615 Cobit Jobs - Page 6

Job Description KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature Responsibilities Responsibilities for Internal Candidates Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Qualifications Qualifications for Internal Candidates IT Audit + SAP experience with knowledge of IT governance practices Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skills Knowledge of security measures and auditing practices within various applications, operating systems, and databases. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal Employment Opportunity Information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

JoVE (www.jove.com) is a USA based company producing video solutions with the mission to advance scientific research and education. Our institutional clients comprise over 1,000 universities, colleges, and biopharma companies, including such leaders like Harvard, MIT, Yale, and Stanford. As a rapidly growing company, with offices in the USA, UK, Australia, and India servicing clients in over 60 countries, we are seeking talented individuals to join our company. We are seeking an experienced Technical Support Engineer to join our team, working closely with the global Support and Engineering teams. Your primary focus will be resolving critical issues and providing the Support team with tools and solutions to ensure JoVE customers receive the highest level of service possible. If you're passionate about pioneering solutions and want to shape our company's future through creative exploration of new possibilities, we want you on board. Responsibilities Work directly with the Support and Engineering team to Triage and handle critical support issues or bugs. Tackle software debugging and identify code defects for remediation. Provide support to answer inquiries on products. Accept and handle technical requests. Collaborate with L2 teams to solve customer inquiries. Create, curate and maintain knowledge articles. Follow communication procedures, guidelines and policies. Provide accurate, valid and complete information by using the right methods/tools. Build sustainable relationships and trust with customers and other internal teams through open communication. Handle customer complaints, provide appropriate solutions and alternatives within the time limits; follow up to ensure resolution. Keep records of customer interactions, process customer accounts and file documents. Performs other specific duties or assignments as directed by Team Manager. Requirements: 3+ years of demonstrable experience in technical customer support. 2+ years of experience with web application frameworks such as PHP, Typescript, JavaScript, React, NodeJs, Symfony, Laravel, Wordpress, React, or similar. GraphQL experience is a plus. Excellent communication and interpersonal skills, verbal and written, are required to effectively and accurately communicate in English. Must have technical/diagnostic ability along with analytical ability to diagnose problems above basics, and basic mechanical skills. Ability to communicate with both technical and non-technical personnel in a clear and easy fashion. Ability to work with minimal supervision and research using traditional and online resources. Good understanding of KPIs and Metrics. Embraces the concepts of Agile Scrum software development and its related collaboration and issue-tracking tools (e.g., JIRA, Rally) Embraces the concepts of ITIL and COBIT framework and its related collaboration and issue-tracking tools (e.g., Zendesk, Service Desk) Availability to work Eastern time zone - NY Time (8 AM to 5 PM) Why Join JoVE? A competitive compensation package including unlimited commissions on your sales You will make a direct impact in accelerating science research and education. Opportunity to work with global teams and in an environment that promotes innovation and collaboration. Our strong promotion from within culture draws a clear path to advance your career with us Show more Show less

Job Description: Security, Risk and Technology Strong knowledge of financial services and insurance industry regulations around security and privacy including the Gramm-Leach-Bliley Act, State Privacy Laws, Health Insurance Portability and Accountability Act (HIPAA), Fair Credit Reporting Act, SEC Rules 17a-3 and 17a-4, and state security breach disclosure notification laws. Ability to relate these regulations back to security controls. Understanding and application of information security standards and best practices including NIST Cybersecurity Framework, ISO 27001-4, CoBIT, Cloud Security Alliance, etc. Ability to identify risks, quantify them, and help recommend and design mitigations. Broad knowledge of Unix, Linux, Windows and mainframe server environments. Knowledge of various database platforms. Strong knowledge of best practice processes and technologies across security domains especially related to identity and access management, network security, logging and monitoring. Knowledge of at least one cloud services platform (Amazon Web Services, Microsoft Azure, Google Cloud or Oracle Cloud) Education / Experience: Security, compliance, audit or risk covering a wide area of technologies and security domains including those previously mentioned. Financial industry or highly regulated industry background (Insurance, Banking, etc.) Project work experience with a recognized security, audit, or risk consulting firm a plus CISSP, CISA, CISM or other security/control certifications a plus. Bachelor’s degree or higher – preferably in Computer Science, Engineering, or a related scientific fields Communication Excellent verbal and written communication skills Ability to develop and QA/oversee development of high quality project artifacts Ability to collaborate, influence and communicate successfully in different ways concisely to different audiences (i.e., in business terms to business people, in technical terms to technical people) Able to develop and present dashboards Engagement Proven ability to engage with customers (IT and Business) and consultants in a highly professional and competent manner. Understanding and experience with project life cycles using proven methodologies – from analysis through implementation with hands-on deliverable development. Ability to work in a matrix reporting environment A practiced ability to influence peers, customers and project teams to make security minded decisions and changes Ability to scope projects, developing project charters, requirements, documenting issues and work plans, vendor selection, product/process design and implementation, change management/communication a plus. Location: This position can be based in any of the following locations: Chennai, Gurgaon Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday Show more Show less

Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose - the relentless pursuit of a world that works better for people - we serve and transform leading enterprises, including the Fortune Global 500, with our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI. Inviting applications for the role of Principal Consultant, IT Risk and Controls The IT Risk and Controls Analyst/Manager is responsible for identifying, assessing, monitoring, and reporting on IT-related risks and ensuring that appropriate internal controls are in place and operating effectively. This role supports the development and implementation of IT risk management frameworks and works closely with internal audit, cybersecurity, compliance, and IT operations teams. Responsibilities . Perform risk assessments on IT systems, processes, and vendors. . Develop and maintain IT risk registers and control matrices. . Evaluate and enhance the effectiveness of IT general controls (ITGCs) and application controls. . Support audit readiness and coordinate responses to internal/external audit findings. . Implement and monitor controls aligned with regulatory and compliance frameworks (e.g., SOX, ISO 27001, NIST, COBIT). . Partner with business and IT stakeholders to design and implement risk mitigation strategies. . Manage and report on key risk indicators (KRIs) and control metrics. . Conduct IT control testing and support risk-based control reviews. . Assist with third-party/vendor risk assessments and due diligence processes. Support business continuity and disaster recovery planning from a risk perspective. Qualifications we seek in you! Minimum Qualifications / Skills B.Tech/B.E/ MCA Excellent written and verbal communication skills Preferred Qualifications/ Skills Solid understanding of IT risk frameworks (e.g., NIST, COBIT, ISO 27001). Experience with SOX compliance and ITGCs. Strong analytical, communication, and stakeholder management skills. Proficiency in tools such as GRC platforms (e.g., Archer, ServiceNow GRC) and Excel. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Get to know us at and on , , , and . Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

