200 Hitrust Jobs - Page 2

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

(6-8 Years) Role Summary: The manager is responsible for leading and sustaining the team that drives the compliance strategy by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders. He/she should be able to work collaboratively with other departments and stakeholders to achieve company-wide goals and satisfy the client. Mandatory Skill Sets/Expertise: Relevant bachelor’s or master’s degree in computer science/ IT Auditing/ Information Systems/ Privacy. Have at least 6-8 years of relevant information security auditing experience and advanced knowledge of general controls (security, change management, disaster backup recovery, data centre, infrastructure, etc.), IT governance processes (ITIL). Ability to critically review security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards. Good understanding and implementation expertise of industry standards in cybersecurity (ISO, ITIL, NIST, ISF, SOC, HITRUST, PCI DSS, HIPAA) and privacy (GDPR, ISO 27018) is an advantage. Good project management skills with the ability to collaborate with teams across multiple locations and a strong command of the English language. Relevant industry recognized certifications such as CISSP/CISA/CISM. Key Attributes: Leadership: To lead by example, collaborate with the team, and make appropriate decisions when required. effectively communicate the vision and goals of the Accorian. Mentoring: To mentor individuals from graduate to industry qualified, with the aim of motivating and enhancing their personal and professional development. Communication: To communicate effectively both verbally and in writing, with the team and clients, sharing information in a clear and concise manner. Problem-solving: Strong analytical skills to identify and solve complex problems within the GRC domain. Key Responsibilities: Setting strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, & reporting metrics. Interfacing with stakeholders, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment. Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers, senior and executive leaders. Leading small teams by assigning and tracking individual tasks and ensuring the team meets milestones and addresses challenges. Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications. Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks. Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution. Drop your CVs to joinourteam@accorian.com

About TripleLift We're TripleLift, an advertising platform on a mission to elevate digital advertising through beautiful creative, quality publishers, actionable data and smart targeting. Through over 1 trillion monthly ad transactions, we help publishers and platforms monetize their businesses. Our technology is where the world's leading brands find audiences across online video, connected television, display and native ads. Brand and enterprise customers choose us because of our innovative solutions, premium formats, and supportive experts dedicated to maximizing their performance. As part of the Vista Equity Partners portfolio, we are NMSDC certified, qualify for diverse spending goals and are committed to economic inclusion. Find out how TripleLift raises up the programmatic ecosystem at triplelift.com. The Role TripleLift is seeking a Security Engineer to join our team full time. We are an established company in the advertising technology sector, trying to tackle some of the most challenging problems facing the industry. You will be joining a rapidly growing and complex environment and will work as part of a small team that will be responsible for developing, evangelizing, and executing our security roadmap. You’ll help drive improvements in our security operations capability and support critical projects enhancing our detect-and-respond capabilities. Responsibilities Support and enhance the organization's global security compliance efforts aligned with frameworks like NIST CSF and CIS Controls Monitor and