723 Cisa Jobs - Page 9

Business Title Lead - Zero Trust and IAM Region APAC Country India What we look for 8+ years experience implementing enterprise Identity and Access Management (IAM), Privileged Access Management (PAM) solutions (e. g. Saviynt, Okta, SailPoint, Ping Identity, Omada, Microsoft Identity Manager, Beyond Trust, CyberArk or equivalent IAM solution) in client environments. Familiarity with Zero Trust Network Architecture is desirable Familiarity with service now Ticketing and CMDB is desirable Design, build, operate and automate security solutions and processes to protect the integrity of the organizations networks, systems, applications and data. Experience developing technical strategies, architectures, and roadmaps. Outstanding communication and presentation skills. Able to articulate complex, technical concepts to non-technical audiences. Respond to security incidents, including data breaches, and coordinate with other IT teams to mitigate the impact of any security breaches. Preferred Experience hardening security for Active Directory, Windows, *nix OS. Experience with IDaaS providers such as Microsoft, Okta, Ping Identity, Google Cloud Identity Experience with cloud architectures particularly Azure, AWS, GCP native IAM controls. Experience with Identity Governance processes and solutions such as Saviynt, SailPoint, Ping Identity or equivalent. Experience with Microsoft 365, Active Directory, SAML, OIDC Knowledge of Applied Cryptography and PKI Manage and network security infrastructure Firewall configuration and rule management Cloud proxies services & Network Access control Employee and Partner remote access VPN services Cloud based Web application firewall Development knowledge e. g. Python, Java, C#, . NET, Web Services (SOAP/REST/RESTful, APIs), Shell programming/scripting Preferred Network Infrastructure Security background in both on prem physical security components (firewalls, IDS/IPS , remote access and internet proxies) as well as cloud security services (Zscaler , Azure, GCP). Strong experience of working on SIEM tools like Splunk to analyse logs and correlate events. Experience with User Behaviour Analytics & Workday, SAP, Salesforce Experience with MDM capabilities such as Intune or AirWatch Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR) Certifications CISSP or SANS, GIAC, CIMP, CEH, CISM or CISA certifications is a plus OKTA - Professional or Consultant is a plus Google/AWS/Microsoft Professional Cloud Architect is a plus Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law . If you are an individual with a disability and you require an accommodation during the application process, please visit www. johnsoncontrols. com/careers .

Some careers open more doors than others. If you re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. Responsibilities: Deliver assigned work within the given timeframes, standards, methodology, budget, and where applicable, lead and deliver audits. Confirm that audit findings and recommendations are understood and with proposed mitigations. Demonstrate knowledge of the applicable Business, Functional, and Regulatory environment, including developing trends, risks, controls, and expectations. Support a strong risk and conduct culture across the Group and promote awareness and sound operational and strategic decision-making. Critically analyse and determine key drivers of change for area of coverage and assess how these will impact audits. Use insights, industry knowledge and current developments to assess areas of concern. Coherently articulate audit exceptions and findings to GIA team members and management, and as necessary to business and/or functional stakeholders. Effectively discuss potentially challenging matters and ability to communicate with impact and articulated in a meaningful way to wide and varied audiences. Be an analytical and critical thinker, who can effectively manage competing priorities and complex challenges to deliver positive outcomes. Apply qualitative and quantitative methods to analyze and investigate challenging scenarios and situations. Be a proactive team player, who leads by example and works constructively across GIA. Effective communication and ability to maintain constructive relationships with stakeholders, team members, and GIA Management. Actively promote collaboration and sharing of ideas across GIA Produce smart, simple, and pragmatic solutions. Requirements The ideal candidate for this role will have the below experience and qualifications: Minimum of 8 to 10 years internal or external audit, business, and/or accounting experience or equivalent, and external audit will be considered, but is not always essential. We also welcome exceptional talent with data analytics or data science background who are keen to work in a leading audit function. Minimum of a bachelor s degree in business, accounting, finance, related field or equivalent experience. Strong understanding of financial services business, risks (e. g. regulatory compliance) and related controls, with a specific focus on retail banking and wealth management. Good analytical skills in identifying risks and control implications. Good communication skills (written and verbal) for managing multiple stakeholders to drive consensus and influence the outcomes. Broad knowledge of the Company, Group and financial services industry, business supported and the regulatory framework they operate in. Knowledge of Data Analytics and ability to apply technology or expertise to business issues or operational problems is desirable, but not essential. Prior International work experience is a plus. Fluency in English. Mature team player who is highly professional. Willingness to travel (max 20%). Ideally hold role relevant qualifications, or pursuing professional qualification (e. g. , CISA, CPA, CFA, CIA, ACAMs etc. ). The base location for this role is Mumbai India, with some travel regionally and occasionally globally. Useful Link Link to Careers Site: Click HERE HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

As a Cyber Security Architect, you will contribute to telecom network security. You will be responsible for providing expert security guidance, designing secure network solutions, and implementing best practices for our complex and dynamic telecom network infrastructure. You Have: Bachelor's degree in Computer Science, Information Security, or Electrical Engineering, with a minimum of 10-15 years of experience in security risk assessment, vulnerability management, or a related field within the telecom industry. Experience in security principles, methodologies, and best practices specifically relevant to telecom networks. Experience with security frameworks such as ISO 27001, NIST Cybersecurity Framework, or similar, with a focus on their application to telecom networks. Experience on conducting threat modeling, vulnerability analysis, and impact assessments for telecom network infrastructure. Experience with network security technologies such as firewalls, intrusion detection systems, VPNs, and network segmentation. Familiarity with telecom protocols and standards (e.g., SS7, Diameter, SIP) and their security implications. It would be nice if you also had: Certifications - ISO 270001 LA/LI, CISA , ITIL V3/4. Exposure to complex problem-solving and managing multiple projects simultaneously. You will be in part of developing and implementing secure network architectures, including firewall configurations, intrusion detection systems, VPNs, and network segmentation, tailored to the specific needs of telecom clients. You need to identify vulnerabilities and security weaknesses in existing telecom networks and recommend remediation strategies. You need to advise clients on best practices for securing their telecom networks, including threat modeling, vulnerability analysis, and risk mitigation strategies. You need to work with clients to establish comprehensive security policies and procedures that align with industry best practices and regulatory requirements. You will focus on threats and vulnerabilities specific to the telecom industry and recommend appropriate countermeasures for the network. You need to provide technical expertise and guidance related to security incidents affecting the telecom network. You will be designing training programs for the specific needs of personnel involved in managing and operating the telecom network. You will be focusing on the security strategy for the telecom network and its integration with the broader organizational security strategy.

