353 Hitrust Jobs - Page 6

Position Overview The Director of Infrastructure, Cloud, and ML Operations is a critical role within Invent Health, responsible for architecting, scaling, securing, and managing the company’s technology platforms. This position blends technical expertise, strategic vision, and people leadership to ensure that all infrastructure and machine learning operations are robust, scalable, and aligned with the company’s growth ambitions. Key ResponsibilitiesInfrastructure Strategy & Architecture · Develop and execute a forward-looking infrastructure strategy across cloud and network environments, ensuring seamless alignment with business objectives and scalability requirements. · Design and maintain modern, scalable, and secure architectures supporting multi-tenancy, high availability, and disaster recovery. · Architect, implement, and operate cloud platforms (IaaS, PaaS, SaaS) for high performance, scalability, and security. Operational Excellence & Reliability · Ensure the operational reliability, uptime, and service availability of the SaaS platform, including rapid incident response and robust observability practices. · Implement monitoring and incident management best practices, utilizing KPIs to drive continuous improvement. DevOps & Automation incl. Cloud Ops · Advance DevOps practices by driving automation throughout CI/CD pipelines and adopting Infrastructure as Code (IaC) methodologies to accelerate deployments and enhance engineering efficiency. · Implement standardized processes for service provisioning, deployment, and maintenance, blending DevOps and SRE principles. · Automate cloud provisioning and management using IaC and DevOps methodologies to streamline deployments and reduce manual intervention. Customer Support & Incident Management · Diagnose and resolve customer issues and lead incident management processes. · Conduct root-cause analyses and oversee the remediation of critical incidents impacting service availability. Security & Compliance · Enforce security best practices and ensure compliance with relevant industry standards like SOC-2, HIPAA, HITRUST etc. · Implement and oversee security controls and compliance policies within cloud environments. · Lead disaster recovery planning, business continuity, and develop governance frameworks. Cross-functional Collaboration · Work closely with product, engineering, and executive teams to inform architectural decisions and support key company initiatives. · Manage vendor relationships, infrastructure budgets, and effectively communicate platform health and project outcomes to leadership. Team Leadership & Development · Build, mentor, and manage a high-performing engineering team, fostering a culture of innovation, accountability, and operational excellence. Specialized Operations AreaMachine Learning Operations (ML Ops) · Design and maintain ML infrastructure supporting the entire machine learning lifecycle: data ingestion, model training, validation, deployment, and monitoring. · Automate ML workflows with CI/CD pipelines tailored to machine learning models for reproducibility and reliability. · Monitor deployed models for performance, drift, and data quality, implementing alerting and retraining as required. · Ensure security, compliance, and governance of ML data, models, and endpoints in production. · Collaborate with data science and engineering teams to ensure smooth handoffs and operational support. · Optimize resource allocation for ML workloads, balancing cost, performance, and scalability in cloud-based environments. Qualifications · 10+ years’ experience in infrastructure, cloud, and (preferred 4 + years’ experience in machine learning operations). · Proficiency in cloud platforms (AWS preferred) DevOps tools, and Infrastructure as Code. · Strong knowledge of modern security and compliance standards for SaaS and ML operations. · Demonstrated success in team leadership and cross-functional collaboration. · Clear communication skills and the ability to translate technical concepts into business outcomes.

About Us We are a company where the ‘HOW’ of building software is just as important as the ‘WHAT.’ We partner with large organizations to modernize legacy codebases and collaborate with startups to launch MVPs, scale, or act as extensions of their teams. Guided by Software Craftsmanship values and eXtreme Programming Practices , we deliver high-quality, reliable software solutions tailored to our clients' needs. We Thrive To Bring our clients' dreams to life by being their trusted engineering partners, crafting innovative software solutions. Challenge offshore development stereotypes by delivering exceptional quality, and proving the value of craftsmanship. Empower clients to deliver value quickly and frequently to their end users. Ensure long-term success for our clients by building reliable, sustainable, and impactful solutions. Raise the bar of software craft by setting a new standard for the community. Our Core Values Quality with Pragmatism: We aim for excellence with a focus on practical solutions. Extreme Ownership: We own our work and its outcomes fully. Proactive Collaboration: Teamwork elevates us all. Pursuit of Mastery: Continuous growth drives us. Effective Feedback: Honest, constructive feedback fosters improvement. Client Success: Our clients’ success is our success. Experience Level This role is ideal for engineering managers with software engineering experience, including hands-on technical experience building cloud-based software solutions, and of managing software engineering teams. What You'll Do Partner with Product Management to define, assess, plan and execute the development of a new product. Partner with Product Management to establish and align on business, functional, and non-functional requirements; set clear, feasible software delivery expectations; collaborate on adapting to unexpected changes in plans and roadmaps; and to deliver on commitments with high reliability and accountability. Hands-on Engineering Manager who can operate as a technology strategist who understands modern cloud-based technology and SaaS product development; conducts technology assessments; evaluates existing products and 3rd party services for integration; and determines, recommends, and drives the development of a product architecture. Evaluate leading-edge technologies such as AI-based tools and integration patterns, and assets, for incorporation into the product offering in order to rapidly accelerate time-to-market Learn about and assess our products and technology services to determine how they might be leveraged to accelerate development and delivery of the solution. This includes SaaS products, data platforms and integration technologies. Build and provide technical leadership, direction and management to a high-performing, full-stack engineering team consisting of software, data, analytics and quality engineers, to rapidly deliver, enhance