975 Cobit Jobs - Page 32

The R&C IT Analyst is also a subject matter expert, responsible for advising the Risk team on controls design, deficiencies evaluation and improvements across multiple processes from testing standpoint. A successful risk professional requires a dynamic personality and ability to adapt in a rapidly changing environment. B. responsible: key areas of responsibility will include, but are not limited to: Execute and lead testing end to end for the assigned areas: Design and execute the day-to-day testing activities of IT controls, with a focus on regulatory/compliance related risks Collect, analyze, and interpret information to assess and conclude on each assigned testing area with clear concise documentation Identify gaps in design and execution, and communicate issues and recommendations to R&C team and control owners Develop and maintain comprehensive documentation including process walkthrough documentation, control testing documentation and any others required Collaborate and partner with R&C by providing guidance and ensuring that critical IT controls are adequately designed and documented, in order to strengthen the control environment, mitigate the company risks and support the business in achieving objectives Collaborate & participate within R&C to continuously improve the R&Cs capabilities and governance from an IT testing standpoint B. skilled: The ideal candidate will have a strong background in IT risk management, IT frameworks, governance and controls, Segregation of Duties, and ERP audits. 4+ years of experience gained within IT compliance, internal controls, internal/external audit, including experience working with teams in an international environment Strong understanding of design assessment and operating effectiveness assessment of IT controls, and interface controls. Experience in technology-based product development / DevOps processes, cloud security and other modern day technologies Understanding of different architecture (SOA and micro services), and ability to review source codes is an added advantage. Understanding of and experience with risk management relevant fields and frameworks, including SOx, COSO, and COBIT working knowledge of SOx an advantage Ability to multitask and successfully manage multiple priorities and projects Strong work ethic, enthusiastic, self-starting, adaptable and enjoys change in a super engaged team Excellent communication skills to interact with audit teams, management and other stakeholders effectively Ability to work effectively in a virtual environment Fully comfortable working in English, both written and spoken Professional certification, such as CISA/CRISC/CIA (or similar), would be an advantage Relevant bachelors degree required Experience working with a Big4 is preferred Key Skills Understanding of and experience with risk management relevant fields and frameworks, including SOx, COSO, and COBIT 4+ years of experience gained within IT compliance, internal controls, internal/external audit, including experience working with teams in an international environment Design and execute the day-to-day testing activities of IT controls, with a focus on regulatory/compliance related risks

The incumbent would be responsible to support the SOX, IT Risk, IT Project and associated Compliance process They will be involved in standardizing and improving process, evaluate their impacts and implement the relevant measure The role will involve managing the IT SOX program Liaise with various IT verticals leads to remediate new and outstanding issues, track IT and project risk-related issues in GRC system This is a global role engaging stakeholders across geographies like India, Philippines and US Incumbent should be a good effective communicator and have the required skillset to understand risk management concepts JOB FUNCTION AND RESPONSIBILITIES: Perform extensive IT SOX control testing . Identify issues and remediate with appropriate controls Identifying and assessing risks in the across organization IT verticals Identifying and assessing risks in the organization s Security Operations tools and processes Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference framework like COBIT, ITIL and ISO 20000 Work closely with the Enterprise Risk Management team and ensure risks are reduced or maintained at minimum levels Collaborate with Enterprise Project Management team and have oversight on IT Self led process and ensure compliance Assist in development and monitor of IT Risk policies, standards and procedures QUALIFICATION: Bachelors / masters in computer science or equivalent 5-10 years of experience in IT Risk Management WORK SCHEDULE OR TRAVEL REQUIREMENTS: Mid Shift: 12.00PM - 9.00PM No Travel Requirements

