349 Hitrust Jobs - Page 8

NationsBenefits is the leading provider of supplemental benefits, flex cards, and member engagement solutions that partners with managed care organizations to provide innovative healthcare solutions designed to drive growth, improve outcomes, reduce costs, and delight members. Our comprehensive suite of innovative supplemental benefits, payments platform, and member engagement solutions help health plans deliver high-quality benefits to their members, addressing social determinants of health and improving member health outcomes and satisfaction. With a compliance-focused infrastructure, proprietary technology systems, and premier service delivery model, we enable our health plan partners to deliver high-quality, valuebased care to millions of members. We offer a fulfilling work environment that attracts top talent and encourages all associates to do their part in delivering premier service to internal and external customers alike. It’s how we’re transforming the healthcare industry for the better. We provide career advancement opportunities within the organization with multiple locations in Florida, California, Pennsylvania, Tennessee, Texas, Utah, and India. You might also like to know that NationsBenefits is also recognized as one of the fastest growing companies in America. We’re proud of how far we’ve come, and a career with us also gives you growth opportunities. Position Overview The Senior Compliance Analyst is responsible for leading the assessment, monitoring, and maintenance of the organization’s internal control environment and compliance efforts related to key regulatory and industry standards, including HITRUST, SOC 2, and PCI DSS. This role will serve as a subject matter expert in audit readiness and compliance reporting, working closely with internal stakeholders, auditors, and assessors to ensure successful certification and audit outcomes. The Senior Compliance Analyst will also play a critical role in control testing, evidence gathering, and issue remediation tracking. Key Responsibilities Regulatory and Framework Compliance Oversight Serve as the internal point of contact for all matters related to HITRUST, SOC 2, and PCI DSS compliance. Coordinate and support the execution of external audits and assessments. Monitor ongoing compliance activities across departments to ensure adherence to regulatory requirements and industry frameworks. Maintain up-to-date knowledge of changes in applicable standards and regulations, proactively updating policies and controls. Internal Controls Monitoring and Testing Conduct routine internal control testing to validate design and operational effectiveness. Document findings, track remediation efforts, and escalate issues where necessary. Collaborate with control owners to ensure proper documentation, process alignment, and control maturity. Manage evidence collection and maintenance for audit readiness throughout the year. Audit Readiness and Execution Own end-to-end preparation for compliance audits including control mapping, pre-audit checks, and facilitating walkthroughs. Partner with internal teams and external auditors to manage audit logistics, request responses, and evidence delivery. Lead corrective action plans in response to audit findings. Policy and Procedure Support Assist in the development, review, and maintenance of compliance-related policies, procedures, and standard operating documents. Ensure controls and practices align with documentation and are consistently applied across the organization. Reporting and Risk Tracking Maintain dashboards and reports tracking control health, audit status, and compliance program KPIs. Support the GRC Director with compliance reporting for internal and external stakeholders. Qualifications Education Bachelor’s degree in information systems, Cybersecurity, Business Administration, or a related field. Master’s degree or equivalent experience preferred. Experience 4–6 years of experience in a compliance, risk, or IT audit role. Hands-on experience supporting HITRUST, SOC 2, or PCI DSS audits. Familiarity with risk assessment, control testing, and remediation tracking processes. Certifications (Preferred) Certified Information Systems Auditor (CISA) HITRUST Certified CSF Practitioner (CCSFP) Certified in Risk and Information Systems Control (CRISC) CompTIA Security+ or similar Skills Strong knowledge of compliance frameworks and internal control principles. Excellent project management and organizational skills. Ability to communicate effectively with both technical and non-technical stakeholders. Comfortable managing multiple priorities in a fast-paced environment. Proficiency with GRC tools and audit management platforms. Key Competencies Attention to Detail: Ability to meticulously validate evidence and control execution. Analytical Skills: Identify compliance gaps and recommend practical solutions. Collaboration: Work cross-functionally to gather evidence and align processes. Accountability: Drive audit preparation and closure of compliance gaps. Adaptability: Stay current with evolving regulatory requirements and apply them effectively

Hi , As per response to your profile which is uploaded in Job portals. Excellent job openings for Enterprise Security Archite ct in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Please Note:-please refer your friends who are looking for job changes. Job Description: Enterprise Security Architect. JD:- Required Experience & Education:- Experience Minimum of 10 years of experience in enterprise architecture. Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management 5. Certification Requirements /any-1. Required Certification in at least one of the common architecture frameworks (TOGAF, Zachman, DODAF, FEAF or FEAC) 2. Preferred Certifications in multiple common architecture frameworks such as TOGAF, Zachman, DODAF, FEAF, FEAC is preferred. Security industry certifications, such as CISSP, CISM etc Those who have relevant experience and Skills, as mentioned above please revert back ur updated resume to - Sreenivasa.k@happiestminds.com. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: Degree: Regards, Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Primary Responsibilities: Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelors degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification: CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.