Risk Management Service Engineer 1 Job Summary Assist in implementing and maintaining SOX controls supporting the Application Managers for Intern applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Assist in maintaining SOX controls for 1P and 3P products Support internal and external audits related to SOX compliance Support engineering teams and Application Managers during SOX walkthrough Managing evidence requirements initiated by Internal audit Performing quality and compliance check of evidence submitted by engineering and Application management Support engineering and Application Management for remediation of SOX deciencies Test and evaluate the effectiveness of SOX controls Document control testing procedures and ndings Identify and report control deciencies Prepare reports and documentation for SOX compliance activities Communicate SOX compliance status and ndings to management and stakeholders Support onboarding, testing and maintenance of controls for new systems in SOX scope Collaborate with cross-functional teams to ensure thoroughness and accuracy of controls testing Educational Qualifications: Bachelor's degree in accounting, nance, or a related eld Experience: 5-7 years of experience in SOX compliance, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team Certication: CISA preferred

Role SOX ITGC Team Manager Location Bangalore (1 week WFO & 3 weeks WFH) & Shift - 3pm to 12pm Qualification CA with 4+ yrs of experience Certification CISA mandatory *************************************************** IMMEDIATE JOINERS REQUIRED Send your updated CV directly to: 9152808909 **************************************************** Job Description: Plan implement, coordinate, and execute all phases of SOX testing compliance process (including leading walkthroughs, identifying/validating key controls, developing testing procedures, execute and document testing, reporting results to management). Manage updates to process documentation and control matrices for existing SOX processes and assist in the preparation and review of documentation for new processes. Perform reviews over SOX deliverables (including testing support and process documentation) of junior resources to ensure work paper documentation standards are consistent with quality expectation. Collaborate and build relationships with key stakeholders and leverage those relationships to influence process/internal control enhancements. Coordinate with external auditors on a consistent cadence to align on testing approach to drive SOX testing reliance strategy. Partner with stakeholders to consult on remediation conditions for SOX control deficiencies and perform independent validation of managements action plans for issue closure. Responsible for quality and timeliness of deliverables, including conclusions on control effectiveness and impact of control deficiencies. Act as a key contact person for all internal and external groups on matters related to SOX and Internal controls. Work with technology leads and identify automation opportunities of SOX planning and testing activities. Identify opportunities to implement data analytics in SOX testing using knowledge of the risk environment and interdependencies within multiple business processes. Consults through ad-hoc advisory engagements while working closely with business units to share risk considerations as they undergo strategic projects. Promotes staff development through real-time coaching and feedback. Actively participates or leads department strategies and initiatives. Desirable Skills SOX experience Has worked in BIG4 consulting firm for at least 2 years. Strong critical thinking and problem-solving skills around complex business issues Project, and time management skills. Effective verbal and written communications, including active listening skills and skills presenting findings and recommendations. Ability to effectively influence individuals to action at different levels of internal and external organizations. Flexibility, adaptability, and comfort in dealing with new business areas and situations. Educational and Qualification: CPA & CIA is a strong plus. Work Experience: CA with 4+ years of relevant experience (Highly Preferred) MBA Finance only (with minimum 7+ years of relevant SOX experience)

We are looking for a highly skilled and experienced Deputy Head to lead our Small and Medium Business-Internal Audit team in Mumbai. The ideal candidate will have 10+ years of experience in internal audit, preferably in the banking or financial services industry. Roles and Responsibility Develop and implement effective internal audit plans to ensure compliance with regulatory requirements. Conduct risk assessments and audits to identify areas of improvement in business operations. Collaborate with cross-functional teams to design and implement process improvements. Provide expert guidance on internal controls, auditing standards, and regulatory requirements. Identify and mitigate risks associated with business operations. Develop and maintain relationships with key stakeholders, including senior management and external auditors. Ensure consistent application and documentation of internal audit methodology. Interface regularly with senior corporate and line of business management to identify control weaknesses and develop recommendations within all divisions and operations of the company. Pursue professional development opportunities, including internal and external training and professional association memberships, and share information gained and best practices with co-workers including team members. Job Chartered Accountant (CA) certification is required, along with Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA). Possess strong knowledge of internal auditing standards, regulations, and industry best practices. Demonstrate excellent analytical, communication, and problem-solving skills. Ability to work effectively in a fast-paced environment and meet deadlines. Exhibit strong leadership and coaching skills, with the ability to motivate and guide junior team members. Maintain a high level of professionalism and integrity, with a commitment to excellence and quality. Strong interpersonal, communication, and team skills are essential, with the ability to work and communicate effectively with all levels of management and staff. Demonstrates leadership and credibility, capable of generating a high degree of respect and trust, building relationships rapidly with various operating units and corporate staff. Self-motivated with a strong commitment to quality. Age & DOB30+ years. Additional Info The selected candidate will be responsible for providing regular reports to the Business/Pre-Audit Committee/Audit Committee on the company''s system of internal controls and significant audit recommendations.

Manager- Internal Audit Location: Bangalore Experience: 5+ Years What is Muthoot FinCorp ONE? Muthoot FinCorp ONE, is a fintech startup, building a financial ecosystem where customers can access relevant and reliable digital services across an expansive range of digital financial products in segments like Lending, Saving & Investment, Protection, and Remittance. Our products are designed to ensure a simple, reliable, and responsive financial environment for our customers. Envisioned to be the most trusted financial service provider, our app has an easy-to-use interface aimed to enhance user experience and comfortable navigation. Our promoter, Muthoot FinCorp Ltd., is one of the most reputed names in the Fintech industry and has the customers trust in diverse segments like Financial Services, Automotive, Hospitality, Alternate Energy, Real Estate, and Precious Metals. In our quest to build teams across diversified domains, we recently acquired Paymatrix, an award-winning start-up founded in 2016. It has helped us venture into rent and rent-related payments and other vendor payments using credit cards. Currently, we are working on transforming Paymatrix into a Virtual POS platform. Muthoot FinCorp ONE believes in an ownership driven startup culture, where cumulative success is paramount, and each team member is valued and nurtured. Job Summary: We are seeking a highly skilled experienced Manager/Senior manager of Internal Audit background to join our team focused on auditing our digital lending applications. The successful candidate will be responsible for evaluating and assessing the internal controls, process and risk associated with out digital lending platform. This role required expertise in digital lending operations, a strong understanding of audit methodology and the ability to provide strategic recommendations for enhancing controls environments. Key responsibilities: Conduct comprehensive audits of the digital lending application to ensure compliance with regulatory requirements internal polices and industry best practices. Develop and execute risk-based audit plans for assessing the effectiveness of internal controls and processes related to digital lending activity. Identify and analysis key risk and control gaps within the digital lending platform and provide recommendation for mitigating identified risk. Collaborate with cross functional teams including IT, Risk management, compliance and business operations to coordinate audit activities and facilitate remediation efforts. Perform detailed testing of controls, data integrity and security measures implemented within the digital lending applications. Prepare clear and concise audit reports, documenting findings, observation and recommendation for management review and action. Monitor the implementation of audit recommendations and track remediation activity to ensure timely resolution of identified issues. Stay abreast of emerging trends and regulations and developments in the digital lending industry to enhance audit methodology and approach.\ Qualifications: Qualified CA professional, additional certification (CIA, CISA) Experience: Minimum 2 -3 years of experience in internal audit, risk management or compliance role with a focus on digital lending or financial technology (Fintech) platforms. Strong understanding of digital lending process, technology and regulatory requirements. Excellent analytical and problem-solving skills, effective communication skills both verbal and written with the ability to articulate complex issues clearly and concisely to diverse audiences. The role may require occasional travel to conduct meeting with stakeholders. MFL One is an equal opportunity employers and welcome candidate from a diverse background to apply.