triage security alerts and incidents using SIEM, EDR, and other monitoring tools; escalate and support investigations as needed Manage and maintain endpoint security tools (e.g., CrowdStrike, Microsoft Defender, SentinelOne) across corporate devices and servers Coordinate with IT to ensure consistent endpoint hardening, patching, and policy enforcement Contribute to the vulnerability management process by validating, tracking, and helping remediate findings across infrastructure and endpoints Assist in the creation and maintenance of detection rules, security dashboards, and runbooks Perform initial threat-hunting activities and collaborate with senior engineers on deeper investigations Support identity and access management practices (e.g., user provisioning/deprovisioning, privileged access reviews) Participate in incident response, including documentation, coordination, and root cause analysis Create and maintain security documentation, procedures, and knowledge base articles Collaborate cross-functionally with engineering, IT, and compliance teams to support secure operations Desired Skills And Attributes 4+ years of experience in a security engineering or security operations role Proven track record working in information security operations, engineering, architecture, or security consulting Understanding of security fundamentals with relation to various cybersecurity and compliance frameworks, particularly NIST CSF, but any of: PCI, SOC2, HITRUST, ISO 27001/2, or similar Deep understanding of the AWS Cloud, it’s services, technologies and APIs Hands-on experience managing endpoint security platforms (EDR, antivirus, MDM) in a corporate environment Able to design and evaluate general security controls, as well as how to design effective compensating controls where necessary Experience managing tools in a Security Operations Center environment, i.e., monitoring and reacting to SIEM alerts/events Deep understanding of how to securely manage cloud-native environments and ability to deploy tools in these environments Experience with managing identity and access solutions at scale for a large corporation e.g. Okta Practical experience with coding and scripting languages (e.g., Python, Bash, PowerShell) to support automation and tooling Strong communication and documentation skills Strives for continued learning opportunities to build upon craft Holds a Cybersecurity certification, e.g. CISSP, CISA, Security+, etc. Education Requirement A Bachelor’s degree in a technical subject is preferred, although candidates with relevant experience who hold other degrees will be considered. Experience Requirement At least four years of experience working within a security role or related/adjacent role Location Pune Life at TripleLift At TripleLift, we’re a team of great people who like who they work with and want to make everyone around them better. This means being positive, collaborative, and compassionate. We hustle harder than the competition and are continuously innovating. Learn more about TripleLift and our culture by visiting our LinkedIn Life page. Establishing People, Culture and Community Initiatives At TripleLift, we are committed to building a culture where people feel connected, supported, and empowered to do their best work. We invest in our people and foster a workplace that encourages curiosity, celebrates shared values, and promotes meaningful connections across teams and communities. We want to ensure the best talent of every background, viewpoint, and experience has an opportunity to be hired, belong, and develop at TripleLift. Through our People, Culture, and Community initiatives, we aim to create an environment where everyone can thrive and feel a true sense of belonging. Privacy Policy Please see our Privacy Policies on our TripleLift and 1plusX websites. TripleLift does not accept unsolicited resumes from any type of recruitment search firm. Any resume submitted in the absence of a signed agreement will become the property of TripleLift and no fee shall be due.

