102 It Governance Jobs

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages are tailored to client needs and budgets, with external threat analysis provided at no costdemocratizing access to enterprise-grade cybersecurity for all. We are looking for a high-energy, results-oriented GRC professional with 6 to 10 years of experience , combining expertise in IT and Governance, Risk, and Compliance (GRC) . The candidate will report directly to the CISO’s office and contribute to internal audits and projects executed under CISO’s instructions . Key Responsibilities: Serve as a subject matter expert on information and cybersecurity governance, risk, and compliance (GRC) services and solutions. Execute security assessments of on-premise/cloud IT environments aligned with business objectives and regulatory requirements. Conduct testing and validation of IT security controls, documenting findings and preparing detailed reports. Manage and perform internal audits as per the CISO’s directives , contributing to risk posture improvements and present the metrics to the CISO on a regular basis. Apply knowledge of the Digital Personal Data Protection Act, 2023 , and other global data protection laws. Utilize and manage GRC tools and platforms. Conduct security control assessments for web/mobile applications and enterprise systems. Drive third-party risk management and support client-facing initiatives. Deliver complex GRC projects in dynamic, fast-paced environments. Engage in knowledge-sharing forums to strengthen team capabilities. Continuously enhance the cybersecurity strategy based on evolving threats and technologies. Job Requirements: 1. Qualifications: Bachelor’s degree in Engineering or a related technology discipline. Mandatory Certification : Must possess CISA or ISO 27001 Lead Auditor certification. Additional certifications preferred: ISO 27001 Lead Implementer CISSP, CIPP, CCSK, or CCSP Public Cloud certifications (AWS, Azure, GCP) 2. Experience: 6 to 10 years of total experience with proven exposure to both IT and GRC functions . Experience in internal audits, consulting, and cybersecurity risk advisory. 3. Desired Skills: Deep understanding of information security principles and compliance frameworks. Strong understanding of the IT topology and application development principles Hands-on experience with security tools (e.g., vulnerability scanners, code review platforms). Strong exposure to IT/cybersecurity standards: ISO 27001/27005, NIST CSF, PCI DSS, SOC 1/2, GDPR, COBIT. Excellent communication skills, documentation abilities, and stakeholder engagement. Experience in program and project management within cybersecurity initiatives. 4. Personal Attributes: Self-starter with strong problem-solving skills. Highly motivated and able to work with minimal supervision. Strong prioritization and multitasking abilities under pressure.

If Interested, please share your CV at dhanashree.kumbhare@randstad.in This is a remote Opportunity. Position: Information Security Lead Educational Qualification and Certifications Certifications: Preferably Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) Computer Science, Information Technology, Cybersecurity or allied degree Required Skill Set 12+ years experience in Information Security domain leading Info Sec functional responsibilities Experience in security technologies and processes Experience managing organizational cyber risk management Experience in applicable data and cyber related regulations and compliance requirements Job Description/ Responsibilities This role will be responsible for developing and implementing information security strategies, policies, procedures, managing the security architecture and infrastructure and ensuring compliance with relevant regulations and industry standards. Info Sec Leader will directly oversee activities to protect Companys data and systems. Strategic Planning and Risk Management: Manage information security strategy, policies, procedures, including a comprehensive risk management framework. Identify, assess, and mitigate information security risks. Proactively, identify gaps and address vulnerabilities. Maintain policies for data governance, access control, and acceptable use of assets. Ensure data security especially around PII/ sensitive data. Work closely with the IT/ Network/ Infrastructure and Product teams to monitor Company assets on a regular basis and ensure end points are secure per Companys established policies. Security Architecture: Review, manage and maintain security architecture of Company assets, ensuring it aligns with business needs and security requirements. Work closely with the product development stakeholders to develop and maintain security architecture for overall DvSum applications. Security Compliance: Ensure compliance with relevant laws, regulations, industry standards and certifications such as SOC2, HIPAA, and GDPR. Security Incident Response: Manage security incident response plan and procedures. Establish crisis communication framework and disaster recovery plan to respond and recover from security breaches. Security Awareness and Training: Manage security awareness and training programs for employees. Technology Monitoring and Evaluation: Monitor and evaluate technologies and solutions which can enhance Companys security system. Communication and Collaboration: Communicate security risks and status reports to stakeholders. Team Leadership: Lead Info Sec activities in collaboration with cross functional stakeholders from IT/ Infrastructure/ Product Development functions. Provide Info Sec guidance and mentorship to team members.

