615 Cobit Jobs

Qualification: Bachelors degree in computer Science or IT higher-level qualification Perform 3rd-party audits and trainings according to ISO/IEC 27001, ISO 9001 & other IT specific standards/ frameworks Provide timely and accurate reviews of client’s corrective action and closure. Minimum 5+ years’ Experience in IT /Management system Implementation / certification and Minimum 2 years of profound experience in the field of information security. Great attitude, Analytical skills and communication skills. Preferred: IRCA Certified, ITIL Certified, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks. Able to travel for business purpose(70-80%).

Qualification: Bachelors degree in computer Science or IT higher-level qualification Perform 3rd-party audits and trainings according to ISO/IEC 27001, ISO 9001 & other IT specific standards/ frameworks Provide timely and accurate reviews of client’s corrective action and closure. Minimum 5+ years’ Experience in IT /Management system Implementation / certification and Minimum 2 years of profound experience in the field of information security. Great attitude, Analytical skills and communication skills. Preferred: IRCA Certified, ITIL Certified, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks. Able to travel for business purpose(70-80%).

When you join Verizon You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. TSGI is looking for a Principal Engineer passionate about Cybersecurity & Technology to join a new organization focused on Infrastructure Security Governance, covering our Verizon Global Services (VGS) On-Prem Infrastructure, Data centers and Cloud footprint. This new role will focus on elevating our Cybersecurity practices inside our VGS Infrastructure, ensuring their effectiveness and coverage across the entire footprint, quantifying and reducing cyber risks through actionable framework and scorecards, implementing next generation Cybersecurity Architecture, advanced Policies and Controls anticipating future threats, constantly assessing external new trends and industry best-in-class security posture, and delivering the related security automation platforms required to scale. You will be part of a team of Cybersecurity Engineers with an infrastructure background who will partner with our Verizon Cybersecurity (VCS), Global Network & Technology (GN&T) Network Security, and VGS Enterprise Network organizations, as well as our On-Prem Infrastructure, Data centers and Cloud organizations, to protect our Infrastructure and align on common technologies, practices and maturity across Verizon. What youll be doing Infrastructure Security Governance Developing and implementing IT infrastructure governance policies and procedures. Ensuring compliance with relevant industry standards and regulations (e.g., ISO 27001, GDPR). Establishing and maintaining a control framework for infrastructure management. Identifying, implementing and operationalizing metrics, dashboards, scorecards, and tracking to consistently measure the current state of cybersecurity across VGS Infrastructure, leveraging industry best practices and standards where possible. Ensuring effectiveness and coverage of the Security Policies and Controls of VGS Infrastructure, prioritizing by risk level. Instilling ownership and accountability for security-based metrics and drive increased maturity, visibility, and subject-matter expertise for all segments. Developing action plans jointly with all stakeholders to remediate deviations, providing necessary support to close on all key items. Championing a highly collaborative work model with an aptitude of building and maintaining relationships across different teams at multiple senior levels, internally and externally. Developing awareness, training & compliance programs focused on Infrastructure Cybersecurity practices, leveraging the Mavens program - a team of security professionals who facilitate adoption of security by design. Ensuring Security posture of VGS Infrastructure, e.g., access management, vulnerabilities remediation, etc. Coordinating necessary activities with our VCS organization: pen testing, incident response, data collection, etc. Identifying and evaluate potential threats and vulnerabilities. Develop mitigation strategies and track remediation efforts. Security Automation Platforms Design & Support Designing Infrastructure Security reporting dashboards, scorecards and maturity models used to measure our Cyber practice, with a focus on data integrity, working with the Verizon Global Infrastructure (VGI) SRE team. Supporting the design of automation platforms supporting VGS On-Prem Infrastructure, Data centers and Cloud organizations in their Cyber practice. Driving a culture of automation to scale cybersecurity practices. Industry Engagements & Cyber Transformation Establishing partnerships with industry leaders and forums to constantly assess new trends and solutions. Leading transformation towards Security by Design and Zero Trust principles for Infrastructure. Operationalize future Cybersecurity Architectures and Policies related to Infrastructure, constantly raising our maturity and level of protection. Identifying opportunities for automation, partnering with our Verizon India team. Stakeholdering with multiple external teams across Verizon, with sometimes competing, organizationally separate groups and goals. Communicating effectively on complex technical subjects to non-expert, cross-functional peers, with effective storytelling and proficiency when presenting to leadership. Building cross-functional collaboration and relationship building to achieve wider, organizational strategic goals. What were looking for... You'll need to have: Bachelors degree or four or more years of work experience in network engineering, computer science, IT infrastructure or related discipline. Ten or more years of relevant work experience in Security, IT, and/or Network. Experience managing a team of experienced, technical professionals. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals: Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts. Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN, web proxies, etc., using vendor products like Cisco, Juniper, Checkpoint, Palo Alto, etc. Knowledge of IT governance frameworks and standards (e.g., COBIT, ITIL). Relevant certifications such as CISSP, CISM, CRISC or CompTIA Security . Even better if you have the following: Bachelors degree in cybersecurity, network, engineering, computer science or related discipline. Ability to thrive in a dynamic environment while managing multiple high-priority projects. Experience in planning large budgets and executing on target. Experience with networking concepts and protocols; security and compliance. Strong analytical, interpersonal, project management and communication skills. Strong troubleshooting and problem-solving abilities in order to quickly find solutions to problems where no previous examples or methods may exist. Ability to engage people in the vision and demonstrate the meaning of the work for the bigger purpose. Where youll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 0 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics. Locations Chennai, India Hyderabad, India

We are seeking an experienced and highly motivated Cybersecurity GRC Manager to lead and manage the organizations governance, risk, and compliance (GRC) initiatives The ideal candidate will be responsible for designing, implementing, and maintaining robust cybersecurity frameworks to ensure compliance with regulatory requirements, industry standards, and organizational policies This role is critical in driving our security strategy, managing risks, and fostering a culture of security awareness across the organization Key Responsibilities: GovernanceDevelop and implement the organizations cybersecurity governance framework, policies, and procedures Align cybersecurity initiatives with business objectives, regulatory requirements, and industry best practices (eg, ISO 27001, NIST, GDPR, etc) Collaborate with cross-functional teams to ensure security requirements are integrated into business processes and IT systems Risk ManagementIdentify, assess, and prioritize cybersecurity risks across the organization Develop and maintain a risk management program, including risk registers, mitigation plans, and periodic assessments Monitor emerging threats and vulnerabilities, and provide guidance on appropriate risk responses ComplianceEnsure compliance with applicable laws, regulations, and standards (eg, SOX, HIPAA, PCI DSS) Conduct internal audits and readiness assessments for external audits and certifications Manage third-party vendor risk assessments and ensure security compliance across the supply chain Incident Management and ReportingOversee security incident response plans and testing Report on cybersecurity risks, incidents, and compliance metrics to executive leadership and stakeholders Coordinate with legal and regulatory bodies during audits or in response to security incidents Training and AwarenessDevelop and deliver cybersecurity training and awareness programs for employees at all levels Foster a culture of security awareness and accountability within the organization Education and Certifications bachelors degree in Cybersecurity, Information Technology, Business, or a related field Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor preferred Experience 7+ years of experience in cybersecurity, governance, risk, or compliance roles Proven experience with GRC tools, frameworks, and standards (eg, NIST CSF, COBIT, ISO 27001) Demonstrated success in managing complex risk and compliance projects SkillsStrong understanding of regulatory requirements and risk management methodologies Excellent communication and stakeholder management skills Analytical and detail-oriented with the ability to make data-driven decisions Experience in third-party vendor risk management and security audits What We Offer: Competitive salary and benefits package Opportunity to work with cutting-edge technologies in a dynamic and collaborative environment Professional development and certification opportunities

About The Team The RealPage Information Security Operations team monitors and manages risks associated with threats and vulnerabilities faced by our infrastructure, platforms, and systems. We work closely with our teammates from IT, Product Development, and across the business to coordinate and execute our vulnerability management and incident response strategies and capabilities. We work with industry-leading tools and implement creative solutions to complex problems. What You'll Do As an Incident Response Engineer, you will work directly with our security teams and partners across IT and the Application teams to contain and remediate security incidents, as well as designing solutions to improve the overall security architecture for the enterprise. Success in this role will be determined by your deep analytical expertise, including deep packet analysis, malware analysis, de-obfuscation skills, insights into endpoint analytics, and detailed log analysis. You will be called upon to flex your offensive security skills to drive rapid containment and remediation of security incidents, as well as your interpersonal skills to coordinate response with your teammates. Broad experience with security analytics including host logs, endpoint investigations, and network analysis are critical skills for this role. Primary Responsibilities Collect and analyze key data and telemetry during a security incident. Coordinate containment and remediation activity with cross-functional teams Complete all required incident documentation and reporting within established time frames. Drive improvements from incident lessons learned. Develop playbook\SOP to improve Incident Response processes to align with industry guidelines and standards. Develop and implement security monitoring use cases driven by threat intelligence. Conduct periodic threat hunting exercises to actively discover suspicious activity across the enterprise. participate in periodic exercises to test the effectiveness of IR\SOC process and controls. Qualifications Required Qualification: Bachelor's degree and 2 to 4 years of experience in Incident Response (CSIRT) and SOC. Additional relevant experience and professional certifications will be considered in lieu of a degree. Understanding of host-based and network security logging. Experience in usage of enterprise security solutions. Understanding related to security encompassing end point technologies, applications, application hosting, physical and virtual data center hosting. Experience with security practices such as security incident response and risk management. Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members. Must be a critical thinker with strong problem-solving skills. Knowledge of information security management frameworks, such as ISO 27001, ITIL, COBIT or NIST. High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies. Desired Qualification Degree in applicable field Professional information security certification, such as CEH, CHFI etc. Knowledge of common security frameworks and regulations including FFIEC, NYDFS and NIST Cybersecurity Framework In-depth and hands-on experience with Security Analytics and Incident Response Knowledge in Scripting languages (e.g. BASH, Python, etc)

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. Are you a forward-thinking, high-energy, dynamic driver who wants to get directly involved in the daily business with our international teams, develop your own abilities, and manage responsibility Join us as a Process Expert- Governance & Enablement Key Responsibilities: SPOC respectively Bridge Head to central IT, CYS and LC for all general Service-related topics. Definition of rules and regulations leading to a standard conform operation of GBS offered IT Services Supporting GBS business Lines for contract and technical related topics around Carve Outs/Ins Ensuring wide-spread know-how about existing IT-portfolio Support & monitoring GBS BLs in implementing Governance defined IT rules & regulations Offer IT related trainings for GBS BLs focusing relevant rules and regulations Management & support of ISO topics for DS services & Products Qualification: Bachelors degree in information technology or a related field. Knowledge of ITIL, COBIT or other IT governance standards and requirements. Strong organizational and project management skills. Proven but basic knowledge in CYS topics, mainly focusing on IT 5-7 years of experience in Information technology with at least 3 years in IT governance or related area. Good communication and networking skills in an intercultural environment and across all management levels Knowledge of ISO 9001, 27001 principles, DevOps, and Project Management methodologies will be an advantage Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. Find out more about Siemens careers at

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Invite and give in the moment feedback in a constructive manner. Share and collaborate effectively with others. Identify and make suggestions for improvements when problems and/or opportunities arise. Handle, manipulate and analyse data and information responsibly. Follow risk management and compliance procedures. Keep up-to-date with developments in area of specialism. Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce. Build and maintain an internal and external network. Seek opportunities to learn about how PwC works as a global network of firms. Uphold the firm's code of ethics and business conduct. Essential Duties And Responsibilities Manage the work streams related to IT SOX compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s). Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations. Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews. Provide technical support in the assessment, design, and implementation of ITGC requirements. Review control evidence for adherence to accuracy, completeness, and precision of control execution for all ITGC. Develop, implement, and test controls for new acquisitions and in-scope entities Work with control owners and operators to ensure quality, consistency, and operability of new and existing controls. Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment. Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT. Mentors and develops peer and Associates, monitors their work, and takes corrective action when necessary Builds and maintains strong peer relationships within the team and across the organization Coordinates work with External Auditors. Interpersonal Skills Ability to work independently under general supervision with latitude for initiative and independent judgment Effective verbal and written communications, including active listening skills Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors Detail-oriented Comfortable working on multiple projects simultaneously Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. Excellent Communication, written and verbal would be expected. In addition to being an exceptional individual contributor, manage engagements and relevant Teams allocated for the same. Managing predominantly offshore engagements and relevant PwC Territory teams. Ensure client service delivery in accordance with the quality guidelines & methodologies. Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties Client Management Develop strong working relationships with the client and onshore client teams. Maintain excellent rapport and proactive communication with the stakeholders and client. Operational Excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Ensure compliance with engagement plans and internal quality & risk management procedures. People Related Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives Minimum Qualifications Bachelor’s degree in Information Systems, Computer Science Engineering, or Finance Preferred B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA Experience in technology audit, risk management, compliance, consulting, or information security Excellent knowledge of IT General Controls, automated and security controls. Knowledge of security measures and auditing practices within various operating systems, databases, and applications Experience in auditing financial applications, cyber security practices, privacy, and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud) Experience designing continuous auditing and monitoring tools and techniques is a plus. Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC) Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients Knowledge of regulations impacting privacy, integrity, and availability of clients PII. Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS) Understanding of audit concepts and regulations Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework Candidates with 3-5 years of relevant experience in similar role, preferably with a “Big 4” or equivalent Chartered Accountant (would be added advantage) Certification(s) Preferred CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

TCS is conducting in-person interview drive for Hyderabad, Bangalore, Chennai, Mumbai, Noida, Kolkata and Pune. NOTE: Candidate interested in WALK-IN DRIVE must apply TCS is hosting an Walk-In Interview Drive on Saturday, 5th July we’d like to invite you to join us! This is a great opportunity to explore exciting career opportunities with us and meet our hiring team face-to-face. Role **: GRC Analyst / Consultant Desired Skill Set: C ybersecurity risk assessment, Control testing and Compliance audits Experience Range: 4-10yrs & 10+yrs Joining Location: PAN India Venue : Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida TCS Yamuna, First floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata TCS Gitanjali Park | IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India Pune Tata Consultancy Services, Sahyadri Park SP1, S3 Builiding, Rajiv Gandhi Infotech Park, Hinjewadi Phase 3, Pune – 411057 Job Description: Technical: Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001) SOX Testing for IT Controls IT Compliance audits Vendor Risk Assessments Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures. Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls Non-Technical: Analytical thinker Collaborative team player Eexcellent written and verbal communication Capable of bridging the gap between business demands and cybersecurity requirements Ability to articulate cybersecurity risks in business terms Demonstrable knowledge of information security standards, data security practices and procedures Understanding of the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols Requires demonstrable knowledge of security principles to a diverse range of risk scenarios to coordinate acceptable solutions between business needs, technology operations, and information security best practices Good-to-Have Familiarity with GRC Tools (RSA Archer, ServiceNow GRC) Certifications like CISA, CISSP, CISM, CRISC etc.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About PhonePe Group: PhonePe is India’s leading digital payments company with 50 crore (500 Million) registered users and 3.7 crore (37 Million) merchants covering over 99% of the postal codes across India. On the back of its leadership in digital payments, PhonePe has expanded into financial services (Insurance, Mutual Funds, Stock Broking, and Lending) as well as adjacent tech-enabled businesses such as Pincode for hyperlocal shopping and Indus App Store which is India's first localized App Store. The PhonePe Group is a portfolio of businesses aligned with the company's vision to offer every Indian an equal opportunity to accelerate their progress by unlocking the flow of money and access to services. Culture At PhonePe, we take extra care to make sure you give your best at work, Everyday! And creating the right environment for you is just one of the things we do. We empower people and trust them to do the right thing. Here, you own your work from start to finish, right from day one. Being enthusiastic about tech is a big part of being at PhonePe. If you like building technology that impacts millions, ideating with some of the best minds in the country and executing on your dreams with purpose and speed, join us! Job Role / Responsibilities Perform internal audits and process reviews for functions to assess the adequacy, effectiveness and efficiency of the established internal controls and procedures Lead and perform control design assessments; Lead walkthroughs, identifying controls in the processes/ functions/ products/services, etc. Identify key areas of risk within processes and propose appropriate controls with the objective of mitigating the risks and increasing efficiency Responsible for operational testing of the controls (test scripts), including validation procedures. Evaluate the testing scripts on a regular basis to ensure changes are incorporated Evaluate the corrective action plans received from reviewee for appropriateness and/or Sufficiency. Collaborate with relevant functions to ensure timely closure of corrective action plans. Report on status of implementation of management action plans Work with 2nd line of defence Compliance functions to align audit activity Demonstrate skills to lead auditors, remain flexible, prioritize and maintain a strong attention to detail in a fast-paced environment. Strong collaboration and project management skills to complete quality work on the time with budgeted resources. Essential Skills & Qualification Bachelor’s degree with focus on Information Systems required Sound understanding of control environment, compliance and risk frameworks such as CoBIT; COSO; ISO standards, etc. Minimum 4+ years of experience in relevant field Working knowledge and experience in SOX programs / IT systems/ General Computer controls / Cybersecurity. Etc Experience in performing Technology Audits / IT Operations reviews / Integrated Audits Effective Verbal and Written Communication Skills Be able to work in a fast-paced role with competing priorities. Adaptable to project requirements and does what is required to get the job done Demonstrate ability for seamless execution, continuous improvement and problem solving Preferred Skills & Qualification Experience in BFSI / FinTech companies Experience integrating data analytics in audits Big 4 experience Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