Role Description The 1st line Tech Risk and controls function at Deutsche sits within the Group Technology Infrastructure (GTI) for Deutsche Bank Group. GTI has the largest footprint within the Technology, Data and Innovation division and is joined by other business-aligned CIO IT divisions. The Tech Risk and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise to Control definition and assessments capability across IT Infrastructure, SDLC and Architecture domains supporting a proactive risk management function. It will therefore also include providing change risk advisory services for transformational change programs undertaken by or impacting GTI. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. You will also support Regulatory Adherence and Policy Management function within TDI Risk Management. Its purpose is to provide oversight and supervision of new & changed material regulation impacting TDI, including full traceability to derived DB-specific Policies, Procedures, Key Operating Documents and Supporting Documents. Your key responsibilities Risk & Control Management Identify and evaluate potential areas of non-compliance or risk, assessing impact, probability and present findings and proposals for risk mitigation measures. Support the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. Work closely with teams in and out of the division to understand risks impacting the group. Align internal Deutsche Bank policies/procedures against industry recognized framework to strengthen the control framework and its implementation for both within the Bank and our 3rd party vendor relationships Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Regulatory Adherence and Policy Management Coordination of regulatory adherence assessments across sub-divisions within TDI and management and review of Policies, Procedures, Key Operating Documents, Supporting Documents within TDI. Engage with stakeholders across TDI and other (e.g. 2nd line of defence) divisions in reviewing, assessing, and documenting the impact of regulations and planning remedial actions. Steer and support the publication of a consistent set of global and local Policies, Procedures, Key Operating Documents and Supporting Documents relating to Information Technology from laws, rules, and regulations. Risk remediation and Change Risk Advisory Support the Head of TDI GTI Risk Management in assessing risks related to strategic changes within the GTI Organization Proactively monitor risk landscape shift within the industry to identify transformation project opportunities to insulate Deutsche Bank from any potential risk exposure e.g., Production design life cycle, application and infrastructure architecture and its resilience Stakeholder Management Identify, Partner and Collaborate Work with relevant stakeholders to identify and assess controls gaps related to technology risk - measure and mitigate them in a timely manner Align with COO Division Control Office (DCO) team and NFRM (2nd LoD) ensuring successful and consistent implementation of the established control framework. Promote and support proactive IT risk culture at the Bank. Your skills and experience Desired experience Minimum 5 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework or IT Audit in a global organization. Experience in a regulatory oversight, assurance, or policy management function within technology. Or have suitable compliance or audit background within infrastructure (and preferably IT & Information Security). Extensive experience regarding development, training and implementation of IT Policies, Procedures, Key Operating Documents and Supporting Documents. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights.

At Moss Adams, we champion authenticity. For us, that means fostering a culture of talented people who care about you, about our clients, and about our communities. Here, you ll work towards our mission of empowering others to embrace opportunity, growing as a leader along the way. Our firm s size, middle-market clients, customized career paths, and supportive culture make this a reality. Join a values-driven firm where you ll have fun while solving complex and interesting business challenges. Welcome to our SOC & IT Compliance practice within Moss Adams Risk Advisory & Compliance (RAC). Our team provides SOC 1, SOC 2, and SOC related consulting services. In addition, our team supports our business assurance practice and integrated compliance audits for Sarbanes-Oxley other IT consultative services. We also provide consulting services focused on the IT side of the business and work closely with our Cybersecurity teams. We have direct interactions with clients who range in size from start-up to enterprise. We are currently seeking an SOC IT Compliance Associate. At Moss Adams you will gain knowledge of the firms assurance and consulting services as well as assist project managers, clients, and peers on various consulting and auditing engagements. We move quickly, challenge daily, and are looking for people who are self-motivated and thrive in fast paced deadline driven environments. The opportunity for advancement is accelerated at Moss Adams. Here you have the ability to directly impact training, developing methodology and being involved in the sales & marketing process. This associate will provide IT audit services through testing of client s internal controls related to Information Technology General Controls (ITGCs), advanced IT security controls, as well as business process controls. Does this sound like something you are interested in Individuals who thrive at Moss Adams exhibit the following success skills Collaboration, Critical Thinking, Emotional Intelligence, Executive Presence, Growth Mindset, Intellectual Curiosity, and Results Focus. Responsibilities: Understand the security environment of a client and the defined controls across, setwork, IT and application infrastructure as an associate member of team Create control test cases, execute the tests and provide clear test reports Ensure quality of assessments and tests performed Provide clear estimation to complete the tasks and meet the set timelines Identify opportunities for continuous improvement and contribute to implementing them Qualifications: Bachelor s degree in Computer Science, Information Systems or related degree required, Master s in Tech preferred, or MBA in Finance & Accounting or Systems \Minimum of 1 year of experience performing IT audit for external customers CISA, CISM, CISSP certification or comparable IT security accreditation preferred MCSE, MCTIP, CCNA, GSEC/GIAC, ITIL or comparable accreditation preferred Working knowledge of SOC audits required Proven record of being a fast learner Excellent verbal and written communication skills Analytical and creative problem-solving skill Moss Adams is an Equal Opportunity Employer as to all protected groups, including protected veterans and individuals with disabilities. Moss Adams complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. . Certain jurisdictions in the United States require employers to disclose the pay range in job postings. This is the typical range of pay for the position. Actual compensation may depend on factors such as qualifications, work experience, skills, and geographic location. This position may be eligible for an annual discretionary bonus. For more information about our benefit offerings and other total rewards, visit our careers page.