Job Description 5+ years of experience in Information Security. Ensure compliance to client security requirements. Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc. Collaborate with IT, Finance, HR and other departments for various security related activities. Conduct security research and keep abreast of latest security trends and issues. Develop and maintain Information Security policies, procedures, standards and guidelines. Certification on ISO 27001 Lead Auditor. Skills Required RoleInformation security analyst Industry TypeITES/BPO/KPO Functional AreaITES/BPO/Customer Service Required Education Bachelors degree Employment TypeFull Time, Permanent Key Skills INFORMATION SECURITY ANALYST Other Information Job CodeGO/JC/353/2025 Recruiter NameDivya R Show more Show less

Location: Gurgaon, India (On‑site/Hybrid, Full‑time) Why Join Us? We’re a fast‑growing health‑tech company transforming Revenue Cycle Management (RCM) for hospitals, clinics, and physician groups. Our cloud‑native platform simplifies complex billing and claims workflows so providers can focus on patient care—not paperwork. As a Senior DevOps Engineer, you’ll be the architect behind the highly available, secure, and scalable infrastructure that keeps those mission‑critical systems running smoothly. What You’ll Do Own the Cloud Infrastructure Design and automate Azure environments with Terraform/ARM, delivering self‑service, repeatable deployments Build resilient network topologies and security controls that meet HIPAA & HITRUST standards Tune performance and cost—because every saved rupee goes back into innovation Ship Code Faster & Safer Create end‑to‑end CI/CD pipelines in Jenkins or GitLab that cut release time from hours to minutes Embed automated tests, quality gates, and blue‑green / canary strategies to achieve zero‑downtime releases Containerize microservices with Docker and orchestrate them with Kubernetes Keep the Lights On Roll out observability stacks (Azure Monitor, Log Analytics, Application Insights) with actionable dashboards and alerts Author incident‑response playbooks and join a low‑noise on‑call rotation Conduct regular security scans and vulnerability assessments—security is everyone’s job here Automate Everything Script in Bash, PowerShell, or Python to eliminate toil and empower developers with self‑service tools Advocate for Infrastructure‑as‑Code and GitOps best practices across teams What You Bring 5+ years in DevOps/SRE roles with deep Azure expertise Hands‑on mastery of Terraform or ARM Templates, Docker, Kubernetes, and CI/CD tooling Strong scripting chops (Python, Bash, PowerShell) Solid understanding of networking, IAM, and security hardening Bonus points for: healthcare/RCM experience, Azure certifications (AZ‑400, AZ‑104), database know‑how (SQL Server, MongoDB), and familiarity with microservices and API gateways Soft Skills We Value Relentless problem solver who thrives in high‑stakes production environments Clear communicator—able to translate “yak‑shaving” tech talk into business value for non‑technical stakeholders Collaborative team player who mentors others and welcomes feedback Self‑starter who can juggle multiple priorities and still hit aggressive deadlines Perks & Benefits Comprehensive medical, dental, and vision coverage for you and your family Annual learning budget for conferences, certifications, and courses—grow on our dime Performance bonuses tied to team and company milestones Flexible working hours and generous leave policy Latest MacBook Pro or high‑end Windows laptop—your choice On‑site wellness programs and monthly team‑building events Powered by JazzHR nn4sn5A5AR Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Role & responsibilities Understanding applicable regulations, standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCI-DSS, etc.) and industry best practices to manage risk and ensure compliance Perform process definition/update and deployment across all teams in consultation with the respective functions Identify best practices, drive continuous information security related process improvement and facilitate deployment of information security process changes Document the identified Information Security Policies and processes to ensure compliance with legal, regulatory and security standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCIDSS, etc.) and maintain the Information Security Management Systems. Perform due diligence for third party contracts and perform periodic 3rd party Risk Assessments. Drive and complete Information Security Assessments assigned to MRO by its clients. Manage and support Information Security Risk Management Lifecycle across MRO. Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspective. Own and drive the Information Security Incident Management Program at MRO. Be responsible for security audits performed at MRO based on HITRUST, HIPAA, PCI-DSS, TX-RAMP, etc. Drive the phishing simulation program at MRO and focus on its continual improvement. Drive Business Impact Analysis, Privacy Impact Analysis across MRO to determine and update applicable RTOs and RPOs. Technical/Domain Skills : Must have hands on experience of HITRUST based policy/process definition, implementation and participation in at-least one (1) full end to end HITRUST audit cycle Desirable: Knowledge/work experience on SOC2, HIPAA, PCI-DSS, TX-RAMP and NIST Cybersecurity Framework