Job Description & Summary: At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 157 countries with more than 300,000 people who are committed to delivering quality in Assurance, Advisory and Tax services. Within Advisory, PwC has a large team that focus on transformation in Government through Digital inclusion. The open position is for a candidate who desires to work with government clients and bring about a change in society. A successful candidate will be expected to work pro-actively and effectively on multiple client engagements over the period of time and take ownership of the entire project delivery he/she entrusted with. Job Position Title: Manager - E-governance / Technology Consulting Location – Mumbai Role and responsibilities Developing project Charter Define project scope and deliverables that support business goals Develop project plans and schedule Set and continually manage project expectations with team members and customers Draft and submit budget proposals, and recommend subsequent budget changes where necessary Prepare proposals, RfP/bid submission documents and presentations Plan and schedule project timelines and milestones using appropriate tools (Microsoft Project Management) Develop and deliver progress reports, proposals, requirements documentation and presentations Issue status reports to the project team, analyse results, and troubleshoot problem areas Proactively manage changes in project scope, identify potential crises, and devise contingency plans Define project success criteria and disseminate them to involved parties throughout project life cycle. Build, develop, and grow business relationships vital to the success of the project. Conduct project “lessons learned” meetings and create a recommendations report in order to identify successful and unsuccessful project elements Develop best practices and tools for project execution and management Mandatory skill sets: Expertise in Technology Consulting / Implementation: IT Consulting resource (generalist) - experience in govt sector consulting/ private sector consulting, eGov transformation, Smart city, ULB projects Business Analyst/ Project management experience in Technology Implementation/ consulting projects The candidate should possess post-qualification relevant work experience of 3 to 12 years in Consulting /IT/ITES firm. Preferred skill sets: eGov Expertise: having experience in govt consulting, eGov transformation, Smart city, ULB projects Exposure to international projects Exposure to Large Transformation programs in the Public Services domain Years of experience required: 8+ Education qualification: Post-Graduation: MBA (preferable) from a top-tier college with a very good academic record. Graduation: BE/BTech/MCA/MSc (Computer Science, Information Technology, Electronics). Certifications Having one or more of the following certifications will be an added advantage: PMP / Prince-2 / TOGAF / ITIL / COBIT Interested candidates can mail their cvs at Nimisha.singh@pwc.com with the following details: Current salary Expected salary Notice period Last working day (if currently serving notice period) Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Line of Service Internal Firm Services Industry/Sector Not Applicable Specialism Operations Management Level Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. In ServiceNow consulting at PwC, you will gain extensive experience in ServiceNow applications and assist clients in optimising operational efficiency through analysis, implementation, training, and support tailored to ServiceNow software. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: A career in PwC’s Technology and Security Operations, within Internal Firm Services, will provide opportunity to develop and support our global technology service delivery, both internally and externally. ServiceNow is the enterprise platform that enables Service Management at PwC. Using the ServiceNow platform, our team helps Internal Firm Services transform how they manage services to the business, and how the business manages services to our clients. If you are seeking an exciting career with the scope to grow your ServiceNow skills through major change on a global scale, then PwC Technology will empower you to do so. Job Position Title: Associate_ServiceNowDeveloper_IN_Services_Co_ITSecurity_IFS_Pune Responsibilities: As a ServiceNow Developer, you will, Engage with stakeholders to understand user stories and determine requirements Provide guidance on what is configuration vs customization with a focus on solutions that remain close to out of box functionality as possible. Customize and develop ServiceNow applications and support rollout of new applications and modules. Configure Application UIs and Workflows Demonstrate understanding of application modules including Incident, Problem, Change, Release, Asset, CMDB, Knowledge, and Self-service Portal. Create custom reports and dashboards with supporting metrics and KPIs that adhere to best practices and have a high focus on impact to instance performance Collaborate with other ServiceNow administrators and developers to develop effectively with a global focus Be diligent in maintaining consistency in code alignment across instances and in clean code in update sets Proactively identify system deficiencies in the ServiceNow instances and provide solutions to remediate Ensure that configuration is consistent across development, testing, and production environments. Mandatory Skill Sets: Experience in transitioning technology from locally focused to centralized technology service organization. Experience with ITSM functions and modules within ServiceNow Understanding of RESTful Web Service and APIs. IT and Security management best practice (ITIL, COBIT, ISO standards). Experience developing workflows and supporting service technology teams Experience in developing solutions in JavaScript and Glide Preferred Skill Sets: Conceptual skills Ability to articulate and document the desired business outcome Ability to remove ambiguity from requirements Service orientation with a focus on quality and customer satisfaction Unit and regression testing to strive for first time right deployments Troubleshooting and Diagnostics Conceptual skills Communication skills (verbal and written) Years Of Experience Required: 3+ years of experience working in a development role for a ServiceNow Platform. 1+ years of experience as a ServiceNow administrator. Education Qualification: Bachelor or equivalents. Desired Certifications: ITIL Foundations Certification ServiceNow Developer Certification(s) Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor Degree Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills ServiceNow Agile Development Optional Skills Accepting Feedback, Active Listening, Agile Methodology, Application Security, Communication, Configuration Management (CM), Cybersecurity, Emotional Regulation, Empathy, Enterprise Architecture, Human Resources (HR) Consulting, Inclusion, Intellectual Curiosity, IT Change Management, Optimism, Risk Compliance, ServiceNow Customer Service Management (CSM), ServiceNow Ticketing Tool, Teamwork, Well Being Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Global Risk & Brand Protection Technology Risk: Security Inquiry Response Center, Analyst This position will serve as an Analyst within the Security Inquiry Response Center under the Global Risk & Brand Protection organization. The Analyst’s role will involve the gathering and pre-population of information to respond to information security and other technology-related inquiries from Deloitte member firm clients and regulators through information security inquiries, questionnaires, assessments, or audits. This role will be facilitated through a global delivery team model, tasked with the coordination and completion of these security inquiries. The team The Security Inquiry Response Center team works behind the scenes to protect Deloitte’s brand and reputation. We take this protective role seriously, while simultaneously ensuring Deloitte meets client, legal, and regulatory requirements. This is an internal firm professional service position that supports firms of the Deloitte organization. Global Risk & Brand Protection (GR&BP) analysts play a critical role in enhancing, preserving and protecting the reputation of the Deloitte organization. Specifically, GR&BP analysts assist in ensuring compliance with firm policies and professional standards in the areas of auditor independence, regulatory compliance, and risk. Functions within GR&BP include Global Independence, Technology, Regulatory, Privacy, Risk and Ethics. The ideal GR&BP candidate must be able to work independently and as part of a team in a dynamic work environment. Work you’ll do Operational responsibilities of this role will include one or more of the following: Fulfill member firm and client, regulatory and audit-related information security requests as assigned through the global delivery team. Identifying, gathering, and pre-populating responses to questions using one or more Standard Answer Banks. Identifying the remaining questions that cannot be pre-populated and whether consultation is needed with the Client Security Lead. Responsible for highlighting issues found in the Standard Answer Banks and illustrating where changes are necessary. Standard Answer Bank maintenance. Support activities related to information security inquiries, including: Analyzing and evaluating client, regulator and member firm information security requests, assessments, and audits; and Gathering data and refinement activities using the global delivery team. Demonstrate and apply project management skills and use current technology and tools to enhance the effectiveness of deliverables and services. Support initiatives to educate technology functions on technology risk management requirements according to regulatory requirements, internal policy and standards, data classification, client commitments, etc. Demonstrate and apply a basic understanding of technology trends to identify issues and communicate this information to the management team through written correspondence and verbal presentations. Perform other job-related duties as assigned by the Manager or others within the Security Inquiry Response Center team. Qualifications Education Bachelor’s degree or higher in a technology-related field or a relevant IT security certification (if non-technical degree) or an equivalent experience, i.e. vendor or procurement audits, control reviews, etc. Work experience One (1) to three (3) years demonstrated experience in applying leading practices in Information Security, Technology Risk or Operational Risk environment, or risk and governance function. Required Skills/abilities Proficient English skills in verbal, reading and writing, and the ability to understand nuances. Entry-level knowledge of Information Systems Security, cyber security, IT auditing, IT risk management and compliance and/or vendor security risk management Basic working knowledge of GRC tools (e.g., Archer, ServiceNow, etc.) Knowledge of various IT risk frameworks, methodologies, leading industry/assurance standards and regulations, as well as attestation reporting frameworks, such as the ISO family of standards (27001/2, ISO 22301, ISO 27017, etc.), NIST, COBIT, SOC2 reporting framework. Basic knowledge of significant security and privacy laws and regulations in the Americas, Europe, Middle East, Asia, Africa, and Oceania is preferable (e.g., GDPR). Analytical and problem-solving mindset; demonstrated ability to synthesize large amounts of data in short periods of time for consumption by multiple stakeholders. Effective relationship-building, communication, presentation, and interpersonal skills. Highly disciplined, with strong organizational abilities. Ability to multi-task, prioritize work and work independently. Possess exceptional level of integrity and customer focus. Work Location: Hyderabad Shift: 11:00 AM – 8:00 PM How you’ll grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities— including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-VS #EAG-R&BP Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301025