About Godrej Agrovet: Godrej Agrovet Limited (GAVL) is a diversified, Research & Development focused agri-business Company dedicated to improving the productivity of Indian farmers by innovating products and services that sustainably increase crop and livestock yields. GAVL holds leading market positions in the different businesses it operates - Animal Feed, Crop Protection, Oil Palm, Dairy, Poultry and Processed Foods. GAVL has a pan India presence with sales of over a million tons annually of high-quality animal feed and cutting- edge nutrition products for cattle, poultry, aqua feed and specialty feed. Our teams have worked closely with Indian farmers to develop large Oil Palm Plantations which is helping in bridging the demand and supply gap of edible oil in India. In the crop protection segment, the company meets the niche requirement of farmers through innovative agrochemical offerings. GAVL through its subsidiary Astec Life Sciences Limited, is also a business-to-business (B2B) focused bulk manufacturer of fungicides & herbicides. In Dairy and Poultry and Processed Foods, the company operates through its subsidiaries Creamline Dairy Products Limited and Godrej Tyson Foods Limited. Apart from this, GAVL also has a joint venture with the ACI group of Bangladesh for animal feed business in Bangladesh. For more information on the Company, please log on to www.godrejagrovet.com . Designation Location Mumbai Job Purpose We are seeking a highly skilled and experienced IT & OT Infrastructure, Data, and Applications Security Manager to lead the security strategy and implementation for IT & OT (Operational Technology) environments. This role is responsible for ensuring that critical infrastructure, network systems, and applications are secure from cyber threats while ensuring operational continuity in both the IT and OT domains. The position requires a deep understanding of both IT and OT security frameworks, as well as an ability to collaborate with cross-functional teams to safeguard digital assets and operations. Roles & Responsibilities: 1. IT & OT Infrastructure Security: Develop, implement, and maintain security policies, procedures, and controls to protect IT & OT infrastructure components, including servers, networks, industrial control systems (ICS), SCADA, and cloud environments. Collaborate with IT teams to ensure secure integration between IT and OT systems, addressing the unique security requirements of each domain. Conduct regular risk assessments, vulnerability scans, and penetration tests to identify and mitigate threats in IT & OT infrastructures. Manage the security of industrial networks, SCADA systems, and IIoT (Industrial Internet of Things) devices to prevent cyber threats and ensure safe operations. Implement and maintain security for cloud services, on-premises data centers, and critical OT assets, ensuring compliance with industry standards. 2. Data Security : Implement data encryption, tokenization, and masking techniques to protect sensitive and proprietary data across systems, databases, and storage devices. Oversee data classification processes and ensure data protection in compliance with legal and regulatory requirements (GDPR, CCPA, HIPAA, etc.). Ensure proper data backup, disaster recovery, and business continuity planning related to data security. Conduct data loss prevention (DLP) assessments and implement preventative controls. Manage access control policies for databases and ensure segregation of duties for sensitive information. 3. Network Security: Develop and maintain robust network security architecture for IT & OT networks, ensuring protection against unauthorized access, data breaches, and cyber-attacks. Monitor and analyze network traffic and logs to detect potential threats, vulnerabilities, and anomalous activities across IT & OT networks. Implement network segmentation to isolate IT and OT environments while ensuring controlled data exchange between systems. Configure and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and secure VPNs to protect networks from external and internal threats. Manage secure communication channels for IT/OT devices and ensure the proper functioning of secure remote access protocols for IT/OT systems. 4. Applications Security: Lead the implementation of secure application development practices for OT applications. Work with development and OT engineering teams to incorporate secure coding practices into OT software systems. Conduct regular security assessments and code reviews for applications, ensuring that vulnerabilities are identified and mitigated. Oversee security testing of OT applications, including SCADA systems, human-machine interfaces (HMIs), and industrial control software, to ensure that security controls are in place. Implement security controls around application access, user authentication, and data integrity for OT applications. 5. Incident Response & Threat Management: Lead and coordinate response efforts to security incidents involving OT systems, ensuring that containment, investigation, and remediation processes are followed efficiently. Develop and maintain incident response plans that address OT-specific risks, ensuring minimal disruption to critical operations. Conduct post-incident analysis to identify root causes, recommend improvements, and apply corrective actions to prevent future occurrences. Collaborate with internal and external teams (e.g., law enforcement, vendors) during security incidents that may impact OT systems. 6. Security Governance and Compliance: Ensure compliance with relevant industry regulations, standards, and frameworks (e.g., NIST, ISO 27001, IEC 62443, NERC CIP) in OT environments. Implement and enforce security governance, risk management, and compliance strategies across OT assets. Perform regular audits and assessments of OT security controls to ensure compliance with security policies and regulatory requirements. Maintain comprehensive security documentation, including risk assessments, incident reports, and security project plans. 7. Security Awareness and Training: Develop and conduct security awareness training programs for OT staff, ensuring that they are educated on security best practices, emerging threats, and organizational policies. Provide ongoing education to the OT team about the importance of cybersecurity in the context of industrial operations and critical infrastructure. Stay current with emerging security trends, threats, and vulnerabilities specific to OT environments and incorporate new knowledge into security practices. Educational Qualification: : Bachelors degree in Computer Science, Information Security, Cybersecurity, Engineering, or a related field (Master s preferred). Experience: Minimum of 5 to 6 years of experience in IT & OT security, Data security, and application security. Extensive experience securing both OT (industrial control systems, SCADA, ICS, IIoT) environments. Proven experience with network segmentation, firewalls, IDS/IPS, VPNs, and application security frameworks. Familiarity with securing operational technology, including understanding of industrial protocols (Modbus, OPC, DNP3, etc.). Hands-on experience with OT vulnerability management, incident response, and threat intelligence processes. Skills: Expertise in securing network and infrastructure devices, systems, and industrial control systems (ICS). Deep knowledge of network protocols and security mechanisms (e.g., IP, TCP/IP, VPNs, firewalls). Proficiency in securing cloud environments (AWS, Azure, Google Cloud) as well as on-premises systems. Experience with tools for vulnerability scanning, penetration testing, and risk assessments (e.g., Nessus, Qualys, Burp Suite). Certifications : CISSP, CISM, CISA, or similar certifications are preferred. OT-specific certifications such as Certified SCADA Security Architect (CSSA) or IEC 62443 certification a plus. Network security certifications such as CCSP, AWS Certified Security Specialty, or CCNA Security are beneficial. Application security certifications (e.g., CEH, OWASP) are a bonus. An inclusive Godrej Before you go, there is something important we want to highlight. There is no place for discrimination at Godrej. Diversity is the philosophy of who we are as a company. And has been for over a century. It s not just in our DNA and nice to do. Being more diverse - especially having our team members reflect the diversity of our businesses and communities - helps us innovate better and grow faster. We hope this resonates with you. We take pride in being an equal opportunities employer. We recognize merit and encourage diversity. We do not tolerate any form of discrimination on the basis of nationality, race, color, religion, caste, gender identity or expression, sexual orientation, disability, age, or marital status and ensure equal opportunities for all our team members. If this sounds like a role for you, apply now! We look forward to meeting you.

We are looking for a skilled IS Auditor with 28 years of relevant experience to join our team at ESAF Small Finance Bank's Corporate Office in Thrissur. The ideal candidate must hold a CISA certification and possess a strong background in Information Systems Audit Location: Corporate Office, Thrissur Organization: ESAF Small Finance Bank Experience Required: 2 to 8 years Mandatory: CISA Certification

Position Overview: We are seeking a highly experienced and strategic Third-Party Risk Management (TPRM) professional to lead and enhance our enterprise-wide third-party risk program. This role involves overseeing risk assessments, governance, due diligence, monitoring, and issue management for vendors, partners, and service providers across the organization. The ideal candidate will bring 10–12 years of expertise in risk management, information security, compliance, and vendor oversight, with the ability to collaborate across legal, procurement, technology, and business functions to ensure consistent application of third-party risk controls. Roles and Responsibilities Key Responsibilities: Lead the execution and continuous improvement of the Third-Party Risk Management lifecycle, including on boarding assessments, ongoing monitoring, risk reviews, and exit management. Oversee the development and implementation of TPRM policies, frameworks, and procedures, aligned with regulatory standards such as NIST, ISO 27001, SOC 2, GDPR, DORA, and PCI DSS. Conduct and review inherent and residual risk assessments for new and existing vendors across multiple risk domains (information security, compliance, financial, operational, etc.). Collaborate with procurement, legal, IT, business units, and compliance teams to integrate TPRM into sourcing and contract processes. Drive the automation and scalability of the TPRM program through use of GRC platforms (e.g., ServiceNow, Archer, ProcessUnity, OneTrust). Manage third-party due diligence questionnaires (DDQs), control gap analysis, and track remediation efforts for identified issues. Prepare and deliver executive-level reporting and dashboards related to vendor risk posture, risk acceptance, and compliance status. Stay current on emerging regulatory requirements, supply chain risks, and third-party threats to inform program strategy. Support internal/external audits and regulatory reviews involving vendor risk management. Required Qualifications: 10–12 years of professional experience in Third-Party Risk Management, IT Risk, InfoSec, Audit, or related GRC functions. In-depth understanding of third-party risk domains, including cybersecurity, data privacy, business continuity, and compliance. Experience developing or managing TPRM frameworks and governance structures across global enterprises. Hands-on experience with TPRM tools such as ServiceNow GRC, Archer, OneTrust, Prevalent, or ProcessUnity. Strong knowledge of risk and control frameworks including NIST, ISO 27001, SIG, SOC 2, and GDPR. Proven ability to assess and report on third-party risk posture, remediation plans, and contract compliance. Excellent written and verbal communication skills with ability to influence technical and non-technical audiences. Preferred Qualifications: Relevant certifications such as CISA, CRISC, CISSP, CTPRA, CTPRP, or ISO 27001 Lead Auditor. Experience in regulated industries such as financial services, healthcare, or critical infrastructure.