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service (TPRaaS) – Staff As part of our TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Staff with expertise in Third Party Risk Management to join the leadership group of our TPRaaS team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities . Participate in vendor calls / client interactions by providing delivery updates. Follow policies and procedures that support the successful implementation of TPRM operating models. Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements. Participate in assessing the application of legal and regulatory requirements to clients TPRM practices. Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Understand the process gaps and propose preventive/corrective action where appropriate. Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfill project activities to achieve exceptional client service Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college. 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices. Good to have exposure in Contract Risk Reviews. Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc). Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc Basic knowledge of privacy regulations such as GDPR, CCPA, etc Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. An opportunity to be a part of a market-leading, multi-disciplinary team of professionals, in the only integrated global transaction business worldwide. Opportunities to work with TPRaaS practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Third-Party Risk as a Service – Senior As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity We’re looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your Key Responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Assist / Mentor team members in vendor calls / client interactions by providing delivery updates. Perform Quality Checks on work products before delivering it to the end clients. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. Skills And Attributes For Success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. What We Look For A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What Working At EY Offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

About Us Decisions is a software development company headquartered in Virginia Beach, Virginia, USA, and it provides a no-code automation platform for all types of business processes. With the no-code automation platform, you can fix the customer experience, modernize legacy systems, ensure regulatory compliance, and automate anything in your business. We help people who know what to do, get it done, and change their world. Role Summary As a Compliance/Security Analyst, your daily work ensures organizational operations meet industry compliance standards to increase customer confidence in Decisions' platform, people, and processes. This role is directly responsible for collaborating with leadership, training employees on industry standards, developing policies, evaluating compliance, and communicating the security posture of Decisions with customers and Decisions leadership. You will strive to elevate the security of customer data as well as internal systems and tools by fighting the status quo of “security theater” to extend our culture of safety and security as a lifestyle in all facets of our business. Key Objectives Objective #1: Bolster Public Brand Trust Support Customer Growth Eliminate internal and external threats to our business Manage vulnerability scanning, reporting, and mitigation activities Identify and understand current organizational policies and practices Communicate with prospects, customers, and team members to continually increase confidence Contribute to the timely completion of accurate customer security questionnaires Observe and act as needed to advance our mission and who we are as an Organization Objective #2: Drive Business Alignment Steward a shared company culture of data security awareness Serve as Incident Response Coordinator during threat events Administer quarterly phish tests and implement remediation strategies Partner with IT to maintain principle of account least privilege Contribute to the org-wide Risk Register to proactively monitor, manage, and resolve business threats Advise on developing and implementing new compliance policies and procedures as required Collaborate with security champions within each department Complete timely and accurate Cloud Cost reporting and SLA reporting requests Objective #3: Maintain Regulatory Adherence Support real-time, collaborative audit readiness Complete internal and external security and privacy audits (ex: SOC2, HITRUST, PCI DSS, ISO27001, etc) Communicate with auditors and follow up on action items in a timely manner Contribute to internal audits to assess operational and procedural compliance Research industry regulations and policies Required Specialized Experience or Skills Technical adeptness and proficiency (if you’ve never used a computer, this is not the role for you) Experience prioritizing and completing multiple tasks on tight timelines Strong problem-solving skills as well as excellent process discipline, milestone management, and time management skills Ability to take in information and summarize the most important content Ability to listen attentively to others and communicate effectively both verbally and in writing Experience working on teams that require high levels of cooperation, flexibility, cross-group collaboration, and real-time response Ability to independently seek and find answers to complete tasks under narrow deadlines Attention to detail without losing sight of the big picture Preferred IT (Helpdesk, Technical Support, SysAdmin) and/or Customer Service Experience COMPTIA A+, Network+, and/or Security+ Exposure to performing key Information Security operational activities Experience with EDR/XDR, IDS/IPS systems Experience contributing to internal and external audits (ex: SOC2, ISO 27000, PCI DSS, HITRUST, FEDRAMP, etc) Experience using Public Clouds (bonus points for Azure or AWS certifications) Linux experience Other Industry certifications: CAP, CCSK, CISA, CCSP, CRISC, Linux+ Show more Show less