About ACA: ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We empower our clients to reimagine GRC and protect and grow their business. Our innovative approach integrates consulting, managed services, and our ComplianceAlpha® technology platform with the specialized expertise of former regulators and practitioners and our deep understanding of the global regulatory landscape. Position Summary: The Information Risk Analyst is responsible for the monitoring of compliance with the information security policies and programs of ACA. This position handles third party risk management, internal control and data governance tasks based on established processes, and assists with incident response. This position needs to understand the security vision and work towards realizing it. This position is responsible for finding ways to apply new departmental ideas into their daily work. This position needs a self-starter who works to improve their own effectiveness as well as provides ad-hoc suggestions for broader improvements for our security architecture, specifically as it relates to the effectiveness of risk and governance. Execution of assigned tasks on time and on quality with oversight and assistance from others. Job Duties: Assists in the development and maintenance of Information Security governance requirements (e.g. policies and standards). Assists in the design of and facilitates the execution for ongoing compliance monitoring controls. Performs vendor due diligence by evaluating and assessing potential risks posed by third party vendors. Ensures the proper handling of sensitive data and its compliance with established polices and applicable regulatory frameworks. Helps improve and maintain a comprehensive data governance framework Stays up to date on developments with relevant laws and regulations to ensure the organization remains compliant. Assists in internal audits and communicates across the organization on items which may require remediation. Recommends risk treatment options for technical projects or other initiatives. Participates in incident response exercises. Assists with the incident management of any discovered security incidents. Assists with identifying gaps in IT controls and generating mitigation recommendations. Helps system owners make informed risk-related decisions. Assists with responding to customer and partner cybersecurity inquiries. Assists with the research, review, development, and/or enhancement of IT security systems. Performs ad-hoc work/special projects as necessary to support ACA on various client and internal initiatives. Required Education and Experience: Bachelor’s Degree in related field or two years’ of practical experience in related information security or audit role. Knowledge of industry security concepts / frameworks and regulatory standards such as ISO-27001, NIST, COBIT PCI-DSS, GDPR, SOC2 and DORA. Preferred Education and Experience: Bachelor’s Degree in related field Four years’ of practical experience in related information security or audit role Relevant cybersecurity professional certification (e.g., CISA, CGRC, CRISC) Required Skills and Attributes : Demonstrated professional integrity Dependable, flexible, and adaptable to new ACA initiatives and changing client needs Ability to work well in a fast-paced, small-team environment Ability to work independently, multi-task and prioritize effectively Ability to establish and maintain effective working relationships with colleagues and clients Highly motivated and goal oriented; proactive in one’s own education and career progression; volunteers for and shows initiative on both internal and external projects and tasks Dedicated to upholding ACA’s high-quality standards and customer service focus Strong organizational and problem-solving skills with attention to detail Strong oral and written communication skills What working at ACA offers: We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. Our Total Rewards package includes medical coverage fully funded by ACA for employees and their family as well as access to Maternity & Fertility and Wellness programs. ACA also provides Personal Accident Insurance, Group Term Life Insurance, Employee Discount programs and Employee Resource Groups. You’ll be granted time off for designated ACA Paid Holidays, Privilege Leave, Casual/Sick Leave, and other leaves of absence to support your physical, financial, and emotional well-being. What we commit to: ACA is firmly committed to a policy of nondiscrimination, which applies to recruiting, hiring, placement, promotions, training, discipline, terminations, layoffs, transfers, leaves of absence, compensation and all other terms and conditions of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected status. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have Chartered accountant (CA) or Master’s degree in management, Information Systems/ Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline Passion for technology and an ardent desire to work in risk management. Minimum 5 years of a “Big 4” or professional firm or professional industry experience in risks & controls, with more than 5 years of experience in IT Risk Management, IT Regulatory Compliance, IT Audit and IT Transformation Risk areas such as: Identification of strategic, IT & business risks and Identify control gaps, weaknesses and areas of improvements. Design of IT Risk Controls frameworks and RACMs Design and Implementation of IT general controls, IT application controls, Business Process controls, etc Conducting IT internal control reviews, and review of SOC1 or SOC2 reports IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc Understanding of IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In IT audit at PwC, you will focus on helping to assess and evaluate the design and effectiveness of an organisation's IT systems and controls to provide compliance with regulations and mitigate risks. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Job Description Manage and direct the work streams related to IT SOX Compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s). Provide technical support in the assessment, design and implementation of ITGC requirements. Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations. Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews. Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC. Develop, implement and test controls for new acquisitions and in-scope entities. Work with control owners and operators to ensure quality, consistency and operability of new and existing controls. Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment. Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management of client/Onshore teams. Plan and direct the work to team members, monitor their work, and take corrective action when necessary. Coaches, mentors, and develops direct reports, including overseeing new hire onboarding process and providing career development planning and opportunities; maintains a safe, secure, and legal work environment. Builds and maintains strong peer relationships within the team and across the organization. Coordinates work with External Auditors of the client if needed. Manage the Cyber, Risk & Regulatory (Advisory) team and client portfolio to deliver 8,000 to 12,000 of client hours. Interpersonal Skills Ability to work independently under general supervision with latitude for initiative and independent judgment. Effective verbal and written communications, including active listening skills and skill in presenting findings and recommendations. Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors. Detail-oriented & comfortable working on multiple projects simultaneously. Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. Excellent communication skills, written and verbal would be expected. Ensure client service delivery in accordance with the quality guidelines & methodologies. Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. Contribute to people and knowledge development initiatives by developing training material and conducting training. Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties. Demonstrate superior relationship building and relationship management skills. Client Management Develop strong working relationships with the client and onshore teams. Maintain excellent rapport and proactive communication with the stakeholders and clients. Operational excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Manage engagement budgets and ensure compliance with engagement plans and internal quality & risk management procedures. People related Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers. Minimum Qualifications Bachelor’s degree in Information Systems, Computer Science Engineering B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA Experience of business experience in technology audit, risk management, compliance, consulting, or information security including acting in the capacity of a supervisor Excellent knowledge of IT General Controls, automated and security controls Knowledge of security measures and auditing practices within various operating systems, databases and applications Experience in auditing financial applications, cyber security practices, privacy and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud) Experience designing continuous auditing and monitoring tools and techniques is a plus. Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC) Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients Knowledge of regulations impacting privacy, integrity and availability of clients PII. Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS, Peoplesoft) Understanding of audit concepts and regulations Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework Candidates with 6-8 years of relevant experience in similar role, preferably with a “Big 4” or equivalent Chartered Accountant (would be added advantage) Certification(s) Preferred CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications Show more Show less

Plan, execute and report all IT Security and Business Automation related audit activities for OakNorth Bank plc. to provide independent assurance to senior management that the bank’s IT infrastructure and digital transformation initiates (incl. non-IT) are fit for purpose to allow the bank to safely deliver best-in-class services to all its customers. Job Responsibilities: Plan, execute and report all IT and cyber security related audit activities for OakNorth Bank plc Provide independent assurance to senior management that the bank’s IT infrastructure is fit for purpose to allow the bank to safely deliver best-in-class services to all its customers Ensure best practice and frameworks are followed to adhere to various audit guidelines and standards A Subject Matter Expert who can build a strong network for himself/herself and execute audit work autonomously all the way through to review whilst having a strong sense of customer service Manage IT related audit activities for the OakNorth Bank plc Delivers at least one audit per quarter: some audits to be delivered alone and others in partnership with the existing OakNorth audit team or empanelled co-sourced partner Document audit fieldwork, findings and prepare audit reports Review audit evidences and track closure of management actions Report on audit activity to senior management Continuously improve the IT audit methodology which suits the highly technical, disruptive, global, and fast-moving environment Supports IA team and colleagues on subject matter whilst keeping in mind team goals, not only individual targets Deliver internal and external certification audits Execute ITGC, network, cyber and cloud security audits Conduct internal audits to provide information whether the firm’s Information Security Management System conforms to the Internationally recognised Standards Deliver audits to evaluate the evolving cybersecurity automation ecosystem(“best-in-breed”) Perform cloud security assessments for AWS / Azure cloud platforms and other cloud-based solutions Carry out technical security reviews of firewall configurations, DLP, IAM, IPS /IDS and other critical applications Audit the continuously improving IT infrastructure model with newly emerging and flexible work solutions, post Covid-19 Continuously assess and report, how well the Bank assesses internal and external threats including email attacks and vulnerabilities, as well as the fitness for purpose and effectiveness of its strategic and tactical responses Challenge incident, disaster response and business continuity plans and review the test reports, outcomes to verify backup / restore set-ups and RPO / RTO levels Desired Skills: Someone with a minimum of 5-7 years of banking / consulting experience in IT security audits Hunger, fire (10x, momentum) Ability to work with others across teams, geographies, and legal entities (one team) Not a prima donna / ego issue (right ambition) Not highly political or “spin doctor” (say it as it is) Logical thinking, ability to get to the simplest answer as opposed to a convoluted one (challenge and simplify) An honest person who operates with a high degree of ethics and integrity through any situation (right ambition, say it as it is) Someone who holds a degree in information technology from a top institute with a consistently good academic record Holds at least one globally recognised IT certification, and working towards a second (IA / Risk or technical) Hands-on experience of working on some of the latest and best auditing / GRC tools A good understanding and knowledge of IT Security Compliance frameworks and industry control standards and, such as NIST, ISO 27001, COSO, COBIT, and ITIL A self-starter and fast learner; someone who can work and learn on his/her own Someone with gravitas and whose opinion matters; someone who is trusted by colleagues across the firm, from the most junior to the most senior A person who focuses on what matters most: outcomes; someone who relentlessly avoids hypothetical risks and verbose Show more Show less