The Sr Analyst, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (eg, NIST, ISO, COBIT, PCI DSS) This role will perform, and continuously improve Risk Management assessments, risk registration, prioritized risk remediation, third party and application evaluations, and will maintain the risk register in Bunge s Governance, Risk and Compliance automation to support the overall effectiveness of the BT organization Essential Functions Actively engage in Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (eg NIST, ISO, COBIT, PCI DSS) as needed. Facilitate effective audits, compliance reviews, and other internal control-based activities for the Business Technology (BT) organization. Ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans. Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities. Define and identify control gaps, provide recommendations for control process improvements, and support control owners corrective action plans for remediation. Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements. Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues. Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation. Actively collaborate and support partner functions across Bunge s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity. Executes operational and supports the implementation of strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions. Recognized as an expert within Bunge in the performance and continuous improvement of governance, risk and compliance related services and capabilities. Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization. Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks. Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (eg, Internal Audit, Legal, Compliance, Privacy). Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization. Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity internal control environment. Solve highly complex problems that require significant investigation and advanced application of expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including longstanding or unprecedented improvements without a historical precedent. Qualifications Bachelors degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience. 5+ years of experience in compliance and controls assurance, internal audit, or a related field. Prior experience in Sarbanes-Oxley compliance required. Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred. Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required. Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred. Proven experience working with Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k. Certifications such as CIA, CISA, CGEIT, CISSP preferred. Ability to manage and execute parallel activities in a fast-paced, dynamic environment. Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization. Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives. Excellent analytical and problem-solving skills Recognized as an expert in internal controls, effective demonstration of compliance, and applicable remediation and mitigation techniques within the organization. Leverage a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance. Leverage industry experience and knowledge of applicable best practices (eg, COBIT, NIST CSF, ISO 27k) frameworks, and guidance to establish effective governance, strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity programs. Apply expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including the remediation of longstanding risks and deficiencies. Ability to work independently and as part of a cross functional team. Demonstrates a company ownership mindset, thinking beyond boundaries of their own area. Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals. Ability to work with limited direct management to participate in governance, risk, and compliance related efforts, improve practices, coordinate cross functional activities and to successfully deliver strategic outcomes. Demonstrate an ability to balance the appropriate performance of a control and proper mitigation of risk with the realization of critical business capabilities, working within time, technology, capacity, and budget constraints, and leverage this when working with process and control owners. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation.

The Sr Analyst, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (eg, NIST, ISO, COBIT, PCI DSS) This role will perform, and continuously improve Risk Management assessments, risk registration, prioritized risk remediation, third party and application evaluations, and will maintain the risk register in Bunge s Governance, Risk and Compliance automation to support the overall effectiveness of the BT organization Essential Functions Actively engage in Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (eg NIST, ISO, COBIT, PCI DSS) as needed. Facilitate effective audits, compliance reviews, and other internal control-based activities for the Business Technology (BT) organization. Ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans. Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities. Define and identify control gaps, provide recommendations for control process improvements, and support control owners corrective action plans for remediation. Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements. Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues. Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation. Actively collaborate and support partner functions across Bunge s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity. Executes operational and supports the implementation of strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions. Recognized as an expert within Bunge in the performance and continuous improvement of governance, risk and compliance related services and capabilities. Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization. Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks. Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (eg, Internal Audit, Legal, Compliance, Privacy). Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization. Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity internal control environment. Solve highly complex problems that require significant investigation and advanced application of expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including longstanding or unprecedented improvements without a historical precedent. Qualifications Bachelors degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience. 5+ years of experience in compliance and controls assurance, internal audit, or a related field. Prior experience in Sarbanes-Oxley compliance required. Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred. Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required. Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred. Proven experience working with Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k. Certifications such as CIA, CISA, CGEIT, CISSP preferred. Ability to manage and execute parallel activities in a fast-paced, dynamic environment. Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization. Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives. Excellent analytical and problem-solving skills Recognized as an expert in internal controls, effective demonstration of compliance, and applicable remediation and mitigation techniques within the organization. Leverage a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance. Leverage industry experience and knowledge of applicable best practices (eg, COBIT, NIST CSF, ISO 27k) frameworks, and guidance to establish effective governance, strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity programs. Apply expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including the remediation of longstanding risks and deficiencies. Ability to work independently and as part of a cross functional team. Demonstrates a company ownership mindset, thinking beyond boundaries of their own area. Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals. Ability to work with limited direct management to participate in governance, risk, and compliance related efforts, improve practices, coordinate cross functional activities and to successfully deliver strategic outcomes. Demonstrate an ability to balance the appropriate performance of a control and proper mitigation of risk with the realization of critical business capabilities, working within time, technology, capacity, and budget constraints, and leverage this when working with process and control owners. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation.

The Sr Analyst, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (eg, NIST, ISO, COBIT, PCI DSS) This role will perform, and continuously improve Risk Management assessments, risk registration, prioritized risk remediation, third party and application evaluations, and will maintain the risk register in Bunge s Governance, Risk and Compliance automation to support the overall effectiveness of the BT organization Essential Functions Actively engage in Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (eg NIST, ISO, COBIT, PCI DSS) as needed. Facilitate effective audits, compliance reviews, and other internal control-based activities for the Business Technology (BT) organization. Ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans. Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities. Define and identify control gaps, provide recommendations for control process improvements, and support control owners corrective action plans for remediation. Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements. Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues. Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation. Actively collaborate and support partner functions across Bunge s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity. Executes operational and supports the implementation of strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions. Recognized as an expert within Bunge in the performance and continuous improvement of governance, risk and compliance related services and capabilities. Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization. Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks. Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (eg, Internal Audit, Legal, Compliance, Privacy). Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization. Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity internal control environment. Solve highly complex problems that require significant investigation and advanced application of expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including longstanding or unprecedented improvements without a historical precedent. Qualifications Bachelors degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience. 5+ years of experience in compliance and controls assurance, internal audit, or a related field. Prior experience in Sarbanes-Oxley compliance required. Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred. Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required. Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred. Proven experience working with Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k. Certifications such as CIA, CISA, CGEIT, CISSP preferred. Ability to manage and execute parallel activities in a fast-paced, dynamic environment. Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization. Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives. Excellent analytical and problem-solving skills Recognized as an expert in internal controls, effective demonstration of compliance, and applicable remediation and mitigation techniques within the organization. Leverage a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance. Leverage industry experience and knowledge of applicable best practices (eg, COBIT, NIST CSF, ISO 27k) frameworks, and guidance to establish effective governance, strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity programs. Apply expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including the remediation of longstanding risks and deficiencies. Ability to work independently and as part of a cross functional team. Demonstrates a company ownership mindset, thinking beyond boundaries of their own area. Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals. Ability to work with limited direct management to participate in governance, risk, and compliance related efforts, improve practices, coordinate cross functional activities and to successfully deliver strategic outcomes. Demonstrate an ability to balance the appropriate performance of a control and proper mitigation of risk with the realization of critical business capabilities, working within time, technology, capacity, and budget constraints, and leverage this when working with process and control owners. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation.