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Description for Assurance – Technology Risk About EY At EY, our purpose is Building a better working world that acts as our “North Star” guiding our more than 400,000 people – providing the context and meaning for the work we do every day. We help digital pioneers fight data piracy; guide governments through cash-flow crises; unlock new medical treatments with data analytics; and pursue high quality audits to build trust in financial markets and business. Through our integrated service lines – Assurance, Consulting, Strategy and Transactions, and Tax – and our deep sector knowledge, we help our clients to capitalize on new opportunities and assess and manage risk to deliver responsible growth. EY Global Delivery Services (GDS) is a delivery network spread across ten locations–Spain, Mexico, Sri Lanka, Argentina, India, the Philippines, Poland, Hungary and the UK. From accountants to coders to advisory consultants, we oƯer a wide variety of fulfilling career opportunities that span all service lines. To know more about EY GDS, click here. About Assurance Service Line EY Global Delivery Services (GDS) Assurance practice supports global EY client–serving teams with their reviews across industry sectors, including financial services, manufacturing and technology, among others. Through the right multidisciplinary team of professionals with the sector knowledge and subject matter expertise, EY GDS Assurance enables EY client teams in over 30 countries to help world’s leading companies meet their audit requirements. As an IT risk consultant, you’ll contribute technically to risk assurance client engagements and internal projects. An important part of your role will be to perform IT audits, document good quality assessment reports and issue opinions. You’ll anticipate and identify risks within engagements and share any issues with the audit stakeholders. You’ll also identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. Position Details: Job Title : Associate Department : Assurance –Technology Risk Job description: Key Responsibilities: Participate in IT Risk and Assurance audit engagements Work eƯectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress Help prepare reports and schedules that will be delivered to clients and other parties Develop and maintain productive working relationships with client personnel Build strong internal relationships within Ernst & Young and with other services across the organization Obtain and review evidence of compliance for adherence to standards Obtain evidence and perform SOD analysis Collaboration with other Compliance Analysts to identify overlaps with complementary compliance frameworks Key domains of compliance controls, including change management, access to systems, networks and data, computer operations and systems development. Driving necessary system and process updates across key domains of compliance Management of IT security and IT risk (e.g., data systems, network and applications) across the enterprise. Assist with the development of policies, procedures and standards that meet existing and newly developed policy and regulatory requirements Assist with facilitating IT security/risk training curriculum. Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX Internal audit services with a specific focus on IT, and related industry standards Common IT governance, control, and assurance industry frameworks, including COBIT, Risk IT, ValIT, IT Governance Institute and ISACA good practices IT industry frameworks such as ITIL and CMM Third party reporting standards Competencies / Skills: Strong analytical skills as well as excellent problem-solving skills. Flexible and adaptable; able to work in ambiguous situations Systems audit/information security knowledge is a good to have Attention to key detail required for audit, problem solving and root cause identification skills Confident & professional communication style - Ability to clearly articulate messages to a variety of audiences Able to work eƯectively at all levels in an organization, Capability to influence others and move toward a common vision or goal You should be comfortable to follow-up and gather audit evidence, investigate, and document the outcome of the risk assessment. Attention to detail, client audit data & evidence management, client management on remediation programmes. As an ambassador for the GDS Technology Assurance team, you will need to build a strong network internally and willing to learn and audit new technologies Job Specification: B.E/B.Tech (Computers, IT, Data Analytics, Cyber Security) 60% and above in current degree with no active backlog Basic understanding of various operating/database system security concepts. Familiarity with a typical IT systems development life cycle. Has a keen in interest to audit IT and financial systems for material misstatements. Strong Excel, Word and PowerPoint skills. Enthusiastic to learn new process and technologies in this fast-moving technology environment Experience projects associated with data analytics, data visualization, and Alteryx/Blue prism automation What working at EY offers At EY, we’re dedicated to helping our clients, from world’s top companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we oƯer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Infrastructure and Operations Engineer is an advanced subject matter expert, responsible for ensuring the availability of the infrastructure service platforms and/or software. This role responds to situations where standard procedures have failed to fix problems in non-functioning infrastructure service platforms and/or software. This role designs system configurations, documents and manages the installation of a new network, and maintains and upgrades existing systems as necessary and later support the operation of overall IT services offered by the company. What You'll Be Doing Key Responsibilities: Performs operational tasks to resolve all incidents / requests in a timely manner and within agreed Service Level Agreement (SLA). Update tickets with resolution tasks performed. Maintains network and services availability by performing maintenance and health checks. Supports, assists or leads engineering, design and problem isolation. Provides third level support to all incidents, requests and identify the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Escalates all tickets to seek right focus from other teams, if needed continue the escalations to management. Establishes monitoring for platform infrastructure. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Performs any other related task as required. Knowledge and Attributes: Advanced knowledge in Microsoft Solutions, i.e. design and implementation of Windows Server platforms, Office 365 migrations, Active Directory, Group Policy, System Centre Configuration. Advanced understanding of network switches, network routing, MPLS, network administration, network integration, network security and network advancement. Advanced knowledge in architecture, design, configuration, and deployment within the Microsoft Azure platform. Advanced understanding of server and desktop hardware/operating systems, networks, firewalls. Excellent oral, written and presentation communication skills. Advanced knowledge of IT infrastructure management processes, techniques, risks and best practices. Advanced knowledge of infrastructure technologies such as system management, system/network administration and development. Advanced knowledge of server administration, data center operations, project and change management principles and practices. Ability to facilitate discussions in order to address emerging problems and opportunities. Ability to handle multi-task, set priorities and meet deadlines. Advanced knowledge and understanding of information systems technology areas. Academic Qualifications and Certifications: Bachelor’s degree or equivalent in Information Technology or a related field. Relevant certifications such as CCIE/CCNP/ITIL/COBIT/PMP/CISA/CISM certifications. Required Experience: Advanced experience in similar IT roles, with a focus on IT infrastructure engineering and operations. Proven working experience in a large-scale organization. Advanced experience with IT frameworks: ITIL, MoF, CoBIT, Run SAP. Advanced experience supporting IT infrastructure and service delivery. Advanced experience working with vendors and/or service providers. Advanced experience, judgment and drive to plan, make decisions and accomplish individual and team goals. Advanced experience working in a team-oriented, collaborative environment. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Job Purpose • RBI Returns, RBI-RBS Tranche, CSITE submissions • RBI / CSITE and other regulatory audits • Aadhaar Compliance and Internal Capital Adequacy Assessment Process (ICAAP) submissions • Submissions for Information Security Committee (ISC), Risk Policy and Management Committee (RPMC), IT Apex Committee, IT Strategy Committee, Board meetings etc. • IS, CS Compliance & Governance related activities • Automation Initiatives Job Responsibilities(JR) Deliverables RBI Returns, RBI-RBS Tranche, CSITE Submissions 1. Quarterly RBI / CSITE returns 2. Quarterly RBI-RBS Tranche submissions 3. Monthly CSITE submissions 4. Ad-Hoc CSITE / RBI submissions 5. Incident reporting - RBI,CSITE, CERT-In etc. 6. Tracking and managing Digital Payment Security Controls (DPSC) related compliances. 7. Compliance towards the Advisories, Circulars and Alerts from RBI Classification - Confidential RBI / CSITE and other regulatory audits 1. Managing RBI / CSITE audits; timely collation and submission of compliances & tracking of open observations. 2. National Critical Information Infrastructure Protection Centre (NCIIPC) related requirements. 3. SEBI, NSDL, CDSL, NSE, and BSE related submissions. Aadhaar Compliance and Internal Capital Adequacy Assessment Process (ICAAP) submissions 1. Address Aadhaar related project / process change requirements. 2. Completion of the Aadhar audit as a mandatary requirement for UIDAI. 3. Tracking and monitoring the Aadhar related observations for closure. 4. Quarterly ICAAP submissions. Submissions for Information Security Committee (ISC), Risk Policy and Management Committee (RPMC), IT Apex Committee, IT Strategy Committee, Board meetings etc. 1. Convene and conduct Information Security Committee (ISC) meetings. Documentation and circulation / publication of the minutes of the meeting (MoM). Tracking and monitoring the actionable from the ISC meetings. 2. Timely submission of Notes / presentation deck for Risk Policy and Management Committee (RPMC), IT Apex Committee, IT Strategy Committee, Board meetings etc. Tracking and monitoring the actionable from these meetings. IS, CS Compliance & Governance related activities 1. Develop and periodic review of information security policies, processes, standards and guidelines. Oversee the approval and publication of these documents. 2. Assist in preparing and managing information security (IS) budget. 3. Drive and manage the awareness initiatives for the bank staff, Learning Management System (LMS) Classification - Confidential related course and content, Phishing Simulation (regulatory & internal) etc. 4. Assist in formulating InfoSec skill development & training strategy. Maintain relevant records. 5. Developing enterprise information security effectiveness criteria / metrics including for IT security tools on end points, servers, network. 6. Publish monthly executive metrics summary to senior management in the bank. 7. Point of contact (SPOC) for IT Governance related activities, IT Governance, Risk and Compliance (ITGRC) system management. 8. Managing Statutory, internal / external audits etc. 9. Management and execution of the annual ISG strategy. 10. IA Observations : Effective tracking and monitoring of the observations from the internal audits. Interactions with Internal Audit (IA) team for audit related activities. 11. Data Localization compliance : Guide the business teams for the RBI advisory on data localization. Coordinate with the business teams for arranging and reviewing the System Audit Report (SAR), System Audit Report Certificate (SARC) and Board Resolution / Approval. 12. Compliance towards the requirements of international branches of the bank : Onsite Supervisory Assessment, Half yearly submission of VAPT report etc. Automation Initiatives 1. Requisite guidance and implementation of automation initiatives. Classification - Confidential Educational Qualifications Key Skills • Bachelor’s Degree - IT / computers / electronics • MBA-IT with Compliance Certifications like CISA, CISM, CISSP, COBIT etc. • Risk management • Communication • Knowledge of ISO 27001 and 22301 • Knowledge of risk frameworks • Working with regulators • Knowledge of latest cybersecurity trends & industry best practices on information security in financial Industry. • Working knowledge of security products • Strong skills using Microsoft Office Suite (Word, Excel, Powerpoint) and collaboration tools like O365, Teams. Experience Required • Minimum experience in years : 12 to 15 yrs • Minimum 10 years of experience in managing IT and Information Security compliance management or conducting Information Security / IT audits, handling network security and data center security design, governance and implementation. • Exposure to banking preferable Major Stakeholders 1. Information Technology (IT) 2. Compliance 3. Retail Branch Banking Unit (RBCU) 4. Administration 5. Operations Risk (OR) 6. Credit Intelligence & Control (CIC) 7. Other Business teams Show more Show less

Job description Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred Show more Show less

About the Role: Grade Level (for internal use): 10 The Team: Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact: This role rolls up to the Head of Technology Risk and Governance, in the Global Digital Technology Organization . The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact: This role belongs to First Line of Defense. Support in defining a comprehensive risk inventory, focusing on granular-level risks. Support in development of detailed controls inventory for various technology processes based on various industry frameworks (COBIT, ITIL, ISO, NIST) and DS Technology Standards. Perform self- QA over the controls inventory to ensure key risks and controls are covered. Support in implementation of the Governance, Risk, and Compliance (GRC) tool, focusing on the technology aspects. Support in development of Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) Establish and manage thresholds for risk indicators Coordinate with key stakeholders to ensure alignment and effective communication Develop and operationalize risk scorecards to track and report on risk metrics. Aggregate risk data to provide a holistic view of organizational risk Support in p repar ing and deliver ing comprehensive risk reports to measure performance against the organization's Risk Appetite. Prepare presentations for the Management reporting (requires very good PowerPoint presentation skills) ​ Basic Required Qualifications: Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5 + years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. ​ Additional Preferred Qualifications: 5 + years of experience in a large global organization in a technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Role Location: Gurgaon, Noida, Bangalore What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 315516 Posted On: 2025-06-03 Location: Hyderabad, Telangana, India