and maintain a best in class cloud-based product. Develop software products aligned to modern industry best practices and AWS well-architected framework. Software will be well documented, tested and maintained in our cloud-based git repository. Build and deploy software products within our cloud infrastructure while ensuring alignment with operational tools such as CircleCI, Datadog, Jira, GitHub and other mainstream tools within the organization. Coach exceptional, highly-skilled engineers; set clear goals; monitor performance and provide timely constructive feedback; and will continually work to optimize the performance, efficiency and effectiveness of your teams. Track team metrics, identify blockers to overall team effectiveness, and manage process improvements. Lead projects via agile methodologies where you will coach through sprint cycle stages, drive technology best practices and ensure work is accurately estimated, performance, and progress is tracked and reported to stakeholders. Work closely with our Information Security (InfoSec), Cloud Operations and other functional teams to ensure that product designs, engineering processes, and the management of data, align with our and industry policies and best practices. You will be accountable for ensuring that information is handled according to cybersecurity controls (e.g., SOC2, HITRUST), customer agreements, and legislative regulations (e.g., HIPAA). What We're Looking For Knowledge of software engineering practices, patterns for software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and release management. Knowledge of Agile methodologies and will bring your experience in leading and coaching Agile teams through planning, execution and delivery phases. Experience managing contract resources that may be geographically dispersed. Experience developing and/or leading fullstack teams that develop SaaS products utilizing frontend technologies such as ReactJS, NodeJs, JavaScript, TypeScript and mainstream backend languages like Java. Experience defining standards for unit, functional and end to end testing utilizing frameworks such Gherkins / Cucumber and Cypress. Solid background in cloud development including serverless compute, microservices, containers, and API development and deployment within cloud environments. Knowledge of DevOps and CI/CD pipelines and process automation, including the technologies and the processes around CI/CD development, to help accelerate delivery. Experience in Google Workspace (G-Suite) or Microsoft Office. Ideally, you have worked in the healthcare industry and understand the ecosystem and data security compliance, the customers, their interactions, the information that is coordinated, and client lifecycle challenges in this area. Experience with Search Engine Optimization (SEO) or integrations is a major plus. What We Offer Dedicated Learning & Development Budget: Fuel your growth with a budget dedicated solely to learning. Conference Talks Sponsorship: Amplify your voice! If you’re speaking at a conference, we’ll fully sponsor and support your talk. Cutting-Edge Projects: Work on exciting projects with the latest AI technologies Employee-Friendly Leave Policy: Recharge with ample leave options designed for a healthy work-life balance. Comprehensive Medical & Term Insurance: Full coverage for you and your family’s peace of mind. And More: Extra perks to support your well-being and professional growth. Work Environment Remote-First Culture: At Incubyte, we thrive on a culture of structured flexibility — while you have control over where and how you work, everyone commits to a consistent rhythm that supports their team during core working hours for smooth collaboration and timely project delivery. By striking the perfect balance between freedom and responsibility, we enable ourselves to deliver high-quality standards our customers recognize us by. With asynchronous tools and push for active participation, we foster a vibrant, hands-on environment where each team member’s engagement and contributions drive impactful results. Work-In-Person: Twice a year, we come together for two-week sprints to collaborate in person, foster stronger team bonds, and align on goals. Additionally, we host an annual retreat to recharge and connect as a team. All travel expenses are covered. Proactive Collaboration: Collaboration is central to our work. Through daily pair programming sessions, we focus on mentorship, continuous learning, and shared problem-solving. This hands-on approach keeps us innovative and aligned as a team. Incubyte is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Skills:- NodeJS (Node.js) and React.js

We are looking for Role: Consultant (Hitrust) Experience: 2-6 yrs Company Location: Bavdhan, Pune Work Mode: Remote RESPONSIBILITIES Lead the client audits/assessments and Interface with clients to review and analyze complex systems (Applications, Operating systems, Databases, and Networking devices), or Cloud technologies (AWS, Azure, GCP) to identify security gaps and missing security controls within the client environments as per the requirements defined in the security standards and regulations. Work with client to understand their business processes, analyze sensitive data flows (business and application data flows), network architecture, and define the proper audit/assessment scope. Perform reviews for client organizations information security policies and procedures against various industry standards and regulations, including HITRUST, HIPAA, and ISO 27001 Work on drafting information security policies and procedure documentation for clients as part of the consulting engagement Perform detailed risk assessment for the client environment, including their business processes and infrastructure, using risk management frameworks (ISO, NIST) Wherever possible, provide the audit/assessment scope reduction guidance to the client. Work independently with the client to perform audit interviews, collect, consolidate, and analyze evidence for the compliance assessment, and meet the internal quality assurance requirements throughout the assessment. Provide consulting guidance and recommendations to clients to help them meet the compliance requirements and improve their security posture in accordance with applicable security controls. Establish and maintain positive collaborative relationships with clients and stakeholders. Produce final reports on compliance to detail the controls observed during security assessments in accordance with various security standards and regulations. Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue. Collaborates with project managers, internal quality assurance group, sales, and other delivery team members to drive customer satisfaction and meet project deliverables. Work on continuous professional development in maintaining industry-specific certifications and strong depth of knowledge in the practice area. Travel to client sites as needed. DESIRED SKILLS Bachelors degree. A specialization in information assurance is preferred. At least 2-6 years of information security assessment experience, including for HITRUST, HIPAA, and ISO 27001 Ability to analyse network architectures and review the network device (Firewalls/ Switches/ Routers/ IDS/IPS/ Load Balancers etc.) and Servers/ Virtualization Devices configurations. Good understanding and audit experience for cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform) In-depth knowledge in IT Security Policies and Procedures that govern clients Information Security and Privacy programs. In-depth knowledge and experience in IT Security, including access controls, network security, logging/monitoring, vulnerability assessments, system hardening, secure software development, application security, encryption, and key management best practices etc. In-depth knowledge and experience with the HITRUST framework, HIPAA law, and Risk Management Standards (NIST/ISO) At least one certification from each group is preferred: Group 1- CISSP, CISA, CISM Group 2- ISO27001 Lead Implementer, ISO27001 Lead Auditor Good knowledge of common office tools Strong written and verbal communication skills Demonstrated ability to structure and lead projects successfully. Good project management and time management skills Strong technical research skills -- Muugddha Vanjarii 7822804824 mugdha.vanjari@sunbrilotechnologies.com

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech. The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally. Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States. It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment's notice, and mastering consistency in an ever-changing world. What We Offer: At TaskUs, we prioritize our employees' well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First. Security Compliance Analyst Security Compliance Analyst do? Think of yourself as someone who provides a pivotal role in the oversight and implementation of system-wide information security strategies and solutions. You will have a significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings. Imagine yourself going to work with one thing on your mind: to manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation. As a Security Compliance Analyst , you will: Evaluate and design security solutions Work with technicians throughout the company in implementing, maintaining and constantly improving information security practices, while managing and maintaining efforts in the areas of Information Security, Governance, Risk and Compliance. Manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation. Support the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001. Responsible for policy assessment of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of internal and external security audits and recommendations. Serve as audit liaison, compiling all evidence/documentation requests and reporting on the progress of audits to InfoSec and IT leadership. Key administrator for Cloud Access Security Broker policy management; support in the development and implementation of a corporate security & compliance awareness program Develop training and awareness efforts for employees, contractors and visitors - to establish a "culture of security" to prevent or mitigate security incidents. Conduct research on emerging practices, services, protocols, and standards - in support of system security and compliance enhancement and development efforts. Ensure security compliance with applicable regulations and other state and federal laws, keeping current on US, Philippines and international laws of operating countries, and industry regulations regarding data privacy and security. Assist in the development and maintenance of security operations procedures and processes and work with the business units outside of InfoSec to formally document policies and procedures recommend and support the deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises. Will work with security engineers for the optimal configuration of the network and host-based security platforms - aligned with compliance requirements Provide Incident Response support, as needed, for information security related events Participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies, based on security platform reporting, network traffic, log files, host-based and automated security alerts. Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. This may include participation in DRP exercises and continuous improvement processes; assisting in the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements. Do you have what it takes to become a Security Compliance Analyst ? Requirements: Bachelor's degree in MIS/Computer Science or Business and/or combination of education and relevant experience Must have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP ,CCIE or CEH. At least 5 years of experience, two of which are focused on IT security and/or IT audit In-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001 Must possess a strong understanding of enterprise, network, system and application level security issues; functional awareness of both Linux-based and MS Windows-based system platforms Has a strong IT technical understanding and aptitude for analytical problem-solving; understand enterprise computing environments, distributed applications, and understanding of TCP/IP networks Previous background working on system hardening processes, tools, guidelines and benchmarks Experience in DLP policy and vulnerability management scanning platforms Experience in Cloud Access Security Broker solutions is a distinct advantage Has knowledge of Business Continuity Management (BCM) and Business Impact Analysis (BIA) Has good Project Management skills with the ability to self-start projects Can handle sensitive and/or confidential material and information with suitable discretion About TaskUs TaskUs is a leading provider of outsourced digital services and next-generation customer experience to the world's most innovative companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery and ride-sharing, Technology, FinTech and HealthTech. As of March 31, 2023, TaskUs had a worldwide headcount of approximately 47,700 people across 27 locations in 13 countries, including the United States, the Philippines and India. In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics and circumstances. Inclusive and equitable practices is our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodation in any part of the hiring process, please let us know. "Please take note that TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs." How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs. DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know. We invite you to explore all TaskUs career opportunities and apply through the provided URL https://www.taskus.com/careers/ .

