpose of the role is to assess the adequacy of IT controls design and complete the test of effectiveness covering all aspects of Visa s in-scope key financial systems and applications. It is expected that this position will include responsibility for the understanding of complex IT areas in accordance with plan. The Analyst should expect to assume supporting role in the completion of the SOX 404 testing stage for several IT controls under the direction of managers. Skills Strong problem-solving skills, with demonstrated ability to identify and resolve issues and risks, including root cause analysis. Ability to anticipate and identify opportunities to establish standards and controls, as well as develop and recommend solutions. Effective communication, interpersonal and influencing skills and ability to drive effective change at all levels of the organization. Detailed, conscientious and highly responsible team player. Responsibilities Review and assess adequacy of walkthrough documentation, perform test of effectiveness through review of supporting documents, meeting control owners and report control issues identified. Attend and support IT controls meetings with control owners, external auditors and SOX team members. Document test results in Visa s work papers template ready for review by SOX team members and external auditors. Interacts with management to assess control exceptions. Keep control owners and SOX team informed of exceptions and assist the IT teams with the development of Management Action Plans to mitigate issues, and evaluate adequacy of managements actions. Possess good written and oral communication skills, demonstrate these skills during meeting with control owners and IT teams. To be a key member of the SOX team and contribute to the planning and execution of the annual SOX program for IT controls. Provide best practice expertise to management and the SOX team on the COSO and IT SOX internal control frameworks. Handling day-to-day relationships with the external auditors on control matters and related issues. Professional 3 - 5 years of experience in SOX, internal audit, or risk with focus on IT controls (ITGC/ITAC) Experience in financial services or payments industry preferred . Big 4 experience preferred Qualification . Bachelor of Technology/ Commerce degree . CISA/CISM certification preferred

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

Partner with the best As an IT SOX Analyst, you will be responsible for ensuring the organization is compliant to regulatory (SOX) policies within the IT landscape. Your primary role consists of testing the IT General controls across key ERP systems such as SAP and Oracle. In this role, you will build relationships with the business, finance controllership, Internal and External auditors to achieve shared objectives. Responsibilities, authorities and accountabilities Conduct walkthrough meetings with internal and external stakeholders to support audit activity Perform assurance activities to assist management in the testing of Internal Controls Over Financial Reporting (ICOFR) Develop and monitor compliance of IT General controls across multiple ERPs and application within the Baker Hughes global IT landscape Perform control testing to assess the effectiveness of the internal control environment Identify new risks across the enterprise applications and assess the design of controls Assist management in the evaluation of deficiencies and impact assessment to financials Create high-quality document in compliance with audit standards Communicate audit progress to stake holders Coordinate with external auditors Participate in pre-implementation reviews to assess control environment prior to deployment Provide guidance to management to drive improvement in control environment Required Qualifications Bachelors Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math). A minimum 9 years of professional experience. Desired Characteristics Knowledge of SAP or Oracle ERP is a plus Knowledge and experience in auditing SAP or similar ERP systems Knowledge of COSO framework, UA Generally Accepted Accounting Principles (GAAP) Ability to resolve medium to critical problems within a highly technical environment Good knowledge of IT governance, Internal Control framework and risk management Strong verbal/written communication skills R ecent experience in IT SOX Audits or IT Risk Assessment Prior experience working in a matrix environment Prior experience doing Lean or Six Sigma Process improvement work Prior experience working on developing and leading strategy definition Prior experience managing IT operations and support ServiceNow (IRM) experience is a plus CISSP/CISM/CISA certification