Job Title: Consultant Company: Veave Technologies Pvt. Ltd. Location: Jayanagar, Bangalore We're Hiring: Consultant Are you ready to take your career global? Join Veave Technologies as a Consultant and work on high-impact compliance projects across 20+ offices internationally! What You'll Do: * Be part of global projects involving various GRC frameworks, including ISO, CMMi, SOC PCIDSS, HIPAA, GDPR, SMETA, TISAX, HiTrust, HACCP, FSSC, NABL, NABH, and TQM. * Develop and implement robust GRC systems and ensure global regulatory compliance. * Deliver training, conduct incident investigations, and maintain documentation * Analyze legislative changes and prepare compliance reports * Collaborate with regulators and cross-cultural teams * Travel frequently for on-site project deliveryperfect for travel enthusiasts! Why Join Us: * Global Exposure: Work on diverse, international projectsfrom APAC to EMEA, LATAM, NA. *Professional Growth: Get sponsored for various training & certification for industry applicable frameworks. *Cultural Fit: Thrive in a Westernized, inclusive, and innovative corporate environment *Mentorship: Learn from global experts and accelerate your consulting career *Lifestyle Perks: Flexible working policies designed for a balanced global life What We Are Looking For: * 3+ years in GRC consulting, auditing, or management system implementation * Strong knowledge in any of the frameworks such as ISO, CMMi, SOC PCIDSS, HIPAA, GDPR, SMETA, TISAX, HiTrust, HACCP, FSSC, NABL, NABH, and TQM. * Communication excellence and cross-functional collaboration skills * Willingness to travel globally for audit and project delivery * Aspiring or certified Lead Auditor for GRC standards Interview Process: Round 1: Virtual Interview Round 2: Face-to-Face Interview at our Bangalore office Ready to elevate your career and explore the world? Apply now! Send your resume and a brief cover letter to hr@veave.in or recruiter04@topcertifier.com / +91 9035507154 IMMEDIATE JOINER's PREFERRED Lets build your futuretogethe r

Greetings from Access Healthcare" We are hiring for Senior Client Partner - Corporate Quality Experience: - 3-5 years Designation: - Senior Client Partner Location:- Chennai Shift : - General shift Competency Requirement (Technical & Behavioral): To upkeep audit related quality documents. To ensure Internal audits are as per the plan from the centralized team and execute them accordingly. Conduct Business Impact Analysis / Risk Assessment with respective stakeholders to perform the risk evaluation and review of risk treatment on a periodical basis. Coordinate with internal stakeholders to get the audit data during the internal and external audits. Support during the Integrated Management System documentation preparation and sharing the consolidated documents with the Corporate Quality team for review on a periodical basis. Support during external audits. To drive the BCP/DR execution for the site. Defining and maintaining the BCMS framework as authorized and directed by the Head of BCM. Facilitating effective BCM implementation across locations globally. Conduct awareness and training on Information Security & Business continuity Eligibility Criteria : Overall, 3-5 years of experience in a BPO/KPO/Health care services or IT industry with Minimum of 3 year's experience in Corporate Quality (ISMS/SOC/PCI-DSS/HITRUST Certification) • ISO 27001, ISO 22301, ISO 9001:2015, SOC, HITRUST. If interested to apply, email your resume to snithin.sai@accesshealthcare.com or Whatsapp : 9962389886.

Company Description Inovaare Corporation combines innovation with AI-powered health cloud platforms and healthcare SaaS solutions to streamline operations, enhance compliance, and improve member satisfaction. Their HIPAA-compliant, HITRUST-certified platform integrates seamlessly with operations and offers low-code/no-code app building, real-time analytics, and integrated AI for advanced compliance monitoring. Paired with SaaS products like Usher AI, Member Experience Tools, Regulatory Compliance Management, and Healthcare Data Scrubbers, Inovaare Corporation drives measurable results in healthcare organizations. Role Description This is a full-time on-site Email Marketing Specialist role located in Bhubaneswar. The Email Marketing Specialist will be responsible for day-to-day tasks such as marketing analytics, communication, lead generation, marketing automation, and email marketing software management. Qualifications Marketing Analytics and Communication skills Lead Generation and Marketing Automation expertise Email Marketing Software proficiency Strong analytical and problem-solving skills Experience in healthcare industry marketing is a plus Master's degree in Marketing, Communications, or related field Show more Show less

Description Cybersecurity Solutions Architect Syneos Health® is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities. Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life®. Discover what our 29,000 employees, across 110 countries already know. WORK HERE MATTERS EVERYWHERE Why Syneos Health We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program. We are committed to our Total Self culture – where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people. We are continuously building the company we all want to work for and our customers want to work with. Why? Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives – we’re able to create a place where everyone feels like they belong. Job Responsibilities JOB SUMMARY The Cyber Security Solution Architect will be responsible for transforming the way Syneos Health protects applications, software and code that it uses to support the company to accelerate patient therapies to market and thereby increase cyber threat resiliency. This role will be a member of the Office of the CISO and a member of enterprise security architects. As a key subject matter expert and leader within the team, this role will use a data and risk-based approach to driving enterprise initiatives, formulating requirements, patterns, and solutions to achieve risk mitigation. To be successful, this role will act as a technical influencer, build cross-functional and organizational partnerships to deliver modern security engineering and operational solutions. As an architect you will partner