569 Cobit Jobs - Page 21

Pro-active communication approach with local AZT / AZS entity colleagues, especially building strong relationships with other key / safeguarding functions Actively supports the implementation of the Risk Policy Framework (Risk Policy, Risk Strategy, NFRM policy) and Control Assurance Report. Support running Risk Reporting in time and quality, report of any material risk management related information to relevant stakeholders Support timely execution of the risk management lifecycles (NFRM, ERM, SoG) and drive for full compliance with AZ Technology Risk Framework (Risk Policy, Risk Strategy, NFRM Policy). Support implementation and coordinate Top & Emerging Risk assessments process. Support maintenance of an oversight on IT RM - ARA coverage (having strong interaction with Local ISO). Coordinate activities with other safeguarding functions, in particular Data Privacy, Information Security, TPRM, Protection & Resilience, Compliance, Legal. Have a coordinated view on risks. Coordinate risk assessments supporting the business in control implementation, documentation and performance, development of mitigation plans and its follow up. Perform project risk assessments reviews and decisions in the relevant tool, in an accurate and timely manner. Keep up to date RM tools (ServiceNow and ORGS), ensure consistency between what is reported in the systems and reality. Keep up to date the Regions MS Teams Repository. Support the timely delivery and high quality of the Control Assurance Report and other related audit reports by emphasizing on the comprehensive coverage, quality and effectiveness of the internal control system. Support awareness sessions in the location, and with the OE to explain the CAR results. Support the NFRM Testing Plan with the execution of 2nd LoD testing activities, and coordination of updated testing dates (working with Internal Audit, external audit plans, and compliance, as necessary). Qualification, Experience, Technical and Functional Skills Degree holder Relevant Certifications like C-Risk, ISO 31000 Certified Risk Management, COBIT Multi-year professional experience in different areas of IT risk management or other safeguarding functions. Experience in IT Risk management,. ISO, IT Security etc Good understanding of the risk categories: operational risk, IT risk, project risk, third party risk, business risk. Good knowledge of supplier relationships and outsourcing management Basic knowledge of local regulatory environment and standards like: COBIT 2019, COSO, and ISAE/SOC Strong communication and conflict management skills Advanced skills in MS Office, knowledge of ORGS, SNOW is a plus Fluent in English (oral and written) Ability to work in an international team in a global set-up

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Area: Finance & Accounting Group, Finance & Accounting Group > IT Internal Audit Qualcomm Overview: Qualcomm is a company of inventors that unlocked 5G ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. General Summary: Unique opportunity to join Qualcomms Corporate Internal Audit & Advisory Services department within the SOX Program Management Office (PMO) organization to support the IT SOX 404 and 302 Compliance efforts. The departments activities and services focus on assisting the Audit Committee of the Qualcomm Board of Directors and Management in the evaluation and improvement of processes that identify and manage risks related to achieving Qualcomms business objectives. Key responsibilities include: Lead the IT SOX 404 risk assessment and scoping exercise, execute the process and control walkthroughs, assess the design of controls, develop and enhance comprehensive test plans, and perform independent testing Perform deficiency root cause analyses and assist management with the development of remediation plans Offer effective supervision to, and review the work of other auditors, including the companys co-sourcing audit partners Collaborate with Qualcomm management to identify financial risks, assess business impacts, and present potential solutions (leading practices) As a key member of the SOX PMO, the successful candidate will be a primary interface between IT management and the external auditors to provide guidance, support, training, and project management Collaborate with the external auditors in the planning and execution of SOX 404 requirements and ensure all deadlines are met with high quality deliverables Participate and assists in ad-hoc projects such as system implementations when needed Three to seven years of recent relevant professional experience in IT SOX compliance for a fast-paced global company or a public accounting firm ("Big 4" or mid-tier). Prior SOX PMO experience preferred. Independent and adaptable team player with strong project management skills to comfortably lead and conduct multiple significant projects and tasks with quality, accuracy, and attention to detail. Strong critical thinking with sound judgment and decision-making skills. Self-motivated, positive, and professional attitude. Exceptional prioritization, organization, and time-management skills to consistently meet deadlines with quality deliverables in a fast-paced environment. Strong interpersonal skills (including oral and written communications) with the ability to lead all related interactions with various levels of the organization including middle and senior management. Excellent understanding of internal controls, frameworks (COSO, COBIT), fundamental audit methodology, SOX 302 and 404 requirements. Strong ability to understand IT and business process risks and related controls Experienced with leading practices for business processes, financial