Type: Hybrid (work from office) Job Description Who We Are: Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and detail-oriented Internal Auditor to lead and execute internal audits across all business functions. This role will support in accomplishing risk management and governance objective by bringing a systematic and disciplined approach. The Internal Auditor will work closely with various teams to identify risks, control gaps, and improvement opportunities, and support the organization in achieving operational efficiency, compliance, and strategic objectives, thereby bringing a preventive approach in effective risk management and control. Job Description and Responsibilities: Plan and execute internal audits covering business operations, financial controls, technology processes, and information security. Identify control gaps, process inefficiencies, and areas for operational improvement. Perform risk-based audits aligned with the annual audit plan and enterprise risk priorities. Review and assess the effectiveness of internal controls, policies, and procedures. Draft detailed audit reports summarizing findings, risk exposure, and actionable recommendations. Investigate, as required by senior management fraud, embezzlements and defalcations Follow up on audit findings to ensure timely and effective closure of identified issues. Collaborate with process owners, risk champions, and management to develop corrective action plans. Participate in enterprise-wide risk assessments and contribute to risk heat maps. Support operational effectiveness initiatives by identifying data leakage risks and monitoring process adherence. Coordinate with external auditors and regulatory bodies during assessments and audits. Keep abreast of all trends and developments in regulatory requirements, general accounting principles or audit techniques; implement and react quickly to any changes. Obtain buy in of the Business Heads on the Audit Scope Be transparent with the Business owners on the audit scope. Be flexible to take their inputs on the timing of the meetings, sharing data, etc. considering their other work commitments. Communication of the Audit findings to the Business Owners Share the Audit observations as and when they surface during the audit, Give due consideration to any mitigating controls/ procedures or specific scenarios, if any. Take the inputs of the business owners for the recommendations/possible solutions to plug the control gaps, Discuss tentative timelines for the implementing the recommendations Communication of the Audit findings to the Management Classification of the Audit findings and providing a risk ranking for presenting to the management. Present the Audit findings along with the overall status of the Audit Plan and other special initiatives/projects being performance by the function. Agreement of the Business owners of on the action for the recommendations Formally communicate the audit findings to the Business Heads and seek their responses and action plan with timelines. Draw and share the plan for regular follow- up with the Business owners for implementing the recommendations and share the plan Schedule meetings at agreed frequency to check status of the implementation plan. Conduct follow up reviews of financial, operational or regulatory compliance deficiencies noted during audit Skill/Qualification Requirement: Strong conceptual thinking skills especially in the area of operational risks and internal controls Qualified Chartered Accountant/Degree in Information Security/IT/Computer Science 5-7 years of experience in internal audit or the domain of processes, risks and controls, process re-engineering reviews Strong data analysis and analytical skills Self-starter with strong motivation and capacity to work in a newly established team Ability to work independently, manage multiple priorities concurrently and complete projects on schedule Working knowledge of professional auditing standards Knowledge on compliances like ISO 27001/PCI DSS, etc. 3+ years of experience of a Big 4 or consulting background preferred Professional certifications preferred: CISA, CIA, or equivalent. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice. Type: Hybrid (work from office) Job Description Who We Are: Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and detail-oriented Internal Auditor to lead and execute internal audits across all business functions. This role will support in accomplishing risk management and governance objective by bringing a systematic and disciplined approach. The Internal Auditor will work closely with various teams to identify risks, control gaps, and improvement opportunities, and support the organization in achieving operational efficiency, compliance, and strategic objectives, thereby bringing a preventive approach in effective risk management and control. Job Description and Responsibilities: Plan and execute internal audits covering business operations, financial controls, technology processes, and information security. Identify control gaps, process inefficiencies, and areas for operational improvement. Perform risk-based audits aligned with the annual audit plan and enterprise risk priorities. Review and assess the effectiveness of internal controls, policies, and procedures. Draft detailed audit reports summarizing findings, risk exposure, and actionable recommendations. Investigate, as required by senior management fraud, embezzlements and defalcations Follow up on audit findings to ensure timely and effective closure of identified issues. Collaborate with process owners, risk champions, and management to develop corrective action plans. Participate in enterprise-wide risk assessments and contribute to risk heat maps. Support operational effectiveness initiatives by identifying data leakage risks and monitoring process adherence. Coordinate with external auditors and regulatory bodies during assessments and audits. Keep abreast of all trends and developments in regulatory requirements, general accounting principles or audit techniques; implement and react quickly to any changes. Obtain buy in of the Business Heads on the Audit Scope Be transparent with the Business owners on the audit scope. Be flexible to take their inputs on the timing of the meetings, sharing data, etc. considering their other work commitments. Communication of the Audit findings to the Business Owners Share the Audit observations as and when they surface during the audit, Give due consideration to any mitigating controls/ procedures or specific scenarios, if any. Take the inputs of the business owners for the recommendations/possible solutions to plug the control gaps, Discuss tentative timelines for the implementing the recommendations Communication of the Audit findings to the Management Classification of the Audit findings and providing a risk ranking for presenting to the management. Present the Audit findings along with the overall status of the Audit Plan and other special initiatives/projects being performance by the function. Agreement of the Business owners of on the action for the recommendations Formally communicate the audit findings to the Business Heads and seek their responses and action plan with timelines. Draw and share the plan for regular follow- up with the Business owners for implementing the recommendations and share the plan Schedule meetings at agreed frequency to check status of the implementation plan. Conduct follow up reviews of financial, operational or regulatory compliance deficiencies noted during audit Skill/Qualification Requirement: Strong conceptual thinking skills especially in the area of operational risks and internal controls Qualified Chartered Accountant/Degree in Information Security/IT/Computer Science 5-7 years of experience in internal audit or the domain of processes, risks and controls, process re-engineering reviews Strong data analysis and analytical skills Self-starter with strong motivation and capacity to work in a newly established team Ability to work independently, manage multiple priorities concurrently and complete projects on schedule Working knowledge of professional auditing standards Knowledge on compliances like ISO 27001/PCI DSS, etc. 3+ years of experience of a Big 4 or consulting background preferred Professional certifications preferred: CISA, CIA, or equivalent. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

GPS XSector Specialism Operations Management Level Senior Associate & Summary At PwC, our people in software and product innovation focus on developing cuttingedge software solutions and driving product innovation to meet the evolving needs of clients. These individuals combine technical experience with creative thinking to deliver innovative software products and solutions. In business analysis at PwC, you will focus on analysing and interpreting data to provide strategic insights and recommendations for improving business performance. Your work will involve strong analytical skills and the ability to effectively communicate findings to stakeholders. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary At PwC, our purpose is to build trust in society and solve important problems. We re a network of firms in 157 countries with more than 300,000 people who are committed to delivering quality in Assurance, Advisory and Tax services. Within Advisory, PwC has a large team that focus on transformation in Government through Digital inclusion. The open position is for a candidate who desires to work with government clients and bring about a change in society. A successful candidate will be expected to work proactively and effectively on multiple client engagements over the period of time and take ownership of the entire project delivery he/she entrusted with. Responsibilities Lead the design, implementation and monitoring of cyber security strategies for government programs and infrastructure. Conduct risk assessments, vulnerability assessments and threat modeling of existing and planned IT systems. Coordinate and support the implementation of security controls as per national frameworks such as CERTIn, NISG and DPDP Act and global standards like ISO 27001, NIST, CIS Controls, etc. Define security architecture requirements and ensure integration with IT systems (cloud/onprem/hybrid). Support drafting of cyber security policies, SOPs, compliance guidelines, incident response plans and data protection protocols. Work with internal IT teams and thirdparty vendors to ensure compliance with security guidelines. Perform gap analysis, prepare audit reports and recommend mitigation measures. Provide expert guidance on emerging threats, vulnerabilities and compliance requirements. Engage with stakeholders hand other agencies as required. Monitor and respond to security incidents and support forensic analysis and remediation efforts. Mandatory skill sets Strong understanding of cyber security governance, risk and compliance (GRC). Handson experience with security assessment tools (Nessus, Qualys, Burp Suite, etc.). Experience with ISO 27001 implementation, audits and documentation. Familiarity with firewalls, endpoint protection, SIEM, IAM and DLP solutions. Proven experience in stakeholder management and working with government clients. Excellent documentation and presentation skills. Preferred skill sets Certifications such as CISSP, CISA, CISM, ISO 27001 LA/LI, CEH, or equivalent. Exposure to cloud security (AWS/Azure/GCP). Experience in incident response and digital forensics. Knowledge of data privacy regulations (DPDP, GDPR). Years of experience required 4 to 6 years of experience in cyber security, preferably with exposure to government or largescale public sector projects. Education qualification Bachelor s or Master s degree in Engineering, Information Technology, Computer Science, or equivalent. Additional qualifications in Cyber Security or Information Security are Desirable. Education Degrees/Field of Study required Bachelor of Engineering, Master of Business Administration Degrees/Field of Study preferred Required Skills Burp Suite Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Business Administration, Business Analysis, Business Case Development, Business Data Analytics, Business Process Analysis, Business Process Modeling, Business Process ReEngineering (BPR), Business Requirements Analysis, Business Systems, Communication, Competitive Analysis, Creativity, Embracing Change, Emotional Regulation, Empathy, Feasibility Studies, Functional Specification, Inclusion, Intellectual Curiosity, IT Project Lifecycle, Learning Agility {+ 19 more} No