We are looking for an experienced governance personal in our Information Technology Team. JOB ROLE The IT Governance specialist is responsible for ensuring the effective management and oversight of IT systems, services, and processes within the organization. This includes developing, implementing, and maintaining IT governance frameworks, policies, and procedures to ensure alignment with industry best practices, regulatory requirements, and organizational objectives. Highlights of this role is to ensure the governance across various area for IT functions, e.g. Information Security compliance, Change management, Agreement Tracking, Incident Management, Software License Management, BCP/DR, Obsolescence Tracking, etc. KEY RESPONSIBILITIES Information security and compliance Develop and maintain IT Governance frameworks, policies and procedures 1. Ensure compliance with relevant laws, regulations, and industry standards (e.g. COBIT, ITIL, ISO 27001, ISO 22301, etc.) 2. Conduct risk assessment and develop mitigation plans to ensure IT Systems and services are secure and resilient. 3. Monitor and report on IT governance metrics 4. Facilitate internal audits and external assessments (e.g. ISO 27001, ISO 22301, etc.) 5. Stay up-to-date with emerging trends and best practices in IT governance. Change Management 1. Manage and coordinate changes through the entire change lifecycle (assessment, planning, implementation, and review) 2. Ensure changes are properly assessed, approved, and prioritized before implementation 3. Develop and maintain change management policies, procedures, and documentations. 4. Communicate changes to stakeholders, including IT staff, management and end-users. 5. Ensure change comply with organizational policies, procedures, and regulatory requirements. 6. Collaborate with IT teams, stakeholders, and vendors to ensure smooth implementation of changes. 7. Develop and maintain change management metrics and reports to measure performance and identify areas of improvements Agreement Tracking 1. Maintain centralized repository of agreements, contracts, and licenses 2. Track and monitor agreement renewals, expirations, and terminations 3. Ensure accurate and up-to-date records, including agreement terms, conditions, and obligations. 4. Provide regular reports and insights to stakeholders on agreement status and performance. 5. Identify and alert stakeholders to potential risks, opportunities, and compliance issues. 6. Collaborate with legal, finance and business teams to ensure agreement alignment and compliance 7. Develop and implement agreement tracking processes and procedures. 8. Ensure compliance with organizational polices, legal requirements, and regulatory standards. 9. Conduct regular audits and quality assurance checks on agreement records. Incident Management 1. Lead the response to critical incident management and ensure effective coordination and communication among all the stakeholders and drive incident call, providing clear direction and updates to all involved parties. 2. Collaborate with IT teams, business unites and external vendors to troubleshoot the incidents. 3. Document all incident details, action taken and resolution in the incident management system and maintain the tracker. 4. Conduct root cause analysis for critical incidents and ensure that corrective actions are implemented to prevent the recurrence. 5. Prepare the monthly and weekly reports and share the same with senior management and Internal Audit team. Software License Management 1. Manage software license and ensure compliance with licensing agreements. 2. Track and monitor software usage, identifying areas of inefficiency and waste. 3. Develop and implement strategies to optimize license utilization. 4. Conduct regular audits to ensure software compliance and minimize risk. 5. Collaborate with IT teams to ensure software deployments align with licensing agreements. 6. Collaborate with finance teams to ensure accurate budgeting and forecasting for software licensing. Business Continuity and Disaster Recovery 1. Develop and maintain business continuity and disaster recovery plans. 2. Develop and maintain BCP/DR calendar, collaborate with cross-functional teams to ensure alignment. 3. Develop and maintain crisis communication plans and protocols. 4. Continuously monitor and update plans to ensure relevance and effectiveness Obsolescence Tracking Maintain a database of components and products with potential obsolescence risks. Collaborate with cross-functional teams to develop and implement obsolescence management strategies Provide regular reports and updates to stakeholders on obsolescence risks and mitigation efforts. Develop and implement processes and procedures for obsolescence tracking and management. Collaborate with design and engineering teams to ensure design-for-obsolescence considerations MANDATORY SKILLS REQUIRED Bachelors degree in Computer Science, Information Technology, or related field. Strong understanding of IT governance frameworks, standards, and best practices. Ability to work with complex data and provide actionable insights. Ability to analyze complex technical and business issues and develop effective solutions. DESIRABLE SKILLS Strong understanding of supply chain management, or a related field. Professional certifications (e.g. CISA, CISM, CISSP, COBIT). Experience with change management tools and software (e.g., ServiceNow, JIRA, etc.) Experience with data analysis and reporting tools (e.g. Excel, Tableau, etc.)

