497 It Audit Jobs - Page 6

Location: Thane What does a successful Internal Audit- IT professional do at FISERV? Efficiently conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals

Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff. Required education Bachelor's Degree Required technical and professional expertise Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Preferred technical and professional experience Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff.

KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications - CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

The Technical IT Auditor is responsible for evaluating and assessing the effectiveness of an organization's information systems, security protocols, internal controls, and compliance with applicable regulations. This role involves detailed technical reviews of IT infrastructure, applications, databases, and networks to ensure integrity, confidentiality, and availability of data and systems. Plan and execute end-to-end IT audits, including risk assessments, scoping, testing, and reporting. Evaluate IT general controls (ITGCs), application controls, and system development lifecycle (SDLC) processes. Assess network infrastructure, databases, and cloud environments for vulnerabilities and compliance. Conduct audits on cybersecurity controls, data privacy mechanisms, and incident response preparedness. Review and assess controls related to identity and access management (IAM), change management, and backup/recovery. Utilize automated tools and scripts for vulnerability scans and data analysis. Ensure compliance with frameworks such as ISO 27001, HITRUST, GDPR, HIPPA, SOC and SOX. Collaborate with IT, security, and business stakeholders to identify risks and recommend mitigation strategies. Develop corporate Information Security policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape. Providing ISMS awareness trainings Responding to the Client SIG questionnaires

MS office installation & Troubleshoot Manage the daily operations of the IT department, including systems administration Network management & support IT-related projects Strong technical expertise & KNWL of it industry Required Candidate profile Knowledge of application & laptop drivers instillation & upgradation & troubleshoot application Antivirus installation Excellent documentation record tracking & data securing skills

Company Description Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues. Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques. At Tesco, inclusion means that Everyone?s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging. Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best. Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues ? who in turn help to build the success of our business and reflect the diversity of the communities we serve. Job Description - Carry out Cyber Risk and Assurance initiatives independently while ensuring quality and timely delivery. - Perform control testing using security frameworks to determine effectiveness of the control and provide recommendations. - Review adequacy of evidence provided by Technology teams as part of control assurance activities. - Define processes to collaborate with Security and Technology teams for remediation of identified system-level control gaps and work closely with them to ensure implementation cyber security safeguards to improve security posture across the organisation. - Identify; evaluate and monitor technology risks as part of Cyber Risk and Assurance programmes. - Review security exceptions raised by Technology teams to manage the risks associated. - Drive reporting across different Cyber Risk and Assurance initiatives; including reporting to Security Leadership and Cyber/Technology governance committees. - Identify; drive and implement opportunities for process improvement across various initiatives within the Cyber Risk and Assurance team. - Build strong relationships with the stakeholders and lead internal meetings with Technology and Business Process teams. Qualifications - 7 to 10 years cyber security experience - IT audit and/or IT risk management - Experience of assessing security controls across a variety of technologies and products; recommending improvements where necessary - Hands on Experience with different security frameworks and standards such as ISO 27001; NIST; CIS; PCI; (e.g. controls testing; gap assessments) - Critical thinking with strong attention to detail and good organisational skills - Strong written; verbal communication and presentation skills; working with all levels of seniority and disciplines within the organisation - Able to build solid working relationships with internal and external stakeholders - At least one professional qualification such as CISA; CISM; CRISC CISSP or equivalent Additional information Important Notice: On behalf of Tesco Bengaluru, we must caution all job seekers and educational institutions that Tesco Bengaluru does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Tesco. Further, Tesco Bengaluru does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Tesco Bengaluru shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution. In the event that you come across any fraudulent activities in the name of Tesco Bengaluru, please feel free report the incident at recruitment_compliance_india@tesco.com Role & responsibilities Preferred candidate profile

Responsible for engineering and proper functioning of the Global Security tooling estate. Security Orchestration and Automation for the Infosys Quartz Security Operations team and Global security tooling landscape to empower Security operational teams to improve their response process. Responsible for on boarding of data sources into the SIEM, ensuring the Threat and vulnerability tooling landscape work correctly and security monitor the right assets and other security tools used in Infosys Quartzl run smoothly and empower the Security Operational teams to have relevant data to understand what is going on in cyber security landscape and are able to make the right priority calls. Continuously improve Integration and automation of the Global Security tooling estate Close collaboration with the Infosys Quartz Security operations and other Operational teams, Architecture and Engineering teams and other Business units to align activities, drive improvements and has the right priorities set for maximum effect. Review and improve security requirements set in policies / standards and guidelines and make sure that these are following industry best practice. We tend to look for people with: Essential:Experience as a Security engineer Experience working with Security Operations, Security engineering and security analysts teams Advanced experience with Security Orchestration, Automation, and Response (SOAR) Solid understanding of DevSecOps, Networking, Security and Monitoring Awareness of security threats and defensive strategies within the critical infrastructure, including techniques, tactics, and procedures (TTPs) that threat actors utilize to attack an organization. Experience with several of the following: SIEM / Splunk (strongly preferred), Kibana / ELK Lacework Wiz Prisma Rapid7, c3m, whitehat (strongly preferred) Imperva, Database security monitoring Anomoli DevOps Azure, GCP, AWS, OSI cloud services MySQL / PostgreSQL PowerShell Strong understanding and hands-on experience in maintaining or security monitoring a number of the below: Microsoft 365, Windows Desktop and Server, Active Directory RedHat Enterprise Linux or derivatives Debian Linux or derivatives Strong understanding and ability to setup various platforms in an advance matter with: Network essentials such as IPv4, IPv6 networking Host and Network firewalls Standard host monitoring via SNMP and tools like Nagios, Cacti, Zabbix etc Experience in working with a wide range of stakeholders in the context of improving security and incident respond. Experience with monitoring and analytics solutions (e.g. Arbor threat mitigation suite, Splunk, Grafana, Elastic Stack etc.). Desirable: Bachelor or Masters Degree in computer sciences or related fields (or equivalent years of experience).