Position Summary Assistant Manager – Incident Response - Deloitte Support Services India Private Limited The Specialist – Incident Response reports to the Global Incident Response Manager. The role serves as the main incident responder performing technical services for cyber security incident investigations and assessing scope of incident damage. As part of the Global Cybersecurity Incident Response Team, this role requires : Strategic Assists in preparation of internal and external communications Maintains chain of custody of incident evidence Provides physical security of collected data and devices Provides recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidents Operational Provides technical services needed for cyber incident response investigations including, containment, eradication, and remediation activities Assists in assessing scope of incident damage Assists in determination of incident severity Responsible for maintaining documentation throughout a cyber incident Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation Perform digital forensic services including, but not limiting to, collection, documentation, preservation, and analysis of incident evidence Relationship Management Maintains rotating on-call availability for a 24x7x365 coverage Establish and maintain strong working relationships with all teams required to support incident response including other enabling areas and member firms Qualifications – External 6 to 9 years of experience Bachelor’s Degree or Master of Science preferred Work location: Hyderabad Work timings: 11am-8pm Education Bachelor’s degree: degree in a technology-related field, or equivalent education-related experience Work Experience Recommended minimum of 6 years of combined experience in the Information Security / Cybersecurity domain with a minimum of 3-4 years in cyber incident response. Demonstrable understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threats Demonstrable understanding of incident response casework, including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation Proven track record and experience of the following in a highly complex and global organization Strong problem solving and troubleshooting skills with experience exercising mature judgement Excellent teamwork and interpersonal skills Certification Professional security management certification preferred, such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), Certified Information Systems Security Professional (CISSP), or other similar credentials Skills/abilities Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and efforts. Ability to adapt and operate in a high-tempo, dynamic and stressful environment. Sound knowledge of business management and an expert knowledge of information / cybersecurity strategy and governance Operational knowledge of preventive and detective security controls (e.g., firewalls), advanced endpoint solutions , Web Application Firewalls (WAF), Data Loss Prevention (DLP), web security solutions, email gateways, Security Information and Event Management (SIEM)) Operational knowledge of general IT technologies and concepts (e.g., routers, switches, messaging systems, server operating systems (Windows, Linux, Unix), desktop and mobile operating systems (Windows, macOS, iOS, Android), cloud services and architecture, and vulnerability management. Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework Experience recording and maintaining incident documentation within a ticketing system Understanding of incident response in a Cloud based environment and experience with cloud solutions Experience leading cyber security incident response during normal daily operations or against advanced persistence threats. Ability to quickly analyze large amounts of information and formulate action plans based on that analysis. Experience interpreting, searching, and manipulating data within enterprise logging solutions. Strong understanding of SIEM technologies Ability to travel as needed (0%) How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources including live classrooms, team- based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 305067 Show more Show less