Technology Risk Governance and Risk Reporting Specialist Hyderabad, India; Islamabad, Pakistan Risk Management 315516 Job Description About The Role: Grade Level (for internal use): 10 The Team: Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact: This role rolls up to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact: This role belongs to First Line of Defense. Support in defining a comprehensive risk inventory, focusing on granular-level risks. Support in development of detailed controls inventory for various technology processes based on various industry frameworks (COBIT, ITIL, ISO, NIST) and DS Technology Standards. Perform self-QA over the controls inventory to ensure key risks and controls are covered. Support in implementation of the Governance, Risk, and Compliance (GRC) tool, focusing on the technology aspects. Support in development of Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) Establish and manage thresholds for risk indicators Coordinate with key stakeholders to ensure alignment and effective communication Develop and operationalize risk scorecards to track and report on risk metrics. Aggregate risk data to provide a holistic view of organizational risk Support in preparing and delivering comprehensive risk reports to measure performance against the organization's Risk Appetite. Prepare presentations for the Management reporting (requires very good PowerPoint presentation skills) Basic Required Qualifications: Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications: 5+ years of experience in a large global organization in a technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required. Role Location: Gurgaon, Noida, Bangalore What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 315516 Posted On: 2025-06-03 Location: Hyderabad, Telangana, India

About this role: Wells Fargo is seeking a Finance Control Associate. In this role, you will: Provide support for the line of business and enterprise functions on financial reporting information technology governance, and controls and oversight matters Provide oversight for testing and monitoring involving moderate risk subject matter or control areas Receive direction from manager and exercise independent judgment while developing understanding of certain elements of the company's Committee of Sponsoring Organizations policy and governance and oversight framework Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 6+ months of Finance, Accounting, Analytics, Reporting or Business and Technology Audit experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: University degree in Business or related discipline. Minimum of 6+ months of experience in IT audit and/or IT SoX advisory/consulting service or Public Accounting Experience with large financial institutions Strong knowledge of the COSO and COBIT 5 Frameworks. Prefer one or more of the following certifications: CISA, CISM, CISSP Practical experience performing and documenting IT audit/IT COSO ITGC/ITAC testing Strong critical thinking skills with ability to credibly challenge status quo Strong organization and prioritization skills Strong relationship management skills; ability to negotiate difficult positions without harming relationships Intermediate Microsoft Office (Word, Excel, Outlook, and PowerPoint) skills Intermediate Microsoft Visio skills Ability to prioritize, meet deadlines, and achieve goals and work under pressure in a dynamic and complex environment Excellent verbal, written, and interpersonal communication skills Ability to take on a high level of responsibility, initiative, and accountability. Job Responsibilities: Performing the following for IT Application Control (ITAC) and IT General Control (ITGC) testing Partnering with IT/LOB Process Owners/Control Owners to document significant in-scope processes according to corporate COSO policy (both process narratives and process flow diagrams). Additionally, assessing the appropriateness and completeness of key risk and key controls identified; Performing walkthroughs of significant processes and ensure required COSO documentation is accurate and reflects relevant risk and key controls; Partnering with IT/LOB Process Owners/Control Owners in the creation of process risk assessments (RAM) as well as validating and challenging risk assessment conclusions; Validating and providing credible challenge to identified shared services, third party service providers, and significant applications. Performing COSO testing of key ITACs and ITGCs, including design effectiveness assessments and operating effectiveness testing. Validating and challenging documentation of control deficiencies, including issue description, root cause, unmitigated impact, and corrective actions; Analyzing the severity of control deficiencies and their impact to internal control over financial reporting. Validating corrective actions and issues and building relationships and collaborating with key stakeholders in the applicable line of business (IT) functions related to assigned process areas Assisting with projects impacting the team. Posting End Date: 15 Jun 2025 Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process. Applicants With Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo . Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment And Hiring Requirements Third-Party recordings are prohibited unless authorized by Wells Fargo. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process. Reference Number R-462139 Show more Show less

Position Summary Global Risk & Brand Protection Technology Risk:Security Inquiry Response Center, Analyst This position will serve as an Analyst within the Security Inquiry Response Center under the Global Risk & Brand Protection organization. The Analyst’s role will involve the gathering and pre-population of information to respond to information security and other technology-related inquiries from Deloitte member firm clients and regulators through information security inquiries, questionnaires, assessments, or audits.This role will be facilitated through a global delivery team model, tasked with the coordination and completion of these security inquiries. The team The Security Inquiry Response Center team works behind the scenes to protect Deloitte’s brand and reputation. We take this protective role seriously, while simultaneously ensuring Deloitte meets client, legal, and regulatory requirements. This is an internal firm professional service position that supports firms of the Deloitte organization. Global Risk & Brand Protection (GR&BP) analysts play a critical role in enhancing, preserving and protecting the reputation of the Deloitte organization. Specifically, GR&BP analysts assist in ensuring compliance with firm policies and professional standards in the areas of auditor independence, regulatory compliance, and risk. Functions within GR&BP include Global Independence, Technology, Regulatory, Privacy, Risk and Ethics. The ideal GR&BP candidate must be able to work independently and as part of a team in a dynamic work environment. Work you’ll do Operational responsibilities of this role will include one or more of the following: Fulfill member firm and client, regulatory and audit-related information security requests as assigned through the global delivery team. Identifying, gathering, and pre-populating responses to questions using one or more Standard Answer Banks. Identifying the remaining questions that cannot be pre-populated and whether consultation is needed with the Client Security Lead. Responsible for highlighting issues found in the Standard Answer Banks and illustrating where changes are necessary. Standard Answer Bank maintenance. Support activities related to information security inquiries, including: Analyzing and evaluating client, regulator and member firm information security requests, assessments, and audits; and Gathering data and refinement activities using the global delivery team. Demonstrate and apply project management skills and use current technology and tools to enhance the effectiveness of deliverables and services. Support initiatives to educate technology functions on technology risk management requirements according to regulatory requirements, internal policy and standards, data classification, client commitments, etc. Demonstrate and apply a basic understanding of technology trends to identify issues and communicate this information to the management team through written correspondence and verbal presentations. Perform other job-related duties as assigned by the Manager or others within the Security Inquiry Response Center team. Qualifications Education Bachelor’s degree or higher in a technology-related field or a relevant IT security certification (if non-technical degree) or an equivalent experience, i.e. vendor or procurement audits, control reviews, etc. Work Experience One (1) to three (3) years demonstrated experience in applying leading practices in Information Security, Technology Risk or Operational Risk environment, or risk and governance function. Required Skills/abilities Proficient English skills in verbal, reading and writing, and the ability to understand nuances. Entry-level knowledge of Information Systems Security, cyber security, IT auditing, IT risk management and compliance and/or vendor security risk management Basic working knowledge of GRC tools (e.g., Archer, ServiceNow, etc.) Knowledge of various IT risk frameworks, methodologies, leading industry/assurance standards and regulations, as well as attestation reporting frameworks, such as the ISO family of standards (27001/2, ISO 22301, ISO 27017, etc.), NIST, COBIT, SOC2 reporting framework. Basic knowledge of significant security and privacy laws and regulations in the Americas, Europe, Middle East, Asia, Africa, and Oceania is preferable (e.g., GDPR). Analytical and problem-solving mindset; demonstrated ability to synthesize large amounts of data in short periods of time for consumption by multiple stakeholders. Effective relationship-building, communication, presentation, and interpersonal skills. Highly disciplined, with strong organizational abilities. Ability to multi-task, prioritize work and work independently. Possess exceptional level of integrity and customer focus. Work Location: Hyderabad Shift: 11:00 AM – 8:00 PM How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities— including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-VS #EAG-R&BP Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301025 Show more Show less