Job description Overview: We are seeking a highly skilled Attestation Specialist with expertise in SOC1 and SOC2 audits, particularly within cloud environments such as AWS, Azure, and GCP. The ideal candidate will have a strong background in IT audit, risk management, and compliance, with a focus on ensuring the security and integrity of cloud-based systems. Responsibilities Conduct SOC1 and SOC2 audits for clients using AWS, Azure, and GCP environments. Evaluate and test the design and operating effectiveness of controls related to cloud services. Prepare detailed audit reports and documentation to support findings and recommendations. Collaborate with clients to understand their business processes and IT environments. Provide guidance on best practices for cloud security and compliance. Assist in the development and implementation of risk management strategies. Stay updated on the latest industry trends and regulatory requirements related to SOC1 and SOC2. Communicate effectively with clients, team members, and stakeholders to ensure successful audit engagements. Requirements: Bachelor's degree in Information Technology, Computer Science, or a related field. Minimum of 3-5 years of experience in IT audit, with a focus on SOC1 and SOC2. Strong knowledge of cloud platforms, specifically AWS, Azure, and GCP. Experience with auditing cloud environments and understanding of cloud security principles. Relevant certifications such as CISA, CISSP, or CCSK are preferred. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Strong attention to detail and organizational skills. Willingness to travel as needed for client engagements. Preferred Qualifications: Experience with other compliance frameworks such as ISO 27001, HIPAA, or PCI-DSS. Familiarity with automated audit tools and techniques. Prior experience working in a consulting or professional services firm.

EY GDS is actively seeking for IT Audit professionals to join our Technology Risk team at Kolkata, Kochi, and Trivandrum locations To qualify for the role, you must have A bachelors or masters degree and approximately 3-8 years of related work experience At least 3+ years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/MLRole & responsibilities

Job Description We are looking for an experienced Project Manager - Cybersecurity & Internal Audit to lead and coordinate audit-related projects with a focus on SOX compliance, IT controls, and Cybersecurity. This role requires strong project management capabilities, exceptional stakeholder management, and the ability to work seamlessly with cross-functional teams. The ideal candidate will possess deep knowledge of SOX IT control audits, cybersecurity risk frameworks, and have strong communication and coordination skills to drive successful audit engagements and ensure organizational compliance. Key Responsibilities: Manage and oversee internal audit projects, particularly focused on IT general controls, SOX compliance, and cybersecurity audits. Lead end-to-end project planning, including scope definition, resource allocation, timelines, issue tracking, and status reporting. Collaborate with internal audit, IT, Product & Engineering, Cybersecurity, Finance, and Business teams to ensure effective execution of audit plans and remediation activities. Coordinate SOX ITGC (IT General Controls) and process-level control testing, working with internal and external auditors as required. Facilitate the identification, assessment, and remediation of cybersecurity risks, ensuring alignment with frameworks such as NIST, ISO 27001, and COBIT. Develop and maintain stakeholder relationships to ensure transparency and alignment on audit priorities and expectations. Provide clear, concise project status updates to senior leadership and executive stakeholders. Drive continuous improvement in audit processes and control environments through feedback and lessons learned.. Qualifications Bachelor s degree in Information Systems, Business Administration, Accounting, Cybersecurity, or related field. 3 - 7 years of experience in project management,