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management.Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

Job Description Security Compliance Analyst Security Compliance Analyst do? Think of yourself as someone who provides a pivotal role in the oversight and implementation of system-wide information security strategies and solutions. You will have a significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings. Imagine yourself going to work with one thing on your mind: to manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation. As a Security Compliance Analyst, You Will Evaluate and design security solutions Work with technicians throughout the company in implementing, maintaining and constantly improving information security practices, while managing and maintaining efforts in the areas of Information Security, Governance, Risk and Compliance. Manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation. Support the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001. Responsible for policy assessment of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of internal and external security audits and recommendations. Serve as audit liaison, compiling all evidence/documentation requests and reporting on the progress of audits to InfoSec and IT leadership. Key administrator for Cloud Access Security Broker policy management; support in the development and implementation of a corporate security & compliance awareness program Develop training and awareness efforts for employees, contractors and visitors - to establish a "culture of security" to prevent or mitigate security incidents. Conduct research on emerging practices, services, protocols, and standards - in support of system security and compliance enhancement and development efforts. Ensure security compliance with applicable regulations and other state and federal laws, keeping current on US, Philippines and international laws of operating countries, and industry regulations regarding data privacy and security. Assist in the development and maintenance of security operations procedures and processes and work with the business units outside of InfoSec to formally document policies and procedures recommend and support the deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises. Will work with security engineers for the optimal configuration of the network and host-based security platforms - aligned with compliance requirements Provide Incident Response support, as needed, for information security related events Participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies, based on security platform reporting, network traffic, log files, host-based and automated security alerts. Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. This may include participation in DRP exercises and continuous improvement processes; assisting in the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements. Do you have what it takes to become a Security Compliance Analyst ? Requirements Bachelor's degree in MIS/Computer Science or Business and/or combination of education and relevant experience Must have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP ,CCIE or CEH. At least 5 years of experience, two of which are focused on IT security and/or IT audit In-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001 Must possess a strong understanding of enterprise, network, system and application level security issues; functional awareness of both Linux-based and MS Windows-based system platforms Has a strong IT technical understanding and aptitude for analytical problem-solving; understand enterprise computing environments, distributed applications, and understanding of TCP/IP networks Previous background working on system hardening processes, tools, guidelines and benchmarks Experience in DLP policy and vulnerability management scanning platforms Experience in Cloud Access Security Broker solutions is a distinct advantage Has knowledge of Business Continuity Management (BCM) and Business Impact Analysis (BIA) Has good Project Management skills with the ability to self-start projects Can handle sensitive and/or confidential material and information with suitable discretion About TaskUs TaskUs is a leading provider of outsourced digital services and next-generation customer experience to the world's most innovative companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery and ride-sharing, Technology, FinTech and HealthTech. As of March 31, 2023, TaskUs had a worldwide headcount of approximately 47,700 people across 27 locations in 13 countries, including the United States, the Philippines and India. In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics and circumstances. Inclusive and equitable practices is our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodation in any part of the hiring process, please let us know. "Please take note that TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs." TaskUs is proud to be an equal opportunity workplace and is an affirmative action employer. We celebrate and support diversity; we are committed to creating an inclusive environment for all employees. TaskUs people first culture thrives on it for the benefit of our employees, our clients, our services, and our community. Req Id: R_2505_6519_1 Posted At: Tue May 20 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Strategy transforms organizations into intelligent enterprises through data-driven innovation. We match smart people to dynamic projects and technologies that truly challenge their talents. Curious and creative in outlook, our success is built on the talent and energy of smart and driven people. Strategy is a worldwide leader in enterprise analytics and mobility software. A pioneer in the BI and analytics space, Strategy delivers innovative software that empowers people to make better decisions and transform the way they do business. We provide our enterprise customers with world-class software and expert services so they can deploy unique intelligence applications. Ideal candidates will be located in Pune or within commutable distance. Job Description Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels Support AWS, Azure, and Google cloud operations in securing the public cloud environments Configure and troubleshoot IAM policies, Security Groups, Service Control Policies, Role based access control, and Managed Service Identities Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency Work closely with the network team to implement and maintain network access control technologies Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks Expertise in shell scripting and other programming languages, such as Python and Power Shell Proficiency in understanding