GPS XSector Specialism Operations Management Level Senior Associate & Summary At PwC, our people in software and product innovation focus on developing cuttingedge software solutions and driving product innovation to meet the evolving needs of clients. These individuals combine technical experience with creative thinking to deliver innovative software products and solutions. In business analysis at PwC, you will focus on analysing and interpreting data to provide strategic insights and recommendations for improving business performance. Your work will involve strong analytical skills and the ability to effectively communicate findings to stakeholders. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . & Summary At PwC, our purpose is to build trust in society and solve important problems. We re a network of firms in 157 countries with more than 300,000 people who are committed to delivering quality in Assurance, Advisory and Tax services. Within Advisory, PwC has a large team that focus on transformation in Government through Digital inclusion. The open position is for a candidate who desires to work with government clients and bring about a change in society. A successful candidate will be expected to work proactively and effectively on multiple client engagements over the period of time and take ownership of the entire project delivery he/she entrusted with. Responsibilities Lead the design, implementation and monitoring of cyber security strategies for government programs and infrastructure. Conduct risk assessments, vulnerability assessments and threat modeling of existing and planned IT systems. Coordinate and support the implementation of security controls as per national frameworks such as CERTIn, NISG and DPDP Act and global standards like ISO 27001, NIST, CIS Controls, etc. Define security architecture requirements and ensure integration with IT systems (cloud/onprem/hybrid). Support drafting of cyber security policies, SOPs, compliance guidelines, incident response plans and data protection protocols. Work with internal IT teams and thirdparty vendors to ensure compliance with security guidelines. Perform gap analysis, prepare audit reports and recommend mitigation measures. Provide expert guidance on emerging threats, vulnerabilities and compliance requirements. Engage with stakeholders hand other agencies as required. Monitor and respond to security incidents and support forensic analysis and remediation efforts. Mandatory skill sets Strong understanding of cyber security governance, risk and compliance (GRC). Handson experience with security assessment tools (Nessus, Qualys, Burp Suite, etc.). Experience with ISO 27001 implementation, audits and documentation. Familiarity with firewalls, endpoint protection, SIEM, IAM and DLP solutions. Proven experience in stakeholder management and working with government clients. Excellent documentation and presentation skills. Preferred skill sets Certifications such as CISSP, CISA, CISM, ISO 27001 LA/LI, CEH, or equivalent. Exposure to cloud security (AWS/Azure/GCP). Experience in incident response and digital forensics. Knowledge of data privacy regulations (DPDP, GDPR). Years of experience required 4 to 6 years of experience in cyber security, preferably with exposure to government or largescale public sector projects. Education qualification Bachelor s or Master s degree in Engineering, Information Technology, Computer Science, or equivalent. Additional qualifications in Cyber Security or Information Security are desirable. Education Degrees/Field of Study required Bachelor of Engineering, Master of Engineering Degrees/Field of Study preferred Required Skills Burp Suite Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Business Administration, Business Analysis, Business Case Development, Business Data Analytics, Business Process Analysis, Business Process Modeling, Business Process ReEngineering (BPR), Business Requirements Analysis, Business Systems, Communication, Competitive Analysis, Creativity, Embracing Change, Emotional Regulation, Empathy, Feasibility Studies, Functional Specification, Inclusion, Intellectual Curiosity, IT Project Lifecycle, Learning Agility {+ 19 more} No

New requirement - Associate , Analyst - GRC Work Location : Jui Nagar, Navi Mumbai Job Description : Assist in conducting audit engagements to ensure compliance with standards and frameworks such as ISO 27001, PCI DSS, SOC 2, CISA and GDPR. Support the planning, execution, and reporting of audits under the supervision of senior auditors. Gather and analyze evidence to evaluate client compliance and provide initial recommendations. Detailed Responsibilities : Conduct audits based on defined standards, collecting and verifying evidence. Perform control testing, evaluate processes, and identify compliance gaps. Assist in evaluating policies, procedures, and systems for compliance Draft sections of audit reports with findings, observations, and initial recommendations. Maintain accuracy and completeness in audit documentation, following the organization's standards. Support in preparing final audit deliverables for senior review Communicate with client representatives during evidence collection. Participate in meetings to discuss audit findings and recommendations. Assist in tracking client remediation actions. Professional Skills : Basic understanding of audit standards and regulatory frameworks (e.g., ISO 27001, SOC 2, CISA). Competency in using audit tools and software (e.g., spreadsheets, document management systems). Strong analytical skills for evidence evaluation and compliance assessment. Personal Skills : Attention to detail and accuracy in documenting findings. Good communication skills for interacting with team members and clients. Willingness to learn and adapt to new standards and regulations Knowledge/Competency Requirements : Basic knowledge of auditing principles, risk assessment, and compliance. Understanding of industry standards relevant to information security and data privacy. Competency in basic project management tasks, such as tracking timelines and deliverables Please go through our website - www.qrcsolutionz.com

About this role Job Description . This mission would not be possible without our smartest investment the one we make in our employees. It s why we re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. Your team Join our distributed team of cyber security experts, protecting our business and developing exciting capabilities on the frontline of cyber defense! Apply your passion and knowledge of cyber security to improve the security of internal and external business workflows by supporting optimal cybersecurity control alignment and empower all employees to protect information our clients and investors entrust us with, and the systems and technology that enable our mission. Your Responsibilities This individual will join the Cyber Diligence team that is responsible for: Providing consultative advice to information security customers that enables them to make informed risk management decisions Identifying appropriate controls to effectively handle information risks as needed Finding opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk Maintaining strong working relationships with individuals and groups involved in handling information risks across the organization Identifying and assessing the severity and potential impact of risks and communicate/assess/implement solutions in a way that influences optimum risk mitigation Supporting the documentation of Information Security Policies and Standards Assessing the risk and providing governance of high-risk security related requests Assisting with pre-M&A information security reviews Reviewing of security components of technology changes, and other security risk related areas BlackRock is committed to building great Cyber Security careers for our people, and we are looking for an individual with a passion for cyber security defense to continue the growth of our exceptional team. You have Experience in coordinating and leading all aspects of complex Technology projects The ability to effectively influence others to account for the plans and collaborative behaviors for results Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner Ability to identify and assesses the cybersecurity threats, risks and controls to cost-effectively mitigate risks Ability to react to high pressure dynamic changing environments Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part. Ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one s network within an organization. Ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches. A discipline and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations Degree in Business, Computer Science, Information Security, or a related field 4+ years Information Security experience 2+ years with risk advisory Experience with information security management frameworks (e. g. , IS027000, COBIT, NIST 800, etc. ) Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) Our benefits . Our hybrid work model BlackRock s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock. At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress. This mission would not be possible without our smartest investment the one we make in our employees. It s why we re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www. linkedin. com/company/blackrock BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law.