Roles & Responsibilities: Be part of Banks GRC program and handle regulatory characteristics focused in cybersecurity Identify and Drive improvement initiatives to Enhance Risk posture of the Bank Face off to Various regulators and drive programs for compliance to the Regulatory requirements Be a champion of ITGC initiatives Provide guidance to group companies to ensure consistency in risk governance, cyber risk management and compliance. Be the focal of Group companies for all IRM requirements Collaborate with group companies on IT governance, cybersecurity and control measures across Groups IT landscape. Present cyber risk posture in quarterly IT Strategy meetings for group companies. Promote a strong risk culture within the bank and group companies fostering awareness of risk management principles. Validate Security Policies and Procedures in conjunction with IT controls Manage internal and external stakeholders Ability to endorse cyber risks through publication of dashboards and drive initiatives to Improve Risk posture Job Requirement: Experience required for the Job: 15+ years in information technology & security; Engineer / Post Graduate / MBA Strong understanding of IT governance frameworks, risk management practices and regulatory requirements. Industry acknowledged certifications like CISA / CISSP / CRISC Experience in Team handling / management is must Knowledge on Layered Security - Firewalls, Intrusion Detection, OS Hardening, Project Management, Security Training. Experience in handling regulatory matters will be an added advantage Strategic thinking and strong analytical skills Excellent communication and inter personal skills with focus on verbal, written communication & presentation skills

Location: Noida Experience: Minimum 4- 10 years Responsibilities: Assist in the implementation and maintenance of information security strategies, ensuring alignment with regulatory requirements, industry standards, and business goals. Support the development and enforcement of information security policies, procedures, and best practices to protect data integrity, confidentiality, and availability. Monitor security alerts, analyze potential threats, and assist in incident detection, response, and resolution to mitigate security risks. Conduct risk assessments and vulnerability scans to identify security weaknesses and assist in remediation efforts. Work closely with engineering and IT teams to embed security best practices across the software development lifecycle and cloud infrastructure. Assist in security audits, compliance checks, and regulatory reporting to ensure adherence to RBI guidelines, DPDP Act, ISO 27001, and Cert-IN regulations. Manage and configure security tools such as firewalls, IDS/IPS, SIEM, endpoint protection, and vulnerability scanners. Assist in access control management, ensuring appropriate permissions and role-based access policies are in place. Contribute to security awareness programs, helping employees understand cybersecurity threats and best practices. Stay updated on emerging security threats, attack vectors, and defensive technologies, recommending enhancements to security processes. Qualifications and Skills: Bachelors degree in Information Security, Computer Science, IT, or a related field. Minimum of 4 years of experience in information security, cybersecurity operations, or risk management. Hands-on experience with firewalls, IDS/IPS, SIEM tools, endpoint security, and vulnerability management. Strong understanding of network security, encryption, identity and access management (IAM), and cloud security (AWS, Azure, or GCP). Knowledge of security frameworks such as ISO 27001, NIST, CIS Controls, and RBI IT Guidelines. Exposure to penetration testing, security log analysis, incident response, and threat intelligence. Strong problem-solving, analytical, and communication skills. Relevant certifications preferred (CEH, Security+, CISSP (Associate), CISM). Ability to work in a fast-paced environment, collaborate with cross-functional teams, and maintain a security-first mindset.