Line of Service Internal Firm Services Industry/Sector Not Applicable Specialism Operations Management Level Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. In ServiceNow consulting at PwC, you will gain extensive experience in ServiceNow applications and assist clients in optimising operational efficiency through analysis, implementation, training, and support tailored to ServiceNow software. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: A career in PwC’s Technology and Security Operations, within Internal Firm Services, will provide opportunity to develop and support our global technology service delivery, both internally and externally. ServiceNow is the enterprise platform that enables Service Management at PwC. Using the ServiceNow platform, our team helps Internal Firm Services transform how they manage services to the business, and how the business manages services to our clients. If you are seeking an exciting career with the scope to grow your ServiceNow skills through major change on a global scale, then PwC Technology will empower you to do so. Responsibilities: As a ServiceNow Developer, you will, Engage with stakeholders to understand user stories and determine requirements Provide guidance on what is configuration vs customization with a focus on solutions that remain close to out of box functionality as possible. Customize and develop ServiceNow applications and support rollout of new applications and modules. Configure Application UIs and Workflows Demonstrate understanding of application modules including Incident, Problem, Change, Release, Asset, CMDB, Knowledge, and Self-service Portal. Create custom reports and dashboards with supporting metrics and KPIs that adhere to best practices and have a high focus on impact to instance performance Collaborate with other ServiceNow administrators and developers to develop effectively with a global focus Be diligent in maintaining consistency in code alignment across instances and in clean code in update sets Proactively identify system deficiencies in the ServiceNow instances and provide solutions to remediate Ensure that configuration is consistent across development, testing, and production environments. Mandatory skill sets: Experience in transitioning technology from locally focused to centralized technology service organization. Experience with ITSM functions and modules within ServiceNow Understanding of RESTful Web Service and APIs. IT and Security management best practice (ITIL, COBIT, ISO standards). Experience developing workflows and supporting service technology teams Experience in developing solutions in JavaScript and Glide Preferred skill sets: Conceptual skills Ability to articulate and document the desired business outcome Ability to remove ambiguity from requirements Service orientation with a focus on quality and customer satisfaction Unit and regression testing to strive for first time right deployments Troubleshooting and Diagnostics Conceptual skills Communication skills (verbal and written) Years of experience required: 3+ years of experience working in a development role for a ServiceNow Platform. 1+ years of experience as a ServiceNow administrator. Education qualification: Bachelor or equivalents. Desired Certifications: ITIL Foundations Certification ServiceNow Developer Certification(s) Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills ServiceNow Platform Optional Skills Accepting Feedback, Active Listening, Agile Methodology, Application Security, Communication, Configuration Management (CM), Cybersecurity, Emotional Regulation, Empathy, Enterprise Architecture, Human Resources (HR) Consulting, Inclusion, Intellectual Curiosity, IT Change Management, Optimism, Risk Compliance, ServiceNow Customer Service Management (CSM), ServiceNow Ticketing Tool, Teamwork, Well Being Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Sr. Cyber Security Analyst POSITION PURPOSE: This role is responsible for assessing, managing, and enhancing the security measures of Bayer s systems, networks, and data. Especially using data analytics for monitoring of Bayers security systems and applications. YOUR TASKS AND RESPONSIBILITIES: Oversee security alerts and incidents, executing timely responses to mitigate potential risks and minimize operational impact. Collaborate with IT and security personnel to implement and verify the effectiveness of comprehensive security protocols. Remain updated on current cybersecurity developments, threats, and industry best practices to enhance the organizations security framework. Monitor and evaluate operational logs, event console activities, intelligence feeds, and pertinent data to detect security-related occurrences and trends, ensuring compliance with established industry standards and regulations such as ISO 27001, NIST, and GDPR. Develop and refine cybersecurity processes and protocols, ensuring adherence to relevant industry standards and regulatory requirements. Perform analysis and testing to identify vulnerabilities, misconfigurations, or other security exposures Conduct root cause analyses and investigations to recommend prevention strategies and configuration modifications. Execute penetration testing to identify vulnerabilities within infrastructure, web applications, and other systems, differentiating between vulnerability assessments and penetration testing methodologies. Investigate incidents and respond to events in real time. WHO YOU ARE: BS or MA in computer science, information security, cybersecurity, or a related field, though relevant working experience may be considered an equivalent with 8+years of experience Experience in IT audit, network operations, enterprise risk management, penetration testing, red team/incident response, or as a junior security operations analyst Experience with regulatory compliance and information security management frameworks, such as ISO 27000, COBIT, and NIST 800. Professional certifications such as CCP-SIRA (Senior), CISSP, and ISACA certifications, along with familiarity with standards like BSI ISO 27001 and PCI DSS Further certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA, EC-Council (CSA) SOC Experience monitoring SIEM systems and tools Experience with network and security technologies, such as firewalls, IDS/IPS Experience configuring and utilizing vulnerability assessment technologies Experience with monitoring networks, detecting threats, and responding to incidents Proficiency in report writing, investigational techniques, and communicating to large audiences Ever feel burnt out by bureaucracy? Us too. Thats why were changing the way we work- for higher productivity, faster innovation, and better results. We call it Dynamic Shared Ownership (DSO). Learn more about what DSO will mean for you in your new role here https: / / www.bayer.com / enfstrategyfstrategy Bayer does not charge any fees whatsoever for recruitment process. Please do not entertain such demand for payment by any individuals / entities in connection with recruitment with any Bayer Group entity(ies) worldwide under any pretext. Please don t rely upon any unsolicited email from email addresses not ending with domain name bayer.com or job advertisements referring you to an email address that does not end with bayer.com . For checking the authenticity of such emails or advertisement you may approach us at HROP_INDIA@BAYER.COM. Division: Enabling Functions Reference Code: 847153