Role Overview: As a Compliance Specialist, you will: Support the management of the corporate assurance and audit calendar by helping coordinate internal and external audit activities. Assist in the development, maintenance, and communication of Information Security Management System (ISMS) documentation and policies. Gather and organize evidence required for various audits and certifications (such as ISO 27001, SOC 2, PCI-DSS, and others). Work with internal teams to ensure audit readiness and assist with audit follow-ups. Contribute to periodic reporting on compliance status to security and business leadership and governance forums. Your Responsibilities Assist in executing and monitoring Information Technology General Controls (ITGCs). Support user access reviews across infrastructure, applications, and systems, ensuring timely and accurate completion. Help coordinate removal of access for terminated employees or users with changed roles, working closely with HR and IT. Participate in reviewing IT change management, incident tickets, and other control activities to ensure compliance with defined procedures. Support Process Owners, Control Owners, and Operators by providing guidance and documentation related to ITGCs. Collaborate with cross-functional teams to drive operational efficiency and support maturing internal compliance processes. Communicate effectively with stakeholders to ensure clear understanding of compliance requirements and timelines. Qualifications Skills: Bachelor s degree OR High School diploma with 4+ years of experience in IT Audit, IT Compliance, IT Risk Management, or a related field. Experience supporting audits such as ISO 27001, SOC 2, or FedRAMP is preferred. Familiarity with cloud environments and common DevOps tools (e.g., GitLab, Jenkins) is a plus. Detail-oriented with strong analytical, documentation, and organizational skills. Comfortable working in a fast-paced and evolving global environment. Strong communication skills, with the ability to convey technical compliance issues to a wide range of audiences. Company Benefits and Perks: We believe that the best solutions are developed by teams who embrace each others unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Medical, Dental and Vision Coverage Support for Community Involvement Were serious ab out our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Introduction We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. We d be thrilled to receive applications from exceptional individuals like yourself. Gallagher, a global industry leader in insurance, risk management, and consulting services, boasts a team of over 50,000 professionals worldwide. Our culture, known as The Gallagher Way,is driven by shared values and a passion for excellence. At the heart of our global operations, the Gallagher Center of Excellence (GCoE) in India, founded in 2006, upholds the values of quality, innovation, and teamwork. With 10,000+ professionals across five India locations, GCoE is where knowledge-driven individuals make a significant impact and build rewarding, long-term careers. Overview As a team Manager you will participate in the planning, fieldwork, and reporting phases for allocated Sarbanes Oxley (SOX) IT audit assignments. This will involve designing the required tests for execution, performing the detailed testing, and vetting the potential findings with key business liaisons. How youll make an impact Working knowledge on IT General Controls (ITGC) and IT Automated Controls (ITAC) including detailed testing on Logical Access, Change Management, Backup Restoration, and Incident Management. Experience in validating Test of Design (TOD) and Test of Effectiveness (TOE). Basic understanding of professional audit standards, COSO, SOX, and risk assessment practices. Good interpersonal skills, including listening, verbal, written and presentation communication skills, with the ability to communicate effectively with a range of stakeholder. Strong critical thinking, analytical, and problem-solving skills with excellent attention to detail. Working knowledge in Microsoft applications. Participate in initiatives in a fast paced environment and comfortable implementing and assimilating to change. Good customer service focus and the ability to strike a balance between oversight and getting buy-in from the businesses. Execute on individual performance goals. Maintain knowledge of current information technology and auditing practices through continuing professional education. Highly motivated with ability to meet deadlines and ensure quality in every aspect of assigned work. Good organizational and project management skills. Ability to manage/balance multiple priorities. About you Advance degree or certification (e.g. CISA), preferably in information technology or related field. Bachelor s degree, preferably in information technology or related field. Minimum total of 5 years in SOX ITGC Experience Minimum of two years of work experience direct end to end Team Management. (i.e. they should have direct reportees wherein they are involved in end to end management of review cycle, performance management etc.) Years of experience: 5 + (candidates with 5+ years of experience in SOX ITGC and minimum 2 years of experience in end to end team management experience) Must haves: C ISA Certified Minimum 5 years of experience in SOX ITGC Minimum 2 years e nd to e nd Team Management (should be involved in performance management, review cycle, appraisal cycle etc.) Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the commu nities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out Th e Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color , religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business. ","