Project Management plans, controls and executes a project or set of related projects to meet identified business needs and deliver business value, through acquiring and utilizing the necessary resources and skills, within agreed parameters of cost, timescales and quality. This position will lead small-to-medium projects of moderate complexity and risk and has the following accountabilities: Plan, execute, monitor, control, and close all aspects of the project lifecycle. Mobilize and lead a team with the necessary skills, composed of a mixture of staff and suppliers across organisational boundaries. Rigorously manage scope through a structured change management process to ensure commitments are achieved within agreed time, cost, and quality parameters with focus on delivering the business benefits. Create and validate financial forecasts and provide ongoing reconciliation of resources and expenditures. Ensure appropriate stakeholder change and communication plans and engagements are developed and executed. Proactively analyze variances against plan to assess trends threatening agreed scope, time, cost, and quality commitments. Identify signs that a project may be at risk and escalate quickly and appropriately. Apply project management and IT control/assurance methodologies, standards and processes including architecture, information risk management, and transition to support. We re hiring IT Project Management for one of our Leading MNC to join their growing team. This position is based out in Bangalore.

About Us Our purpose at Avient Corporation is to be an innovator of materials solutions that help our customers succeed, while enabling a sustainable world. Innovation goes far beyond materials science; its powered by the passion, creativity, and diverse expertise of 9,000 professionals worldwide. Whether youre a finance wizard, a tech enthusiast, an operational powerhouse, an HR changemaker, or a trailblazer in materials development, youll find your place at Avient. Join our global team and help shape the future with sustainable solutions that transform possibilities into realities. Your unique perspective could be the key to our next breakthrough! Job Summary The Governance, Risk, Compliance (GRC) and Programs Manager at Avient is responsible for leading a global team monitoring cyber regulations and ensuring compliance. This role involves creating and implementing a comprehensive training and awareness program to educate all users on IT best practices, information classification, and handling requirements. Additionally, the manager will oversee the execution of the cyber transformation portfolio, ensuring timely and high-quality delivery. Essential Functions Establish, implement and lead a comprehensive risk management program aligned with applicable regulations and industry best practices Author policies and standards defining the requirements for procedures that meet cyber and business requirements Drive and demonstrate cyber maturity as measured by the NIST Cybersecurity Framework Engage with internal and external stakeholders to address cybersecurity risk management needs and expectations Assess and recommend solutions to third party and supply chain risks Lead the cyber resilience program Lead the security awareness and training program. Design engaging content for general users, specialized use cases and specific training needs for technical staff and developers Identify and leverage internal communications channels to cultivate a risk-aware, ethical, and continually improving culture Provide program oversight to ensure risks are managed across the cyber transformation portfolio Other leadership duties as assigned Education and Experience Qualifications Bachelor's degree in computer science, information systems or related field or experience 10 + years progressive experience in compliance and technology leadership roles Substantial experience leading large, complex projects Additional Qualifications CISA, CISM, CISSP and GRC certifications preferred Project Management certification Manufacturing and Operational Technology (OT) experience

Role Summary: We are seeking a proactive and organized Project Coordinator - Finance & IT Integration Associate to support the Business Digital Office (BDO) leads in managing financial and IT-related projects. This role requires a good foundation in accounting and finance, combined with solid experience in stakeholder coordination, business analysis, and documentation management. You will be the key liaison between business, finance, and IT teams to ensure seamless integration and execution of financial transformation topics. Key Responsibilities: Business Analyst for FI Topics: Act as the single point of contact for coordinating business analyst responsibilities on behalf of BDO Leads for Financial (FI) topics. Requirement Gathering: Collaborate with UD (User Departments) to gather and document new or modified requirements. End-to-End Requirement Management: Track each requirement from intake through implementation, ensuring all related artifacts are prepared and maintained: LH Requirement Document PH Solution Document Data Classification Sheet IT Security Risk Assessment Architecture & Data Flow Diagrams Operator Self-Check and Operator Manual Access Management & User Manuals T&R Documentation: Ensure timely capture of T&R (Topic & Responsibility) specifics tags, components, responsible stakeholders, deadlines, and attachments. Weekly Updates: Maintain weekly status updates for all active topics within T&R records. OPL Tracking: Support BDO Leads in One Point Lesson (OPL) tracking and topic prioritization for issue resolution and decision-making. Stakeholder Engagement: Liaise effectively with internal and external stakeholders including Developers, UD Process Owners, Project Security Managers, and others to drive task progress and closure. Qualifications Educational qualification: Bachelor s degree in Accounting, Finance, Business Administration, or related field. Experience : Minimum 2 years of relevant experience in a finance or business analyst role with cross-functional exposure. Mandatory/requires Skills : Business Analysis: Experience in business requirements gathering, documentation, and cross-functional coordination. Process & Compliance: Familiarity with IT governance, data flow, access management, and risk documentation practices. Communication: Excellent written and verbal communication skills for stakeholder interaction and documentation clarity. Tools Proficiency: Proficient in MS Office tools (Excel, Word, PowerPoint), and familiarity with documentation and tracking tools (JIRA, Confluence, etc. preferred). Preferred Skills :