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions. We are currently seeking an experienced professional to join our team in the role of Sr. Associate Director, Data and Analytics Key Responsibilities: SME and Advisory Role: Serve as the primary control advisory for the CTO Data Technology organization, ensuring alignment with enterprise control expectations. Represent CTO Data Technology in all Control Owner forums to understand evolving control requirements and ensure consistent communication with ITSOs. Control Implementation Support: Educate and guide ITSOs in implementing relevant technology controls. Partner with control owners and technology teams to ensure consistent interpretation and application of control standards. Drive the implementation of assigned Technology Risk and Control Bow (TRCB) activities across CTO Data Tech aligned services and platforms. Audit & Assurance: Support ITSOs in internal, external, and regulatory audits by ensuring accurate, complete, and timely submission of evidence and responses. Coordinate with CCO, auditors and compliance teams to facilitate smooth audit walkthroughs and findings validation. Remediation Planning & Execution: Assist ITSOs in building actionable remediation plans for audit findings, KCIs, and control gaps. Monitor progress and ensure on-time delivery of all remediation commitments. Risk & Control Visibility: Provide regular visibility to CTO Data Technology sub-verticals on their control and risk posture. Publish dashboards, heat maps, and risk summaries highlighting gaps, timelines, and ownership. Tracking & Reporting: Maintain comprehensive tracking of all open audit issues, control gaps, and Key Control Indicators (KCIs). Drive regular reporting to senior stakeholders on risk metrics, remediation status, and emerging control themes. Solutioning & Risk Mitigation: Collaborate with central technology and control design teams to recommend or build control solutions where standard tools or processes are lacking. Contribute to the continuous improvement of control frameworks and tooling. Requirements Qualifications External To be successful in this role you should meet the following requirements: Bachelor s degree in computer science engineering or related field. 15+ years of experience in technology risk management, control assurance, IT audit, or compliance functions within a global enterprise. Deep understanding of IT controls, risk frameworks (e.g., COBIT, NIST, ISO 27001), and regulatory expectations. Proven experience in audit management and control remediation within complex technology environments. Strong stakeholder management and influencing skills across technology, risk, and compliance domains. Excellent communication, analytical, and problem-solving capabilities. Experience working with service owners, infrastructure, and application teams in large-scale IT organizations. Familiarity with control tools, risk dashboards, GRC systems, and reporting platforms is a plus. Preferred Certifications: CISA, CRISC, CISSP, or equivalent risk/control-related certifications. You ll achieve more when you join HSBC. HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working, and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Summary of Position Teladoc Health’s Internal Audit function provides independent, objective assurance and consulting services designed to add value and improve Teladoc’s operations. The IT Audit Manager assists Internal Audit senior management, Board of Directors, and company senior management in the effective discharge of their responsibilities by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of internal controls, risk management, and governance processes. Further, the Senior IT Auditor will assist and lead internal audit projects with a focus on the examination and analysis of IT processes, risks and internal controls supporting the digital, financial, operational, compliance, and strategic aspects of the company. Shift time - 05:00 PM IST - 02:00 AM IST 100% Remote work Essential Duties and Responsibilities Develop internal audit methodologies and contribute to the annual internal audit plan. Plan, organize, and conduct internal audit projects in alignment with the annual plan or as requested by management or the Audit Committee. Support activities related to the company's assessment of Internal Controls Over Financial Reporting (ICFR), including conducting IT process walkthroughs, testing, and summarization of results to support our Sarbanes Oxley (SOX) program. This is an individual contributor role that will lead SOX testing program areas such as scoping, scheduling, stakeholder management, workpaper review, etc. Ensure that documentation supporting audit testing is sufficient, competent, and relevant to support conclusions. Prepare high-quality internal audit workpapers and reports to accurately reflect audit work performed. Identify and monitor internal control gaps or outstanding issues within IT procedures, processes, or systems, ensuring appropriate remedial action. Collaborate with process and control owners and external audit personnel throughout the audit lifecycle. Educate and advise process and control owners on internal control requirements and promote awareness of internal audit within the organization. Stay updated on business and IT activities, accounting standards, and industry developments. Communicate business insights, impacts, and actionable recommendations to management. Work with internal audit leadership to identify current and emerging risks facing the organization. Identify opportunities to promote efficiencies using data analytics and automation. Assist in departmental projects, strategic initiatives, and investigations as needed. The time spent on each responsibility reflects an estimate and is subject to change dependent on business needs. Supervisory Responsibilities No Qualifications Expected for Position Minimum of 5+ years of IT Audit experience in public accounting and/or internal audit, preferably with a publicly traded company and experienced in SOX testing. Bachelor's degree in Accounting, Finance, Information Systems, Computer Science, or a related field; a Master's degree is a plus. Fundamental understanding of core Information Technology processes and systems. Knowledge of internal control concepts and frameworks (COSO, COBIT), Sarbanes-Oxley standards, and auditing processes. Extensive experience auditing Sarbanes Oxley (SOX) IT General Controls and (ITGC) IT Automated Controls (ITAC), including testing the completeness and accuracy (C&A) of key reports supporting business processes. Experience with testing various systems and technologies, such as ERP systems, cloud technologies, and other enterprise applications. Strong interpersonal, analytical, communication, and organizational skills (written and verbal). Ability to work independently with limited supervision. Strong work ethic, self-accountability, and high standards of ethical conduct. Experience coaching and mentoring junior team members. The above qualifications, knowledge, experience, and/or background are expected but not required for this role. Show more Show less

About the role We are seeking a Senior IT Architect to lead our annual ongoing technology refresh programme taking responsibility for defining, shaping and agreeing the annual portfolio of technology refresh projects each year. This will include the management and leadership of a small team of architects to successfully deliver these projects, ensuring effective governance and control and the delivery of business requirements, whilst minimising IT risk and optimising the IT estate. You will also contribute to the development of standards, patterns and strategic IT roadmaps for current IT systems, services & applications. You will also be capable of deputising for the head of solution architecture in their absence. Accountabilities: Working with Enterprise Architecture define and agree a portfolio of candidate projects each year for the annual technology refresh programme. Undertaking the necessary discovery and investigation to provide a robust proposed scope and approach for each candidate project; with a high degree of confidence in the likely costs and timeframe required to deliver each project. Management and leadership of a small team of IT architects to deliver each of the projects in the agreed annual technology refresh programme each year. Delivery of Solution Architectures for technology refresh projects: ensuring compliance to policies and standards, remediation of identified risks and vulnerabilities and optimisation. Deputise for Head of Solution Architecture in his absence, attending architectural governance and management meetings to represent Solution Architecture. Where required research, create, communicate and maintain IT product and supplier roadmaps for specific domains within the associated risk appetite; taking into account market and IT developments that are designed to deliver long-term business requirements, reduce IT risk and maximise re-use and efficiencies. Develop, agree, control, maintain and govern effective delivery of IT architectural solution blueprints (both internally and externally produced), incorporating IT operating model, technology, applications, information and service, in accordance with agreed standards and criteria, to ensure a shared understanding between parties, that it delivers business requirements and is effectively governed and controlled. Identify, evaluate and select technology, applications and service products, in collaboration with Group Procurement and business stakeholders and in accordance with policies, procedures and standards, to ensure they are fit for purpose, deliver business requirements within budget and timescales and that contracts are effective. Develop, agree, control and maintain IT architectural standards and policies for product, technology, information and service that are aligned with industry practice and the strategic roadmap and will deliver consistent and efficient IT solution design and application. Manage the technology relationships with third party suppliers and contractors, to ensure they meet business need and deliver the requirements of the solution and any contracts are aligned with IT roadmaps and standards. Monitor and manage specific Information Technology Infrastructure Library (ITIL) processes to ensure their effective operation and provide guidance and control to the architectural design aspects of other relevant ITIL processes to ensure governance requirements and standards are met. Assist with impact assessment of IT operational incidents and proposed IT Change to provide the subject matter expertise required to support effective decision making. About you Qualifications: Ideally qualified to the following standards or equivalent: Information Systems Examination Board (ISEB) Practitioner in Enterprise and Solution Architecture The Open Group Architecture Framework (TOGAF) 9 Certified ITIL Foundation Prince 2 Foundation Control Objectives for Information and related Technology (COBIT) Foundation Experience and Knowledge: Experience in playing a key role within an IT delivery function including solutioning/solution planning and delivering Experience as a Lead Architect for an IT programme or large project Experience in shaping and defining a portfolio of projects Experience of defining and creating architectural standards and patterns Experience of running architectural governance for a programme or large project Working knowledge of Architectural domains Good knowledge of: Emerging technologies and standards Wider IT market issues Architectural standards and methodologies e.g. TOGAF Architectural design patterns Integration design patterns Excellent presentation and influencing skills Great senior stakeholder communication and management skills Good working knowledge of change lifecycle skills: Analysis and requirements management Azure Hosting Functional Decomposition Business models Data models About the role We are seeking a Senior IT Architect to lead our annual ongoing technology refresh programme taking responsibility for defining, shaping and agreeing the annual portfolio of technology refresh projects each year. This will include the management and leadership of a small team of architects to successfully deliver these projects, ensuring effective governance and control and the delivery of business requirements, whilst minimising IT risk and optimising the IT estate. You will also contribute to the development of standards, patterns and strategic IT roadmaps for current IT systems, services & applications. You will also be capable of deputising for the head of solution architecture in their absence. Accountabilities: Working with Enterprise Architecture define and agree a portfolio of candidate projects each year for the annual technology refresh programme. Undertaking the necessary discovery and investigation to provide a robust proposed scope and approach for each candidate project; with a high degree of confidence in the likely costs and timeframe required to deliver each project. Management and leadership of a small team of IT architects to deliver each of the projects in the agreed annual technology refresh programme each year. Delivery of Solution Architectures for technology refresh projects: ensuring compliance to policies and standards, remediation of identified risks and vulnerabilities and optimisation. Deputise for Head of Solution Architecture in his absence, attending architectural governance and management meetings to represent Solution Architecture. Where required research, create, communicate and maintain IT product and supplier roadmaps for specific domains within the associated risk appetite; taking into account market and IT developments that are designed to deliver long-term business requirements, reduce IT risk and maximise re-use and efficiencies. Develop, agree, control, maintain and govern effective delivery of IT architectural solution blueprints (both internally and externally produced), incorporating IT operating model, technology, applications, information and service, in accordance with agreed standards and criteria, to ensure a shared understanding between parties, that it delivers business requirements and is effectively governed and controlled. Identify, evaluate and select technology, applications and service products, in collaboration with Group Procurement and business stakeholders and in accordance with policies, procedures and standards, to ensure they are fit for purpose, deliver business requirements within budget and timescales and that contracts are effective. Develop, agree, control and maintain IT architectural standards and policies for product, technology, information and service that are aligned with industry practice and the strategic roadmap and will deliver consistent and efficient IT solution design and application. Manage the technology relationships with third party suppliers and contractors, to ensure they meet business need and deliver the requirements of the solution and any contracts are aligned with IT roadmaps and standards. Monitor and manage specific Information Technology Infrastructure Library (ITIL) processes to ensure their effective operation and provide guidance and control to the architectural design aspects of other relevant ITIL processes to ensure governance requirements and standards are met. Assist with impact assessment of IT operational incidents and proposed IT Change to provide the subject matter expertise required to support effective decision making. About you Qualifications: Ideally qualified to the following standards or equivalent: Information Systems Examination Board (ISEB) Practitioner in Enterprise and Solution Architecture The Open Group Architecture Framework (TOGAF) 9 Certified ITIL Foundation Prince 2 Foundation Control Objectives for Information and related Technology (COBIT) Foundation Experience and Knowledge: Experience in playing a key role within an IT delivery function including solutioning/solution planning and delivering Experience as a Lead Architect for an IT programme or large project Experience in shaping and defining a portfolio of projects Experience of defining and creating architectural standards and patterns Experience of running architectural governance for a programme or large project Working knowledge of Architectural domains Good knowledge of: Emerging technologies and standards Wider IT market issues Architectural standards and methodologies e.g. TOGAF Architectural design patterns Integration design patterns Excellent presentation and influencing skills Great senior stakeholder communication and management skills Good working knowledge of change lifecycle skills: Analysis and requirements management Azure Hosting Functional Decomposition Business models Data models