Hi, We are having an opening for Lead Audit & Compliance Specialist -IT at our Mumbai location. Job Summary : The Lead Audit & Compliance Specialist plays a strategic and hands-on role in managing IT audits, compliance requirements, and risk mitigation initiatives across Sun Pharma's global IT landscape. This role is responsible for planning, coordinating, and executing internal and external IT audits, ensuring adherence to global compliance standards including SOX, GxP, and other regulatory frameworks. The incumbent will work across functions and geographies to embed a culture of compliance, maintain audit readiness, and strengthen IT governance. Key Responsibilities: Audit Lifecycle Management Lead and coordinate global IT audits, including preparation, evidence gathering, walkthroughs, and response submission. Manage the end-to-end lifecycle of audit findings, including tracking, remediation, and closure validation. Compliance & Regulatory Adherence Ensure IT compliance with GxP, SOX, ISO, and other applicable frameworks across infrastructure and service domains. Collaborate with internal stakeholders to implement global policies and ensure readiness for inspections. Documentation & Governance Maintain comprehensive documentation for IT controls, SOPs, risk registers, and mitigation actions. Establish audit dashboards and maintain compliance scorecards by geography and function. Internal Awareness & Training Drive audit and compliance awareness across IT teams through workshops, readiness drills, and role-based training. Continuous Improvement Identify compliance gaps and propose process enhancements or automation opportunities to reduce risk exposure. Specialized Knowledge Requirements Strong understanding of global regulatory standards including SOX, GxP, and ISO 27001 Experience with IT general controls (ITGC), audit frameworks, and risk management tools (e.g., Archer, ServiceNow GRC) Familiarity with ITSM/ITIL processes and audit mapping across Change, Incident, Problem, and Asset Management Exposure to Pharma or highly regulated industries is preferred Internal Stakeholders and Nature of Interaction CIO / Head of IT Service Assurance: Strategic guidance, audit governance, and risk updates Service Assurance, Infra, Cloud, and Application Leads: Evidence coordination, control implementation, RCA collaboration ITBPs, PMO, and HR Compliance: Policy alignment, audit readiness training, and data consistency External Stakeholders and Nature of Interaction Internal & External Auditors: Direct interaction during audit planning, walkthroughs, and evidence presentation Regulatory Inspectors: Respond to inspection findings and ensure documentation and controls are validated Consultants / Third-party Advisors: Best practices adoption, controls benchmarking, and co-sourcing guidance External Interaction % Approximately 3040% of role involves active engagement with auditors, regulatory bodies, and external advisors Nature of Communication Highly structured communication involving formal documentation, audit reports, control narratives, and risk dashboards Strategic presentation of findings to senior leadership and external stakeholders Tactical and operational interactions across teams to ensure data accuracy and audit response readiness Role Played in Negotiations Key influencer in discussions around audit scoping, remediation timelines, and closure sign-off Collaborates with Legal and Compliance teams on the language and commitments in control response narratives Key Decision-Making Expected Assessment of audit risk severity and prioritization of remediation actions Selection and implementation of compliance tools or frameworks for specific geographies or domains Recommendation of policy updates based on new or evolving regulatory standards Key Challenges for the Role Managing diverse compliance obligations across multiple jurisdictions Ensuring consistent and timely audit responses across distributed IT teams Driving cultural shift toward proactive compliance ownership Addressing historical non-compliance in legacy systems Extent and Nature of Innovation Required for the Role High degree of innovation required in designing automation for compliance workflows, dashboards, and evidence management Leveraging analytics to detect non-compliance trends and trigger preventive controls Enhancing audit readiness using AI-enabled documentation checks and control testing tools Job Requirements Educational Qualification: Master's in Information Technology, Risk Management, or related field Certifications: CISA, CRISC, or equivalent certifications are preferred ITIL and GRC platform certification (ServiceNow, Archer, etc.) Skills: Risk-based audit planning and control design Cross-functional collaboration and stakeholder management Tools-based audit management and compliance analytics Experience : 12-15+ years of experience in IT audit, risk, and compliance roles. Exposure to global audit environments and regulated industries (pharma/healthcare preferred)

Hi, We are having an opening for Senior Project Manager -Infrastructure, Service Delivery & Cloud at our Mumbai location. Job Summary : The Project Manager Infrastructure, Service Delivery & Cloud is responsible for end-to-end planning, execution, and delivery of enterprise-scale IT programs across infrastructure, service assurance, cloud modernization, and endpoint transformations. This role spans multiple geographies and involves direct coordination with global business and IT teams, system integrators, OEMs, and managed service providers. The incumbent ensures alignment to timelines, budgets, and business outcomes while maintaining governance across internal and partner-led tracks. Key Responsibilities: Program Planning & Mobilization Lead scoping, effort estimation, and resource planning for large-scale transformation programs. Define project charters, detailed WBS, and RACI aligned to global delivery models. Execution & Delivery Management Drive execution of infrastructure and service delivery projects including: - Global data center transitions - Active Directory and network consolidations - Cloud migrations (IaaS/PaaS/SaaS) - Infrastructure tool deployments (ITSM, Patch, Monitoring, etc.) Conduct daily standups, weekly reviews, and issue resolution forums. Governance, Reporting & Risk Management Track milestones, dependencies, and delivery metrics through PPM tools. Report status to executive stakeholders and ensure escalation frameworks are triggered. Maintain risk registers, mitigation plans, and change logs. Vendor & Partner Coordination Liaise with OEMs, SIs, and MSPs to align project timelines, SoWs, and service commitments. Monitor vendor SLAs and enforce delivery expectations. Budget & Commercial Control Manage project budgets, procurement timelines, and invoice validations in collaboration with Finance and Procurement teams. Documentation & Compliance Maintain project artefacts, SOPs, meeting notes, and audit logs. Ensure compliance with ITIL, GxP, SOX, and internal governance models. Specialized Knowledge Requirements In-depth understanding of enterprise infrastructure, cloud technologies, and ITSM delivery models Experience in managing large cross-border IT projects and global rollouts Expertise in program management tools (MS Project, ServiceNow PPM, Smartsheet) Understanding of ITIL, Agile/Waterfall delivery methods, and compliance frameworks Familiarity with pharma or regulated environments is preferred Internal Stakeholders and Nature of Interaction Global CIO / Head of Infrastructure / Head of Service Assurance: Program reporting, prioritization, escalations IT Business Partners & Regional IT Heads: Coordination of business alignment, site readiness, stakeholder engagement Cybersecurity, Compliance & Quality Teams: Risk approvals, GxP validations, audit support Finance, PMO & Procurement: Budget planning, invoice sign-offs, commercial tracking External Stakeholders and Nature of Interaction System Integrators (SIs), Managed Services Providers (MSPs): SoW delivery, workstream updates, escalations OEMs & Technology Partners: Technical workshops, onboarding support, deployment reviews External Auditors / Consultants: Project evidence submission, controls validation External Interaction % ~40% of time involves collaboration with vendors, partners, and consultants across geographies Nature of Communication Executive status reports, steering committee presentations, RCA documentation Vendor SoW walkthroughs, project onboarding kits, change request documentation Tactical coordination through daily reviews, dashboards, and trackers Role Played in Negotiations Co-leads contract discussions, SoW finalization, change request evaluations with vendor partners Partners with Procurement and Legal to close commercials and delivery terms Key Decision-Making Expected Timeline commitments, phase-wise delivery splits, and budget allocation per stream Risk acceptance levels and mitigation triggers Technology stack choices and tool rollout plans within project guardrails Key Challenges for the Role Managing multi-country deployments with differing infra maturity and timezone alignment Coordinating across internal teams and external vendors with varying delivery cultures Driving compliance across regulated and non-regulated environments concurrently Balancing schedule pressure with resource availability and change impact Extent and Nature of Innovation Required High: Includes driving agile delivery within traditional infra programs Integrating project analytics dashboards and predictive issue management Leveraging automation and templates to streamline onboarding and governance Enabling cross-tower project transparency and digital program management maturity Job Requirements Educational Qualification: Bachelors or Masters degree in Information Technology, Engineering, or equivalent Certifications: PMP or PRINCE2 Certified (mandatory) Agile/Scrum Master certification preferred ITIL Foundation/Intermediate beneficial Experience: 10+ years of project/program management experience, with at least 5 years in infrastructure/cloud/enterprise tool projects Skills: Strong project planning, stakeholder engagement, and risk management Experience working across cultures, vendors, and geographies Excellent verbal and written communication skills Comfort with executive reporting and multi-project dashboards Travel Requirement: Up to 30% based on deployment, review meetings, and partner coordination Educational Qualification : Masters in Information Systems, Engineering, or related field Specific Certification : PMP, PRINCE2, Agile/Scrum Master certifications (mandatory). SAFe or PPM tooling certifications (preferred) Skills : Strong project planning, stakeholder engagement, and risk management Experience working across cultures, vendors, and geographies Excellent verbal and written communication skills Comfort with executive reporting and multi-project dashboards Experience : 12-15+ years of experience in IT audit, risk, and compliance roles. Exposure to global audit environments and regulated industries (pharma/healthcare preferred)