accounting, and reporting risks to ensure compliance with GAAP and external reporting requirements Delivers high-quality work products (form and substance) including the ability to prepare written documents (e.g., work papers, PowerPoint presentations, audit reports, etc.) that clearly lay out key messages Professional Certifications (e.g., CPA, CISA, CIA preferred) ERP experience with Oracle EBS a plus Semiconductor business experience or familiarity Fluent English; multi-lingual capability is a plus Strong communication (oral and written) and presentation skills Fast learner with strong, organization, analytical, critical thinking, and problem-solving skills Ability to work in flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously, and multi-task to meet deadlines with high-quality deliverables Bachelor's degree in Accounting, Business Administration, Management Information Systems, or related field. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail myhr.support@qualcomm.com or call Qualcomm's toll-free number found here . Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 2-3 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain applications implementation experience; functional expertise in IT and supporting front/back-office operations preferred At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Manage and develop members of the RSM USI team. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Expertise and working knowledge of infrastructure management, network architecture, virtualization, application and data hosting architectures (data center, on-premise, public cloud), and business continuity/disaster recovery (BCDR) best practices. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Exposure to various sectors such as financial services, healthcare, life sciences, power and utility, energy, retail and hospitality, business services and technology. An experience across a wide spectrum of IT and security pillars including IT Strategy, Infrastructure, Business Applications, Cybersecurity, Spend Analysis, etc. Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner. Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 4-7 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Deal experience with onshore team including data room management, document request list preparation, management meeting preparation, workbook analysis, quality of earnings, due diligence reports, client calls and engagement team calls. Experience with post-acquisition/carve-out integration and separation related engagements. Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain application implementation experience; functional expertise in IT and supporting front/back-office operations preferred IT and cyber related certifications (CISSP, CISM, HITECH, PCI DSS QSA, CEH, Azure, AWS) At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Control Tester - Associate - Risk & Resiliency Management Profile Description We are seeking for a junior who is accountable for executing and documenting control testing which must stand up to high-quality expectations, as well as project management of control testing reviews from start to finish. CDRR_Technology The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Firm Resilience Firm Resilience leads and coordinates initiatives to proactively prepare the Firm to be resilient against operational threats as well as identify and manage material operational risk. Risk & Resiliency Management This is Associate position that Identifies, assesses, and mitigates risks to ensure operational continuity and resilience in the face of potential threats or disruptions that could impact the organization, plus management of ongoing incidents. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. At Morgan Stanley India, we support the Firm’s global businesses, with critical presence across Institutional Securities, Wealth Management, and Investment management, as well as in the Firm’s infrastructure functions of Technology, Operations, Finance, Risk Management, Legal and Corporate & Enterprise Services. Morgan Stanley has been rooted in India since 1993, with campuses in both Mumbai and Bengaluru. We empower our multi-faceted and talented teams to advance their careers and make a global impact on the business. For those who show passion and grit in their work, there’s ample opportunity to move across the businesses for those who show passion and grit in their work. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on… What You’ll Do In The Role Roles and Responsibilities Planning Reviews Support the Review Lead in kick-off meetings with PCOs and Risk Officers to review scope, timeline, and approach. Schedule walkthroughs with control contacts, document walkthrough takeaways, send follow-up requests for artifacts. Develop draft test procedures for each control after walkthroughs or peer-review test procedures developed by another control tester. Address feedback from Review Lead or peer reviews. Executing Reviews Create evidence request list from final set of test procedures and communicate requests to stakeholders. Stay on top of evidence requests, including following up with reminders when needed. Review evidence upon receipt and escalate quality concerns to Review Lead if needed. Document workpapers and evidence per control using the ITCT workpaper template. Perform a critical self-review of workpapers or perform a QA review over the workpapers of a peer. Address feedback from Review Lead or peer reviews. Reporting Review Results and Managing Risk Issues Escalate potential risk issues to the Review Lead as soon as possible. Develop draft issue descriptions and determine a draft risk