Role : IT Risk & Control Specialist Responsibilities The candidate will be responsible for: Conduct technology risk assessments/audits, identify potential gaps, create action plans and recommendations for mitigation. Track the actions until completion, and ensure that senior management / committees within the region are kept up-to-date on the progress. Provide consultative guidance on the prioritization of remediation efforts. Coordinate IT requests from regulators, obtaining responses from stakeholders. Coordinate the issue and exception/acceptance processes, including self-reported issues. Support the assigned team in gathering information and preparing for all tech risk related reporting and meetings, i.e., internal and external audit, regulatory interaction, etc. Stay knowledgeable of laws, rules, regulations and current advances in all areas of information technology concerning APAC. Continually improve the quality of the risk management – through evaluation of cybersecurity, vulnerabilities, business continuity, outsourcing and other technology risks. Evaluate policies, standards, processes and procedures for completeness and recommend enhancements. Work with regional and global teams to understand / influence risk framework, represent regional needs and help resolve challenges. Qualifications At least 3 to 5 years of experience in IT Risk, Compliance, Audit and/or InfoSec. Experience in performing IT Audit and reviewing IT controls, framework, policies and standards. Experience in understanding design and operating effectiveness of IT controls and industry related frameworks. Significant knowledge in 2 or more areas: Application Security, IT Governance, IT Compliance & Audit, Identity & Access Management, Cloud Security, Asset Security, Threat/Vulnerability Management, BCM & DR Has a good understanding of international standards on Technology Risk Management. Excellent time management and ability to oversee multiple processes, action plans and key stakeholders simultaneously. Drive to execute and ability to solve challenges independently as well as drive initiatives to completion. Excellent stakeholder management, communication (verbal and written), presentation and advisory skills. Desired skill-set: IT Audit experience Information risk and/or security qualification (CISA, CISSP, CRISC, CISM, CCSP or equivalent preferred) Knowledge of ISO, NIST CSF, COBIT, COSO, SOX, SOC, etc. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. BSE Consultant Opportunity: In recent years, technology has disrupted and transformed government entities and multinational corporations, reshaping their operations and elevating their focus on elite Customer Experience (CX) and Employee User Experience (EUX). As a business consulting professional, you play a pivotal role in helping our MENA clients unlock the full potential of their technology investments—driving strategy, accelerating growth, and enabling business excellence. As part of a high-performing Business & Service Excellence team, you’ll deliver exceptional client service, providing strategic advice on how technology enablement, digital transformation, and enterprise intelligence contribute to performance improvement. Your expertise will extend beyond technology transformation enablement to include business excellence initiatives, optimizing processes, enhancing operational efficiencies, and embedding continuous improvement frameworks while having a good background in Professional Business Process Analysis specific to tools like BMC Remedy, Ivante, ServiceNow and the likes. By leveraging technology as a force multiplier during major program transformations, you will guide organizations in aligning their IT landscape with business excellence principles—ensuring sustainable value creation, operational agility, and industry-leading service delivery. Whether it's refining governance models, streamlining enterprise workflows, or embedding data-driven decision-making, your role will be instrumental in shaping future-ready organizations poised for success. Job Responsibilities: The BSE Consultant is primarily responsible for designing, building, implementing, and executing one or more Service Excellence processes and provide process and technology governance consulting. Responsible for consulting engagements of Business Consulting service offerings in the field of Service Management and Business Excellence - assemble information to determine, document and agree customer requirements, conducting AS-IS assessments in line with applicable standards and frameworks, conducting Gap Analysis and producing recommendations Responsible for managing end-to-end proposal development, crafting compelling value propositions, and leading client orals to drive business growth and secure strategic engagements. Analyze client's business and user needs, priorities, document requirements, and make recommendations to Client Senior Leadership on how to apply best practices and methodologies to address priorities, policies, procedures, technical problems, and bottlenecks. Apply excellence framework principles (ISOs, EFQM, IT CMF, ITIL etc) to streamline business processes and optimize operational efficiencies. Ensure services are performed within established service levels and Key Performance Indicators (KPIs) Define, develop, and implement policies, processes, and procedures aligned to standards, and frameworks Develop templates, guidelines, and other job aids to use the implemented policies, processes, and procedures Assess and formulate tool requirements to execute the processes and ensure all the processes are institutionalized within the client environment Conduct periodic compliance audits / assessments against defined processes and various quality models such as Malcolm Baldrige, EFQM, IT CMF, ITIL, COBIT, ISO 20000, ISO 22301, ISO 27000, and various other emerging business excellence frameworks Report, ensure, and facilitate closure of all non-conformities by driving corrective actions within client environment. Develop Metrics/KPIs and collect data related to the processes deployed and drive analysis and improvements based on recommendations Contribute to internal best practices, processes, and methodology documentations Provide support functionally on the development, implementation, and deployment of service management tools. Apply Service Process Management best-practices and methodologies in the development and implementation of IT Services Educational Qualifications: Bachelor’s degree – Business Administration/Management/Information Technology, Engineering, or a related field (Mandatory) | Master’s degree (MBA/MSc) in Business Strategy, Digital Transformation, Technology Management, or Operations (Desired) Mandatory Certifications – ITIL®4 Foundation (Mandatory) Desired Certifications – ISO 20000, IAITAM Lean Six Sigma (Green/Black Belt), TOGAF, EFQM, Baldrige Excellence Framework Project & Program Management: PMP, PRINCE2, SAFe Agile, Scrum Master Data Analytics: Power BI, Tableau Skills & Experience: At least 3-5 years related IT experience Effective communication, influencing, facilitation and documentation skills Personal Attributes/Interpersonal Skills, Strategic planning skills to determine business requirements, develop customer strategies and develop plans to achieve the business requirements identified. Experience writing business and technical documentation and contributing to proposals Ability to present ideas clearly and concisely Experience in one or more of the following areas: Process Excellence, Business Excellence Service Management, Operations Management Business Excellence IT Governance, Information Security Service Delivery Management Experience on ServiceNow and other ITSM tools Experience on Visio, PowerPoint, Excel etc. Behavioural Skills: Strong communication skills with ability to interact with management level Open to explore all domains in Business Consulting Ability to work under pressure and prioritize with minimal supervision Multi-tasking skills Team player with ability to work with cross functional teams EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. BSE Consultant Opportunity: In recent years, technology has disrupted and transformed government entities and multinational corporations, reshaping their operations and elevating their focus on elite Customer Experience (CX) and Employee User Experience (EUX). As a business consulting professional, you play a pivotal role in helping our MENA clients unlock the full potential of their technology investments—driving strategy, accelerating growth, and enabling business excellence. As part of a high-performing Business & Service Excellence team, you’ll deliver exceptional client service, providing strategic advice on how technology enablement, digital transformation, and enterprise intelligence contribute to performance improvement. Your expertise will extend beyond technology transformation enablement to include business excellence initiatives, optimizing processes, enhancing operational efficiencies, and embedding continuous improvement frameworks while having a good background in Professional Business Process Analysis specific to tools like BMC Remedy, Ivante, ServiceNow and the likes. By leveraging technology as a force multiplier during major program transformations, you will guide organizations in aligning their IT landscape with business excellence principles—ensuring sustainable value creation, operational agility, and industry-leading service delivery. Whether it's refining governance models, streamlining enterprise workflows, or embedding data-driven decision-making, your role will be instrumental in shaping future-ready organizations poised for success. Job Responsibilities: The BSE Consultant is primarily responsible for designing, building, implementing, and executing one or more Service Excellence processes and provide process and technology governance consulting. Responsible for consulting engagements of Business Consulting service offerings in the field of Service Management and Business Excellence - assemble information to determine, document and agree customer requirements, conducting AS-IS assessments in line with applicable standards and frameworks, conducting Gap Analysis and producing recommendations Responsible for managing end-to-end proposal development, crafting compelling value propositions, and leading client orals to drive business growth and secure strategic engagements. Analyze client's business and user needs, priorities, document requirements, and make recommendations to Client Senior Leadership on how to apply best practices and methodologies to address priorities, policies, procedures, technical problems, and bottlenecks. Apply excellence framework principles (ISOs, EFQM, IT CMF, ITIL etc) to streamline business processes and optimize operational efficiencies. Ensure services are performed within established service levels and Key Performance Indicators (KPIs) Define, develop, and implement policies, processes, and procedures aligned to standards, and frameworks Develop templates, guidelines, and other job aids to use the implemented policies, processes, and procedures Assess and formulate tool requirements to execute the processes and ensure all the processes are institutionalized within the client environment Conduct periodic compliance audits / assessments against defined processes and various quality models such as Malcolm Baldrige, EFQM, IT CMF, ITIL, COBIT, ISO 20000, ISO 22301, ISO 27000, and various other emerging business excellence frameworks Report, ensure, and facilitate closure of all non-conformities by driving corrective actions within client environment. Develop Metrics/KPIs and collect data related to the processes deployed and drive analysis and improvements based on recommendations Contribute to internal best practices, processes, and methodology documentations Provide support functionally on the development, implementation, and deployment of service management tools. Apply Service Process Management best-practices and methodologies in the development and implementation of IT Services Educational Qualifications: Bachelor’s degree – Business Administration/Management/Information Technology, Engineering, or a related field (Mandatory) | Master’s degree (MBA/MSc) in Business Strategy, Digital Transformation, Technology Management, or Operations (Desired) Mandatory Certifications – ITIL®4 Foundation (Mandatory) Desired Certifications – ISO 20000, IAITAM Lean Six Sigma (Green/Black Belt), TOGAF, EFQM, Baldrige Excellence Framework Project & Program Management: PMP, PRINCE2, SAFe Agile, Scrum Master Data Analytics: Power BI, Tableau Skills & Experience: At least 3-5 years related IT experience Effective communication, influencing, facilitation and documentation skills Personal Attributes/Interpersonal Skills, Strategic planning skills to determine business requirements, develop customer strategies and develop plans to achieve the business requirements identified. Experience writing business and technical documentation and contributing to proposals Ability to present ideas clearly and concisely Experience in one or more of the following areas: Process Excellence, Business Excellence Service Management, Operations Management Business Excellence IT Governance, Information Security Service Delivery Management Experience on ServiceNow and other ITSM tools Experience on Visio, PowerPoint, Excel etc. Behavioural Skills: Strong communication skills with ability to interact with management level Open to explore all domains in Business Consulting Ability to work under pressure and prioritize with minimal supervision Multi-tasking skills Team player with ability to work with cross functional teams EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

You will be responsible for engaging with internal and market facing programs on Technology Risk matters. Oversee the embedding and alignment to the requirements of Mastercard technology policies and standards. Transform the implementation of technology risk management principles and practices by focusing on the reusability of core components, quantitative assessment, and education of key stakeholders. This role will also support the following capabilities: identification, assessment, treatment, and monitoring of technology risks across the environment; providing an aggregate view of controls, issues and exceptions, to inform strategic decision making. Experience : Strong knowledge of the risk management lifecycle and processes (e.g., methods for identifying, assessing treating and monitoring risk) Background in technology audit, risk management, technology operations, information systems management, information security management, regulatory engagement, etc. Strong knowledge of baseline Technology and Security processes, risks, and controls Familiarity with technology/security frameworks and mechanisms (e.g., SOC 1, SOC 2, PCI-DSS, ISO 27001, COBIT, CRI, PFMI, NIST) Experience with regulatory technology and security risk management expectations; Strong influence and collaboration skills cross-functionally and geographically to identify and drive implementation of best practice risk processes Systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and drive