TransUnions Job Applicant Privacy Notice What Well Bring: TransUnion works with businesses and consumers to gather, analyze, and deliver critical information needed to build strong economies around the world. Protection of that information is critical to our customers and business. As part of our 2020 transformation journey, we became Global Audit & Advisory (GAA), formerly Internal Audit. As a Specialist III you will be part of the GAA team and be responsible for conducting Cybersecurity and IT audit engagements throughout the organization that support business objectives, best practices, and regulatory requirements. The incumbent will be responsible for the planning, execution, reporting, and follow-up on all audit engagements by participating on an audit team or at times independently leading engagements under the direction of GAA Management. This position will report directly to the Senior Lead and will work closely with other GAA Team Associates on key projects and initiatives as well as coordinate closely with our external auditors. The Global Audit & Advisory team is an independent and objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of TU. GAA assists the organization in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the organizations risk management, control and governance processes. GAA collaborates with the Business Units, Functional leadership and their Associates in developing strong, professional and independent relationships to ensure a comprehensive understanding of the business to enable value added recommendations that improve efficiency and effectiveness. What Youll Bring: Perform detailed examinations of cybersecurity and IT practices and controls throughout the organization using an established assessment process and framework. The essential duties are as follows: Independently perform Information technology (IT) security reviews. Initiate, scope, plan, research and conduct IT controls assessments and audits. Lead and coordinate with process owners to initiate, scope, plan, and execute periodic controls assessments as part of the internal audit function, focusing on identifying risks by evaluating the design and operating effectiveness of internal controls. Actively support security audit initiatives by aligning audit procedures with cybersecurity frameworks (e. g. , NIST, ISO 27001 etc. ), conducting control walkthroughs, testing IT security and IT general and application controls, and assessing compliance with internal security policies. Document the results of audit procedures performed that support the conclusions reached. Prepare audit reports based on the adequacy and effectiveness of controls evaluated. Support external audits and regulatory examinations as needed. Analyze information security areas including ( but not limited to these ) governance and risk management, access and password controls, cloud security, cybersecurity, physical security, system security architecture and design, BCP and Disaster Recovery, network security, application and operations security, Incident Management, data migrations and system implementations etc. Lead engagement and communicate issues to process owners, ensuring understanding of risks and actions needed to remediate risks and subsequently track remediation activities. Cross train members of the Global Audit Team, including new hires and mentor junior IT staff. Continuously monitor emerging security trends and evolving threat landscapes through ongoing research and professional development. Insights gained are integrated into the audit universe to ensure risk assessments and audit planning remain current and aligned with the organization s security posture. Perform risk assessments and assist in the development of the annual audit plan. Participate in departmental initiatives, administrative matters, and special projects. Assist with other audit engagements as needed to broaden exposure across various risk areas and support the timely execution of the overall audit plan. Impact Youll Make: What You Will Bring: 6 - 10 years of experience in an IT/Security Audit and Assessment, or Information Security Technical, Management and/or Governance role. Bachelor s or Master s degree in computer science/information technology, management information systems or related field. Industry certification such as CISSP, CISA, CISM, CEH and/or CIA required. Experience with Cloud Security audits (AWS, Azure, GCP). Knowledge of data protection laws and industry standards. Familiarity with GRC platforms (e. g. , AuditBoard, Onspring, Archer). Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cybersecurity, physical security, security architecture and design, business continuity/disaster recovery, network security, application and operations security and compliance/incident management. Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks. Strong technical and/or IT and Security audit background with practical knowledge of a wide variety of technologies including server infrastructure and operating systems, network and web infrastructures, database architecture, vulnerability and penetration testing assessment and Intrusion Detection/Prevention Systems. Good understanding of SOX legislation and IT and Security frameworks including COSO and COBIT. Self-starter with the ability to manage and prioritize responsibilities. Team player with proven skills in influencing people without having direct management authority. Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately. Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person. Strong risk analysis and problem solving skills. Must be flexible to ensure assessments are performed timely and manage multiple assessments simultaneously. This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week. TransUnion Job Title Consultant, Audit and Advisory