and using regular expressions (regex) Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001 Guide the network and operations teams in implementing security best practices Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality Implement, and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management Support the efforts to develop operational best practice procedural documentation for operations staff Assist in the development and documentation of various systems, policies, procedures, and customer deliverables Research new products and make appropriate recommendations Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed Conduct on-going security assessments, document and track findings and remediation activities Provide on-call support as needed Qualifications BS in Computer Science, Engineering or related field desired Minimum 3 years of experience supporting enterprise level environment Must have a good understanding of the following: Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX. etc. Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS Working knowledge of firewall and web filtering technologies Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment Excellent verbal and written communication, presentation, and interpersonal skills Able to define, document and support systems, policies, and procedures Excellent analytic, problem solving and troubleshooting skills Good knowledge and experience designing network, system and application security architectures Ability to efficiently handle multiple projects with shifting priorities Able to anticipate and mitigate risks as well as define architectural solutions Additional Informatio The recruitment process includes online assessments as a first step (English, logic, design) - we send them via e-mail, please check also your SPAM folder

Opportunity: As the Director of Software Engineering at Get Well, you will lead the software engineering team in developing and scaling innovative healthcare solutions that improve patient care, optimize healthcare operations, and support cutting-edge technologies in a rapidly evolving industry. This leadership role requires a strategic thinker, hands-on technical expertise, and a passion for driving software innovation in the healthcare space. You will work closely with cross-functional teams to ensure software systems are secure, scalable, and comply with healthcare regulations. The Director of Ambulatory Software Engineering reports to the VP, Product Development, overseen by the SVP of Product Development Responsibilities : Software Development Strategy: Execute on the strategic direction for software architecture and development practices, ensuring that they meet business requirements and customer needs in the healthcare space. Drive the development and implementation of scalable and secure software systems. Manage software development life cycle (SDLC) from planning through deployment and ongoing maintenance. Collaboration & Stakeholder Management: Work closely with product management, operations, sales and customer success teams to define project requirements and deliver on timelines and performance expectations. Ensure alignment between engineering efforts and business priorities, ensuring that the team is focused on building impactful and high-value products. Interface with senior leadership to provide updates on engineering performance, project progress, and resource needs. Leadership & Team Management: Build and maintain a team of high-performing software engineers Lead, mentor, and manage software engineers, ensuring alignment with company goals and engineering best practices. Provide guidance in career development, performance reviews, and professional growth for direct reports. Foster a collaborative, innovative, and inclusive engineering culture that drives continuous improvement and technical excellence. Innovation & Continuous Improvement: Stay up to date with the latest technology trends, healthcare regulations, and software development methodologies to ensure the organization remains at the forefront of healthcare Technology. Encourage a culture of experimentation and innovation, exploring new technologies that can drive value in healthcare applications. Identify and lead initiatives to improve development processes, software quality, and operational efficiency. Regulatory Compliance & Security: Ensure all software products adhere to relevant regulatory standards such as HIPAA, Hitrust, SOC2, FedRAMP, FDA guidelines, and other healthcare compliance requirements. Lead security initiatives to ensure the protection of sensitive healthcare data and privacy for users, following best practices in data encryption and cybersecurity. Requirements: Bachelor's or Master's degree in Computer Science, Engineering, or a related field. 7+ years of experience in software engineering with at least 4 years in a leadership or managerial role, preferably within the healthcare technology sector. Proven track record of leading software engineering teams to deliver complex, large-scale healthcare software solutions. Experience working with healthcare data systems, EHR/EMR software, telemedicine, or health analytics platforms is highly desirable. Strong technical expertise in software engineering, including expertise with cloud technologies (AWS, Azure), backend systems, databases, and frontend development. Deep understanding of healthcare regulations, data privacy laws (HIPAA, HITECH), and industry standards. Experience in developing within a SOA or microservice architecture. Understanding of serverless and containerized services. Proficient in Agile development methodologies (Scrum, Kanban), with experience managing teams using Agile frameworks. Exceptional problem-solving skills with the ability to communicate complex technical concepts to non-technical stakeholders. Strong leadership and mentoring skills with a focus on building a high-performing engineering team. Excellent communication and interpersonal skills, with the ability to work collaboratively across departments. Strategic mindset with a passion for solving problems in the healthcare technology space. A proactive and results-oriented leader, able to thrive in a fast-paced, rapidly evolving environment. Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations About Get Well Technology: Excellent candidates have familiarity with the following technologies: Languages: Enterprise Java, Python, NodeJS, Javascript, SQL Modern Javascript frameworks, e.g. React, VueJS, Angular Single page applications AWS Core Technologies: ECS, EC2, Lambda, SQS, MSK, Bedrock, SES/Pinpoint, RDS/Aurora, API Gateway, Step Functions Relational and document DBMS US Healthcare interoperability technologies: HL7, FHIR, SMART EHR technology: Epic, Oracle Health Cerner US Healthcare coding systems: ICD-10, HCPCS, SNOMED, CPT, etc. About Get Well: Now part of the SAI Group family, Get Well is redefining digital patient engagement by putting patients in control of their personalized healthcare journeys, both inside and outside the hospital. Get Well is combining high-tech AI navigation with high-touch care experiences driving patient activation, loyalty, and outcomes while reducing the cost of care. For almost 25 years, Get Well has served more than 10 million patients per year across over 1,000 hospitals and clinical partner sites, working to use longitudinal data analytics to better serve patients and clinicians. AI innovator SAI Group led by Chairman Romesh Wadhwani is the lead growth investor in Get Well. Get Well's award-winning solutions were recognized again in 2024 by KLAS Research and AVIA Marketplace. Learn more at Get Well and follow-us on LinkedIn and Twitter. Get Well is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. About SAI Group: SAIGroup commits to $1 Billion capital, an advanced AI platform that currently processes 300M+ patients, and 4000+ global employee base to solve enterprise AI and high priority healthcare problems. SAIGroup - Growing companies with advanced AI; https://www.cnbc.com/2023/12/08/75-year-old-tech-mogul-betting-1-billion-of-his-fortune-on-ai-future.html Bio of our Chairman Dr. Romesh Wadhwani: Team - SAIGroup (Informal at Romesh Wadhwani - Wikipedia) TIME Magazine recently recognized Chairman Romesh Wadhwani as one of the Top 100 AI leaders in the world - Romesh and Sunil Wadhwani: The 100 Most Influential People in AI 2023 | TIME

Title: Director, QA Engineering Reporting to: VP, Product Development Location: Bengaluru (Bangalore) Get Well is seeking an experienced Director of QA Engineering to guide and mentor our QA team, champion best practices, and ensure the delivery of high-quality software solutions. You will serve as the key point of contact for all QA aspects of releases, coordinating QA resources and activities, and building robust test strategies and frameworks. This position reports directly to the VP, Product Development, collaborating with cross-functional teams to implement testing and automation strategies that ensure Get Well products and solutions have world class quality. Responsibilities Lead Get Well's global Quality Assurance team to ensure timely and stable releases Lead the testing efforts for all Get Well products Maintain release checklists/matrixes to ensure transparency of testing efforts Oversee, maintain, evaluate, and build upon our automated testing pipelines that run a few times a week overnight Continue to grow and improve automated testing technology and infrastructure Evaluate all production defects and enhance test scripts and automation to prevent future failures. Requirements Bachelor's or Master's degree in Computer Science, Engineering, or a related field. 7+ years of experience testing SaaS products in a fast-paced, high growth environment, including both products at early stages as well as products that have gone through the full product lifecycle with at least 4 years in a leadership or managerial role 2+ years experience in testing service oriented architectures that include decoupled, event based communication as well as API use 2+ year experience testing application delivered on AWS ecosystem technologies Deep knowledge and experience with testing automation frameworks and tools: Cypress, Playwright, Katalon, and pytest Experience in scripting with Python Experience in API contract testing Proven successful track record in juggling competing cross functional priorities simultaneously Both B2B and B2C SaaS experience and/or Healthcare Tech experience preferred; familiarity and experience with EMRs, health tech (e.g. FHIR, HITRUST, etc.), and other industry-specific domains Outstanding communication skills, both written and verbal Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations About Get Well: Now part of the SAI Group family, Get Well is redefining digital patient engagement by putting patients in control of their personalized healthcare journeys, both inside and outside the hospital. Get Well is combining high-tech AI navigation with high-touch care experiences driving patient activation, loyalty, and outcomes while reducing the cost of care. For almost 25 years, Get Well has served more than 10 million patients per year across over 1,000 hospitals and clinical partner sites, working to use longitudinal data analytics to better serve patients and clinicians. AI innovator SAI Group led by Chairman Romesh Wadhwani is the lead growth investor in Get Well. Get Well's award-winning solutions were recognized again in 2024 by KLAS Research and AVIA Marketplace. Learn more at Get Well and follow-us on LinkedIn and Twitter. Get Well is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. About SAI Group: SAIGroup commits to $1 Billion capital, an advanced AI platform that currently processes 300M+ patients, and 4000+ global employee base to solve enterprise AI and high priority healthcare problems. SAIGroup - Growing companies with advanced AI; https://www.cnbc.com/2023/12/08/75-year-old-tech-mogul-betting-1-billion-of-his-fortune-on-ai-future.html Bio of our Chairman Dr. Romesh Wadhwani: Team - SAIGroup (Informal at Romesh Wadhwani - Wikipedia) TIME Magazine recently recognized Chairman Romesh Wadhwani as one of the Top 100 AI leaders in the world - Romesh and Sunil Wadhwani: The 100 Most Influential People in AI 2023 | TIME

Title: Director, QA Engineering Reporting to: VP, Product Development Location: Bengaluru (Bangalore) Get Well is seeking an experienced Director of QA Engineering to guide and mentor our QA team, champion best practices, and ensure the delivery of high-quality software solutions. You will serve as the key point of contact for all QA aspects of releases, coordinating QA resources and activities, and building robust test strategies and frameworks. This position reports directly to the VP, Product Development, collaborating with cross-functional teams to implement testing and automation strategies that ensure Get Well products and solutions have world class quality. Responsibilities Lead Get Well’s global Quality Assurance team to ensure timely and stable releases Lead the testing efforts for all Get Well products Maintain release checklists/matrixes to ensure transparency of testing efforts Oversee, maintain, evaluate, and build upon our automated testing pipelines that run a few times a week overnight Continue to grow and improve automated testing technology and infrastructure Evaluate all production defects and enhance test scripts and automation to prevent future failures. Requirements Bachelor's or Master’s degree in Computer Science, Engineering, or a related field. 