Job Summary As the Senior Analyst, Security Assurance you will work in a fast-paced environment fostering teamwork and open communication to focus on compliance with security standards and regulatory frameworks at Foundever. Your expertise will be vital in coordinating external audits, gathering evidence, validating compliance, and engaging stakeholders across the organization. Primary Job Responsibilities Maintain a comprehensive understanding of security compliance frameworks (HITRUST, PCI, DSS, SOC, ISO 27001, HIPAA, NIST) and their requirements Coordinate and support external IT audits, collecting, preparing and submitting necessary documentation and evidence in a timely manner Conduct regular risk assessments and gap analyses to identify areas of improvement Document compliance efforts and gaps, audit findings, and remediation plans, ensuring proper tracking and follow-through Prepare and present status updates, audit results, and risk assessments to leadership and stakeholders Utilize advanced data analytics techniques to assess compliance trends, identify potential risks, and uncover actionable insights that inform decision-making and strategic planning Develop and maintain interactive data visualization graphs and dashboards to effectively communicate compliance metrics, audit findings, and risk assessments to stakeholders Utilize Governance, Risk, and Compliance (GRC) tools to streamline compliance workflows and improve visibility Stay informed of industry trends, threats, and regulatory changes affecting information security Skills And Qualifications 5+ years of experience in information security with a focus on security assurance and compliance In-depth knowledge of security frameworks and standards such as HITRUST CSF, SOC 1/2, ISO 27001, NIST, PCI DSS, etc. Experience with data analytics and data visualization Experience with compliance software and external audit portals for evidence posting and collaboration Knowledge of audit cycles and certifications for cloud hosted applications Bachelor's degree in Computer Science, Information Technology, Security Management, or a related field Preferred Skills And Qualifications HIPAA experience Relevant security and framework certifications (e.g., CCSFP, CISM, CISSP, CISA, PCIP) AI experience About Us Foundever™ is a global leader in the customer experience (CX) industry. With 170,000 associates across the globe, we’re the team behind the best experiences for +750 of the world’s leading and digital-first brands. Our innovative CX solutions, technology and expertise are designed to support operational needs for our clients and deliver a seamless experience to customers in the moments that matter.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY GDS Consulting - Non-financial Services – Third-Party Risk Management - NFS TPRM – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our EY- NFS TPRM team. It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Lead the design and implementation of TPRM operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Demonstrate a general knowledge of market trends, competitor activities, EY products, and service lines. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within EY Consulting Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Attend L&D programs and exhibit a thorough knowledge of consulting methodology and consulting attributes. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About Skypoint Skypoint is a HITRUST r2-certified data unification and agentic AI platform that accelerates productivity and efficiency for healthcare organizations. Our platform empowers healthcare providers, payers, and senior care organizations to unify siloed data, model industry-specific ontologies, and deploy AI agents that automate workflows and enhance decision-making. Founded in 2020 in Portland, Oregon, Skypoint has grown to over 75 employees and serves more than 100 customers. We are proud to be ranked #26 on Deloitte’s 2024 Technology Fast 500™ list, recognizing the fastest-growing tech companies across North America, driven by our exceptional revenue growth over the past three years. Location: Global Technology Park, Marathahalli Outer Ring Road, Bellandur, Bengaluru, Karnataka -5 days/week (No hybrid or remote) Responsibilities: Collaborate with stakeholders to identify challenges and deliver tailored DevOps solutions. Design and implement DevOps architectures, roadmaps, and plans in alignment with the Azure Well-Architected Framework. Establish and manage Azure governance through Azure Policies, Azure Active Directory (AAD), and Azure RBAC. Build and maintain CI/CD pipelines using Azure DevOps (YAML or classic) for fully automated deployments. Automate cloud resource provisioning and management using Infrastructure as Code tools such as ARM, Bicep, and Terraform. Assess existing infrastructure and applications, provide optimization recommendations, and generate audit reports. Lead containerization initiatives, including Kubernetes-based architectures and deployment strategies. Ensure compliance with security, performance, and cost-efficiency standards. Stay current on emerging technologies, including DevOps, SecOps, and AI tools, to drive continuous improvement. Communicate technical concepts effectively to technical and non-technical stakeholders alike. Qualifications Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field.8-10 years of hands-on experience in DevOps, Site Reliability Engineering, or a related role. Proven expertise in deploying and managing Azure cloud environments. Strong proficiency in Azure resource management, cost optimization, and monitoring. Deep knowledge of CI/CD tools and Infrastructure as Code (Terraform proficiency is a must).Extensive experience with Kubernetes and containerized workload management. Familiarity with the Azure Well-Architected Framework for building secure and cost-effective solutions. Exceptional analytical, troubleshooting, and problem-solving skills. Excellent communication and leadership abilities. Experience as a foundational engineer in a startup is a plus. Certifications Microsoft Certified: Azure Solutions Architect ExpertMicrosoft Certified: Azure DevOps Engineer Expert Preferred Background: Experience working in healthcare technology, clinical data systems, or regulatory-compliant SaaS environments. Passion for building intelligent systems that have a real-world impact on healthcare outcomes. Life at Skypoint Life at Skypoint is vibrant and forward-thinking, focused on harnessing the power of AI and advanced technologies to innovate and solve real-world challenges. Our culture thrives on creativity, strategic thinking, and a commitment to excellence, offering a collaborative environment where every contribution is valued. We are dedicated to fostering personal and professional growth, ensuring team members have opportunities for advancement through continuous training and a flexible work-life balance. Skypoint offers competitive benefits, including comprehensive health insurance and retirement plans. What We Offer: Competitive compensation with stock options Comprehensive health benefits, including OPD & gym reimbursements and mental wellness support Onsite opportunity Continuous learning and career growth opportunities Join us to be part of a dynamic team that's shaping the future with groundbreaking solutions in AI and technology, all while enjoying a supportive and inclusive workplace

Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management

NationsBenefits is the leading provider of supplemental benefits, flex cards, and member engagement solutions that partners with managed care organizations to provide innovative healthcare solutions designed to drive growth, improve outcomes, reduce costs, and delight members. Our comprehensive suite of innovative supplemental benefits, payments platform, and member engagement solutions help health plans deliver high-quality benefits to their members, addressing social determinants of health and improving member health outcomes and satisfaction. With a compliance-focused infrastructure, proprietary technology systems, and premier service delivery model, we enable our health plan partners to deliver high-quality, valuebased care to millions of members. We offer a fulfilling work environment that attracts top talent and encourages all associates to do their part in delivering premier service to internal and external customers alike. It’s how we’re transforming the healthcare industry for the better. We provide career advancement opportunities within the organization with multiple locations in Florida, California, Pennsylvania, Tennessee, Texas, Utah, and India. You might also like to know that NationsBenefits is also recognized as one of the fastest growing companies in America. We’re proud of how far we’ve come, and a career with us also gives you growth opportunities. Position Overview The Senior Compliance Analyst is responsible for leading the assessment, monitoring, and maintenance of the organization’s internal control environment and compliance efforts related to key regulatory and industry standards, including HITRUST, SOC 2, and PCI DSS. This role will serve as a subject matter expert in audit readiness and compliance reporting, working closely with internal stakeholders, auditors, and assessors to ensure successful certification and audit outcomes. The Senior Compliance Analyst will also play a critical role in control testing, evidence gathering, and issue remediation tracking. Key Responsibilities Regulatory and Framework Compliance Oversight Serve as the internal point of contact for all matters related to HITRUST, SOC 2, and PCI DSS compliance. Coordinate and support the execution of external audits and assessments. Monitor ongoing compliance activities across departments to ensure adherence to regulatory requirements and industry frameworks. Maintain up-to-date knowledge of changes in applicable standards and regulations, proactively updating policies and controls. Internal Controls Monitoring and Testing Conduct routine internal control testing to validate design and operational effectiveness. Document findings, track remediation efforts, and escalate issues where necessary. Collaborate with control owners to ensure proper documentation, process alignment, and control maturity. Manage evidence collection and maintenance for audit readiness throughout the year. Audit Readiness and Execution Own end-to-end preparation for compliance audits including control mapping, pre-audit checks, and facilitating walkthroughs. Partner with internal teams and external auditors to manage audit logistics, request responses, and evidence delivery. Lead corrective action plans in response to audit findings. Policy and Procedure Support Assist in the development, review, and maintenance of compliance-related policies, procedures, and standard operating documents. Ensure controls and practices align with documentation and are consistently applied across the organization. Reporting and Risk Tracking Maintain dashboards and reports tracking control health, audit status, and compliance program KPIs. Support the GRC Director with compliance reporting for internal and external stakeholders. Qualifications Education Bachelor’s degree in information systems, Cybersecurity, Business Administration, or a related field. Master’s degree or equivalent experience preferred. Experience 4–6 years of experience in a compliance, risk, or IT audit role. Hands-on experience supporting HITRUST, SOC 2, or PCI DSS audits. Familiarity with risk assessment, control testing, and remediation tracking processes. Certifications (Preferred) Certified Information Systems Auditor (CISA) HITRUST Certified CSF Practitioner (CCSFP) Certified in Risk and Information Systems Control (CRISC) CompTIA Security+ or similar Skills Strong knowledge of compliance frameworks and internal control principles. Excellent project management and organizational skills. Ability to communicate effectively with both technical and non-technical stakeholders. Comfortable managing multiple priorities in a fast-paced environment. Proficiency with GRC tools and audit management platforms. Key Competencies Attention to Detail: Ability to meticulously validate evidence and control execution. Analytical Skills: Identify compliance gaps and recommend practical solutions. Collaboration: Work cross-functionally to gather evidence and align processes. Accountability: Drive audit preparation and closure of compliance gaps. Adaptability: Stay current with evolving regulatory requirements and apply them effectively

Hi , As per response to your profile which is uploaded in Job portals. Excellent job openings for Enterprise Security Archite ct in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Please Note:-please refer your friends who are looking for job changes. Job Description: Enterprise Security Architect. JD:- Required Experience & Education:- Experience Minimum of 10 years of experience in enterprise architecture. Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management 5. Certification Requirements /any-1. Required Certification in at least one of the common architecture frameworks (TOGAF, Zachman, DODAF, FEAF or FEAC) 2. Preferred Certifications in multiple common architecture frameworks such as TOGAF, Zachman, DODAF, FEAF, FEAC is preferred. Security industry certifications, such as CISSP, CISM etc Those who have relevant experience and Skills, as mentioned above please revert back ur updated resume to - Sreenivasa.k@happiestminds.com. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: Degree: Regards, Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Primary Responsibilities: Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelors degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification: CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.

Job Description 5+ years of experience in Information Security. Ensure compliance to client security requirements. Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc. Collaborate with IT, Finance, HR and other departments for various security related activities. Conduct security research and keep abreast of latest security trends and issues. Develop and maintain Information Security policies, procedures, standards and guidelines. Certification on ISO 27001 Lead Auditor. Skills Required RoleInformation security analyst Industry TypeITES/BPO/KPO Functional AreaITES/BPO/Customer Service Required Education Bachelors degree Employment TypeFull Time, Permanent Key Skills INFORMATION SECURITY ANALYST Other Information Job CodeGO/JC/353/2025 Recruiter NameDivya R Show more Show less