The Second line of Defense Controls Testing partner for the Cyber and Technology Risk Management (CTRM) division will be a team leader who will work closely with peers, stakeholders, and their manager on Second Line s Controls Testing program focused, on Cyber and Technology Controls Testing/Validations as well as Cyber and Technology related assessments. Responsibilities will include: Lead 2LOD Cyber and Technology Risk Management team in India focused on controls testing/validation, assessments, and overall support to Cyber and Technology Risk Management initiatives Manage testing/validation requirements for controls testing team, monitor progress, and ensure timeliness and quality of team s work Test, Validate, and Assert to Business and Application Owner control testing methodology and test procedures Perform 2LOD validation work, including plan preparation, workpapers, finding, and report results to risk committees Manage day-to-day risk issues, design, and implementation of new controls with various teams Examine cyber risk controls, evaluate the design and operational effectiveness, determine exposure to risk, and work with business to develop remediation strategies Assess risk as a Second-Line governance role through the Risk and Control testing; Risk Identification; and Change Initiative Risk Assessment processes, as applicable Provide Second-Line risks and control testing findings to Risk Management leadership and risk committees Understanding of the Three Lines of Defense governance model Ability to assess and effectively communicate the operational, and technical findings and control issues to executive and business leadership, using language that is relevant to and understandable by the business Strong risk assessment framework knowledge and experience performing risk assessments covering key risks and controls Strong project management skills, including the ability to adapt to change quickly, multi-task and demonstrate flexibility in prioritization based on requested tasks Strong working knowledge of banking/financial regulatory requirements to perform and ensure an appropriate level of testing Qualifications - External 10-12 years of IT Audit experience to include but not limited to: Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit 3+ years leading controls testing and/or audit teams CISSP, CISM, CISA, CRISC, or equivalent certifications highly preferred Familiarity with the NIST Cybersecurity Framework Strong working knowledge of the inherent cyber risks in the financial services industry Cloud, MFA, Password vaulting (e.g. CyberArk), and Secure SDLC experience Analytical and communication skills required to summarize and analyze information Organizational skills required to coordinate risk related activities with peers and senior executives Advanced Microsoft Office 365 skills

Dear All, We are presently looking for Auditor/Lead Auditor - IT for Hyderabad location. EXPERIENCE :- Min. 6-8 years out of which min. 2-4 years in the relevant scheme/industry sector. QUALIFICATION :- Graduate (Degree/Diploma) in Engineering (e.g. Electronics, IT, etc), Technology (e.g. Software, Hardware, Artificial Intelligence, etc) or equivalent. Minimum ISO 9001 LA training/qualification is required JOB RESPONSIBILITY :- Preparation of Audit Plan as per schedule Auditing as per applicable accreditation rules, scheme-owner requirements & KPIs (where applicable) and TUV India/TNCERT procedures (as relevant) Timely Audit Reporting, including closure of nonconformities within defined time frames Ensure audit workflow completion (incl. OPE workflow) within the specified timelines and within the Excellence tool. Address technical review comments on priority to facilitate efficient & timely certificate issuance to the clients. Attend Exchange of Experience/Calibration meet and ensure CPD compliance as required by the respective schemes, including ensuring the timely renewal of qualifications Develop and enhance competence over a period in various sectors. Support in Key Account Management for the clients assigned for value added services Support to Marketing team by generating business leads for new certifications, second party, training & sustainability schemes. Support on collections by coordinating with client representative. ATTRIBUTES :- Knowledge of Applicable regulatory framework and Statutory compliances. Good written and spoken English (knowledge of local language is advantageous). Excellent communication and presentation skills Flair for Client Relationship Management Good Listening ability Good Analytical skills Good Team Player If interested please share your updated profile on smayuri@tuv-nord.com.