Role description As a Sr Internal Auditor here at Honeywell, you will play a pivotal role in ensuring the effectiveness of our internal audit processes and enhancing our risk management practices. Honeywell is a global leader in innovation and technology solutions, and your expertise will be instrumental in maintaining the integrity and accuracy of our operations. In this role, you will play a crucial role in evaluating and enhancing the effectiveness of the companys internal controls and risk management processes. Your expertise in internal audit methodologies and practices will directly impact the companys ability to identify and mitigate risks, improve operational efficiency, and ensure compliance with policies and procedures. By providing guidance and recommendations to management, you will contribute to the continuous improvement of internal control enhancements and risk mitigation strategies. Join us in shaping the future of internal audit at Honeywell and maintaining the highest standards of corporate governance. Honeywell helps organizations solve the worlds most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable. YOU MUST HAVE Basic knowledge of SAP or Similar Systems (Must know how to run reports) Big 4 Audit Experience, Industry Audit Experience or Industry FP&A/controllership Manufacturing Industry Auditing Experience preferred WE VALUE Bachelor s degree with focus on Accounting or Finance CA, CPA or CIA, CFE, CISA, CISSP, CISM, PMP or similar IT certification CFE certification from the Association of Certified Fraud Examiners Experience conducting fraud investigations and performing Anti-Bribery and Corruption compliance reviews Some experience planning and executing audits in global environments Recent Big 4 audit experience SAP audit experience Hyperion audit experience Extensive knowledge and experience in project management Strong analytical, problem solving, and organizational skills Effectively demonstrates ability to deliver on complex situations or problems without guidance or supervision Consistently makes timely decisions even in the face of complexity, balancing systematic analysis with decisiveness Honeywell helps organizations solve the worlds most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable. YOU MUST HAVE Basic knowledge of SAP or Similar Systems (Must know how to run reports) Big 4 Audit Experience, Industry Audit Experience or Industry FP&A/controllership Manufacturing Industry Auditing Experience preferred WE VALUE Bachelor s degree with focus on Accounting or Finance CA, CPA or CIA, CFE, CISA, CISSP, CISM, PMP or similar IT certification CFE certification from the Association of Certified Fraud Examiners Experience conducting fraud investigations and performing Anti-Bribery and Corruption compliance reviews Some experience planning and executing audits in global environments Recent Big 4 audit experience SAP audit experience Hyperion audit experience Extensive knowledge and experience in project management Strong analytical, problem solving, and organizational skills Effectively demonstrates ability to deliver on complex situations or problems without guidance or supervision Consistently makes timely decisions even in the face of complexity, balancing systematic analysis with decisiveness Job Description Work with advanced technologies, global customers, and the most innovative, talented minds in the industry. Your career path will encompass diverse, challenging assignments that span product lines, job types, businesses, and countries, within Honeywells Corporate Audit group. You will lead technology risk assessments, pre-audit planning and conduct independent and objective audit reviews across Honeywells diversified organizations globally. Key Responsibilities Project risk assessment Risk mitigation Pre-audit planning Independent Audit reviews Execution of annual audit plans Acquisition support Integrated Supply Chain reviews Metrics and dashboard reporting Global monitoring activities Controls design Job Description Work with advanced technologies, global customers, and the most innovative, talented minds in the industry. Your career path will encompass diverse, challenging assignments that span product lines, job types, businesses, and countries, within Honeywells Corporate Audit group. You will lead technology risk assessments, pre-audit planning and conduct independent and objective audit reviews across Honeywells diversified organizations globally. Key Responsibilities Project risk assessment Risk mitigation Pre-audit planning Independent Audit reviews Execution of annual audit plans Acquisition support Integrated Supply Chain reviews Metrics and dashboard reporting Global monitoring activities Controls design

Build your career in the Internal Controls working across functions like Quality Assurance Program, SOX/CCAP Testing, Resolution and Recovery, Program Management while working in the world s most innovative bank which values creativity and excellence. As a Control Management Analyst in our Finance team, you will spend each day defining, refining and delivering set goals for our firm. Job Responsibilities Perform an independent review and validation of external reporting processes and data to mitigate the risk of external reporting errors. Possess strong auditing skills, a solid understanding of internal control systems within a financial institution, and knowledge of consumer businesses and products. Assist in the development, execution, and refinement of new and existing control reporting processes. Maintain the integrity of review documentation and provide it when requested for various reviews, such as SCG QA, Internal Audit Review, and External Audit Requests. Manage program implementation and monitoring of control programs impacting CCB Finance, such as Intelligent Solution Standards, Model/Estimations Governance, and User Tools. Monitor adherence to CCB and firmwide policies and standards. Maintain the integrity of program management/reporting documentation and provide it when requested for various reviews. Contribute to the development and enhancement of the business control environment through the execution of the Control and Operational Risk Evaluation (CORE). Required qualifications, capabilities, and skills 3 years experience in Auditing, Accounting, Internal Control and/or Finance Bachelor s in accounting or Finance. Internal audit / ITGC / automated controls testing experience required Strong communication (written and verbal) and attention to detail; demonstrated influencing skills; interact comfortably with staff at all levels Strong quantitative and qualitative analytical skills; ability to synthesize data from many sources, design and draw persuasive conclusions for plans A willingness to challenge conventional thinking and assumptions and to constructively dissent when appropriate. Strong working knowledge of Microsoft Office applications Ability to work in an evolving environment, manage multiple projects and support a growing business Preferred qualifications, capabilities, and skills Knowledge of Tableau and Alteryx Big Four public accounting experience and /or CA / CISA / CPA/CIA/ MBA certification preferred Build your career in the Internal Controls working across functions like Quality Assurance Program, SOX/CCAP Testing, Resolution and Recovery, Program Management while working in the world s most innovative bank which values creativity and excellence. As a Control Management Analyst in our Finance team, you will spend each day defining, refining and delivering set goals for our firm. Job Responsibilities Perform an independent review and validation of external reporting processes and data to mitigate the risk of external reporting errors. Possess strong auditing skills, a solid understanding of internal control systems within a financial institution, and knowledge of consumer businesses and products. Assist in the development, execution, and refinement of new and existing control reporting processes. Maintain the integrity of review documentation and provide it when requested for various reviews, such as SCG QA, Internal Audit Review, and External Audit Requests. Manage program implementation and monitoring of control programs impacting CCB Finance, such as Intelligent Solution Standards, Model/Estimations Governance, and User Tools. Monitor adherence to CCB and firmwide policies and standards. Maintain the integrity of program management/reporting documentation and provide it when requested for various reviews. Contribute to the development and enhancement of the business control environment through the execution of the Control and Operational Risk Evaluation (CORE). Required qualifications, capabilities, and skills 3 years experience in Auditing, Accounting, Internal Control and/or Finance Bachelor s in accounting or Finance. Internal audit / ITGC / automated controls testing experience required Strong communication (written and verbal) and attention to detail; demonstrated influencing skills; interact comfortably with staff at all levels Strong quantitative and qualitative analytical skills; ability to synthesize data from many sources, design and draw persuasive conclusions for plans A willingness to challenge conventional thinking and assumptions and to constructively dissent when appropriate. Strong working knowledge of Microsoft Office applications Ability to work in an evolving environment, manage multiple projects and support a growing business Preferred qualifications, capabilities, and skills Knowledge of Tableau and Alteryx Big Four public accounting experience and /or CA / CISA / CPA/CIA/ MBA certification preferred