Location: Gurgaon, India (On‑site/Hybrid, Full‑time) Why Join Us? We’re a fast‑growing health‑tech company transforming Revenue Cycle Management (RCM) for hospitals, clinics, and physician groups. Our cloud‑native platform simplifies complex billing and claims workflows so providers can focus on patient care—not paperwork. As a Senior DevOps Engineer, you’ll be the architect behind the highly available, secure, and scalable infrastructure that keeps those mission‑critical systems running smoothly. What You’ll Do Own the Cloud Infrastructure Design and automate Azure environments with Terraform/ARM, delivering self‑service, repeatable deployments Build resilient network topologies and security controls that meet HIPAA & HITRUST standards Tune performance and cost—because every saved rupee goes back into innovation Ship Code Faster & Safer Create end‑to‑end CI/CD pipelines in Jenkins or GitLab that cut release time from hours to minutes Embed automated tests, quality gates, and blue‑green / canary strategies to achieve zero‑downtime releases Containerize microservices with Docker and orchestrate them with Kubernetes Keep the Lights On Roll out observability stacks (Azure Monitor, Log Analytics, Application Insights) with actionable dashboards and alerts Author incident‑response playbooks and join a low‑noise on‑call rotation Conduct regular security scans and vulnerability assessments—security is everyone’s job here Automate Everything Script in Bash, PowerShell, or Python to eliminate toil and empower developers with self‑service tools Advocate for Infrastructure‑as‑Code and GitOps best practices across teams What You Bring 5+ years in DevOps/SRE roles with deep Azure expertise Hands‑on mastery of Terraform or ARM Templates, Docker, Kubernetes, and CI/CD tooling Strong scripting chops (Python, Bash, PowerShell) Solid understanding of networking, IAM, and security hardening Bonus points for: healthcare/RCM experience, Azure certifications (AZ‑400, AZ‑104), database know‑how (SQL Server, MongoDB), and familiarity with microservices and API gateways Soft Skills We Value Relentless problem solver who thrives in high‑stakes production environments Clear communicator—able to translate “yak‑shaving” tech talk into business value for non‑technical stakeholders Collaborative team player who mentors others and welcomes feedback Self‑starter who can juggle multiple priorities and still hit aggressive deadlines Perks & Benefits Comprehensive medical, dental, and vision coverage for you and your family Annual learning budget for conferences, certifications, and courses—grow on our dime Performance bonuses tied to team and company milestones Flexible working hours and generous leave policy Latest MacBook Pro or high‑end Windows laptop—your choice On‑site wellness programs and monthly team‑building events Powered by JazzHR nn4sn5A5AR Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Role & responsibilities Understanding applicable regulations, standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCI-DSS, etc.) and industry best practices to manage risk and ensure compliance Perform process definition/update and deployment across all teams in consultation with the respective functions Identify best practices, drive continuous information security related process improvement and facilitate deployment of information security process changes Document the identified Information Security Policies and processes to ensure compliance with legal, regulatory and security standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCIDSS, etc.) and maintain the Information Security Management Systems. Perform due diligence for third party contracts and perform periodic 3rd party Risk Assessments. Drive and complete Information Security Assessments assigned to MRO by its clients. Manage and support Information Security Risk Management Lifecycle across MRO. Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspective. Own and drive the Information Security Incident Management Program at MRO. Be responsible for security audits performed at MRO based on HITRUST, HIPAA, PCI-DSS, TX-RAMP, etc. Drive the phishing simulation program at MRO and focus on its continual improvement. Drive Business Impact Analysis, Privacy Impact Analysis across MRO to determine and update applicable RTOs and RPOs. Technical/Domain Skills : Must have hands on experience of HITRUST based policy/process definition, implementation and participation in at-least one (1) full end to end HITRUST audit cycle Desirable: Knowledge/work experience on SOC2, HIPAA, PCI-DSS, TX-RAMP and NIST Cybersecurity Framework