locationsBangalore, Indiaposted onPosted 11 Days Ago job requisition id30648 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". Cyber Security - Director What Youll Contribute A pplicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What Were Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflectingourcore valuesAct Like an Owner, DelightOurCustomers and Earn the Respect of Others. The opportunitytomake an impact and develop professionally by leveraging yourunique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourageyoutobring yourbest every day and be recognized for doing so. An engaging, people-first work environmentoffering work/life balance, employee resource groups, and social eventstopromote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

Job Description Who we are looking for - Alpha Platform is looking for an experienced risk professional to join their Business Risk Management (BRM) team. A candidate for this position is expected to work in a fast-paced environment akin to a commercial software company in order to meet the expectations of this rapidly growing business. Risk management skills, especially those acquired at G-SIFI organizations and/or large public accounting firms, balanced with technology and data skills will contribute to a candidate’s success in this position. This is a full-time position located at our Burlington, Massachusetts office. Why this role is important to us - Effective risk management is a top priority for a G-SIFI organization. As a member of the BRM team you will assist in the execution of a risk management program aimed at governing, overseeing and managing risks, in support of the firm’s risk excellence goals. What You Will Be Responsible For - Identify and assess risks and controls within business and technology processes Test design and operating effectiveness of controls as part of periodic required process and control reviews Self-identify, and assist the business in self-identifying, control issues, analyze their root causes, draft / assist in drafting appropriate and timely remediation plans, and continuously monitor remediation progress Advise the business on risks and control design, adopting a partnership approach, especially during introduction of new technology and business processes Assist with the execution of key business risk programs, including regular risk reviews, risk reporting, oversight and governance activities (including issue and incident management), and monitoring control performance Assist with the preparation and coordination of outside reviews, including audit events and/or regulatory examinations Escalate any perceived violations of rules, regulations, policies, procedures and recommend a course of action What We Value - Ability to effectively prioritize multiple tasks and work independently in non-routine situations Willingness to learn new technologies and processes Strong analytical, interpersonal, organizational, research, and communication (verbal and written) skills Good understanding of the role of first, second and third line of defense Strong influencing, collaboration, and project management skills Critical thinking and intellectual curiosity Initiative, ownership and energetic Excellent analytical skills Self-motivation, self-assurance and self-management Excellent team player and treating others with respect Education & Preferred Qualifications - University degree in information systems, computer science, or related field Proficiency in IT and risk management Knowledge of industry Risk and Control frameworks (COSO, COBIT, NIST, ISO, etc.) Experience with Microsoft Tools, Archer platform, Open Pages, Tableau, SharePoint Technical certifications preferred e.g. CISA, CISM, CRISC, CISSP Who We Are - Alpha Platform builds and operates technology platforms and harmonizes data for use across the end-to-end investment management cycle so clients can overcome silos, work smarter and stay in sync. The Alpha Platform organization includes Alpha Data Platform, Charles River Development, Mercatus, Commercialization, and Platform Management. We are part of State Street, a Global Systemic Important Financial Institution (G-SIFI), who is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark in the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in location, but you may expect generous medical care, insurance and savings plans among other perks. You’ll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential. We truly believe our employees’ diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you. State Street is an equal opportunity and affirmative action employer. Interested in learning more about us? Visit our www.statestreet.com www.ssga.com www.crd.com LinkedIn page: State Street on LinkedIn Job ID: R-772428 Show more Show less

Who We Are Looking For - Alpha Platform is looking for an experienced risk professional to join their Business Risk Management (BRM) team. A candidate for this position is expected to work in a fast-paced environment akin to a commercial software company in order to meet the expectations of this rapidly growing business. Risk management skills, especially those acquired at G-SIFI organizations and/or large public accounting firms, balanced with technology and data skills will contribute to a candidate’s success in this position. This is a full-time position located at our Burlington, Massachusetts office. Why this role is important to us - Effective risk management is a top priority for a G-SIFI organization. As a member of the BRM team you will assist in the execution of a risk management program aimed at governing, overseeing and managing risks, in support of the firm’s risk excellence goals. What You Will Be Responsible For - Identify and assess risks and controls within business and technology processes Test design and operating effectiveness of controls as part of periodic required process and control reviews Self-identify, and assist the business in self-identifying, control issues, analyze their root causes, draft / assist in drafting appropriate and timely remediation plans, and continuously monitor remediation progress Advise the business on risks and control design, adopting a partnership approach, especially during introduction of new technology and business processes Assist with the execution of key business risk programs, including regular risk reviews, risk reporting, oversight and governance activities (including issue and incident management), and monitoring control performance Assist with the preparation and coordination of outside reviews, including audit events and/or regulatory examinations Escalate any perceived violations of rules, regulations, policies, procedures and recommend a course of action What We Value - Ability to effectively prioritize multiple tasks and work independently in non-routine situations Willingness to learn new technologies and processes Strong analytical, interpersonal, organizational, research, and communication (verbal and written) skills Good understanding of the role of first, second and third line of defense Strong influencing, collaboration, and project management skills Critical thinking and intellectual curiosity Initiative, ownership and energetic Excellent analytical skills Self-motivation, self-assurance and self-management Excellent team player and treating others with respect Education & Preferred Qualifications - University degree in information systems, computer science, or related field Proficiency in IT and risk management Knowledge of industry Risk and Control frameworks (COSO, COBIT, NIST, ISO, etc.) Experience with Microsoft Tools, Archer platform, Open Pages, Tableau, SharePoint Technical certifications preferred e.g. CISA, CISM, CRISC, CISSP Who We Are - Alpha Platform builds and operates technology platforms and harmonizes data for use across the end-to-end investment management cycle so clients can overcome silos, work smarter and stay in sync. The Alpha Platform organization includes Alpha Data Platform, Charles River Development, Mercatus, Commercialization, and Platform Management. We are part of State Street, a Global Systemic Important Financial Institution (G-SIFI), who is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark in the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in location, but you may expect generous medical care, insurance and savings plans among other perks. You’ll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential. We truly believe our employees’ diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you. State Street is an equal opportunity and affirmative action employer. Interested in learning more about us? Visit our www.statestreet.com www.ssga.com www.crd.com LinkedIn page: State Street on LinkedIn Job ID: R-772423 Show more Show less