rating for potential issues using the Risk Level Standard. Support the Review Lead during issue confirmation discussions with control contacts. Document draft results reports and/or peer-review the draft report of another. Help the Review Lead to address comments from 2/3 LOD. Create and monitor risk issues in OpenPages. Closure-verify issues in OpenPages once remediated. Project Management Of Reviews Complete responsibilities described above in line with milestone dates agreed upon with the Review Lead. Regularly provide the ITCT Review Lead with status updates on ongoing activities, escalating concerns on meeting milestones to the Review Lead when necessary. Updating the ITCT Master Tracker on a twice weekly basis. What You’ll Bring To The Role Desired Skills / Experience Working knowledge of key Technology, Information Security, and Cybersecurity concepts (e.g., data security, identity and access management, network security, change management, etc.) Understanding of relevant regulations and industry standards (e.g., ISO 27001, COBIT, NIST, etc.) including principles and key concepts related to risk assessment, controls, and testing. Working knowledge of technology applications and infrastructure (e.g., server, network, platform desktop environment) and ability to identify risk and controls. Ability to employ process-based thinking to effectively obtain, analyze, and interpret information, identify root causes of problems, and draw logical conclusions. Excellent written and verbal communication skills. Good organizational skills with diligence and ability to manage multiple priorities. Proficient use of Microsoft Excel and other Microsoft Office products Required Education: Bachelor's degree. Minimum 2 years relevant risk experience from roles in any of the following: Audit (internal or external), Risk Officer / Information Security Officer, Technology Risk Governance / Consulting, Regulatory agencies What You Can Expect From Morgan Stanley We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work. Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents. Show more Show less

Details: Job Description *Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives* About Stefanini Group The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like Americas, Europe, Africa and Asia, and more than 400 clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting, company with global presence. We are CMM Level 5 company. Role Description: The Information Security team member will augment the Supply Chain Security team and play an integral part in the development, implementation, and compliance of technical security across the enterprise. The candidate will be key contributor to ongoing security assessments of third-party tools and products and will regularly act as a voice of Information Security to business teams and management, building cyber security confidence in support of business development and governance processes. Responsibilities: Perform focused risks assessments of existing or new service providers, and technologies being introduced into the firm's technology environment Provide governance and oversight over existing and new SaaS and IaaS products Influence the overall direction for securing infrastructure, applications and third parties service providers for the firm Communicate risk assessment findings to information security stakeholders or business partners and influences the risk mitigation Provide consultative advice to information security customers that enables them to make informed risk management decisions Performing assessments of new and existing Internet of Things (IoT) Deployments Identify appropriate controls to effectively manage information risks as needed Identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Support the documentation of Information Security Policies and Standards Security assessments of third-party software packages deployed on machines Perform vulnerability impact analysis of newly identified vulnerabilities of the firm's critical service providers Candidates Will Be Evaluated Based On Their Ability To Perform The Duties Listed Above While Demonstrating The Skills And Competencies Necessary To Be Highly Effective In The Role. These Skills And Competencies Include: Strong documentation and process-oriented background with experience working on complex technology projects An ability to effectively influence others to account for the plans and collaborative behaviors for results An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners in a way that influences optimum risk mitigation Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to react to high pressure dynamic changing environments Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization An ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches A discipline and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations Job Requirements Details: Experience: Degree in Business, Computer Engineering, Computer Science, Information Security, or a related field Working knowledge of data analysis techniques, including Excel, Python and basic SQL skills Experience with agile project management Knowledge of Azure security, AWS security, web security, including API and token security 5+ years Information Security experience 3+ years with risk advisory and senior management communication, metrics, collaboration to drive risk-based results 3+ years of experience with documenting, project management, written analysis for Information Security risk assessments 3+ years of experience in an Enterprise Risk Management and/or assessing controls within a Technology and/or Financial Services firm Experience with information security