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. FS TR- ITC – Tech Risk As Risk consultant, you’ll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Seniors Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Understanding on Control frameworks such as COSO, internal control principal and related regulations including SOX and J-SOX. Common IT governance and Assurance standards including NIST, COBIT, Risk IT, ITIL and third-party reporting standards as SSAE16. Understanding on independent and risk based operational audits such as Software Development Life Cycle (SDLC), Business Resilience, Cybersecurity audits, Data privacy and data protection audits, Network security audit. Understanding and hands-on experience on data analysis tool such as Tableau, Power Bi, python etc. Conduct performance reviews and contribute to performance feedback for staff. Adhere to the Code of Conduct. The Code of Conduct sets the standards of behaviour, actions, sand decisions we expect from our people. Participate in IT Risk and Assurance engagements. Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Responsible for managing reporting on assurance findings and ensure control owners take remediation action as required. Identify, lead, and manage the continuous improvement of Internal Controls through implementation of continuous control monitoring and automation. Obtain and review evidence of compliance for adherence to standards. Key domains of compliance controls, including change management, access to system, network and Data, computer operations and system development. Stay current with and promote awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. Skills And Attributes For Success Experience in application controls and Information security experience. Understanding of risk management systems and processes Ability to build relationships with key stakeholders across different levels of seniority. Strong written and verbal communication skills To qualify for the role, you must have. Preferably bachelor’s degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA Minimum of 3-4 years of experience in internal controls and Internal Audit Enterprise risk services with specific focus on IT and related industry standards IT Risk Assurance framework Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX Preferred security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems. Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT Experience of security testing methods and techniques including network, operating and application system configuration review Application controls and security experience: sensitive access and SOD testing controls testing Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. Preferred Certifications: CISA What We Look For We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What Working At EY Offers At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that’s right for you. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

GE Healthcare Healthcare Finance Category Finance Mid-Career Job Id R4025643 Relocation Assistance Yes Location Bengaluru, Karnataka, India, 560066 Job Description Summary The Role holder will be a member of the team responsible for the execution of overall IT SOx program that supports GEHC’s SOx certification. The Role holder will work collaboratively with other team members, broader IT organization of CIOs, IT Process/ Control Owners, IT Risk Leader and his team, External Auditors, and with the Business Process SOx team. GE HealthCare is an $18 B publicly traded, healthcare technology company that spun off from General Electric Company in January of 2023. We are expanding the capabilities of the current Internal Controls function by adding roles to support its expanded SOX program and other internal controls monitoring related activities. GEHC SOx team is an integrated team, managing both Business Process & IT Sox. GE HealthCare is a leading global medical technology and digital solutions innovator. Our purpose is to create a world where healthcare has no limits. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Job Description Roles and Responsibilities Control Walkthroughs and Testing: Lead and schedule walkthroughs for assigned IT controls to gain a comprehensive understanding of the Company’s IT infrastructure and its alignment with key business/ IT processes. Perform detailed control testing and accurately document results in accordance with workpaper standards and audit methodology set by GEHC. Ensure documentation reflects a clear narrative and complete audit trail for both design and operating effectiveness testing. Quality and Accountability: Own the quality and integrity of all deliverables, ensuring they meet or exceed internal standards and regulatory expectations. Maintain accountability for the accuracy, clarity, and completeness of audit documentation and testing artifacts. Issue Identification and Remediation: Proactively identify and escalate control deficiencies or process gaps to the IT SOx Manager in a timely manner. Collaborate with control and process owners to confirm deficiencies, assess associated risks, and agree on appropriate remediation actions and timelines. Evaluate the impact of control deficiencies, including the identification and validation of mitigating controls where applicable. Remediation Testing and Closure: Conduct thorough follow-up testing on remediated controls to evaluate both design adequacy and operational effectiveness. Review and validate remediation efforts before formally closing deficiencies in line with SOx compliance requirements. Reporting and Communication: Support the preparation and delivery of periodic reports to executive and senior leadership teams on the progress of IT SOx activities against the compliance plan. Provide clear and concise updates regarding key risks, open issues, and remediation status. Program Support: Contribute to ongoing enhancements of the IT SOX compliance program by recommending improvements to methodologies, templates, and workflows. Take on ad-hoc assignments or strategic projects as requested by the IT SOX Manager to support program execution and maturity. Required Qualifications Minimum of 5 years of progressive experience in IT audit, IT SOX compliance, risk management, or a related field including at least 2 years with a Big four audit firm preferably. Bachelor's degree in Information Systems, Accounting, Finance, Computer Science , or a related discipline from an accredited institution. Strong understanding of IT General Controls (ITGCs), IT Automated Business Controls (ITACs) and SOX 404 compliance , including: Solid working knowledge of risk and control frameworks such as COSO, COBIT, NIST, or ISO 27001 . Proven experience drafting and reviewing IT risks, control descriptions, test plans, exception reports, and remediation recommendations. Demonstrated experience managing end-to-end SOX compliance cycles, including walkthroughs, testing, documentation, control assessments, and remediation tracking. Experience in performing quality assurance reviews of control testing performed by team members or third-party consultants. Reports To: IT SOX Manager Core Competencies Integrity: Consistently demonstrates high ethical standards and sound judgment in handling sensitive issues. Proactive & Self-Driven: Ability to work independently, manage time effectively, and drive tasks to completion with minimal supervision. Analytical Thinking: Strong problem-solving skills with the ability to analyze complex IT environments and identify relevant risks and controls. Communication: Excellent written and verbal communication skills in English, with the ability to interact effectively across technical and non-technical stakeholders. Adaptability: Quick learner who can adjust to shifting priorities and apply new knowledge in dynamic environments. Inclusion and Diversity GE HealthCare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity. Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support Disclaimer: GE HealthCare will never ask for payment to process documents, refer you to a third party to process applications or visas, or ask you to pay costs. Never send money to anyone suggesting they can provide employment with GE HealthCare. If you suspect you have received a fraudulent call , please fill out the form below: https://www.ge.com/careers/fraud Additional Information Relocation Assistance Provided: Yes

Location: Hyderabad, Telangana Time type: Full time Job level: Associate Job type: Regular Category: Technology Risk Services ID: JR113398 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. As an associate in RSM’s growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Responsibilities include Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements. Qualifications B.Tech/MCA/MBA with ISO 27001 Lead Auditor and up to 2 years of relevant experience in Information Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, and IT Application Controls. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL etc.) Qualified to pursue a job-relevant certification (CIA, CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (Vlookups, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

About This Role Internal Audit Internal Audit’s primary mission is to provide assurance to the Board of Directors and Executive Management that BlackRock’s businesses are well managed and meeting strategic, operational and risk management objectives. The team engages with senior leaders and all of BlackRock’s individual business units globally to understand and advise on the risks in their business, evaluate the effectiveness of key processes and assist in the design of best practices that can improve their results. Internal Audit reports directly to the Audit Committee of the Board of Directors, and our work builds confidence that BlackRock will meet its obligations to clients, shareholders, employees, and other stakeholders. Technology Audit The Technology Audit Team, also in the US, Europe, and Asia, performs design review and testing related to technology controls across application systems and infrastructure components such as databases, operating systems, data centers and messaging platforms. India BlackRock India is a microcosm of the firm’s global operating platform that brings scaled capabilities in technology and investment management operations to support various functions, provide business continuity for critical operations, and drive innovation and operational excellence. Role Responsibilities & Qualifications This role supports the global Internal Audit team. Specific Responsibilities Include Engaging BlackRock stakeholders to understand and identify key processes and risks within a specific business unit or technology. Contribute to the risk-based decision making of audit scope. Reviewing, testing, and assessing the effectiveness of technology controls in business-integrated audits in which there is close interaction between business and technology partners. This role also includes technology-led audits across all aspects of information technology including cybersecurity, software, hardware, database, messaging, network, and cloud. Identifying and escalating issues identified during testing. Overseeing issue remediation Identifying emerging firm-wide and business risks, understanding organizational changes through periodic engagements with business units, and completing risk assessments of these areas Contributing to global department-wide initiatives Education And Experience Undergraduate or graduate degree in management information systems, engineering, technology, computer science or a related field is preferred. 3+ years in a technology audit and/or technology risk management function, preferably within the Finance Industry. Familiarity with financial instruments and asset management processes. Knowledge of regional and global regulatory requirements Technology Skills Relevant professional certifications are a plus (e.g., CISA, CISM, CRISC, CEH). Strong understanding of application development, databases, operating systems, networking, and other key technology infrastructure components. Knowledge of ISO, ITIL and COBIT Knowledge of technology controls including application security management, system architecture and design, technology operations, and technology governance. Analytical mindset: Experience in utilizing business intelligence, and analytical methods and language (e.g., SQL, Python) and adopting a data driven approach to perform audit testing will be a plus. Soft Skills Intellectual curiosity, critical thinking and problem solving. Commitment and strong work ethic. Excellent communication (verbal, written, listening) and interpersonal skills. Our Benefits To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about. Our hybrid work model BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock. About BlackRock At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress. This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law. Show more Show less