Hydro Global Business Services (GBS) is an organizational area that operates as an internal service provider for the Hydro group. Its ultimate purpose is to deliver relevant IT, financial and HR business services to all business areas within the company.. What We Offer You. A culture that champions bold ideas and values behind every pixel. Picture an environment where your input shapes real-world campaigns and your efforts are met with recognition and respect. We invest in your growth, offering mentorship, skill-building workshops and access to cutting-edge tools.. As a valued member of our executive team, you will also enjoy a comprehensive benefits package, including:. Equity opportunities. Performance bonuses. Health, dental, and vision insurance. Retirement plans with company matching. Generous paid time off and flexible work arrangements. Professional development opportunities and ongoing training. Your Qualifications And Skills. Expertise in IT governance frameworks, such as ITIL or COBIT.. Proficiency in cloud platforms (AWS, Azure, Google Cloud) and emerging technologies.. Strong understanding of data privacy regulations and compliance standards.. You would also ideally have. A mindset for creative problem-solving. Curiosity that drives you to explore the latest tech trends. Confidence in writing, testing, optimizing, debugging and deploying complex code. A collaborative spirit. Your potential future opportunities. IT/Applications Team Lead. Hydro values diverse skills and perspectives among employees. We encourage all qualified candidates to apply. Qualified applicants will be considered regardless of race, religion, nationality, ethnicity, age, gender, sexual orientation, gender identity or expression, protected veteran status, or disability. We strive to provide equal opportunities for all to contribute and succeed with us.. Applications from severely disabled and equally disabled people will be considered with equal suitability.. Please apply online in ONE with your CV and optionally a cover letter until: 07/02/2025. If you have any questions, please contact:. Badugu Prasanth Raju. Badugu.Raju@hydro.com. Show more Show less

Role & responsibilities To manage cyber threats and ensure that risks are controlled as per Organisation Risk appetite Manage security projects and day-day operations that involves security activities planned and BAU Manage vendors providing security products and services. Track vendor performance as per deliverables and committed SLAs/ TAT Manage technology / IT risks ensuring that critical security issues and risks are prioritized and fixed as per TAT/ SLA Manage the Vulnerability Management domain in CISO team to ensure that all identified vulnerabilities are fixed in time Manage advanced cyber threat intel tools/ services to ensure that all reported risks are addressed in time Support Business and other functions in audits/ assessments / advisory / implementation of security controls and processes to be implemented Preferred candidate profile Technical and hands on experience in Vulnerability & Risk management using security tools and solutions Technical knowledge on security fundamentals and emerging cyber threats