Name of the Post: Deputy Chief Information Security Officer (Dy. CISO) Type of the Post: Contractual on full time basis . No. of Posts: 01 (one) Place of Posting: Tobacco Board - Guntur, Andhra Pradesh Scope of Work The Dy. CISO will be responsible for the following: a) Define information security roadmap for the organization with a futuristic vision b) Lead, implement and review hardware, network and software security standards and security controls within the organization, to protect systems, data and assets from both internal and external threats and prevent information and data loss/frauds. c) Identify and implement security assessment and testing processes across the organization, including but not limited to penetration testing, secure software development, vulnerability management etc. d) Identify best security products/tools for various purposes and implementation of same e) Lead security automation efforts for the organization f) Proactively monitor and identify security issues and potential threats, new vulnerabilities/threats and continuously improve security standards within the organization. g) Managing the daily operation of CSOC and implementation of the IT security strategy h) Implement and lead Security Assessment practices including Security Audits, Information Security Reviews, etc. i) Provide strategic risk guidance and consultation for IT Projects, including security risk assessment of Implementation Architecture, technical standards, and protocols j) Real-time analysis, investigations, and forensics, if a need arises and ensure to avoid and strengthen security measures. k) Developing strategies to handle security incidents and trigger investigation l) Regular Stakeholder communication on Information and data security practices and activities m) Develop a strong security team and enable employees be security aware with continuous training on security awareness n) Creating and implementing a strategy for the deployment of information security technologies and solutions to minimize the risk of cyber-attacks o) Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement p) Conducted network audit of all sites to study network response and performance. Running security audits and risk assessments q) Directed significant effort into IT asset management, involving hardening, tagging, tracking and auditing all IT assets across the companies r) Ensuring compliance with the latest regulations and compliance requirements s) Developing and implementing business continuity plans. t) Lead security automation efforts for the organization Eligibility Criteria / Age Limit: The candidate should not be more than 50 years old as on November 30, 2022 . Educational Qualification Engineering Graduate/ Post-Graduate in related field such as Computer Science, IT, Electronics and Communications or a Cyber Security related field OR MCA or equivalent qualification from recognized University. Note: Candidates having following professional certifications/ qualifications shall be preferred: Certified Information Systems Security Professional (CISSP) / Certified Information Security Manager (CISM)/ Certified Chief Information Security Officer (CCISO) / Certified Information Systems Auditor (CISA). Experience 8 - 10 years of relevant experience, including five years in a leadership / Senior Management role Demonstrated leadership, versatility and integrity Demonstrated broad management knowledge to lead project teams in one department. Skill Requirement Experience in Information Security Risk Management and Cybersecurity Technologies and strategy Knowledge of SIEM, PIM and NAC Solutions etc. Should have practical experience in implementing these solution Deep understanding and Knowledge of EDR, MDR, XDR, WAF solutions Expertise in Cloud based Security Solutions Expertise in FIM, DAM, IAM, Access control Solutions Expertise in Linux, Virtualization, Networking Concepts & OS, Data, Application Security Concepts and Tools Familiarity with Industry Security Standards and Protocols, Information and Data Privacy Regulations Good understanding of DevSecOps, Secure SDLC, Security Automation, Security testing concepts, DR & BCP concepts Strong in leadership skills and excellent interpersonal communications skills, stakeholder and vendor management Capable to understand and articulate impact of InfoSec Operations to the leadership

Role & responsibilities Perform Security and Privacy review of existing and new business process and solution implementations. Review product architectures for IT control security design gaps and vulnerabilities and consult with product teams and cyber security to remediate or mitigate cyber risk. Identify IT application end to end security deficiencies and implement approved remedial actions. Perform Privacy Impact Assessments for new processes involving personal data. Support adoption of comprehensive application security processes, procedures, and guidelines. Undertake required tactical application security skills and awareness training as required. Implement systems and integrations to drive greater automation and remove areas of human error. Collaborate with internal and external auditors during IT audits. Regularly assess the effectiveness of IT application controls using defined metrics and indicators. Prepare regular reports on outcomes and recommend enhancements to bolster IT governance. Proactively monitor IT security controls (data validation, authorization, encryption, audit logging, etc.) for key applications (on-premises and cloud-based) to identify weaknesses and potential vulnerabilities. Analyze security alerts and application security control deficiencies, recommending and implementing corrective actions. Regularly assess the effectiveness of IT security controls using defined metrics and indicators to identify areas for improvement. Collaborate with internal and external auditors during IT audits, providing technical expertise and insights. Ensure IT security controls operate efficiently and effectively, aligned with information security policies, standards, and compliance requirements. Identify and address gaps in security control design to mitigate cyber risks. Support the adoption of comprehensive application security processes and procedures, ensuring adherence to security best practices. Collaborate with cross-functional teams (product, development, security) to ensure a secure and seamless customer experience across platforms. Prepare regular reports on security control effectiveness and recommend enhancements to strengthen IT governance. Communicate effectively with technical and non-technical audiences regarding security controls and findings. Minimum Requirements Bachelors degree required. 10+ years of Cybersecurity and Privacy experience, with a heavy background managing cybersecurity and privacy functions. Knowledge of information security and privacy management frameworks (example: ISO 27001/NIST CSF). Knowledge of Global and India Data protection laws and regulations. (example: GDPR, India DPDPA, SG PDPA etc.) Ability to communicate clearly and effectively with both technology/development and business partners. Strong relationship, team building and facilitation skills. Ability to translate technical/security issues to business users. Proven analytical and problem-solving abilities. Ability to independently influence others to achieve objectives. High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. Preferred skills and experiences: Bachelors degree in computer science, information systems or equivalent. Security certifications to include: CISSP, CISM, CRISC, CISA and other technical certifications. Privacy Certifications to include: CIPM, CIPT, CIPP and other product specific certifications. MBA or Master's degree in a management, scientific, technical, or engineering field. Significant work experience with different regions/business units on risk management and leading information security initiatives.