The Sr Analyst, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (eg, NIST, ISO, COBIT, PCI DSS) This role will perform, and continuously improve Risk Management assessments, risk registration, prioritized risk remediation, third party and application evaluations, and will maintain the risk register in Bunge s Governance, Risk and Compliance automation to support the overall effectiveness of the BT organization Essential Functions Actively engage in Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (eg NIST, ISO, COBIT, PCI DSS) as needed. Facilitate effective audits, compliance reviews, and other internal control-based activities for the Business Technology (BT) organization. Ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans. Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities. Define and identify control gaps, provide recommendations for control process improvements, and support control owners corrective action plans for remediation. Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements. Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues. Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation. Actively collaborate and support partner functions across Bunge s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity. Executes operational and supports the implementation of strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions. Recognized as an expert within Bunge in the performance and continuous improvement of governance, risk and compliance related services and capabilities. Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization. Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks. Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (eg, Internal Audit, Legal, Compliance, Privacy). Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization. Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity internal control environment. Solve highly complex problems that require significant investigation and advanced application of expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including longstanding or unprecedented improvements without a historical precedent. Qualifications Bachelors degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience. 5+ years of experience in compliance and controls assurance, internal audit, or a related field. Prior experience in Sarbanes-Oxley compliance required. Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred. Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required. Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred. Proven experience working with Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k. Certifications such as CIA, CISA, CGEIT, CISSP preferred. Ability to manage and execute parallel activities in a fast-paced, dynamic environment. Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization. Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives. Excellent analytical and problem-solving skills Recognized as an expert in internal controls, effective demonstration of compliance, and applicable remediation and mitigation techniques within the organization. Leverage a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance. Leverage industry experience and knowledge of applicable best practices (eg, COBIT, NIST CSF, ISO 27k) frameworks, and guidance to establish effective governance, strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity programs. Apply expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including the remediation of longstanding risks and deficiencies. Ability to work independently and as part of a cross functional team. Demonstrates a company ownership mindset, thinking beyond boundaries of their own area. Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals. Ability to work with limited direct management to participate in governance, risk, and compliance related efforts, improve practices, coordinate cross functional activities and to successfully deliver strategic outcomes. Demonstrate an ability to balance the appropriate performance of a control and proper mitigation of risk with the realization of critical business capabilities, working within time, technology, capacity, and budget constraints, and leverage this when working with process and control owners. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation.

The Sr Analyst, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (eg, NIST, ISO, COBIT, PCI DSS) This role will perform, and continuously improve Risk Management assessments, risk registration, prioritized risk remediation, third party and application evaluations, and will maintain the risk register in Bunge s Governance, Risk and Compliance automation to support the overall effectiveness of the BT organization Essential Functions Actively engage in Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (eg NIST, ISO, COBIT, PCI DSS) as needed. Facilitate effective audits, compliance reviews, and other internal control-based activities for the Business Technology (BT) organization. Ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans. Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities. Define and identify control gaps, provide recommendations for control process improvements, and support control owners corrective action plans for remediation. Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements. Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues. Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation. Actively collaborate and support partner functions across Bunge s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity. Executes operational and supports the implementation of strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions. Recognized as an expert within Bunge in the performance and continuous improvement of governance, risk and compliance related services and capabilities. Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization. Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks. Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (eg, Internal Audit, Legal, Compliance, Privacy). Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization. Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity internal control environment. Solve highly complex problems that require significant investigation and advanced application of expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including longstanding or unprecedented improvements without a historical precedent. Qualifications Bachelors degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience. 5+ years of experience in compliance and controls assurance, internal audit, or a related field. Prior experience in Sarbanes-Oxley compliance required. Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred. Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required. Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred. Proven experience working with Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k. Certifications such as CIA, CISA, CGEIT, CISSP preferred. Ability to manage and execute parallel activities in a fast-paced, dynamic environment. Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization. Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives. Excellent analytical and problem-solving skills Recognized as an expert in internal controls, effective demonstration of compliance, and applicable remediation and mitigation techniques within the organization. Leverage a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance. Leverage industry experience and knowledge of applicable best practices (eg, COBIT, NIST CSF, ISO 27k) frameworks, and guidance to establish effective governance, strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge s BT and Cybersecurity programs. Apply expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including the remediation of longstanding risks and deficiencies. Ability to work independently and as part of a cross functional team. Demonstrates a company ownership mindset, thinking beyond boundaries of their own area. Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals. Ability to work with limited direct management to participate in governance, risk, and compliance related efforts, improve practices, coordinate cross functional activities and to successfully deliver strategic outcomes. Demonstrate an ability to balance the appropriate performance of a control and proper mitigation of risk with the realization of critical business capabilities, working within time, technology, capacity, and budget constraints, and leverage this when working with process and control owners. Effectively utilize process automation and reporting through Bunge s Governance, Risk and Compliance (GRC) automation.

• Business & governance change projects, providing controls & risks consultancy • Analyze & recommend changes to policies &procedures • Internal audit risk assessment • Contribute to annual plan development &maintenance • Plan, deliver complex audits Required Candidate profile CA / Inter-CA / MBA CIA, CISA etc 5+ years of exp in Process & Risk Audits Exp in Insurance, Banks, FIs Good exp in all areas of Audits related to Risk & Process Audits Good English Communication Perks and benefits Great Opportunity

Network Security Manager - Palo Alto firewalls/Zscaler/Terraform - 5+ Years - Bengaluru(Immediate Joiners) Are you an experienced Network Security professional with a passion for leading high-performing teams? Do you have a strong background in Cyber Security and a track record of implementing and managing network security solutions? Our client, a leading organization in Bengaluru, is seeking a dynamic Manager/Lead Engineer to drive their network security initiatives and ensure the company's infrastructure is protected from cyber threats. If you are ready to take on a new challenge and make a significant impact, we would love to hear from you. Location : Bengaluru Your Future Employer:Our client is a reputable organization in the heart of Bengaluru, known for its innovative solutions and commitment to excellence. As a part of their team, you will have the opportunity to work in a collaborative environment and contribute to cutting-edge network security projects. Responsibilities : Develop and implement network security policies and procedures Lead a team of network security engineers and provide technical guidance Conduct regular security assessments and recommend improvements Collaborate with cross-functional teams to address security concerns and ensure compliance with industry standards Stay updated on the latest security trends and technologies Requirements : Bachelor's degree in Computer Science, Engineering, or a related field Minimum of 8 years of experience in network security with a focus on Cyber Security Proven leadership skills and experience in managing a technical team Strong knowledge of security protocols, firewall technologies, and intrusion detection/prevention systems Relevant certifications such as CISSP, CISM, or CISA will be an added advantage Should have hands of experience about Palo alto firewalls and Zscaler (ZIP) What's in it for you: Opportunity to work with a leading organization and drive impactful network security initiatives Competitive compensation package with performance-based bonuses Professional development opportunities and access to cutting-edge technologies Collaborative and inclusive work environment that values diversity and innovation Reach us: If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at parul.arorar@crescendogroup.in Disclaimer: Crescendo Global specializes in Senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note: We receive a lot of applications on a daily basis so it becomes a bit difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted in case you don't hear back from us in 1 week. Your patience is highly appreciated. Scammers can misuse Crescendo Globals name for fake job offers. We never ask for money, purchases, or system upgrades. Verify all opportunities at www.crescendo-global.com and report fraud immediately. Stay alert! Profile keywords :Cyber Security, Network Security, CISSP, CISM, CISA, Leadership, Bengaluru, Engineering