with the software engineering organization to design software security solutions, participate in proof of concepts and enable the engineering organization to deliver secure, operational solutions. The role will own the software security program and initiatives and be responsible for reporting on progress to leadership and stakeholders. The scope of responsibility includes but not limited to supporting the transformation of security engineering into the early phases of enterprise delivery through defined Secure SDLC, Source code management, application security, and the transformation of DevSecOps across the enterprise. The role will bring an everything-as-code security mindset to be applied across applications, API’s and platform engineering. To be successful, the role will need to define and identify technical and business risks along with enterprise requirements that can be consumed by a shared-responsibility model for engineering and operational controls. Be a transformation agent by advocating for modern secure engineering principles and automation. Excellent oral and written communication skills, as well as effective organizational abilities, are essential due to the detailed and time-bound nature of the work and the extensive collaboration with others. Job Responsibilities Mature and modernize the enterprise software security program and initiatives to manage risks and enable technology solutions: Use a data-driven approach to identifying areas of risk Publish metrics and KPI’s Set enterprise requirements for secure software development based on common cyber security frameworks such as NIST, Hitrust, CSF. SafeCode, OWASP etc Contribute to enterprise security policies and standards. Evolve Secure SDLC standards and processes Define, own, and drive the company's software security strategy and roadmap, acting as the key security voice for software security Partner with software and platform engineering teams to: Promote DevSecOps solutions and culture Establish secure code management practices Improve automated CI/CD pipelines with appropriate security services Automate enterprise security requirements into backlogs Champion cloud application and platform security engineering practices. Delivery enterprise security patterns for software engineering Participate in Proof of Concepts with the software engineering organization . Educate and drive engagement of modern secure software principles within the organization by: Being a strategic advisor in software security. Being a transformation agent in promoting a modern security engineering mindset. Performing design reviews to identify security architecture flaws. Qualification Requirements What we are looking for: 5–7 years of experience in software security or related roles. Proven track record building and transforming secure software and platform engineering practices Building road maps and creating initiatives to address enterprise goals. Experience partnering with engineering teams to achieve security goals. Strong familiarity with source code management Strong familiarity software exploitation techniques and Mitre @ttack framework. Strong knowledge of cloud platform security (AWS, Azure, Oracle Infrastructure Cloud) Someone with strong engineering mindset that software engineering experience Experience implementing pipeline automation and source code management Additional Standout Skills Hands-on experience with modern engineering technologies such as Kubernetes and Containers Experience with securing Terraform or other IaC platforms Delivered secure coding practices to large engineering teams Familiar with API Security Enabling DevSecOps within large organizations Education. Security Architecture TOGAF/SABSA Cloud security certifications for OCI, AWS or Azure (Azure preferred) Get to know Syneos Health Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients. No matter what your role is, you’ll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health. http://www.syneoshealth.com Additional Information Tasks, duties, and responsibilities as listed in this job description are not exhaustive. The Company, at its sole discretion and with no prior notice, may assign other tasks, duties, and job responsibilities. Equivalent experience, skills, and/or education will also be considered so qualifications of incumbents may differ from those listed in the Job Description. The Company, at its sole discretion, will determine what constitutes as equivalent to the qualifications described above. Further, nothing contained herein should be construed to create an employment contract. Occasionally, required skills/experiences for jobs are expressed in brief terms. Any language contained herein is intended to fully comply with all obligations imposed by the legislation of each country in which it operates, including the implementation of the EU Equality Directive, in relation to the recruitment and employment of its employees. The Company is committed to compliance with the Americans with Disabilities Act, including the provision of reasonable accommodations, when appropriate, to assist employees or applicants to perform the essential functions of the job. Summary JOB SUMMARY The Cyber Security Solution Architect will be responsible for transforming the way Syneos Health protects applications, software and code that it uses to support the company to accelerate patient therapies to market and thereby increase cyber threat resiliency. This role will be a member of the Office of the CISO and a member of enterprise security architects. As a key subject matter expert and leader within the team, this role will use a data and risk-based approach to driving enterprise initiatives, formulating requirements, patterns, and solutions to achieve risk mitigation. To be successful, this role will act as a technical influencer, build cross-functional and organizational partnerships to deliver modern security engineering and operational solutions. As an