7+ years of experience testing SaaS products in a fast-paced, high growth environment, including both products at early stages as well as products that have gone through the full product lifecycle with at least 4 years in a leadership or managerial role 2+ years experience in testing service oriented architectures that include decoupled, event based communication as well as API use 2+ year experience testing application delivered on AWS ecosystem technologies Deep knowledge and experience with testing automation frameworks and tools: Cypress, Playwright, Katalon, and pytest Experience in scripting with Python Experience in API contract testing Proven successful track record in juggling competing cross functional priorities simultaneously Both B2B and B2C SaaS experience and/or Healthcare Tech experience preferred; familiarity and experience with EMRs, health tech (e.g. FHIR, HITRUST, etc.), and other industry-specific domains Outstanding communication skills, both written and verbal Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations About Get Well Now part of the SAI Group family, Get Well is redefining digital patient engagement by putting patients in control of their personalized healthcare journeys, both inside and outside the hospital. Get Well is combining high-tech AI navigation with high-touch care experiences driving patient activation, loyalty, and outcomes while reducing the cost of care. For almost 25 years, Get Well has served more than 10 million patients per year across over 1,000 hospitals and clinical partner sites, working to use longitudinal data analytics to better serve patients and clinicians. AI innovator SAI Group led by Chairman Romesh Wadhwani is the lead growth investor in Get Well. Get Well’s award-winning solutions were recognized again in 2024 by KLAS Research and AVIA Marketplace. Learn more at Get Well and follow-us on LinkedIn and Twitter. Get Well is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. About SAI Group SAIGroup commits to $1 Billion capital, an advanced AI platform that currently processes 300M+ patients, and 4000+ global employee base to solve enterprise AI and high priority healthcare problems. SAIGroup - Growing companies with advanced AI; https://www.cnbc.com/2023/12/08/75-year-old-tech-mogul-betting-1-billion-of-his-fortune-on-ai-future.html Bio of our Chairman Dr. Romesh Wadhwani: Team - SAIGroup (Informal at Romesh Wadhwani - Wikipedia) TIME Magazine recently recognized Chairman Romesh Wadhwani as one of the Top 100 AI leaders in the world - Romesh and Sunil Wadhwani: The 100 Most Influential People in AI 2023 | TIME

Area(s) of responsibility Cybersecurity Third Party Risk Assessor – Qualifications And Skillset Bachelor's Degree in Information Security, Cyber Security, or related Experience in conducting cybersecurity third-party risk assessments and an understanding of the associated organizational infrastructure (e.g. Relevant internal controls, business processes, governance structures etc.) Strong understanding of the TPRM Framework, Risk Management and Information Security Practices Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Technical Cyber Security Certification through one recognised body such as SANS, ISACA, (ICS)2, CompTIA, Cisco, CERT, etc. Preference towards CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer

Function Technology Product & Platform Management Sub function Platform/Cloud Engineering Category Senior Engineer, Platform/Cloud Engineering (ST6) Location Bangalore / India Date posted Jun 30 2025 Requisition number R-017229 Work pattern Fully Onsite Description At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com Job Function: Technology Product & Platform Management Job Sub Function: Platform/Cloud Engineering Job Category: Scientific/Technology All Job Posting Locations: Bangalore, Karnataka, India Job Description: Johnson & Johnson is looking for a Senior Software Engineer within the Digital Surgery Platform (DSP) Core Platform Services team who will join a team of hard working Infrastructure Engineers, tasked with maintaining and deploying the underlying infrastructure needed to support DSP applications and services. Our team is on a journey to create an automated infrastructure deployment capability that is highly predictable and repeatable, eliminating many of the common difficulties to scale infrastructure on demand. We are seeking a candidate motivated by challenges, who strives to build a collaborative and cohesive environment within the Core Platform Services team and Digital Surgery Platform as a whole. As the world's most comprehensive MedTech business, J&J Medical Technology Companies are building on a century of experience, merging science and technology, to shape the future of health and benefit even more people around the world. With our unparalleled breadth, depth and reach across surgery, orthopedics and interventional solutions, we're working to profoundly change the way care is delivered. We are in this for life. For more information, visit https://www.jnjmedtech.com/en-US. The DSEP team places a large emphasis on improving individual strengths to not only accelerate delivery but propel career growth forward. As a team, we are committed to encouraging a supportive environment and will provide many opportunities for learning new skills. We invite you to be part of our lasting impact on patient lives by joining a ground-breaking team in the world of surgical innovation. Key Responsibilities Development of Infrastructure as Code (IaC) Terraform Modules used to deploy and update Infrastructure in Azure Work with Product Owners and Technical Leads to implement infrastructure designs that follow J&J and External regulatory requirements Design, develop, deploy and monitor development tools on Azure in support of DSP Application and Tenant development Support RBAC and security strategy in collaboration with ISRM partners Lead Core Platform Services Infrastructure Engineering efforts Qualifications Education Bachelor's Degree or equivalent experience in IT (or related degree) Experience and Skills Mandatory: At least 5 years of IT experience, specifically on Azure with a focus on Infrastructure deployments via IaC Sound understanding of Terraform and ability to demonstrate alignment to Terraform recommended practices Experience developing within an Agile methodology Preferred Relevant Azure certification (e.g. Azure Fundamentals, Azure Developer) Demonstrated experience working with Azure Compute Services (Especially Azure Kubernetes Services) Experience working with Terragrunt Familiar with Jenkins as a tool to automate IaC