Hiring TPRM (third party risk management) risk assessment In a world of growing cyber threats and regulatory demands, role of a TPRM Analyst has never been more vital We are seeking Governance, Risk, and Compliance (GRC) to implement robust frameworks that integrate risk management, compliance, and governance processes into our business strategy. Experience - 4 -7Years Location - Bengaluru Work Mode - Hybrid Certifications: ISO 27001 LA/LI, ISC2 CC, Security+, CTPRP, CTPRA, CISA, CISM, CRISC, CISSP (any one is preferable ) Information Security Governance, Compliance and Security Assessment, experience, with a focus on IT and IS Risk Assessments and program reviews / establishment. Familiarity with and demonstrated experience assessing against the BS ISO/IEC/SIG 27002:2005 BS 7799 standard domains, BS 25999 including Risk Assessment; Security policy; Organization of Information Security; Asset Management; HR Security; Physical and Environmental Security; Communications and Operations Management; Access Control; IS Acquisition, Development and Maintenance; IS Incident Management; Business Continuity Management; and Compliance. Broad understanding of Information Security trends, services and disciplines and experience applying them in dynamic environments. Were ready to fast-track your application if youre available to start! Think youre a perfect fit? Drop your resume bhumika.soni@weareams.com or Share this with someone you know who fits the bill.

Job Description: The Information Security GRC Specialist will be responsible for leading and managing the Governance, Risk, and Compliance (GRC) function within the organization. This role ensures adherence to regulatory requirements, conducts control testing, and implements security risk management practices in alignment with global standards. The ideal candidate should have a deep understanding of security frameworks, compliance requirements, and risk assessment methodologies. Key Responsibilities: 1) Regulatory Compliance and Coordination with Regulators Lead the development and implementation of system-wide risk management frameworks to identify and monitor information security risks. Understand regulatory and business requirements and ensure information security compliance in alignment with RBI, UIDAI, CERT-IN, DPSC, IRDAI, and other global regulations. Act as the primary liaison with regulatory bodies, ensuring timely compliance with cybersecurity mandates and regulatory filings. 2) Control Testing (ITGC) and Global Standards (NIST, ISO 27001) Conduct technical risk assessments for applications, IT general controls (ITGC), and cloud environments. Perform compliance assessments aligned with international security standards such as NIST, ISO 27001, and CIS controls. Validate the effectiveness of security controls and ensure continuous improvement in security postures. 3) Security KPIs and KRI’s Identify and define Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for measuring the effectiveness of information security initiatives. Develop security metrics to track compliance, risk mitigation, and operational security efficiency. 4) Understanding of Security Technologies Strong knowledge of security tools and technologies such as Firewalls, IDS/IPS, DDoS protection, SIEM, DLP, and vulnerability management solutions. Ability to interpret security logs, alerts, and incident data to enhance security operations. 5) Project Management Skills Lead and manage complex security projects, ensuring timely implementation and compliance with regulatory mandates. Collaborate with cross-functional teams and senior management to align security initiatives with business objectives. 6) Soft Skills Strong communication skills to articulate security risks and solutions effectively. Ability to engage with stakeholders, auditors, and regulators confidently.

Job Requirements IT/OT Auditor Perform assigned internal audit engagements in the domain of IT and Operational Technology (OT) for ACWA POWER group, from start to finish, inclusive of preplanning, wrap-up activities ensuring application of risk and control concepts to scenarios encountered and identify any potential issues. Job Specific Accountabilities: Perform IT/OT Audits, Cybersecurity reviews, advisory engagements and other influencing activities in highly technical areas of current/emerging technologies within ACWA Power Group. Adapt the audit approach to the ever-changing technology landscape and deliver critical and complex technology audits that impact the group-wide internal controls. Develop detailed Audit Program/Risk & Control Matrix (RCM) for the assigned audit, including potential risk, key controls, audit procedures and the use of audit techniques and tools to evaluate governance, risks, and controls processes. Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, sampling method, etc. Identify high-risk areas, key control points, root causes and implications in relation to IT/OT environments reviewed. Prepare audit report with the conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems, and recommend improvement options to rectify reported deficiencies. Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures. Appraise the adequacy of the corrective actions taken by management on audit recommendations through follow-up audits and periodically review and update the status of management action plans. Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit activities, performance, significant risk exposures, controls/governance issues, and other related matters. Provide relevant business and technology insights into the current, emerging & potential technology issues, trends & opportunities affecting ACWA Power Group. Participate in conducting special reviews and undertake administrative duties as directed by Management. Supplement integrated audits and support business and group auditors in reviewing the technology controls within an operational audit. Minimum Qualification: Bachelor's Degree in Computer Science or related Technology discipline, or equivalent discipline. Minimum Experience, Knowledge & Skills: 5-7 years of varied experience in IT internal auditing and a minimum of 3+ years of work experience in Operational Technology or Industrial Control Systems. Expertise in developing or reviewing IT/OT security programs and conducting cybersecurity assessments for IT/OT environments including ICS, SCADA systems etc. and associated OT network architecture. Solid foundational knowledge of IT/OT security landscape including but not limited to, network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and OT integration with traditional IT systems (IT and OT Convergence). Solid understanding of OT security technologies such as Data diode, EDR, Antimalware, patch management, SIEM solution etc. Advance technical knowledge of different operating systems, databases, network infrastructure components (routers, switches, firewalls etc.). Advanced knowledge of OT/ICS-related standards like IEC 62443, NIST 800-82. Knowledge and understanding of Regulatory Standards such as NCA (ECC, OTCC, CCC etc.), NESA, ISR etc. Knowledge and experience with OEMs Honeywell, Yokogawa, Siemens etc. systems will be added advantage. In-depth knowledge of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, ISO27000, NIST) and their interpretation/application to IS/IT auditing practice. Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action. Expertise in collecting and analyzing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions. Extensive knowledge of planning and project management areas. Professional Certifications: IT audit certification such as CISA OT or ICS-related certifications are highly desirable. Other related certifications (CISSP, CISM, GIAC, GICSP, IEC-62443 etc.) are preferred.