architect you will partner with the software engineering organization to design software security solutions, participate in proof of concepts and enable the engineering organization to deliver secure, operational solutions. The role will own the software security program and initiatives and be responsible for reporting on progress to leadership and stakeholders. The scope of responsibility includes but not limited to supporting the transformation of security engineering into the early phases of enterprise delivery through defined Secure SDLC, Source code management, application security, and the transformation of DevSecOps across the enterprise. The role will bring an everything-as-code security mindset to be applied across applications, API’s and platform engineering. To be successful, the role will need to define and identify technical and business risks along with enterprise requirements that can be consumed by a shared-responsibility model for engineering and operational controls. Be a transformation agent by advocating for modern secure engineering principles and automation. Excellent oral and written communication skills, as well as effective organizational abilities, are essential due to the detailed and time-bound nature of the work and the extensive collaboration with others. Show more Show less

GE Healthcare Healthcare Science & Technology Organization Category Digital Technology / IT Senior Level Job Id R4025620 Relocation Assistance No Location Bengaluru, Karnataka, India, 560066 Job Description Summary As a Sr. Staff Software Engineer, you will be responsible for defining and implementing the observability strategy across our next-generation cloud-native healthcare services. You will lead the design of scalable, secure, and innovative observability frameworks that empower engineering teams to build resilient, performant, and diagnosable systems. This role is critical to ensuring our platform meets the highest standards of reliability, compliance, and operational excellence. GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Job Description Roles and Responsibilities: In this role, you will: Define and evolve the observability vision and roadmap for our cloud-native healthcare platform. Architect and implement standardized observability frameworks (metrics, logs, traces, events, profiling) across services. Collaborate with platform, SRE, and product teams to instrument services using OpenTelemetry and other modern observability tooling. Build and maintain dashboards, alerts, and SLOs that reflect both technical and business health indicators. Evaluate, integrate, and optimize observability tools (e.g., Datadog, Prometheus, Grafana, Tempo, Loki, Elastic). Lead incident analysis and postmortem reviews , driving improvements in system resilience and observability coverage. Ensure observability practices align with healthcare compliance standards (e.g., HIPAA, HITRUST). Mentor engineers and promote a culture of observability-first development . Educational Qualifications: Bachelor’s or Master’ s degree in Computer Science, Engineering, or a related technical field. Required Qualifications: 12+ years of experience in software engineering, SRE - Site Reliability Engineering or platform engineering roles. 6+ years of experience architecting observability solutions in cloud-native environments (Kubernetes, microservices, serverless). Deep expertise in observability pillars (metrics, logs, traces) and tools like Open Telemetry, Prometheus, Grafana, Datadog, etc. Strong programming/scripting skills (e.g., Go, Python, Bash, Terraform). Experience with distributed tracing , SLO/SLI frameworks , and incident response workflows . Familiarity with cloud platforms (AWS, GCP, or Azure) and CI/CD pipelines. Excellent communication and collaboration skills. Desired Qualifications: Experience in healthcare or regulated industries . Knowledge of data privacy and compliance (HIPAA, HITRUST). Experience with cost optimization and telemetry data governance . Contributions to open-source observability projects. Passion for building developer-friendly tools and frameworks. Business Acumen: Adept at navigating the organizational matrix; understanding people's roles, can foresee obstacles, identify workarounds, leverage resources and rally teammates. Understand how internal and/or external business model works and facilitate active customer engagement Able to articulate the value of what is most important to the business/customer to achieve outcomes Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts. Leadership: Demonstrated working knowledge of internal organization Foresee obstacles, identify workarounds, leverage resources, rally teammates. Demonstrated ability to work with and/or lead blended teams, including 3rd party partners and customer personnel. Demonstrated Change Management /Acceleration capabilities Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate and influence across all organizational levels Proven analytical and problem resolution skills Ability to influence and build consensus with other Information Technology (IT) teams and leadership. Inclusion and Diversity GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity. Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support. #Everyroleisvital #LI-Hybrid #LI-SM1 Additional Information Relocation Assistance Provided: No