Job Description: Conduct regular risk assessment to identify key IT and Cybersecurity risk areas and ensure those are appropriately covered in the annual IT audit plan. Advanced Networking principles/ software engineering principles/ information security principles, Additional knowledge and domain expertise specific to the job profile. (knowledge of information security management, auditing skills, network/systems/application security). Ensure that all audit work is thorough, complete, and has been performed in accordance with TVS Credit's Internal Audit standards, Regulatory guidelines (RBI) and other relevant industry standards, depending on the focus area of the review. Build strong working relationships with TVS Credit's leadership and their respective teams. Execute various IT/IS audit engagements including risk assessments, audit planning, audit testing, control evaluation, audit report drafting, and follow-up and verification of issue closure. Be accountable for meeting deliverable deadlines, adhering to department and professional standards and utilizing consistent methodology. Communicate audit findings to management and identify opportunities for improvement in the design and effectiveness of key controls. Required Qualifications, Capabilities And Skills: At least 5 years of relevant experience Must have experience with core cybersecurity operations and one or more cyber security tools/process areas (e.g. network security, end point security, email security, cloud security, attack simulation, cyber threat modelling etc.) Must have demonstrated knowledge of technology processes, such as change management, security operations, technology operations, and business resiliency, as well as application and infrastructure controls. Knowledge of various cybersecurity functions such as cybersecurity operations, attack simulation (red team, blue team), vulnerability management, cybersecurity tools/processes across network, endpoints, cloud environments, cyber threat modeling (knowledge of MITRE ATT&CK framework), etc. Analytical skills and a thirst for knowledge and new experiences. Ability to effectively manage multiple, concurrent projects and meet deadlines while working both independently and in a team environment. Good verbal and written communication; and presentation skills. Ability to adapt to a fast-paced culture, changes in the environment and shifts in priorities. Highest professional standards, integrity, and ethical behavior. Enthusiastic, self-motivated, effective under pressure and willing to take personal responsibility/accountability. Rigor in tracking and follow up of IS audit open points Basic knowledge of AL-ML models and the embedded risks and the audit testing procedures to be carried out for testing the controls. Data Analysis skills on complex and voluminous data.

Location: Bangalore or Hyderabad Senior Digital Risk Advisor - DRG Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will have first-line responsibility for ensuring an effective and efficient risk and control framework is implemented across the different IT domains at Swiss Re. Whats more, youll be working in a hybrid setup, perfectly balancing work from home and the office premises. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who can define and develop an efficient first-line risk and control framework that supports a strong risk-aware culture within the company. In your role, you will Actively manage the implementation of the digital and technology risk framework Maintain oversight o n the quality of internal measures implemented to address digital risk, ensuring controls, processes and standards are appropriately designed and operating effectively Ensure compliance with rules, regulations, and policies - making sure we meet our risk appetite and driving corrective actions where opportunities exist Actively collaborate with key stakeholders across the three lines of defense to automate, measure performance and continuously improve our risk position U nderstand complex concepts and identif y solutions to problems Be someone who believes in continuous innovation, is curious and relentless in finding a better way every day Your qualifications A track record of successful delivery in IT risk and control -related roles, such as IT Governance, IT audit, or digital risk management Practical knowledge of external IT good practices - particularly NIST - but also others , such as ISO and COBIT Qualified in an appropriate discipline such as CISA, CGEIT, CRISC Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within and across different teams The ability to effectively communicate with a broad spectrum of stakeholders - from s enior m anage rs to IT engineers , developers and operations staff Be curious, proactive, result-oriented and confident in decision making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134243

Location: Bangalore or Hyderabad Digital Risk Advisor Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will be responsible for the first-line digital technology operations risk and control activities - ensuring risks are identified, controls applied, and performance is monitored, measured, and reported to our technology and business leaders. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who will help to drive the companys risk culture. In your role, you will Be part of a team of digital risk experts supporting Applications and Business stakeholders with applying digital risk governance principles and standards Actively contribute to the implementation of the digital risk framework as the trusted digital risk partner Ensure IT threats and risks are understood, issues handled timely, and IT controls designed and operating effectively Embed controls into operational procedures by collaborating with our digital technology teams to automate, measure performance, and continuously improve our risk position Build operational transparency with continuous monitoring and assessment of controls so that we meet our risk appetite and drive corrective actions where needed Be someone who believes in continuous innovation, is curious and adamant in finding a better way every day Your qualifications Nobody is perfect and meets 100% of our requirements. If you, however, meet some of the criteria below and are curious about the world of risk and control activities, well be more than happy to meet you! First experience s in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management CISA, CGEIT, CRISC or similar qualifications are an advantage Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within the team and across teams Capability to continuously build and maintain a strong collaborative network within the IT domains Be curious, proactive, result-oriented and confident in decision-making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134238