Individuals within the IT Compliance Lead Analyst role are responsible for ensuring that the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for driving adherence to compliance and regulatory IT controls. Will assist development of continuous monitoring controls to assess the IT control environment and its effectiveness against the IT Corporate Compliance Standards. Partner with the Corporate Compliance team to provide guidance and enhancements of control adjustments based on industry or corporate standards. Members of this role need to understand software development life cycles, Sarbanes-Oxley (SOX) Controls, security principals, process design, and a strong knowledge of compliance management. They must be able to understand business requirements, technical specifications, and change management documentation to audit work products against standards. They must also be highly skilled communicators. The associate in this role will work on multiple projects as a compliance team leader or advisor. They will work on projects that have system-wide impact, integrating across the organization and involving multiple technical environments and disciplines. PRIMARY DUTIES AND RESPONSIBILITIES: Leads in identification and documentation of Cencora/Pharmalex IT General Controls (ITGC). Performs risk assessment procedures and presents findings to leadership verbally or via written reports. Provides controls guidance to IT and the business to facilitate operational effectiveness and ensures compliance requirements are met. Utilizes sound judgment to identify and assess risk, materiality, and adequacy of audit evidence, compensating controls, and significance of findings. Collaborates effectively and on an ongoing basis with all constituents involved in IT General Controls. Reviews progress toward the ITGC plan regularly with IT leaders, control owners and auditors to make modifications, as necessary. Assists internal and external auditors in compliance reviews. Assists external compliance initiatives that may include Sarbanes-Oxley (SOX), EU GDP, GDPR, and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication, and escalation of remediation. Builds trusted working relationships with the enterprise Finance, Legal, Audit and Corporate Compliance groups to support Internal and External Audits, and to ensure the understanding and acceptance of audit issues in connection with business risks. Stays current with latest changes in external compliance initiatives that may affect the organization s compliance with external requirements. Manages discussions with external auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate our IT Controls strategy and how IT controls operate. Prepares clear, detailed, and accurate compliance documentation, including narratives, control descriptions, risk control matrices, test programs, and performance metrics. Establishes and communicates timelines, requirements, and issues with management in a professional and timely manner. Escalates key control risks and issues, in a professional manner to management. Evaluates and makes compliance recommendations on standards within enterprise-wide processes such as change and release management. Leads evaluation of Control Frameworks, Regulations, and certifications, provides analysis based on findings. Participates in evaluation of acquired solutions and provides findings on control risks. EXPERIENCE AND EDUCATIONAL REQUIREMENTS: bachelors degree in computer science, Information Systems, Business Administration, or other related field or equivalent work experience. Minimum of eight (8) years IT compliance or audit experience , including supervisory experience working for a large company. Professional certification is preferred (CISA, CIA, CPA, CRISC, CISSP, or similar). Must have experience in auditing large ERP systems. MINIMUM SKILLS, KNOWLEDGE, AND ABILITY REQUIREMENTS: Direct experience in auditing Microsoft Dynamics365 or an equivalent ERP system Experience in working remotely and autonomously Ability to work within a team environment Skilled at interacting with internal and external personnel Strong interpersonal and analytical skills Strong organizational and oral/written communication skills High degree of literacy with system processes and internal controls Comfortable working with management, and ability to work independently on projects and supervising of assigned staff Extensive exposure to IT related operations, including system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other typical application specific control principles and risk Working knowledge of Sarbanes-Oxley requirements EXPERIENCE AND EDUCATIONAL REQUIREMENTS: bachelors degree in computer science, Information Systems, Business Administration, or other related field or equivalent work experience. Minimum of Eight (8) years IT compliance or audit experience, including supervisory experience working for a large company. Professional certification is preferred (CISA, CIA, CPA, CRISC, CISSP, or similar). Must have experience in auditing large ERP systems. MINIMUM SKILLS, KNOWLEDGE, AND ABILITY REQUIREMENTS: Direct experience in auditing Microsoft Dynamics365 or an equivalent ERP system Experience in working remotely and autonomously Ability to work within a team environment Skilled at interacting with internal and external personnel Strong interpersonal and analytical skills Strong organizational and oral/written communication skills High degree of literacy with system processes and internal controls Comfortable working with management, and ability to work independently on projects and supervising of assigned staff Extensive exposure to IT related operations, including system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other typical application specific control principles and risk Working knowledge of Sarbanes-Oxley requirements

Join our Team About This Opportunity We are seeking a team member in our IT Security Third Party Security Risk Management team to enhance our BA, MA, and Group Functions adherence to internal IT Security regulations more efficiently. This individual contributor role will articulate ISMS controls and compliance through the "10 Commandments" and dashboards. The role involves conducting assurance reviews and, when necessary, implementing ISMS compliance across Ericsson s global IT environment. We are looking for a highly skilled security professional with an audit background. The ideal candidate will foster a collaborative and professional atmosphere while maintaining high standards. What You Will Do Understand the end-to-end third-party risk management lifecycle. Develop, manage and improve third-party risk management monitoring and reporting process that tracks third-party risks. Contribute to the development of policies focused on the security of third-party business processes. Develop and maintain supplier risk and control monitoring plans, performing monitoring activities and analyzing evidence to ensure controls are effective. Assist in the development and execution of category/supplier strategies. Collaborate with stakeholders to address supply chain security. Supervise and conduct supplier security audits in alignment with company security policies and industry standards. Perform on-site assessments of vendors to identify opportunities for improvement. Utilize analytics to compile and synthesize data, making informed recommendations to assess and mitigate risk exposure, guiding business decisions. Establish and deliver metrics in a robust, validated, consistent, and repeatable process. Ensure data accuracy and integrity through established processes and controls. Build relationships and influence the behavior of internal teams and external parties. Complete monitoring and control tasks triggered by supplier tier and third-party interaction models. Collaborate with business stakeholders to achieve year-over-year cost savings with managed third-party relationships. Partner with stakeholders on IT Security contract negotiations for all managed third-party relationships. You Will Bring Minimum of seven years of experience in developing and maintaining global vendor risk management programs. Preferred certifications: CISSP, CISM, CISA, or CRISC. Strong understanding of information technology and security solutions. Monitor and ensure successful delivery against third-party contractual obligations. Assist in the development and monitoring of SLAs or key performance indicators for third-party relationships. Why join Ericsson? What happens once you apply? Primary country and city: India (IN) || Gurgaon Req ID: 768956