Information Security Compliance Manager Location: Embassy Tech Village, Bangalore, India Experience: 5 - 7 Years Work Mode: Full-time, Work from Office About the Role: As an Information Security Compliance Manager at Swiggy, you will be a key driver in ensuring that our security, privacy, and regulatory compliance posture remains robust and aligned with industry standards. This role requires a hands-on candidate who can deliver compliance frameworks, manage compliance reviews and risk assessments, and collaborate across teams to embed security best practices in everyday business operations. You will work closely with internal stakeholders and external auditors to safeguard our environment and keep Swiggy compliant with applicable regulations and standards. What You ll Do: Compliance Leadership & Program Management Lead and manage the organization s information security and privacy compliance programs, including data protection, regulatory risk management, and compliance testing. Own remediation efforts, providing clear guidance and tracking to ensure timely closure of compliance gaps. Continuously assess and improve existing compliance policies, controls, and processes. Compliance Reporting & Risk Assessments Plan, coordinate, and execute internal compliance reviews and risk assessments aligned with ISO 27001, ISO 27701, PCI-DSS, and other relevant frameworks. Develop and maintain framework and tools that enable effective measurement of compliance maturity. Conduct security risk assessments and compliance checks across IT systems and business processes. Governance & Reporting Collect, analyze, and deliver detailed compliance reports to senior management and relevant stakeholders. Investigate and document compliance issues, security incidents, and audit findings. Facilitate cross-functional communication to ensure compliance risks are understood and mitigated. Training & Awareness Design and deliver information security and privacy training sessions for new employees and ongoing awareness campaigns for existing staff. Develop materials that clearly articulate compliance requirements and promote a culture of security. Operational Controls & Reviews Conduct periodic reviews of critical systems including Active Directory, HRMS, privileged access, firewall rules, and patch management controls. Collaborate with IT and business teams to ensure compliance-related controls are implemented and effective. Org Certifications & Audits Collaborate with external auditors and stakeholders to maintain org certifications and facilitate external audits What We re Looking For: Qualifications & Experience: Graduate with 5 to 7 years in information security compliance, governance, risk management, or related roles. Hands-on experience with compliance standards and frameworks including ISO 27001, ISO 27701, PCI-DSS, and data privacy regulations. Proven track record of managing audit processes, compliance testing, and remediation programs. Experience collaborating across technical and business functions to embed compliance in organizational culture. Technical & Professional Skills: Strong knowledge of security frameworks and best practices (NIST, ISO, PCI-DSS, GDPR, etc.). Ability to interpret and apply regulatory requirements and industry standards. Excellent communication skills to present complex compliance topics clearly to diverse audiences. Strong project management skills with the ability to prioritize and drive multiple initiatives. Demonstrated leadership and negotiation skills to influence stakeholders and build consensus. Preferred Certifications: ISO 27001 Lead Auditor or Lead Implementer ISO 27701 Lead Auditor or Lead Implementer Certified Information Security Auditor (CISA) Certified Information Security Manager (CISM) CompTIA Security+ Nice to Have: Knowledge of ITIL processes, PCI-DSS specifics, and Personal Data Protection regulations. Familiarity with cloud security compliance (AWS, Azure, GCP). Experience with governance, risk, and compliance (GRC) tools and exposure to using AI. Visit our tech blogs to learn more about some the challenges we deal with: .

Role: Associate Lead Third Party Risk Management (TPRM) About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won t just imagine the future-you ll create it. About the Job: The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting: Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication: Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development: Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up-to-date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness: Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level: 12+ years. Location: Hyderabad / Bengaluru Required skills: 10 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA Additional information (if any): Need to be flexible to provide coverage in US morning hours. Location: IND:KA:Bengaluru / Innovator Building, Itpb, Whitefield Rd - Adm: Intl Tech Park, Innovator Bldg Job ID R-74196 Date posted 07/09/2025

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Compliance Management Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role ensures that the organization complies with industry standards and regulations such as ISO/IEC 27001, PCIDSS, NIST CSF, SOC 2, TISAX, and others. The candidate will work cross-functionally to manage audits, assess risks, and drive continuous improvement in the security posture of the organization. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security managed operations, ensuring that all security measures align with organizational standards and compliance requirements. You will also engage in continuous improvement initiatives to enhance the security posture of the organization. Roles & Responsibilities:Expected to perform independently and become an SME or manage a team of GRC professional. Required active participation/contribution in client discussions. Contribute in providing solutions to compliance related complex situations Conduct regular assessments of security framework based or cloud security controls to ensure compliance with established standards. Collaborate with cross-functional teams to identify and mitigate potential security risks. Professional & Technical Skills: Proficient in Information Security, Cyber Security and Governance, Risk, and Compliance (GRC).Has significant exposure to evolving landscape of security compliance requirementsLead and manage security compliance initiatives across the organization.Manage/ Conduct gap assessments and implement controls in alignment with compliance standards (e.g., ISO 27001, PCIDSS, NIST, SOC 2, GDPR and other relevant frameworks).Coordinate and support internal and external security audits, including evidence collection and remediation planning.Partner with business, IT, and legal teams to ensure compliance requirements are understood and implemented.Develop and maintain security policies, procedures, and documentation in line with regulatory needs.Monitor compliance status and prepare reports and metrics for leadership.Educate teams on compliance requirements and drive a culture of security awareness.Relevant certifications :ISO27001LA/LI, ISO3100 or CISA, CISM, CRISC, or equivalent. Additional Information:The candidate should have 6-8 years of relevant experience in Information Security Governance, Risk and Compliance (GRC).A 15 years of full time education is required.This position is based at our Gurgaon/ Bangalore and Other Accenture locations Qualification 15 years full time education