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

About Us Decisions is a software development company headquartered in Virginia Beach, Virginia, USA, and it provides a no-code automation platform for all types of business processes. With the no-code automation platform, you can fix the customer experience, modernize legacy systems, ensure regulatory compliance, and automate anything in your business. We help people who know what to do, get it done, and change their world. Role Summary As a Compliance/Security Analyst, your daily work ensures organizational operations meet industry compliance standards to increase customer confidence in Decisions' platform, people, and processes. This role is directly responsible for collaborating with leadership, training employees on industry standards, developing policies, evaluating compliance, and communicating the security posture of Decisions with customers and Decisions leadership. You will strive to elevate the security of customer data as well as internal systems and tools by fighting the status quo of “security theater” to extend our culture of safety and security as a lifestyle in all facets of our business. Key Objectives Objective #1: Bolster Public Brand Trust Support Customer Growth Eliminate internal and external threats to our business Manage vulnerability scanning, reporting, and mitigation activities Identify and understand current organizational policies and practices Communicate with prospects, customers, and team members to continually increase confidence Contribute to the timely completion of accurate customer security questionnaires Observe and act as needed to advance our mission and who we are as an Organization Objective #2: Drive Business Alignment Steward a shared company culture of data security awareness Serve as Incident Response Coordinator during threat events Administer quarterly phish tests and implement remediation strategies Partner with IT to maintain principle of account least privilege Contribute to the org-wide Risk Register to proactively monitor, manage, and resolve business threats Advise on developing and implementing new compliance policies and procedures as required Collaborate with security champions within each department Complete timely and accurate Cloud Cost reporting and SLA reporting requests Objective #3: Maintain Regulatory Adherence Support real-time, collaborative audit readiness Complete internal and external security and privacy audits (ex: SOC2, HITRUST, PCI DSS, ISO27001, etc) Communicate with auditors and follow up on action items in a timely manner Contribute to internal audits to assess operational and procedural compliance Research industry regulations and policies Required Specialized Experience or Skills Technical adeptness and proficiency (if you’ve never used a computer, this is not the role for you) Experience prioritizing and completing multiple tasks on tight timelines Strong problem-solving skills as well as excellent process discipline, milestone management, and time management skills Ability to take in information and summarize the most important content Ability to listen attentively to others and communicate effectively both verbally and in writing Experience working on teams that require high levels of cooperation, flexibility, cross-group collaboration, and real-time response Ability to independently seek and find answers to complete tasks under narrow deadlines Attention to detail without losing sight of the big picture Preferred IT (Helpdesk, Technical Support, SysAdmin) and/or Customer Service Experience COMPTIA A+, Network+, and/or Security+ Exposure to performing key Information Security operational activities Experience with EDR/XDR, IDS/IPS systems Experience contributing to internal and external audits (ex: SOC2, ISO 27000, PCI DSS, HITRUST, FEDRAMP, etc) Experience using Public Clouds (bonus points for Azure or AWS certifications) Linux experience Other Industry certifications: CAP, CCSK, CISA, CCSP, CRISC, Linux+ Show more Show less

Job Title: Consultant Company: Veave Technologies Pvt. Ltd. Location: Jayanagar, Bangalore We're Hiring: Consultant Are you ready to take your career global? Join Veave Technologies as a Consultant and work on high-impact compliance projects across 20+ offices internationally! What You'll Do: * Be part of global projects involving various GRC frameworks, including ISO, CMMi, SOC PCIDSS, HIPAA, GDPR, SMETA, TISAX, HiTrust, HACCP, FSSC, NABL, NABH, and TQM. * Develop and implement robust GRC systems and ensure global regulatory compliance. * Deliver training, conduct incident investigations, and maintain documentation * Analyze legislative changes and prepare compliance reports * Collaborate with regulators and cross-cultural teams * Travel frequently for on-site project deliveryperfect for travel enthusiasts! Why Join Us: * Global Exposure: Work on diverse, international projectsfrom APAC to EMEA, LATAM, NA. *Professional Growth: Get sponsored for various training & certification for industry applicable frameworks. *Cultural Fit: Thrive in a Westernized, inclusive, and innovative corporate environment *Mentorship: Learn from global experts and accelerate your consulting career *Lifestyle Perks: Flexible working policies designed for a balanced global life What We Are Looking For: * 3+ years in GRC consulting, auditing, or management system implementation * Strong knowledge in any of the frameworks such as ISO, CMMi, SOC PCIDSS, HIPAA, GDPR, SMETA, TISAX, HiTrust, HACCP, FSSC, NABL, NABH, and TQM. * Communication excellence and cross-functional collaboration skills * Willingness to travel globally for audit and project delivery * Aspiring or certified Lead Auditor for GRC standards Interview Process: Round 1: Virtual Interview Round 2: Face-to-Face Interview at our Bangalore office Ready to elevate your career and explore the world? Apply now! Send your resume and a brief cover letter to hr@veave.in or recruiter04@topcertifier.com / +91 9035507154 IMMEDIATE JOINER's PREFERRED Lets build your futuretogethe r