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Invite and give in the moment feedback in a constructive manner. Share and collaborate effectively with others. Identify and make suggestions for improvements when problems and/or opportunities arise. Handle, manipulate and analyse data and information responsibly. Follow risk management and compliance procedures. Keep up-to-date with developments in area of specialism. Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce. Build and maintain an internal and external network. Seek opportunities to learn about how PwC works as a global network of firms. Uphold the firm's code of ethics and business conduct. Essential Duties And Responsibilities Manage the work streams related to IT SOX compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s). Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations. Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews. Provide technical support in the assessment, design, and implementation of ITGC requirements. Review control evidence for adherence to accuracy, completeness, and precision of control execution for all ITGC. Develop, implement, and test controls for new acquisitions and in-scope entities Work with control owners and operators to ensure quality, consistency, and operability of new and existing controls. Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment. Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT. Mentors and develops peer and Associates, monitors their work, and takes corrective action when necessary Builds and maintains strong peer relationships within the team and across the organization Coordinates work with External Auditors. Interpersonal Skills Ability to work independently under general supervision with latitude for initiative and independent judgment Effective verbal and written communications, including active listening skills Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors Detail-oriented Comfortable working on multiple projects simultaneously Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. Excellent Communication, written and verbal would be expected. In addition to being an exceptional individual contributor, manage engagements and relevant Teams allocated for the same. Managing predominantly offshore engagements and relevant PwC Territory teams. Ensure client service delivery in accordance with the quality guidelines & methodologies. Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties Client Management Develop strong working relationships with the client and onshore client teams. Maintain excellent rapport and proactive communication with the stakeholders and client. Operational Excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Ensure compliance with engagement plans and internal quality & risk management procedures. People Related Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives Minimum Qualifications Bachelor’s degree in Information Systems, Computer Science Engineering, or Finance Preferred B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA Experience in technology audit, risk management, compliance, consulting, or information security Excellent knowledge of IT General Controls, automated and security controls. Knowledge of security measures and auditing practices within various operating systems, databases, and applications Experience in auditing financial applications, cyber security practices, privacy, and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud) Experience designing continuous auditing and monitoring tools and techniques is a plus. Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC) Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients Knowledge of regulations impacting privacy, integrity, and availability of clients PII. Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS) Understanding of audit concepts and regulations Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework Candidates with 3-5 years of relevant experience in similar role, preferably with a “Big 4” or equivalent Chartered Accountant (would be added advantage) Certification(s) Preferred CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications Show more Show less

About WorkSpan The next era of growth is being driven by business interoperability. Cloud, genAI, solutions combining services and software- more and more, companies outpace their competition not just through building superior products, but by creating stronger partnerships, paths to market, and better business models for winning together. Cloud providers, service providers, tech partners and resellers are teaming up to win more deals together through co-selling. WorkSpan is building the world’s largest, trusted co-selling network. WorkSpan already has seven of the world’s ten largest partner ecosystems on our platform and $50B of customer pipeline under active management. AWS, Google, Microsoft, MongoDB, PagerDuty, Databricks and dozens of others trust WorkSpan to accelerate and amplify their ecosystem strategies. With a $30M series C and backing from world class investors Insight Partners, Mayfield, and M12, WorkSpan is poised to drive the future of B2B. Come be a part of it. We are seeking an experienced Information Security Manager to serve as our information security leader, advancing WorkSpan's mature security program and building upon our 5+ year track record of successful SOC 2 compliance. Reporting directly to the CISO, you will have comprehensive ownership of our security operations while serving as the subject matter expert for GDPR, ISO 27001, and SOC 2 compliance frameworks. This role requires close collaboration with IT, Site Reliability Engineering, Product, and business stakeholders to translate regulatory requirements into actionable security practices and organizational standards. You will operate as a hands-on security practitioner while providing strategic guidance across the entire security landscape. Key Responsibilities Compliance & Risk Management Optimize and enhance existing SOC 2 Type II and ISO 27001 controls across the organization Conduct comprehensive security risk assessments, identify control gaps, and drive remediation to completion Evolve and maintain Information Security Management System (ISMS) policies and procedures Execute and refine established internal audit processes for various security domains Oversee annual SOC 2 Type II audits, leveraging our many years compliance history, and coordinate third-party penetration testing engagements Stakeholder Engagement Respond to customer security assessment questionnaires and RFPs with technical accuracy Conduct vendor security assessments and manage third-party risk evaluation processes Lead cross-functional security projects requiring coordination among multiple stakeholders Facilitate security awareness training programs for new hires and annual compliance education Operations & Documentation Participate in periodic security testing activities including penetration tests and disaster recovery exercises Lead security incident response activities and remediation efforts as the primary security point of contact Maintain comprehensive documentation of organizational security procedures and controls Ensure audit documentation remains current and compliant with regulatory requirements Monitor security tools and systems, analyzing alerts and implementing improvements Stay current with emerging threats and security technologies to continuously enhance our security posture Education & Experience Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, Systems Engineering, or related discipline 6+ years of hands-on experience implementing and managing regulatory compliance frameworks (GDPR, ISO 27001, SOC 2, NIST, COBIT) Proven track record conducting internal audits and managing external security audit processes Demonstrated ability to work independently and manage multiple priorities in a fast-paced environment Strong hands-on experience with security tools, technologies, and platforms Technical Expertise Deep understanding of information security terminology, concepts, and IT controls across: Risk assessment methodologies and frameworks Identity and access management (IAM) systems Cloud/SaaS security architectures Application security and secure development practices Data loss prevention and classification Network security and systems operations Incident response and management processes Experience leveraging AI tools for information security operations, vendor assessments, and questionnaire automation Leadership & Communication Demonstrated ability to establish trust and credibility with technical teams, executives, and external stakeholders Excellent written and verbal communication skills with ability to translate complex technical concepts for diverse audiences Strong project management capabilities with experience leading complex, multi-stakeholder security initiatives Independent decision-making skills with ability to operate autonomously while maintaining organizational alignment Self-motivated with strong organizational and time management capabilities Ability to be the "go-to" security expert across all domains while building scalable processes for future growth What We Offer The opportunity to be the security leader at a growing SaaS and AI company, building upon our established SOC 2 compliance track record while working with cutting-edge technologies. You'll have significant autonomy and direct influence in evolving WorkSpan's entire security posture and compliance strategy as we scale to the next level. This role offers exceptional visibility and growth potential as you help build the foundation for expanding the securi

Job Title: Risk Reporting Specialist Location: Remote Experience: 10 -15 Years Job Description The Risk Reporting specialist plays a critical role in ensuring effective risk visibility within the Information Security Group (ISG). This position focuses on streamlining the reporting process and leveraging data driven insights and performance tracking to contribute to the bank’s overall risk management strategy. The role involves conducting comprehensive risk analysis and assessments to identify and highlight key information security risks across the bank. The role will focus on developing, maintaining, and enhancing risk reporting frameworks along with driving the creation and tracking of information security risk register, metrics and monitoring Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), and reporting on emerging risks to ensure timely and informed decision-making. Key Responsibilites A mid senior level officer with sound knowledge and expertise in information security risk management with experience of managing enterprise projects and of direct and in-direct relationship with senior and executive management. Strong experience and knowledge across the Information Security and Cyber Security domains including governance, policy procedures, compliance management, risk management and security incident response etc. Strong experience in Banking environment with strong understanding on key security frameworks such as ISO27001.XX, NIST 800.xx, PCI-DSS, SWIFT CSP, COBIT etc. Strong analytical skills with the ability to interpret complex data and translate it into actionable insights. Proficiency in data analysis tools (Excel, SQL, etc.) and data visualization platforms (Power BI, Tableau, etc.). Strong knowledge of data aggregation, analysis, and reporting techniques. Experience with reporting automation and process optimization tools Strong interpersonal, analytical, and technical skills with strong decision making and prioritization skills. Sound knowledge of evolving advanced tech stacks and related control and risk universe. Sound knowledge and expertise in conducting risk assessment. Have over 10+ years of rich experience in information security domain and at least 2-3 years of dedicated experience in one of the GRC domains (Policy, Governance and Culture, Cyber Strategy & Program Management and Risk and Compliance). Master’s degree in IT/Information Security Show more Show less