We are currently looking for an ambitious and dynamic IT SOX/Internal Auditor to join our Global SOX Team based in Bangalore. The main purpose of the role is to assess the adequacy of IT controls design and complete the test of effectiveness covering all aspects of Visa s in-scope key financial systems and applications. It is expected that this position will include responsibility for the understanding of complex IT areas in accordance with plan. The Analyst should expect to assume supporting role in the completion of the SOX 404 testing stage for several IT controls under the direction of managers. Skills Strong problem-solving skills, with demonstrated ability to identify and resolve issues and risks, including root cause analysis. Ability to anticipate and identify opportunities to establish standards and controls, as well as develop and recommend solutions. Effective communication, interpersonal and influencing skills and ability to drive effective change at all levels of the organization. Detailed, conscientious and highly responsible team player. Responsibilities Review and assess adequacy of walkthrough documentation, perform test of effectiveness through review of supporting documents, meeting control owners and report control issues identified. Attend and support IT controls meetings with control owners, external auditors and SOX team members. Document test results in Visa s work papers template ready for review by SOX team members and external auditors. Interacts with management to assess control exceptions. Keep control owners and SOX team informed of exceptions and assist the IT teams with the development of Management Action Plans to mitigate issues, and evaluate adequacy of managements actions. Possess good written and oral communication skills, demonstrate these skills during meeting with control owners and IT teams. To be a key member of the SOX team and contribute to the planning and execution of the annual SOX program for IT controls. Provide best practice expertise to management and the SOX team on the COSO and IT SOX internal control frameworks. Handling day-to-day relationships with the external auditors on control matters and related issues. Professional 3 - 5 years of experience in SOX, internal audit, or risk with focus on IT controls (ITGC/ITAC) Experience in financial services or payments industry preferred . Big 4 experience preferred Qualification

About The Role Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Analyst Qualifications: Any Graduation Years of Experience: 3 to 5 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing experience is required What are we looking for Commitment to qualityWritten and verbal communicationRisk managementAbility to work well in a teamAbility to meet deadlinesAutomated/IT control testing experience is must Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Designs, develops, modifies, adapts and implements short- and long-term solutions to information technology (IT) needs through new and existing applications, systems architecture, network systems and applications infrastructure. Reviews system requirements and business processes; codes, tests, debugs and implements software solutions. Under general supervision, implements and troubleshoots various information systems security software, following policies and procedures. Under general supervision, tests and validates solutions to remediate exploitable conditions on devices such as Web servers, mail servers, routers, firewalls and intrusion detection systems following established policies and procedures. Under general supervision, evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g. viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning, and Web services manipulation. Under general supervision, conducts security assessments of systems, networks and applications using penetration tests and ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities. Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Has technical knowledge of security issues, techniques and implications across all existing computer platforms. Develops security solutions for routine to moderately assignments. Education Required: Degree qualified in Computers Science, Information Systems or other related discipline, or equivalent work experience. Experience Required: At least 3 years Special Qualifications: Is working towards any of the following Certifications and/or Professionalization status: CCIE (certified CISCO Internet Engineer), MCSE certification; GIAC Certified Windows Security Administrator (GCWN); GSEC, GCFW, GCIA, GCIH, GISO, GSNA, GCFA, GSLC; CISA, CISSP certifications; CIPP (Certified Information Privacy Professional).

A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical & Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications (if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certification: in IT Audit - CISA (Certified Information System Audit) required other IT certification: Cybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential Behavioural Skills : Communication skills - oral & written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical Ability Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to anticipate business / strategic evolution Education Level: Master Degree or equivalent Experience Level At least 10 years

This role will be responsible for supporting the Third-Party Technology Risk Management team in identifying and evaluating potential/ recognized risks related to Information Security, Business Continuity and Physical Security. The 3rd Party Security Risk Assessor, reporting to the Manager, Third Party Risk Management team that performs security assessments of vendors, service providers and 3rd party companies that manage systems or information for BNP Paribas Responsibilities Direct Responsibilities As a Third-Party Technology Risk Assessor, you will perform third-party information and cyber security assessment to identify, monitor, remediate, and manage third party risks across the third-party lifecycle. Risk Assessor role requires good risk experience technology expertise (areas of information and cyber security, business continuity, incident management, compliance, and human resource security) in accurately scoring the inherent risk profile of 3rd parties, making sure the risk assessments are completed on time with quality. In addition, the role requires the ability to prioritize and drive workload. Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of: ISO 27001, SIG (Shared Assessments), TruSight, SOC / equivalent reports, as well as knowledge of controls related to Privacy, Compliance, Business Resiliency, Cyber and other risk domains. Work with Line of business partners, by navigating them through the different stages of the risk assessment life cycle and making sure that they are being compliant to the organization requirements. Communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams as applicable. Monitor and track the identified findings as part of the assessment lifecycle. Contributing Responsibilities Actively participate in identifying process gap and should be ready to own and update/ document relevant TPTRM policies and procedures Support Internal and external TPTRM audit requirements Compile and generate Weekly/Monthly/Quarterly dashboard on KPI Technical Behavioral Competencies Ideally in financial services with minimum of 5+ years of experience in TPRM or Risk management background. Bachelor's degree with professional certification in Information, Cyber, Network and Cloud Security. Experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc. Experience in one or more risk disciplines an advantage i.e., Information Security, Business Continuity, Data Privacy etc. Experience in Governance, Risk Compliance (GRC) tools an advantage. Experience in providing stakeholders with specialist risk knowledge and monitoring its execution. Strong self-motivated multi-tasker who can prioritize competing tasks and stakeholders. Ability to work independently in a fast adapting and agile work environment. Proactive and deliverable focused, with a dedication to delivering against hard deadlines. Excellent analysis skills with keen eye for detail. Strong capabilities in Microsoft Excel, PowerPoint, and Word. Familiarity with vendor management, procurement, and contract negotiation. Ability to communicate effectively with both technical and non-technical stakeholders. Strong analytical and problem-solving skills. Specific Qualifications (if required) Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral written Attention to detail / rigor Creativity Innovation / Problem solving Transversal Skills: Ability to develop and adapt a process Ability to understand, explain and support change Ability to develop others improve their skills Education Level: Bachelor Degree or equivalent Experience Level At least 5 years