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description ORACLE: As the provider of the world’s most complete, open and integrated business software and hardware systems, Oracle is dedicated to unleashing innovation by simplifying IT. With more than 30 years of information technology innovation, Oracle is the recognized industry leader in enterprise application and technology solutions. ORACLE CLOUD: Oracle Cloud is a Generation 2 enterprise cloud that delivers powerful compute and networking performance, a comprehensive portfolio of infrastructure and platform cloud services, and the world’s only self-driving autonomous database. Built from the ground up to meet the needs of mission-critical applications, Oracle Cloud supports all legacy workloads while delivering modern cloud development tools—so enterprises can bring their past and build their future. The comprehensive nature of Oracle Cloud is a key selection consideration for customers. Oracle has the broadest cloud portfolio in the industry, delivering a complete range of production-level, cross-functional business applications for each part of an organization with information and data shared seamlessly across Oracle Cloud Applications and other systems. Business users have the latest innovations at their fingertips across sales and marketing, customer service, finance and accounting, supply chain management, human capital and talent management—all enriched with social engagement and collaboration tools and an intuitive user interface that works on any mobile device. These applications have been architected on a modern and open cloud platform and infrastructure to simplify integration needs and lower an organization’s total cost of ownership. With such extensive functionality across business processes, customers can solve their business problems with complete solutions that give them end-to-end execution and complete visibility. Oracle IaaS is clearly differentiated, being far more performant, more secure, more reliable and cost efficient as compared to others in the market. Oracle has fundamentally innovated in the IaaS space and continues to gain market share aggressively. Oracle PaaS is anchored by Oracle Autonomous Database (ADB), which offers the most innovative “self-driving” capabilities in the data tier in the marketplace. Combine with ADB, Oracle cloud also offers a complete application development platform that includes app dev, security, integration, identity management, analytics, big data and AI/ML amongst other far broader capabilities. Partners with customers, sales, engineering and product teams to design, demonstrate and deploy Oracle Cloud architectures that address customer business problems. Drives Oracle Cloud customer consumption by accelerating the adoption of Oracle cloud services including discovery, design and deployment. Engages with strategic customers, builds leadership relationships at multiple levels within organizations in order to design and implement solutions. Works directly with customers to gather requirements, develop architectures and translates business needs into solutions. May implement solutions and ensure successful deployments through code development and scripting. Displays product/application understanding through highly customized presentation demonstrations to customers, and at conferences, and events. Supports customer from Proof of Concept (POC) through production deployment of services via resource configuration, planning, and customer education/training. Creates and distributes technical assets (white papers, solution code, blog posts, and video demonstrations). Serves as a leading contributor for customers and sales on technical cloud solutions and customer success. Identifies gaps and enhancements to influence engineering roadmaps for customer driven features. Leading contributor, may provide direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. May interact with C level. Maintains expertise by staying current on emerging technologies. Minimum qualifications include: 8 years experience with computer applications and tools required. Ability to travel 50% international and domestic. Preferred but not required qualifications include: Bachelor of Science-level university degree in Computer Science, Math, Engineering from accredited university; and/or relevant 8 years technical experience. Advanced degree in relevant field of studies highly desirable. Expertise in and an in depth and thorough knowledge of competitive and industry knowledge in the field of computer applications and tools; System and application design; Implementation of advanced product features; Project management; Solving technical problems with customers in technical environments; Written and verbal communication and interpersonal skills; Needs analysis, positioning, and business justification. 8 years experience and expertise in the clear communication of technical information to others through presentations, demonstrations, written communication and consultative solutioning experience. Career Level - IC4 Responsibilities The SecDevOPS team is focused on delivering secure OCI service delivery and helping customers establish operational controls through deep knowledge of cloud-native application development, event-driven architectures, microservices, DevOps, Infrastructure-as-code, continuous integration, and automated deployment. This role is a mix of being a developer, a technical delivery architect, and an evangelist. In this role, you will actively engage with customers and deliver architecture to support secure design standards, industry-specific compliance requirements, implementation of cloud-native technologies, serverless application development, integrations with OCI or third party software around logging, monitoring, threat management, asset management solutions, write technical blogs, presentation to customers. The qualified candidate will have deep technical knowledge of cloud-native technologies, and the ability to translate complex technical requirements into architecture & service delivery. Additionally, the ideal candidate will have software development, evangelism, instructional design, and cloud security experience. Above all, you will have a passion for learning new technologies and sharing them with a wider audience, and developing automation for repeatable patterns across customers. While much of the focus of this role will revolve around the delivery of security and operations related to cloud security technologies, a large portion of the work will also involve adjacencies