Deployments HIPAA, HITRUST, GDPR, ISO 27001 familiarity Excellent written and verbal communication skills Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com Job Function: Technology Product & Platform Management Job Sub Function: Platform/Cloud Engineering Job Category: Scientific/Technology All Job Posting Locations: Bangalore, Karnataka, India Job Description: Johnson & Johnson is looking for a Senior Software Engineer within the Digital Surgery Platform (DSP) Core Platform Services team who will join a team of hard working Infrastructure Engineers, tasked with maintaining and deploying the underlying infrastructure needed to support DSP applications and services. Our team is on a journey to create an automated infrastructure deployment capability that is highly predictable and repeatable, eliminating many of the common difficulties to scale infrastructure on demand. We are seeking a candidate motivated by challenges, who strives to build a collaborative and cohesive environment within the Core Platform Services team and Digital Surgery Platform as a whole. As the world's most comprehensive MedTech business, J&J Medical Technology Companies are building on a century of experience, merging science and technology, to shape the future of health and benefit even more people around the world. With our unparalleled breadth, depth and reach across surgery, orthopedics and interventional solutions, we're working to profoundly change the way care is delivered. We are in this for life. For more information, visit https://www.jnjmedtech.com/en-US . The DSEP team places a large emphasis on improving individual strengths to not only accelerate delivery but propel career growth forward. As a team, we are committed to encouraging a supportive environment and will provide many opportunities for learning new skills. We invite you to be part of our lasting impact on patient lives by joining a ground-breaking team in the world of surgical innovation. Key Responsibilities Development of Infrastructure as Code (IaC) Terraform Modules used to deploy and update Infrastructure in Azure Work with Product Owners and Technical Leads to implement infrastructure designs that follow J&J and External regulatory requirements Design, develop, deploy and monitor development tools on Azure in support of DSP Application and Tenant development Support RBAC and security strategy in collaboration with ISRM partners Lead Core Platform Services Infrastructure Engineering efforts Qualifications Education Bachelor's Degree or equivalent experience in IT (or related degree) Experience and Skills Mandatory: At least 5 years of IT experience, specifically on Azure with a focus on Infrastructure deployments via IaC Sound understanding of Terraform and ability to demonstrate alignment to Terraform recommended practices Experience developing within an Agile methodology Preferred Relevant Azure certification (e.g. Azure Fundamentals, Azure Developer) Demonstrated experience working with Azure Compute Services (Especially Azure Kubernetes Services) Experience working with Terragrunt Familiar with Jenkins as a tool to automate IaC Deployments HIPAA, HITRUST, GDPR, ISO 27001 familiarity Excellent written and verbal communication skills Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com .

Job Title: IT Advisory – SOC Assurance Specialist Location: Bengaluru / Kolkata, India Employment Type: Full-Time Department: Special Attestation Reporting (SASS) Key Responsibilities: Manage and execute multiple client engagements related to SOC 1, SOC 2, SOC 3, and HITRUST assessments. Perform IT General Controls (ITGC) testing across applications, ERPs, operating systems, and databases. Conduct Test of Design (ToD) and Test of Operating Effectiveness (ToE) using industry frameworks (COSO, COBIT, ISO, ERM). Monitor engagement timelines, quality standards, and proactively address issues or risks. Prepare detailed reports, client deliverables, and engagement status updates. Ensure adherence to internal quality and risk management procedures. Drive productivity improvement initiatives and contribute to engagement planning. Handle client communications and maintain strong relationships with stakeholders including Partners, Project Managers, and Directors. Assist senior leadership in developing methodologies, training programs, and process enhancements. Mentor junior staff, conduct performance coaching, and contribute to team development. Participate in knowledge-sharing sessions and promote a positive, inclusive team culture. Identify and support business development opportunities within existing engagements. Required Skills & Competencies: Hands-on experience with: SOC 1/2/3 assessments and reporting (SSAE 18) HITRUST and HIPAA-related audits ITGCs across various technology platforms (Applications, OS, ERP, DB) Business Process Control reviews Knowledge of audit frameworks such as COSO, COBIT, ISO, and ERM. Familiarity with internal audit standards (IIA, ICAI, ISACA). Strong documentation, presentation, and stakeholder management skills. Proficiency in Microsoft Office tools – Excel, Word, PowerPoint, Access. Experience working with offshore and onshore delivery models is a plus. Excellent written, verbal communication, and interpersonal skills. Preferred Qualifications: Bachelor’s or Master’s degree in Information Technology, Computer Science, or a related field. Relevant certifications (CISA, CPA, CA, or equivalent) preferred.

Qualification: Bachelors degree in computer Science or IT higher-level qualification Perform 3rd-party audits and trainings according to ISO/IEC 27001, ISO 9001 & other IT specific standards/ frameworks Provide timely and accurate reviews of client’s corrective action and closure. Minimum 5+ years’ Experience in IT /Management system Implementation / certification and Minimum 2 years of profound experience in the field of information security. Great attitude, Analytical skills and communication skills. Preferred: IRCA Certified, ITIL Certified, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks. Able to travel for business purpose(70-80%).

Qualification: Bachelors degree in computer Science or IT higher-level qualification Perform 3rd-party audits and trainings according to ISO/IEC 27001, ISO 9001 & other IT specific standards/ frameworks Provide timely and accurate reviews of client’s corrective action and closure. Minimum 5+ years’ Experience in IT /Management system Implementation / certification and Minimum 2 years of profound experience in the field of information security. Great attitude, Analytical skills and communication skills. Preferred: IRCA Certified, ITIL Certified, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks. Able to travel for business purpose(70-80%).