management frameworks (e.g., IS027001, COBIT, NIST 800) Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) AWS, GCP, or Azure security certifications are a plus Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Job Description Main purpose of the job and key background information Professional responsibilities for this manager position include but are not limited to: Applying internal control principles and technical knowledge, including Application Controls and IT General Controls; Developing and/or supervising the execution of detailed audit work plans for the IT audit component of the IA team through resource allocation, stakeholder coordination and quality review; Managing the identification of key risks and controls, including evaluation of control design; Evaluation of operational effectiveness of IT System Controls, utilizing appropriate testing techniques and professional skepticism; Providing regular status reports to IA management and internal clients/stakeholders, when necessary, to keep relevant parties informed of progress and potential issues; Assessing audit results, translating findings into level of risk, to produce meaningful insights and recommendations; Communicating risk findings, verbally and written, to clients in a pragmatic and helpful manner; Driving follow up and remediation of reported issues in a timely manner; Building meaningful relationships with clients through client engagements and networking; Managing and delivering against deadlines while working on multiple projects; Participating in development and delivery of training curriculum; and Coaching team members and reviewing their work. Requirements These should include essential and desirable requirements such as: Level of experience Education/qualifications Industry experience Technical capability Sales/BD capability Metrics Key personal attributes Consulting experience Minimum Years Of Experience 5+ year(s) of external/ internal audit experience (big four experience is preferred) Minimum Degree Required Bachelor’s or master’s degree in accounting, Management Information Systems, Computer Science, Engineering or business related field Preferred Certifications CISA, CISM, CISSP, CA and/or CIA Preferred Knowledge/ Skills Demonstrates extensive knowledge and/or proven record of success in the following areas: Security and controls for various on-premise and cloud-based technologies; Control standards (COSO, COBIT), control testing strategies; Public accounting practices and internal audit processes i.e., technology and tools for planning, testing and reporting; IT general controls concepts in the areas of system development, change management, computer operations and access to programs; Identifying and assessing business process controls and linkage to IT systems; and, IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, investigations and ethics. Additionally, candidates should have excellent communication (written and verbal) skills and should be able to work with global teams independently with minimal supervision. Additional Information Flexible work hours are required to align with US and UK hours as agreed upon. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Summary Position Summary ServiceNow Developer — Senior Solution Advisor Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies . Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 – ID#US50463423 Work you will do As a Senior Consultant in Governance, Risk, and Compliance ( GRC )/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients . This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place. This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust As a Consultant, you would be expected to perform the following activities: Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse. Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience. Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations; Utilize GRC tools to automate risk management and compliance monitoring tasks. Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries. Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen. Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo. Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes. Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements. Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram. Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready. The team Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloitte’s Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust. Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in thisrole. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tool’s capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions. Required: Education: Bachelor’s degree in Computer Science/ Information Technology, or a related field. Experience: Minimum of 7-10 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy. Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust. Gathering and documenting business requirements and identifying gaps within existing systems and processes. Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.). Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust. Experience on Privacy Enhancement and Automation tools such as OneTrust. Proficient in risk management processes and compliance regulations. Proven experience in GRC, particularly within a consulting environment. Proficiency with scripting language in implementing API integrations with external system Must have development experience in more than 2- 3 projects from scratch to till go-live Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc. Strong analytical and problem-solving skills. Excellent interpersonal and communication skills, capable of working effectively with clients and team members. Flexibility in work hours may be necessary to meet project deadlines and client needs. Preferred: Education: Master’s degree in Business Administration, Cyber Security or a related field GRC Certifications: ServiceNow CSA, Archer Administrator Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302575 Show more Show less