Position Overview Job Title: Control Assessments and Change Risk Advisory - GTI Location: Pune, India Corporate Title: AVP Role Description The 1st line Tech Risk and controls function at Deutsche sits within the Group Technology Infrastructure (GTI) for Deutsche Bank Group. GTI has the largest footprint within the Technology, Data and Innovation division and is joined by other business-aligned CIO IT divisions. The Tech Risk and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Bank’s journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise to Control definition and assessments capability across IT Infrastructure, SDLC and Architecture domains supporting a proactive risk management function. It will therefore also include providing change risk advisory services for transformational change programs undertaken by or impacting GTI. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. You will also support Regulatory Adherence and Policy Management function within TDI Risk Management. Its purpose is to provide oversight and supervision of new & changed material regulation impacting TDI, including full traceability to derived DB-specific Policies, Procedures, Key Operating Documents and Supporting Documents. This role will report to GTI Control Assessment Lead What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Risk & Control Management Identify and evaluate potential areas of non-compliance or risk, assessing impact, probability and present findings and proposals for risk mitigation measures. Support the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. Work closely with teams in and out of the division to understand risks impacting the group. Align internal Deutsche Bank policies/procedures against industry recognized framework to strengthen the control framework and its implementation for both within the Bank and our 3rd party vendor relationships Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Regulatory Adherence and Policy Management Coordination of regulatory adherence assessments across sub-divisions within TDI and management and review of Policies, Procedures, Key Operating Documents, Supporting Documents within TDI. Engage with stakeholders across TDI and other (e.g. 2nd line of defence) divisions in reviewing, assessing, and documenting the impact of regulations and planning remedial actions. Steer and support the publication of a consistent set of global and local Policies, Procedures, Key Operating Documents and Supporting Documents relating to Information Technology from laws, rules, and regulations. Risk remediation and Change Risk Advisory Support the Head of TDI GTI Risk Management in assessing risks related to strategic changes within the GTI Organization Proactively monitor risk landscape shift within the industry to identify transformation project opportunities to insulate Deutsche Bank from any potential risk exposure e.g., Production design life cycle, application and infrastructure architecture and its resilience Stakeholder Management – Identify, Partner and Collaborate Work with relevant stakeholders to identify and assess controls gaps related to technology risk - measure and mitigate them in a timely manner Align with COO Division Control Office (DCO) team and NFRM (2nd LoD) ensuring successful and consistent implementation of the established control framework. Promote and support proactive IT risk culture at the Bank. Desired Experience Your skills and experience Minimum 5 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework or IT Audit in a global organization. Experience in a regulatory oversight, assurance, or policy management function within technology. Or have suitable compliance or audit background within infrastructure (and preferably IT & Information Security). Extensive experience regarding development, training and implementation of IT Policies, Procedures, Key Operating Documents and Supporting Documents. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights How We’ll Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment. Show more Show less

Get to Know the Team: At Grabber Technology Solutions (GTS), we revolutionise the technology experience for every Grabber. Our mission is to empower our team with seamless and solutions that enhance their daily work. We are a diverse group of forward-thinkers committed to creating personalised IT experiences. If youre passionate about customer-centric innovation and technology at Grab, come join us and help shape the future of technology! Get to Know the Role: We are looking for an experienced Senior Configuration Manager to drive the accuracy, integrity, and strategic value of our Configuration Management Database (CMDB). This important individual contributor role will be the primary owner and performer of CMDB operations, ensuring it serves as the definitive source of truth for our IT landscape. You understand configuration management mechanics, including the seamless integration of hardware and software assets within the CMDB framework. You will report to Manager II, Change & Release Management. This role is based in Bangalore. The Critical Tasks You will Perform: Own and maintain the Configuration Management Database (CMDB), ensuring accuracy and completeness by collaborating with cross-functional teams on Configuration Item (CI) identification, documentation, and lifecycle management. Lead and evolve Software Asset Management (SAM) processes, defining inclusive policies, tools, and procedures for licence tracking, compliance, usage, and optimisation. Identify and implement opportunities to streamline and automate Configuration Management processes within the ITSM platform, ensuring seamless integration with core ITSM functions like Change, Incident, Problem, and Release Management. Generate regular reports and KPIs, conduct configuration audits, and support risk assessments to address discrepancies and ensure compliance. Provide expert support for Change Management processes, contributing to accurate and collaborative impact assessments for changes affecting configurations. Stay current with industry trends and emerging technologies, recommending strategic process and tool improvements to enhance Configuration and Asset Management practices. Read more Skills you need What Essential Skills You will Need: Bachelors degree in Computer Science, Information Technology, or a related field 6 to 9 years hands-on experience in IT Operations, Service Management or Configuration Management roles. Deep, hands-on expertise in configuration management principles and practices, including CMDB data modelling, CI lifecycle, relationships and data quality. Track record in defining and implementing Hardware Asset Management (HAM) and Software Asset Management (SAM) processes, policies and tools. Hands-on experience with automated discovery and reconciliation tools and integrating data from multiple IT systems. Demonstrated experience defining and generating reports on KPIs and building data visualisations. Good to have ITIL Expert (v3/v4) certified COBIT 5 Foundation certified Lean/SixSigma certified Read more What we offer About Grab and Our Workplace Grab is Southeast Asias leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, weve got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility. Read more Life at Grab Life at Grab We care about your well-being at Grab, here are some of the global benefits we offer: We have your back with Term Life Insurance and comprehensive Medical Insurance. With GrabFlex, create a benefits package that suits your needs and aspirations. Celebrate moments that matter in life with loved ones through Parental and Birthday leave , and give back to your communities through Love-all-Serve-all (LASA) volunteering leave We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through lifes challenges. What We Stand For at Grab We are committed to building an inclusive and equitable workplace that enables diverse Grabbers to grow and perform at their best. As an equal opportunity employer, we consider all candidates fairly and equally regardless of nationality, ethnicity, religion, age, gender identity, sexual orientation, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique. Read more