Location: Hyderabad, Telangana Time type: Full time Job level: Associate Job type: Regular Category: Technology Risk Services ID: JR113398 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. As an associate in RSM’s growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Responsibilities include Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements. Qualifications B.Tech/MCA/MBA with ISO 27001 Lead Auditor and up to 2 years of relevant experience in Information Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, and IT Application Controls. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL etc.) Qualified to pursue a job-relevant certification (CIA, CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (Vlookups, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Location: Gurugram, Haryana Time type: Full time Job level: Senior Associate Job type: Regular Category: Risk Consulting ID: JR113578 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. independent accounting, tax and consulting firms. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. The ERP, Risk and Automation Services (ERAS) Consulting practice, assists with various consulting, internal, and external audit clients by bringing in-depth ERP, automation, and data analytics skills where needed. The practice performs security and controls designs/assessments, complex data analytics, GRC automation/implementation, security role design, security managed services, segregation of duties assessments, as well as ERP implementation risk reviews. We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are in search of a candidate with an experience in SAP technologies who has experience scoping, supervising, and executing ERP security & controls, segregation of duties assessments, security role designs, GRC implementations, and operationalizing user access management. Qualification and Minimum Entry Requirements Bachelor or Master degree with a minimum of 4-5 years of professional experience in public accounting or relevant compliance industry experience Deep understanding of business processes and controls in SAP (various versions). Preferred secondary ERP of similar skills ERP implementation experience; functional SAP background is a plus Broad industry experience or deep expertise in a specific industry Minimum 4-7 years in SAP, audit, internal audit, or internal control roles Experience working with SAP S/4 HANA is a plus Technical knowledge of controls monitoring/auditing tools such as SAP GRC, GRC Control Panel, ERP Maestro, or other tools such as ACL, Tableau, Alteryx, a plus Experience working with clients in multiple industry's Experience training others on ERP controls and security knowledge Experience with SOX, COSO, COBIT and other related IT controls methodology and frameworks, such as ISO, NIST, HIPAA, or FDA is a plus. Experience with risk and controls for S/4 HANA and HANA database/platform preferred Candidate should have CISA/CA/SAP certification Candidate with CIA, CISSP, CPA will be preferred Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments Excellent verbal, written, interpersonal communication (English) as the position requires frequent communications with RSM International clients Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Execute SAP ERP engagements, specifically related to audit, risk and control related issues highly visible ERP clients. Execute SAP IT automated controls (ITACs), IT general controls (ITGCs), and Key Report assessments, SAP security role and configuration reviews, SAP Implementation Risk Assessments, SAP SOD assessments, and other ERP services as needed Execute testing of SAP application control design and effectiveness; validate test scripts and review results Handle multiple client projects while contributing to internal initiatives (talent, practice, business development) Help to maintain our multiple segregation of duties tools and revise security rulesets Execute SAP security role and user security managed services support. Execute SAP security role build and testing activities. Proactively driving the continued maturation and industrialization of our current SAP Security methodology, associated work programs, accelerators, and testing procedures. Provide first choice advisor experience to existing clients while working to maximize client value Ability to exceed client expectations in a sophisticated consulting or accounting firm environment Develop and maintain strong relationships with centers of influence and professionals Understand their impact and contribute to the fundamentals of practice (i.e. realization, utilization, resource leverage) Engage with automation, analytics, and business/application control specialists to address SAP risk management needs in a holistic manner. Professionally presents themselves at all times at the office and the client’s meetings. This includes but is not limited to appearance, communication, and actions. Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT Risk Management) The opportunity: your next adventure awaits. Are you a tech-savvy professional with a risk mindset who is passionate about building a better working world through the power of people, technology, and innovation? We have an incredible opportunity for you to join our dynamic Protech Tech team and make a real impact in the rapidly evolving world we live in. Within Risk Consulting, you will focus in the areas of areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, IT and Digital Transformations (including ERP and Cloud transformations), while enabling technology to better manage risk. As a member of our team, you will have the chance to work with industry leaders and help transform businesses by tackling the most complex challenges with our clients. This is client-facing role in a rapidly growing practice, where you’ll build client relationships with key stakeholders, including