Summary Position Summary ServiceNow Developer — Senior Solution Advisor Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies . Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 – ID#US50463423 Work you will do As a Senior Consultant in Governance, Risk, and Compliance ( GRC )/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients . This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place. This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust As a Consultant, you would be expected to perform the following activities: Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse. Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience. Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations; Utilize GRC tools to automate risk management and compliance monitoring tasks. Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries. Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen. Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo. Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes. Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements. Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram. Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready. The team Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloitte’s Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust. Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in thisrole. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tool’s capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions. Required: Education: Bachelor’s degree in Computer Science/ Information Technology, or a related field. Experience: Minimum of 7-10 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy. Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust. Gathering and documenting business requirements and identifying gaps within existing systems and processes. Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.). Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust. Experience on Privacy Enhancement and Automation tools such as OneTrust. Proficient in risk management processes and compliance regulations. Proven experience in GRC, particularly within a consulting environment. Proficiency with scripting language in implementing API integrations with external system Must have development experience in more than 2- 3 projects from scratch to till go-live Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc. Strong analytical and problem-solving skills. Excellent interpersonal and communication skills, capable of working effectively with clients and team members. Flexibility in work hours may be necessary to meet project deadlines and client needs. Preferred: Education: Master’s degree in Business Administration, Cyber Security or a related field GRC Certifications: ServiceNow CSA, Archer Administrator Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302575 Show more Show less

Job Summary The Internal Auditor II will coordinate, budget, and execute audit plans designed to identify risk, to mitigate loss, and to protect the people, assets, and cash flow of the company. Essential Duties And Responsibilities Assist manager to develop audit scope using risk assessment techniques. With appropriate approval, create or revise audit programs where necessary to accomplish audit objectives. Coordinate and lead site and project reviews (time and resource budgeting) with the Internal Audit Manager, external auditors, and regulatory agencies. Conduct audits in accordance with approved audit programs while effectively managing time budgets. Prepare audit workpapers documenting each audit step in the audit program. Ensure information is presented clearly, concisely, accurately, in a logical format, and has appropriate audit conclusions. Express ideas and information in a clear and concise manner. Prepare written presentations to management at the conclusion of an audit, discussing deficiencies, recommending corrective actions, and suggesting improvements in internal controls. Maintain updated knowledge of rules, regulations, and standards in the fields of internal audit, accounting, information technology and/or other related matters of interest to the department. Provide timely feedback to the in-charge or Internal Audit Manager about the status of the audit and as issues arise. Elevate real and emerging business control issues/problems to the Internal Audit Manager and local management if needed. Educate functional management in business risk concepts and suggest cost effective approaches to mitigate risk. Complete periodic education to stay informed of emerging issues and maintain a degree of professionalism. Review and compliment external auditing roles and practices. Train and educate other auditors in knowledge of audits using the COSO and/or CobIT frameworks. Demonstrate understanding of Jabil’s goals & business strategy and key industry trends and issues in the markets. Use internal and external data to understand the underlying causes / drivers of issues and opportunities. Gain a basic understanding of the roles and processes of other functional departments. Ability to travel internationally. Adhere to all safety and health rules and regulations associated with this position and as directed by supervisor. Comply and follow all procedures within the