Location: Bangalore or Hyderabad Band: D Senior Digital Risk Advisor Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will be responsible for the first-line digital technology operations risk and control activities - ensuring risks are identified, controls applied, and performance is monitored, measured, and reported to our technology and business leaders. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who will help to drive the companys risk culture. In your role, you will Be part of a team of digital risk experts supporting Applications and Business stakeholders with applying digital risk governance principles and standards Actively contribute to the implementation of the digital risk framework as the trusted digital risk partner Ensure IT threats and risks are understood, issues are handled timely, and that IT controls are designed and operating effectively Embed controls into operational procedures by collaborating with our digital technology teams to automate, measure performance, and continuously improve our risk position Build operational transparency with continuous monitoring and assessment of controls so that we meet our risk appetite and drive corrective actions where needed Be someone who believes in continuous innovation, is curious and adamant in finding a better way every day Your qualifications A track record of successful delivery in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management Industry knowledge of insurance, reinsurance or banking business, and modern technology solutions General understanding of Risk Management Frameworks such as COBIT, ISO 31000 and COSO ERM CISA, CGEIT, CRISC or similar qualifications are an advantage Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within the team and across teams Capability to continuously build and maintain a strong collaborative network within the IT domains The ability to effectively communicate with a broad spectrum of stakeholders - from senior managers to IT engineers , developers and operations staff Be curious, proactive, result-oriented and confident in decision-making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134239

The IS/IT Internal Auditor is part of a global team and will primarily be responsible for executing IT SOX testing. On occasion, the IS/IT Auditor may also participate in internal audits that are focused on IT, financial, or operational risks globally across Nokia. The candidate will be spending the majority of their time focused on IT controls testing, including but not limited to IT General Controls (ITGCs), as well as IT application controls, operational controls, and other topics as needed. The candidate will be tasked with presenting conclusions related to their testing and will need to be able to present and support the results of their testing to leadership functions across Nokia. You have: Bachelors degree in information technology, Management Information Systems,Computer Science 4-5 years of prior IT SOX experience, and/or 2-3 years of IS/IT experience, and/or 2-3 years of internal or external audit experience required. Hands-on experience in IT General Controls, SOX controls including User access management, Logical access, Change management, Data Protection, and other entity level controls. Knowledge or experience working with, or auditing the SAP Business Suite (e.g. ERP, CRM, SCM, MDM, PLM) is highly desirable. Experience working with Wdesk platform or similar is desirable. It would be nice if you also had: Working knowledge or experience in Information Technology as a developer or tester highly desirable. Engineering, or other IT/business related field most desired. Experience with data analytics and visualization tools (e.g., ACL, IDEA, PowerBI, Tableau, etc) is desirable. Professional certifications helpful- e.g., CISA, or SOX equivalent. Test Internal IT controls identified as relevant for the adherence to Sarbanes Oxley 404. Majority of work will be focused on technology and applications. The candidate will participate in IT system walkthroughs, and request, obtain and test IT SOX related evidence. The individual will perform tests of IT operative effectiveness, all while meeting the deadlines and budget under the direction of the Lead/Manager, IT Internal Audit - SOX. Complete necessary documentation supporting testing conclusions and meeting or exceeding Nokia documentation standards. Assist in evaluating, re-enforcing and/or promoting the IT SOX program standards and approaches as it relates to documentation, control design, evaluation, and effectiveness testing. Assist in IT SOX scoping and risk assessment activities.Candidate is responsible for identifying issues and making recommendations which help drive process improvements and efficiencies. Candidate will follow-up on IT SOX identified issues and test remediation efforts. Provide assurance that operations and processes conform to Nokia policies and procedures. Contribute to the improvement of the IT SOX testing program through automation/analytics.

IT SOX Compliance Analyst - Docusign1 Job Title: IT SOX Compliance Analyst (Second Shift) : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities: Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications: Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.

About NCR Atleos Position Summary At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our companys internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelors or Masters degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 3 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

What You'll Do Avalara is looking for a security risk specialist to join our team reporting to the Senior Manager, Governance Risk & Compliance. We are looking for the ability to conduct risk analysis at a systemic level, working with engineers and architects as they develop Avalaras next-generation services. You understand technical controls and be able to analyze application product security within Avalara, including internal processes and reporting, and risks identified through code and design reviews of both internal and customer-facing software products and solutions. You will report to Senior Manager. What Your Responsibilities Will Be You will perform comprehensive risk assessments aligned with Avalaras risk management framework and develop applicable remediation plans. You will analyze and identify risks across technical environments, with a focus on application design, software architecture, and security tooling configurations. Guide the identification, management, and mitigation of risks within security infrastructure and technical control implementations. Collaborate with teams, including system owners, developers, and architects, to integrate risk management practices into the development lifecycle. Ensure risk and compliance controls are accomplished across teams and within defined Service level agreements. Coordinate the documentation and migration of control information into Avalaras GRC platform. What You'll Need to be Successful Bachelors degree in Information Technology, Computer Science, or equivalent experience. 3+ years of experience in IT Audit, IT Security, or IT Risk Management. Experience conducting systemic risk analysis in, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST. Experience with application security principles, including the ability to assess risk through code and design review processes.