Summary The Controls Advisory delivers all project and engagement management phases for multiple clients in various industries. Responsibilities include executing business processes, IT control reviews, and activities related to Sarbanes-Oxley 404 and internal audit control projects. Performing work on SOX 404 engagement: conducting tests of control design and operating effectiveness, ensuring high-quality work through complete and accurate testing documentation. Manage a portfolio of engagements by leading a team of Assistant managers, Senior Associates, and Associates/ Analyst Ensure the work delivered is high quality through spot checks, periodic reviews, and quality review/ assurance processes. Ensure established turnaround times and the allotted budget are met. Assist Associate Directors and Directors in developing new methodologies, internal initiatives, marketing collaterals, business proposals, etc. Skills IT General Controls testing (ITGC), including platforms, ERP applications like SAP and databases for i) IT General Controls testing for Internal Audits (IA), ii) Sarbanes-Oxley (SOX) 302, 404 audits, iii) Third party reporting e.g., SOC1, SOC2 etc. iv) Governance, risk, and compliance (GRC) Gaining an understanding of the clients IT applications and infrastructure to determine the effectiveness of the control environment through performing and reviewing process walkthroughs with Experience of Windows, Oracle, SQL, or UNIX environments Knowledge of IT industry practice methodologies (e.g., COSO, COBIT, ITIL) is preferable. Awareness of internal auditing standards issued by IIA, ICAI & ISACA Data analytics support for Internal Audits (IA), Sarbanes-Oxley (SOX) 404 assessments and other advisory services Microsoft office tools (Word, Excel, Access, Power point etc.) with demonstrated ability to coach young team members on the respective tools. Education / Professional Experience/ Qualifications 3 to 5 years of post-qualification experience in risk advisory/ related internal audit/ IT SOX audit experience preferably in big 4 or related business experience. Certified Information Systems Auditor/ Bachelor of Engineering/ B. Tech/ Master s in business administration with major in Information Technology & Systems Internal Audit, Sox Audit, Testing, Risk Advisory

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Technology Career Framework - Role Details Role Rank:Manager Career Framework Role Description Evaluates business models, processes and operations to develop a good understanding of business needs and requirements. Analyses and evaluates business requirements and translates these into technical requirements and specifications, providing insights on system and technical components to incorporate into the technical design. Interacts with business stakeholders to gather, understand, document, and analyse business requirements. Analyses reports and assessments to provide insights on whether a solution/technology being implemented is meeting business requirements. Responsibilities Reviews materials and supports in meetings and workshops with business stakeholders to understand and gather business / functional requirements, undertaking client assessments and building relationships with business stakeholder. Builds relationships and collaborates with the wider team to understand business requirements and translates these into complex technical requirements. Produces technical specifications to guide system architectural design and development and conducts quality assurance tasks to ensure completeness of requirements, peer reviewing the work of more junior members of the team. Monitors and reports on potential risks/opportunities of emerging technologies, and forms recommendations for system and technical components based on understanding of business requirements, reviewing and supporting with process modelling and improvement. Contributes to the design and review of test cases to ensure tests adequately meet the requirements and coordinates with infrastructure and operations teams to resolve system issues, contributing to moderately complex aspects of a project. Provides insights on whether solutions and technologies being implemented are meeting business requirements. Contributes to business case development and completes RFP responses, exploring and experimenting with new and existing data to tackle defined business problems . Technical Skills & Knowledge Proven experience gathering and interpreting business requirements. Proven experience developing technical requirements and specifications, including knowledge of software engineering methodologies, reporting tools, modelling and testing. Proven understanding of Lean Six Sigma and Business Process Modelling and Notation. Knowledge on application building using Python would be an added advantage. Experience Sound relevant experience in either an internal or external business analysis role and/or software / technical analysis role or similar, evidenced by adding business value through identifying, analysing and articulating problems and solutions . Developed technical knowledge and experience in delivering IT solutions, providing technical advice and understanding user requirements. Some stakeholder management experience. Typical Education Business Administration Business Management Computer Science Data Science Engineering IT Statistics Mathematics Typical Certifications Similar Titles in the Market Oracle Functional Consultant Oracle GRC Consultant Oracle Risk Management Consultant Business Analyst – Oracle ERP Senior Business Analyst - Oracle ERP Leadership Capabilities LEAD: Gold Standard Definitions Available Technical Learning Business Analysis Skills And Capabilities Preferably CA/MBA/B.E/B.Tech with 7 to 11 years of implementation and advisory experience on Oracle Cloud ERP/EBS security and controls. Ability to drive risk and control programs for Oracle EBS/ERP Cloud, with a focus on the following: Segregation of duty concerns in an ERP environment along with an ability to design SoD (Segregation of Duties) risk libraries, and preparation of remediation roadmaps. System role-design, build security and troubleshoot security defects. Design risk control matrices by conducting workshops with business process owners. Review Oracle ERP IT Application Controls (ITAC) for test of design and test of effectiveness. Identify potential opportunities to automate current ITDM/manual controls leveraging Oracle EBS/ERP Cloud. Deep understanding of regulatory frameworks like COSO, COBIT. Knowledge and audit experience across regulations like SOX, GDPR, CCPA. Functional knowledge on Oracle EBS/ERP Cloud Financials, Procurement, Supply chain management, Projects and HRMS is a pre-requisite. Ability to simplify data and explain trends through Excel spreadsheets, dashboards, power-point presentations is highly desirable. Knowledge of Oracle GRC (Governance, Risk & Compliance) & Oracle Risk Management Cloud (RMC) is highly desirable. Working knowledge on Peoplesoft, NetSuite, MS Dynamics and Workday would be an added advantage. Willing to learn and work on different ERPs and CRM solutions. Technologies and Tools Oracle Fusion Cloud Financials, SCM modules, Projects and HCM. Oracle EBS Financials, SCM modules, Projects and HRMS. SQL /PLSQL, Python. SpotFire/ PowerBI. PeopleSoft, NetSuite, MS Dynamics and Workday. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Experience in Internal Control, General Computer and Application Control Audit background. Knowledge and experience in various Information security standards / regulations / best practices (ISO-27001, COBIT, PCI-DSS, GDPR, HIPAA, SOC2, etc. Knowledge of efficient way to protect the system, networks, software, data and information systems against security threats. Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, data loss prevention and privacy Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Good understanding of, and experience with Information Risk Management, IT Security and Compliance and Security Controls and Audit. Understanding of internal and external IT security standards, SOX, PCI, SOC2/1, ISO27001 standards and relevant legal compliance aspects Good understanding of cloud security requirements and third-party control assurance. Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network globally across Group businesses, as well as with external groups. Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, data loss prevention and privacy Preferred technical and professional experience Knowledge of Data Security Standards: PCI DSS, Privacy Principles Driving Platform / Application security and compliance Ability to foresee and identify mitigation strategies for Risks & Analytical and problem solving skills