company’s various administrative policies including but not limited to security and non-disclosure policies. Ensure all sensitive and confidential information is handled appropriately. May perform other duties and responsibilities as assigned. Job Qualifications KNOWLEDGE REQUIREMENTS Understanding of internal audit standards, procedures, techniques, risk assessment practices, and frameworks such as COSO. Understanding of accounting principles and techniques. Other specialty areas (IT, security, fraud investigation, etc.) are additionally preferred. Basic critical thinking and analytical skills to help evaluate information received and identify critical trends in the information being reviewed. Understanding of the technical aspects of accounting and financial reporting. Proficiency with the Microsoft Office suite of products. Familiarity with AuditBoard and SAP is preferred. Education & Experience Requirements Bachelor’s Degree required preferably in Accounting or related field. Minimum 3 - 5 years related work experience related to audit, accounting, finance and operations. ACA, CA, CPA, CIA, or equivalent preferred. Or an equivalent combination of education, experience and/or training , BE AWARE OF FRAUD: When applying for a job at Jabil you will be contacted via correspondence through our official job portal with a jabil.com e-mail address; direct phone call from a member of the Jabil team; or direct e-mail with a jabil.com e-mail address. Jabil does not request payments for interviews or at any other point during the hiring process. Jabil will not ask for your personal identifying information such as a social security number, birth certificate, financial institution, driver’s license number or passport information over the phone or via e-mail. If you believe you are a victim of identity theft, contact your local police department. Any scam job listings should be reported to whatever website it was posted in. Show more Show less

Job Description: Cyber Maturity Assessment Consultant Team: Security Consulting Designation : Cyber Maturity Assessment Consultant Job Role: Run Cybersecurity Maturity Assessments (CMA/SMA) and risk evaluations for customers, aligned with industry frameworks to enhance client security posture and operational resilience. Experience: 5+ years in cybersecurity consulting, focused on cyber maturity assessments, risk management, and compliance programs. Job Location: Cyberjaya Shifts : Day Shift. However, flexibility is required to provide extended support and be available on-call when needed. Key Responsibilities Cyber Maturity & Risk Assessments  Conduct comprehensive CCyber Maturity Assessments for clients, aligned with frameworks such as NIST CSF, ISO 27001, CMMI, and COBIT.  Perform risk assessments—both qualitative and quantitative—to prioritize vulnerabilities and recommend mitigation strategies.  Evaluate third-party and supply chain security exposures. Strategy & Advisory  Analyse and Discover gaps in the Cybersecurity Technologies, People and Processes for clients.  Develop cybersecurity roadmaps to improve clients’ maturity and governance structures.  Recommend enhancements to cyber operating models and organizational alignment.  Deliver executive-level reports and gap analyses with clear business impact insights. Client Engagement & Training  Facilitate workshops to train clients on cybersecurity best practices and self-assessment techniques.  Mentor junior consultants on methodologies, report creation, and client communication.  Support business development initiatives, including proposal writing and client presentations. Compliance & Certification  Provide guidance for ISO 27001/20000-1 certification and audit readiness.  Ensure alignment of security programs with standards like NIST 800-30 and ISO 27005. Work Experience  5+ years of hands-on experience in cybersecurity consulting.  Demonstrated history of executing cyber maturity reviews and third-party risk assessments.  Demonstrated success in leading end-to-end client engagements, from scoping to delivery of assessment reports.  Proven ability to work cross-functionally with IT, Risk, and Compliance teams to align cybersecurity efforts with business priorities.  Delivered executive-level briefings translating technical assessment findings into strategic, business-aligned recommendations. Qualifications  Bachelor’s/Master’s degree in Cybersecurity, Information Security, or a related field. Essential Technical Skills  In-depth understanding of NIST CSF, NIST RMF, COBIT, ITIL, and ISO 31000.  Familiarity with cybersecurity governance models and risk assessment tools. Certifications  CRISC, ISO 27001 LA, CC (ISC)², or equivalent certifications. Desired Skills  Strong analytical, communication, and presentation skills.  Experience in financial services, insurance, or critical infrastructure sectors.  Ability to lead and mentor team members effectively. Performance Metrics  Client satisfaction scores and feedback.  Number and quality of assessments completed annually.  Contributions to proposals and business development success. Skills: risk assessment,qualitative risk assessments,risk,quantitative risk assessments,nist csf,cybersecurity,mentoring,ccyber maturity assessments,nist 800-30,cybersecurity training,assessment,cybersecurity governance models,compliance programs,cobit,analytical skills,risk assessment tools,iso 27001 certification guidance,security,maturity assessments,communication skills,iso 27001,cybersecurity maturity assessments,cybersecurity roadmaps,cyber,nist rmf,security assurance,iso 27005,risk management,iso 27001/20000-1 certification,presentation skills,cmmi,cybersecurity roadmap development Show more Show less