Provides independent internal audit and forensic investigation support, covering Oracles global operations. Reviews focus on evaluating adequacy, effectiveness and compliance with risk management and governance processes, policies and procedures and key internal controls. ABOUT THE TEAM Oracle s Business Assessment & Audit team (BA&A) is responsible for providing enterprise risk management services on behalf of the executive management team and board of Oracle Corporation as well as its publicly traded subsidiaries. These responsibilities are executed through conducting broad business risked-based audits (operational / financial / IT / compliance - focused) of Oracle s global processes and subsidiaries. The BA&A function currently has approximately 50 members globally. The team is a mix of highly specialized process, information technology/privacy and data analytics professionals in providing business/consulting advisory services. POSITION OVERVIEW Perform independent assessments of Oracle s global business processes, including country specific regulatory assignments, to ensure that they meet managements business objectives while mitigating significant risks. Assist in planning the scope for audits and selection/development of appropriate audit procedures. Execute on audit procedures and assist in preparation of reports and memorandums as needed for assigned audits. Assist in performing periodic global risk assessments to help ensure that key business risks are properly identified and mitigated by management. KEY RESPONSIBILITIES Perform audits/reviews to ensure compliance with company guidelines/policies/local laws and regulations as well as effectiveness of internal controls. Draft and ensure completion of audit scope, programs, questionnaires, reports and memorandums for assigned audits/reviews. Perform quarterly assessments of management action plan completion to ensure proper risk mitigation. Review operational structure for maximum efficiency and effectiveness. Provide recommendations to business units on improving their internal control structure. Work collaboratively with internal and external subject matter experts. Managing department infrastructure and improvement activities, training sessions and special projects, as needed. Key skills and abilities include attention to detail, influencing, facilitation, business process improvement/development, analysis, and problem solving. PREFERRED SKILLS & EXPERIENCE At least 6-8 + years Audit/Consulting experience and BA/BS degree Strong presentation and communication skills (spoken and written) in English are essential. Advanced interviewing skills are required Advanced knowledge of auditing processes/procedures Ability to balance detail with departmental goals/objectives Ability to coordinate and perform multiple tasks/projects/team initiatives simultaneously, balancing priorities and deliverables Ability to evaluate business processes and IT technology, identify risks and evaluate controls. Advanced investigative and analytical skills Ability to translate business needs and problems into viable and accepted solutions Competent interpersonal skills, including the ability to liaise with process owners across a wide variety of operational, functional, and technical disciplines Organizational and time management skills Effectively coordinate with team members in different time zones and the ability to work independently and within a team environment Ability to travel as required (estimated travel 10%-25%) Experience working with Office tools (Excel, Word and PowerPoint) required Proven experience working with computer-aided auditing, continuous monitoring and data analytics and data visualization tools a plus Advanced degree in Accounting, Finance, Business Administration, Management Information Systems or equivalent education preferred CPA, CA, ACA, CIA, CISA, CFE or similar certifications preferred Additional language skills are a plus

About This Opportunity We are seeking a team member in our IT Security Third Party Security Risk Management team to enhance our BA, MA, and Group Functions adherence to internal IT Security regulations more efficiently. This individual contributor role will articulate ISMS controls and compliance through the "10 Commandments" and dashboards. The role involves conducting assurance reviews and, when necessary, implementing ISMS compliance across Ericsson s global IT environment. We are looking for a highly skilled security professional with an audit background. The ideal candidate will foster a collaborative and professional atmosphere while maintaining high standards. What You Will Do Understand the end-to-end third-party risk management lifecycle. Develop, manage and improve third-party risk management monitoring and reporting process that tracks third-party risks. Contribute to the development of policies focused on the security of third-party business processes. Develop and maintain supplier risk and control monitoring plans, performing monitoring activities and analyzing evidence to ensure controls are effective. Assist in the development and execution of category/supplier strategies. Collaborate with stakeholders to address supply chain security. Supervise and conduct supplier security audits in alignment with company security policies and industry standards. Perform on-site assessments of vendors to identify opportunities for improvement. Utilize analytics to compile and synthesize data, making informed recommendations to assess and mitigate risk exposure, guiding business decisions. Establish and deliver metrics in a robust, validated, consistent, and repeatable process. Ensure data accuracy and integrity through established processes and controls. Build relationships and influence the behavior of internal teams and external parties. Complete monitoring and control tasks triggered by supplier tier and third-party interaction models. Collaborate with business stakeholders to achieve year-over-year cost savings with managed third-party relationships. Partner with stakeholders on IT Security contract negotiations for all managed third-party relationships. You Will Bring Minimum of seven years of experience in developing and maintaining global vendor risk management programs. Preferred certifications: CISSP, CISM, CISA, or CRISC. Strong understanding of information technology and security solutions. Monitor and ensure successful delivery against third-party contractual obligations. Assist in the development and monitoring of SLAs or key performance indicators for third-party relationships. Primary country and city: India (IN) || Gurgaon Req ID: 768956

We are seeking an experienced IT SOX Auditor to join our dynamic Internal Audit team. This role will primarily focus on evaluating and testing IT controls within our SAP R/3 ECC 6.0 environment to ensure compliance with the Sarbanes-Oxley Act (SOX) . You will also assist in reviewing other IT-related financial reporting controls, conducting risk assessments, and supporting continuous improvement initiatives within our internal audit processes. The ideal candidate will have a strong background in SAP auditing, ITGC testing, and SOX compliance, combined with the ability to collaborate across various business functions. A proactive approach to process improvements and experience in working with diverse IT systems (including Oracle, Active Directory, AWS, CyberArk, and Linux) will be highly valued. Key Job Areas of Responsibilities 1. SOX Compliance Testing : Conduct thorough testing of IT controls within the SAP environment to ensure SOX compliance. Testing of IT controls over Oracle, Active Directory, AWS, CyberArk and Linux. 2. Quality Assurance : Assist in quality assurance review over IT related financial reporting controls within the Sarbanes Oxley (SOX) compliance program. Support the Internal Audit Manager on various departmental tasks, compliance investigations, continuous improvement initiatives and management reporting. 3. Risk Assessment & Audit Planning : Prepare preliminary risk assessments, define audit scopes, conduct fieldwork identifying control weaknesses and non-compliance, discuss audit results with management, draft audit reports and perform the follow-up of Management corrective action plans on a regular basis. Add value to auditees by sharing best practices and through constructive and solution-driven discussions. Participate in developing the annual Risk Assessment and Audit Plan 4. Stakeholder Communication : Regular communication and management of stakeholders including Senior Management and business process owners. 5. Process Improvements (Kaizen) : Support GEM implementation across Internal Audit by: Having a focused process improvement mindset ( automation, standardization etc) at least 1 Kaizen idea raised per month (and one implemented Kaizen every 2 months) Improvements/ projects with bigger impact on the portfolio, activities and KPIs 6. Root Cause Analysis (RCCA) : RCCA (Root Cause Analysis) continuous focus Education B Tech/ MCA/ BSc /BCom/CISA/CIA Experience Required Must Have 5-7 years of experience in testing SOX controls in SAP R/3 ECC 6.0 environment. Good to have 1-5 years of experience in programming in C++, Java, Python Good knowledge of ITGC controls over Oracle, Active Directory, AWS, CyberArk and Linux Key Skills and Knowledge Fluent in English Excellent knowledge of SAP R/3 ECC 6.0 environment. Good knowledge of Sarbanes Oxley (SOX) IT general controls. Ability to develop strong partnerships/working relationships with all functional areas. Good Teamwork & Communication Why Join Us? Growth and Development : We offer opportunities for professional development, including support for certifications and continuous learning. Innovative Culture : Be part of a forward-thinking team focused on improving processes, driving automation, and optimizing audit practices. Collaborative Environment : Work alongside a dynamic team of professionals who are dedicated to making an impact and adding value to the business.

Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talent Looking for someone with SOX testing experience. Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated / IT Control Tester is must What are we looking for? •Results orientation •Commitment to quality •Risk management •Collaboration and interpersonal skills •Written and verbal communication Automated Control Tester is must ITAC, IT automated control testing, ISO 27001, pci dss certification, Nist, CISA