management executives for some of the most globally recognized brands. It makes this the perfect place to gain a deeper understanding of complex businesses transactions, all the while recommending solutions to some of the most pressing business challenges and process inefficiencies. You will also team up with our global professionals in multidisciplinary engagements, helping major global clients transform and sustain business performance. You will be leveraging emerging technologies like AI, ML, to build and enhance new solutions and actively work in building multiple tools and assets for efficient and effective client delivery. By plugging into our market-leading global network, you'll gain the experience you need to become an exceptional IT Risk Advisor To qualify for the role, you must have Chartered accountant (CA) or Master’s degree in management, Information Systems/ Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline Passion for technology and an ardent desire to work in risk management. Minimum 3-4 years of a “Big 4” or professional firm or professional industry experience in risks & controls, with more than 5 years of experience in IT Risk Management, IT Regulatory Compliance, IT Audit and IT Transformation Risk areas such as: Identification of strategic, IT & business risks and Identify control gaps, weaknesses and areas of improvements. Design of IT Risk Controls frameworks and RACMs Design and Implementation of IT general controls, IT application controls, Business Process controls, etc. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. Understanding of IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) Cognitive problem-solving capabilities, quick decision-making skills and ability to handle complex situations with a calm demeanor Exceptional interpersonal, written, and verbal communication skills Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines. Globally mobile and flexible to travel to onsite locations. Team player with strong interpersonal skills Ability to think differently and innovate EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Location: Gurugram, Haryana Time type: Full time Job level: Senior Associate Job type: Regular Category: Transaction Advisory ID: JR112911 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 2-3 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain applications implementation experience; functional expertise in IT and supporting front/back-office operations preferred At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Location: Gurugram, Haryana Time type: Full time Job level: Senior Associate Job type: Regular Category: Risk Consulting ID: JR113580 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM USI is a member of RSM International, the sixth largest global network of independent accounting, tax and consulting firms. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. The ERP, Risk and Automation Services (ERAS) Consulting practice, assists with various consulting, internal, and external audit clients by bringing in-depth ERP, automation, and data analytics skills where needed. The practice performs security and controls designs/assessments, complex data analytics, security role design, security managed services, segregation of duties assessments, as well as ERP implementation risk reviews. We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are in search of a candidate with an experience in Oracle technologies who has experience scoping, supervising, and executing ERP security & controls, segregation of duties assessments, security role designs, and operationalizing user access management. Qualification and Minimum Entry Requirements Bachelor or Master degree with a minimum of 4-5 years of professional experience in public accounting or relevant compliance industry experience Deep understanding of business processes and controls in Oracle (various versions). Preferred secondary ERP of similar skills ERP implementation experience; functional Oracle background is a plus Broad industry experience or deep expertise in a specific industry Minimum 4-7 years in Oracle, audit, internal audit, or internal control roles Technical knowledge of controls monitoring/auditing tools such as fastpath, ACL, Tableau, Alteryx, a plus Experience working with clients in multiple industry's Experience training others on ERP controls and security knowledge Experience with SOX, COSO, COBIT and other related IT controls methodology and frameworks, such as ISO, NIST, HIPAA, or FDA is a plus. Candidate should have CISA/CA certification Candidate with CIA, CISSP, CPA will be preferred Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments Excellent verbal, written, interpersonal communication (English) as the position requires frequent communications with RSM International clients Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Execute ERP Oracle engagements, specifically related to audit, risk and control related issues highly visible ERP clients. Execute Oracle IT automated controls (ITACs), IT general controls (ITGCs), and Key Report assessments, Oracle security role and configuration reviews, Oracle Implementation Risk Assessments, Oracle SOD assessments, and other ERP services as needed Execute testing of Oracle application control design and effectiveness; validate test scripts and review results Handle multiple client projects while contributing to internal initiatives (talent, practice, business development) Help to maintain our multiple segregation of duties tools and revise security rulesets Execute Oracle security role and user security managed services support. Execute Oracle security role build and testing activities. Proactively driving the continued maturation and industrialization of our current Oracle Security methodology, associated work programs, accelerators, and testing procedures. Provide first choice advisor experience to existing clients while working to maximize client value Ability to exceed client expectations in a sophisticated consulting or accounting firm environment Develop and maintain strong relationships with centers of influence and professionals Understand their impact and contribute to the fundamentals of practice (i.e. realization, utilization, resource leverage) Engage with automation, analytics, and business/application control specialists to address Oracle risk management needs in a holistic manner. Professionally presents themselves at all times at the office and the client’s meetings. This includes but is not limited to appearance, communication, and actions. Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Location: Gurugram, Haryana Time type: Full time Job level: Supervisor Job type: Regular Category: Transaction Advisory ID: JR112904 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Manage and develop members of the RSM USI team. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Expertise and working knowledge of infrastructure management, network architecture, virtualization, application and data hosting architectures (data center, on-premise, public cloud), and business continuity/disaster recovery (BCDR) best practices. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Exposure to various sectors such as financial services, healthcare, life sciences, power and utility, energy, retail and hospitality, business services and technology. An experience across a wide spectrum of IT and security pillars including IT Strategy, Infrastructure, Business Applications, Cybersecurity, Spend Analysis, etc. Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner. Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 4-7 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Deal experience with onshore team including data room management, document request list preparation, management meeting preparation, workbook analysis, quality of earnings, due diligence reports, client calls and engagement team calls. Experience with post-acquisition/carve-out integration and separation related engagements. Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain application implementation experience; functional expertise in IT and supporting front/back-office operations preferred IT and cyber related certifications (CISSP, CISM, HITECH, PCI DSS QSA, CEH, Azure, AWS) At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior IT Solution Architect is an advanced subject matter expert with cross domain technology level knowledge. This role is accountable for creating integrated solutions and collaborates and supports the architectural consulting function in architecting complex client solutions. The primary objective of this role is to ensure the optimal functioning of an entity’s IT application software and infrastructure by outlining complex solution architecture descriptions across domains, functions and industries, then monitoring and governing the implementation. The Senior IT Solution Architect creates the roadmap, architecture and blueprints for the full solution set and defines efficient and coherent solutions to enable capability building blocks at the desired level of maturity for a domain or value stream. Key responsibilities: Defines solutions or products to deliver capability at a specific level of maturity and ensures that solutions are agile and scalable and can be integrated into the overall architecture. Designs and communicates high level structure to enable and guide the design and development of integrated solutions that meet current and future business needs. Uses client business requirements to advise on the design, deployment and operation of application infrastructures. Creates designs that provide holistic views, but also contain the details of the components and interconnections between components. Involved with projects at the time of inception and is involved along with the project manager in the planning and governance of projects and the functional analysis (FA) of developing the initial requirements. Works with enterprise architects to define how the proposed solution components will fit into the enterprise data architecture, defining clear Release-Roadmap that improve on existing solutions, use of new technologies and methodologies to seek continual improvement for existing systems. Manages the proof of concept (POC)/prototypes to validate new solutions, tools and methods initiatives. Researches and investigates emerging infrastructure technologies and the best practices associated with these trends. Contribute to the improvement of internal effectiveness by contributing to improving current methodologies, processes and tools. Supports the internal or vendor-based Installation and configuration of application. Performs any other related task as required. To thrive in this role, you need to have: Advanced ability to construct complex solutions using their expertise of more of the function's offerings. Advanced knowledge of multi-technology software, OS’s and infrastructure design best practices in a variety of hardware platforms including mainframes, distributed platforms, desktops, and mobile devices. Advanced multi-layered knowledge of reference architectures. Advanced knowledge of project management principles. Advanced knowledge of vendor roadmaps, new developments and new product offerings Analytical in their approach. Excellent interpersonal and communication skills to effectively interact with a variety of stakeholders. Ability to share and communicate ideas clearly, both orally and in writing, to executive staff, business sponsors, and technical resources in clear concise language. Displays strategic thinking ability coupled with good business acumen. Academic qualifications and certifications: Bachelor’s degree or equivalent in Information Technology or related field. TOGAF / COBIT or related certification preferred. Scaled Agile certification is beneficial. Required experience: Advanced experience gained in multiple industries and across several disciplines. Advanced experience with software development process or Systems Development Life Cycle (SDLC) projects. Advanced experience working as a senior solution architect in a global IT services provider organization. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT Risk Management) The opportunity: your next adventure awaits. Are you a tech-savvy professional with a risk mindset who is passionate about building a better working world through the power of people, technology, and innovation? We have an incredible opportunity for you to join our dynamic Protech Tech team and make a real impact in the rapidly evolving world we live in. Within Risk Consulting, you will focus in the areas of areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, IT and Digital Transformations (including ERP and Cloud transformations), while enabling technology to better manage risk. As a member of our team, you will have the chance to work with industry leaders and help transform businesses by tackling the most complex challenges with our clients. This is client-facing role in a rapidly growing practice, where you’ll build client relationships with key stakeholders, including management executives for some of the most globally recognized brands. It makes this the perfect place to gain a deeper understanding of complex businesses transactions, all the while recommending solutions to some of the most pressing business challenges and process inefficiencies. You will also team up with our global professionals in multidisciplinary engagements, helping major global clients transform and sustain business performance. You will be leveraging emerging technologies like AI, ML, to build and enhance new solutions and actively work in building multiple tools and assets for efficient and effective client delivery. By plugging into our market-leading global network, you'll gain the experience you need to become an exceptional IT Risk Advisor To qualify for the role, you must have Chartered accountant (CA) or Master’s degree in management, Information Systems/ Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline Passion for technology and an ardent desire to work in risk management. Minimum 3-4 years of a “Big 4” or professional firm or professional industry experience in risks & controls, with more than 5 years of experience in IT Risk Management, IT Regulatory Compliance, IT Audit and IT Transformation Risk areas such as: Identification of strategic, IT & business risks and Identify control gaps, weaknesses and areas of improvements. Design of IT Risk Controls frameworks and RACMs Design and Implementation of IT general controls, IT application controls, Business Process controls, etc. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. Understanding of IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) Cognitive problem-solving capabilities, quick decision-making skills and ability to handle complex situations with a calm demeanor Exceptional interpersonal, written, and verbal communication skills Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines. Globally mobile and flexible to travel to onsite locations. Team player with strong interpersonal skills Ability to think differently and innovate EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT Risk Management) The opportunity: your next adventure awaits. Are you a tech-savvy professional with a risk mindset who is passionate about building a better working world through the power of people, technology, and innovation? We have an incredible opportunity for you to join our dynamic Protech Tech team and make a real impact in the rapidly evolving world we live in. Within Risk Consulting, you will focus in the areas of areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, IT and Digital Transformations (including ERP and Cloud transformations), while enabling technology to better manage risk. As a member of our team, you will have the chance to work with industry leaders and help transform businesses by tackling the most complex challenges with our clients. This is client-facing role in a rapidly growing practice, where you’ll build client relationships with key stakeholders, including management executives for some of the most globally recognized brands. It makes this the perfect place to gain a deeper understanding of complex businesses transactions, all the while recommending solutions to some of the most pressing business challenges and process inefficiencies. You will also team up with our global professionals in multidisciplinary engagements, helping major global clients transform and sustain business performance. You will be leveraging emerging technologies like AI, ML, to build and enhance new solutions and actively work in building multiple tools and assets for efficient and effective client delivery. By plugging into our market-leading global network, you'll gain the experience you need to become an exceptional IT Risk Advisor To qualify for the role, you must have Chartered accountant (CA) or Master’s degree in management, Information Systems/ Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline Passion for technology and an ardent desire to work in risk management. Minimum 3-4 years of a “Big 4” or professional firm or professional industry experience in risks & controls, with more than 5 years of experience in IT Risk Management, IT Regulatory Compliance, IT Audit and IT Transformation Risk areas such as: Identification of strategic, IT & business risks and Identify control gaps, weaknesses and areas of improvements. Design of IT Risk Controls frameworks and RACMs Design and Implementation of IT general controls, IT application controls, Business Process controls, etc. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. Understanding of IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) Cognitive problem-solving capabilities, quick decision-making skills and ability to handle complex situations with a calm demeanor Exceptional interpersonal, written, and verbal communication skills Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines. Globally mobile and flexible to travel to onsite locations. Team player with strong interpersonal skills Ability to think differently and innovate EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.