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Technology Career Framework - Role Details Role Rank:Manager Career Framework Role Description Evaluates business models, processes and operations to develop a good understanding of business needs and requirements. Analyses and evaluates business requirements and translates these into technical requirements and specifications, providing insights on system and technical components to incorporate into the technical design. Interacts with business stakeholders to gather, understand, document, and analyse business requirements. Analyses reports and assessments to provide insights on whether a solution/technology being implemented is meeting business requirements. Responsibilities Reviews materials and supports in meetings and workshops with business stakeholders to understand and gather business / functional requirements, undertaking client assessments and building relationships with business stakeholder. Builds relationships and collaborates with the wider team to understand business requirements and translates these into complex technical requirements. Produces technical specifications to guide system architectural design and development and conducts quality assurance tasks to ensure completeness of requirements, peer reviewing the work of more junior members of the team. Monitors and reports on potential risks/opportunities of emerging technologies, and forms recommendations for system and technical components based on understanding of business requirements, reviewing and supporting with process modelling and improvement. Contributes to the design and review of test cases to ensure tests adequately meet the requirements and coordinates with infrastructure and operations teams to resolve system issues, contributing to moderately complex aspects of a project. Provides insights on whether solutions and technologies being implemented are meeting business requirements. Contributes to business case development and completes RFP responses, exploring and experimenting with new and existing data to tackle defined business problems . Technical Skills & Knowledge Proven experience gathering and interpreting business requirements. Proven experience developing technical requirements and specifications, including knowledge of software engineering methodologies, reporting tools, modelling and testing. Proven understanding of Lean Six Sigma and Business Process Modelling and Notation. Knowledge on application building using Python would be an added advantage. Experience Sound relevant experience in either an internal or external business analysis role and/or software / technical analysis role or similar, evidenced by adding business value through identifying, analysing and articulating problems and solutions . Developed technical knowledge and experience in delivering IT solutions, providing technical advice and understanding user requirements. Some stakeholder management experience. Typical Education Business Administration Business Management Computer Science Data Science Engineering IT Statistics Mathematics Typical Certifications Similar Titles in the Market Oracle Functional Consultant Oracle GRC Consultant Oracle Risk Management Consultant Business Analyst – Oracle ERP Senior Business Analyst - Oracle ERP Leadership Capabilities LEAD: Gold Standard Definitions Available Technical Learning Business Analysis Skills And Capabilities Preferably CA/MBA/B.E/B.Tech with 7 to 11 years of implementation and advisory experience on Oracle Cloud ERP/EBS security and controls. Ability to drive risk and control programs for Oracle EBS/ERP Cloud, with a focus on the following: Segregation of duty concerns in an ERP environment along with an ability to design SoD (Segregation of Duties) risk libraries, and preparation of remediation roadmaps. System role-design, build security and troubleshoot security defects. Design risk control matrices by conducting workshops with business process owners. Review Oracle ERP IT Application Controls (ITAC) for test of design and test of effectiveness. Identify potential opportunities to automate current ITDM/manual controls leveraging Oracle EBS/ERP Cloud. Deep understanding of regulatory frameworks like COSO, COBIT. Knowledge and audit experience across regulations like SOX, GDPR, CCPA. Functional knowledge on Oracle EBS/ERP Cloud Financials, Procurement, Supply chain management, Projects and HRMS is a pre-requisite. Ability to simplify data and explain trends through Excel spreadsheets, dashboards, power-point presentations is highly desirable. Knowledge of Oracle GRC (Governance, Risk & Compliance) & Oracle Risk Management Cloud (RMC) is highly desirable. Working knowledge on Peoplesoft, NetSuite, MS Dynamics and Workday would be an added advantage. Willing to learn and work on different ERPs and CRM solutions. Technologies and Tools Oracle Fusion Cloud Financials, SCM modules, Projects and HCM. Oracle EBS Financials, SCM modules, Projects and HRMS. SQL /PLSQL, Python. SpotFire/ PowerBI. PeopleSoft, NetSuite, MS Dynamics and Workday. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Technology Career Framework - Role Details Role Rank:Manager Career Framework Role Description Evaluates business models, processes and operations to develop a good understanding of business needs and requirements. Analyses and evaluates business requirements and translates these into technical requirements and specifications, providing insights on system and technical components to incorporate into the technical design. Interacts with business stakeholders to gather, understand, document, and analyse business requirements. Analyses reports and assessments to provide insights on whether a solution/technology being implemented is meeting business requirements. Responsibilities Reviews materials and supports in meetings and workshops with business stakeholders to understand and gather business / functional requirements, undertaking client assessments and building relationships with business stakeholder. Builds relationships and collaborates with the wider team to understand business requirements and translates these into complex technical requirements. Produces technical specifications to guide system architectural design and development and conducts quality assurance tasks to ensure completeness of requirements, peer reviewing the work of more junior members of the team. Monitors and reports on potential risks/opportunities of emerging technologies, and forms recommendations for system and technical components based on understanding of business requirements, reviewing and supporting with process modelling and improvement. Contributes to the design and review of test cases to ensure tests adequately meet the requirements and coordinates with infrastructure and operations teams to resolve system issues, contributing to moderately complex aspects of a project. Provides insights on whether solutions and technologies being implemented are meeting business requirements. Contributes to business case development and completes RFP responses, exploring and experimenting with new and existing data to tackle defined business problems . Technical Skills & Knowledge Proven experience gathering and interpreting business requirements. Proven experience developing technical requirements and specifications, including knowledge of software engineering methodologies, reporting tools, modelling and testing. Proven understanding of Lean Six Sigma and Business Process Modelling and Notation. Knowledge on application building using Python would be an added advantage. Experience Sound relevant experience in either an internal or external business analysis role and/or software / technical analysis role or similar, evidenced by adding business value through identifying, analysing and articulating problems and solutions . Developed technical knowledge and experience in delivering IT solutions, providing technical advice and understanding user requirements. Some stakeholder management experience. Typical Education Business Administration Business Management Computer Science Data Science Engineering IT Statistics Mathematics Typical Certifications Similar Titles in the Market Oracle Functional Consultant Oracle GRC Consultant Oracle Risk Management Consultant Business Analyst – Oracle ERP Senior Business Analyst - Oracle ERP Leadership Capabilities LEAD: Gold Standard Definitions Available Technical Learning Business Analysis Skills And Capabilities Preferably CA/MBA/B.E/B.Tech with 7 to 11 years of implementation and advisory experience on Oracle Cloud ERP/EBS security and controls. Ability to drive risk and control programs for Oracle EBS/ERP Cloud, with a focus on the following: Segregation of duty concerns in an ERP environment along with an ability to design SoD (Segregation of Duties) risk libraries, and preparation of remediation roadmaps. System role-design, build security and troubleshoot security defects. Design risk control matrices by conducting workshops with business process owners. Review Oracle ERP IT Application Controls (ITAC) for test of design and test of effectiveness. Identify potential opportunities to automate current ITDM/manual controls leveraging Oracle EBS/ERP Cloud. Deep understanding of regulatory frameworks like COSO, COBIT. Knowledge and audit experience across regulations like SOX, GDPR, CCPA. Functional knowledge on Oracle EBS/ERP Cloud Financials, Procurement, Supply chain management, Projects and HRMS is a pre-requisite. Ability to simplify data and explain trends through Excel spreadsheets, dashboards, power-point presentations is highly desirable. Knowledge of Oracle GRC (Governance, Risk & Compliance) & Oracle Risk Management Cloud (RMC) is highly desirable. Working knowledge on Peoplesoft, NetSuite, MS Dynamics and Workday would be an added advantage. Willing to learn and work on different ERPs and CRM solutions. Technologies and Tools Oracle Fusion Cloud Financials, SCM modules, Projects and HCM. Oracle EBS Financials, SCM modules, Projects and HRMS. SQL /PLSQL, Python. SpotFire/ PowerBI. PeopleSoft, NetSuite, MS Dynamics and Workday. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Role / Responsibilities Perform internal audits and process reviews for functions to assess the adequacy, effectiveness and efficiency of the established internal controls and procedures Lead and perform control design assessments; Lead walkthroughs, identifying controls in the processes/ functions/ products/services, etc. Identify key areas of risk within processes and propose appropriate controls with the objective of mitigating the risks and increasing efficiency Responsible for operational testing of the controls (test scripts), including validation procedures. Evaluate the testing scripts on a regular basis to ensure changes are incorporated Evaluate the corrective action plans received from reviewee for appropriateness and/or Sufficiency. Collaborate with relevant functions to ensure timely closure of corrective action plans. Report on status of implementation of management action plans Work with 2nd line of defence Compliance functions to align audit activity Demonstrate skills to lead auditors, remain flexible, prioritize and maintain a strong attention to detail in a fast-paced environment. Strong collaboration and project management skills to complete quality work on the time with budgeted resources. Essential Skills & Qualification Bachelor’s degree with focus on Information Systems required Sound understanding of control environment, compliance and risk frameworks such as CoBIT; COSO; ISO standards, etc. Minimum 4+ years of experience in relevant field Working knowledge and experience in SOX programs / IT systems/ General Computer controls / Cybersecurity. Etc Experience in performing Technology Audits / IT Operations reviews / Integrated Audits Effective Verbal and Written Communication Skills Be able to work in a fast-paced role with competing priorities. Adaptable to project requirements and does what is required to get the job done Demonstrate ability for seamless execution, continuous improvement and problem solving Preferred Skills & Qualification Experience in BFSI / FinTech companies Experience integrating data analytics in audits Big 4 experience Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news