including securing and configuring tenancies, networking, encryption, and key or Certificate Management, Web Application Firewalls, SIEM technologies, vulnerability scanning, monitoring & observability, etc. While also interacting directly with customers the role involves regular work with the development organization to drive product improvements and innovations. This is a senior technical Cloud Delivery role, so the Cloud technical experience is the higher priority. A Cloud Engineer in our team is responsible for the successful implementation of non-routine and complex business solutions ensuring high quality and timely delivery within budget to the customers’ happiness. Analyze business needs to help ensure Oracle’s solution meets the customer’s objectives by combining industry-standard methodologies and product knowledge. Effectively applies Oracle’s methodologies and policies while adhering to contractual obligations, thereby minimizing Oracle’s risk and exposure. Exercises judgment and business acumen in selecting methods and techniques for effective project delivery on small to medium engagements. Provides direction and mentoring to junior resources on the delivery team. Ensures deliverables are acceptable and work closely with the Project Management Team to understand and manage project expectations. Collaborates with the consulting/delivery sales team by providing domain credibility. Helps with Technical solution scoping of project Comfortable working in a matrix management environment. Good communication skills to deal with internal collaborators, customers, and vendors. This individual should have a solid technical background and excellent problem-solving skills. Minimum Qualifications Minimum of 8 years of experience in progressively responsible information technology including. 5+ years of experience in developing, implementing, or architecting cloud solutions. 3+ years of technical architecture experience integrating software into cloud infrastructure with hands on programming experience using one of popular programming languages such as in JAVA or Python. Bachelor’s degree in Computer Science, related technical field or equivalent practical experience. Service delivery experience in a cloud-related environment. Ability to speak and write in English fluently Preferred Qualifications Deep technical domain knowledge in one or more of the following: cloud-native application development, event-driven architectures, SecDevOps, Infrastructure-as-code, continuous integration and deployment, container technologies such as Docker and Kubernetes, Observability Experience with continuous integration tools (e.g. Jenkins) Hands-on familiarity with Infrastructure-as-code technologies (e.g. Terraform) Experience with configuration management platforms (e.g. Chef, Puppet, or Ansible) Strong scripting skills (e.g. PowerShell, Python, Bash, Ruby, Go, etc.) Strong practical application development experience on Linux and Windows-based systems Knowledge and/or hands-on experience with OCI, including current OCI Certification (Developer, Solutions Architect, Operations) Coding experience in one or more of the following languages, Java, .Net, Python, or PHP Knowledge and hands-on experience with AWS, Azure, or Google Cloud preferred. knowledge of industry-specific compliance such as PCI, HIPAA, ISO 27001, HITRUST, CIS preferred. Delivery experience with leading security frameworks such as CIS, NIST, Zero Trust, etc. Experience with REST APIs and related development. Self-motivated, team-oriented, and focused on exceeding customer expectations About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description The Role is to work as a Senior Analyst on the GRC – Third Party Risk Assessment, Cybersecurity team and is a Tier / L2 support role for Vendor Risk Management (Cyber). The Cyber vendor team conducts the cyber diligence on all firm vendors and works closely with the Vendor Risk Team (Non-Cyber ͏ The individual will be responsible for managing portions of the operational work for VRM (Cyber) Kickoff of reviews, touchpoints with vendors to follow up on review status, collecting evidence, and following up on any action items. Updating tracking tools and drafting reports for stakeholders The ideal individual also has cybersecurity and risk management proficiency and can review questionnaires that vendors provide, identify control deficiencies, ask to follow up questions and know when to escalate control gaps to Tier / L3 Training on our proprietary system will be given, however knowledge of frameworks such as the SIG, CAIQ, NIST, ISO and SOC1/2 will be ideal. Having specific vendor risk experience is not a requirement, but knowledge of cybersecurity is If they understand risk management and vendor risk that’s a plus, but I can teach them more about our risk management approach, but reviewing and understanding technical controls is important. Understanding of cybersecurity domain like Application security, threat management, incident response, network security, infrastructure security, cloud security, end point security, vulnerability managemen Knowledge of industry regulations and standards such as NIST, ISO, GDPR, SOC is also useful. Good to have working experience on: Mandatory Skill: Use of Tools Microsoft Office, Word, PowerPoint, Excel Familiarity with Jira, Confluence, Kanban Board, ServiceNo Familiarity with ISO 27001, ISO 27002, ISAE 3402, SOC 1 and 2, SOX, CMMC, HITRUST, HIPAA, CRBF, Solvency, etc Familiarity with cybersecurity domains such as domains Compliance of the company’s user access rights and respond with reports to auditors. Good to have Handson experience in assessing GRC tools (e.g. ProcessUnity, Hyperproof etc.) Good Communication and audit report writing Skill ͏ Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA’s (90-95%), response time and resolution time TAT ͏ ͏ Mandatory Skills: GRC Consulting. Experience: 3-5 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.