Position Purpose As Head/Domain lead, manage the software development teams based in India to deliver high value IT functionality, stability & Scalability with a scope of responsibility of 100+ FTEs. Responsible for relationship management with Business & IT sponsors in conjunction with respective global domain heads. Lead Transversal transformation programs of a technical nature for the GMIT department beyond the domain, e.g. Engineering initiatives to improve code quality, Technical Debt management, End of Life / Obsolescence, Left shift for testing etc, including the awareness, training and change management dimensions of it. By being a part of the India Global Markets IT (GM IT) ExCo :- Contribute & strengthen the management vision of the department. Contribute to the continuous improvement of GMIT ISPL and implementation of best practices. Lead by example and disseminate the management values & objectives for GMIT Leadership group to boost GMIT ISPL performance. Contribute to true collaboration across all domains of GMIT. Responsibilities Direct Responsibilities Vision in strategy: Key leadership role responsible for managing and driving the IT strategy, execution and delivery of technology and solutions, support position management, risk analytics and collateral management for GM IT The successful candidate will ensure management of ~100+ GM IT professionals. Will act as a key partner with business stakeholders to drive the overall GM IT strategy. Build strong relationship with global business leaders, risk managers, collateral teams to drive business successfully and to ensure consistency and alignment across systems. Visualize business changes and create an IT/innovation mindset so that solutions are ready for the growth of business and subsequent scale-up. Delivery and operations: Overseeing delivery of high-quality, complex IT Programs for the Position, Risk and Collateral teams. Implement Agile methodologies to ensure efficiency in delivery operations. Platform availability, scalability and performance to support high transaction volumes. Collaborate with Application Production Support to optimize production incidents resolutions. Manage relationships with technology partners ensuring cost effective delivery of solutions. Leverage emerging technologies to enhance system architecture and solutions. Drive digital transformation initiatives to improve operational efficiency. Budget management and cost optimization. Continuous monitoring of performance & efficiency of the setup. Identify opportunities for process and technologies improvement. Enable solutions and act as escalation point for Administrative & HR topics. Provide support to business stakeholders & operations leadership. Risk and compliance: Ensure compliance with global regulatory requirements. Implement existing robust IT governance and reporting mechanisms to manage operational excellence. Risk mitigation via implementation of technology obsolescence remediation. Digital Transformation: Manage initiatives, which includes framing transformation programs Getting buy-in from stakeholders and contributors Define the governance, secure capacity, and budget, build/consolidate and maintain the plan, manage dependencies and drive to completion, ensuring effective communication, continuous alignment of contributors and timely running of governance routines. People Development: Drive and manage people development initiatives in partnership with HR. Responsible for mentorship and career growth of the in-scope employees. Consulting point for Talent Acquisition & Technology solutions. Contributing Responsibilities Technology validation & evolution. Support & leadership to organizational initiatives. Identify gaps in existing systems and create action plan to plug those gaps rapidly. Promote automation on all areas that helps to improve quality and faster delivery Technical & Behavioral Competencies Specific Qualifications (if required) An IT Engineering degree or equivalent At least 20 years of work experience in IT At least 10 years of work experience in a Capital Markets IT environment Hands on Programming experience of at least 10 years Experience of managing an overall team of at least 100 staff for at least 3 years Strong understand of Global Markets , trade lifecycle experience in trading platforms Financial markets and regulatory requirements Skills Referential Behavioural Skills Ability to collaborate / Teamwork Decision Making Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: Analytical Ability Ability to develop others & improve their skills Ability to anticipate business / strategic evolution Ability to inspire others & generate people's commitment Ability to develop and leverage networks Education Level: Bachelor Degree or equivalent Experience Level: At least 20 years Other/Specific Qualifications (if required)

Develop and implement a comprehensive data and security risk governance framework aligned with industry standards and regulatory requirements. Conduct regular audits and assessments of data security controls, processes, and policies to identify potential risks and vulnerabilities. Manage and oversee the governance, risk, and compliance (GRC) program, including policy development, monitoring, and reporting. Act as a liaison with internal and external auditors, ensuring timely and accurate responses to audit requests and findings. Provide guidance and support to business units in the identification and assessment of data and security risks in their operations. Lead TATA Plays efforts in compliance with relevant standards, laws, and regulations, ensuring adherence to data protection and privacy requirements. Manage and govern third party vendors supporting TATA Play in various security operations Collaborate with cross-functional teams to develop and enhance risk mitigation strategies and ensure effective implementation. Develop and deliver training programs to enhance awareness of data and security risk management across the organization. Stay abreast of industry trends, emerging threats, and changes in regulations to proactively address potential risks

Date 7 Jun 2025 Location: Bangaore, KA, IN Company Astom Req ID:475728 HR SOLUTIONS EXPERT OVERALL PURPOSE OF THE ROLE As a vita member of the Digita Services organization, the HR Soutions Expert within the Support Functions Business Soutions Architecture team pays a pivota roe in overseeing the andscape of HR soutions used gobay at Astom. This position entais managing soutions and services in the domain, activey engaging in projects for soution deivery, ensuring compiance and adherence to cybersecurity and privacy standards and providing ongoing support. RESPONSIBILITIES Manage the architecture of HR soutions, incuding documentation, bueprint maintenance, and soution interface definition. Provide guidance to run teams and coaborate cosey with HR teams, IT business partners, and, when necessary, assist in negotiations with oca unions. Support day-to-day activities by managing changes and evoutions through a robust reease management process, and hande obsoescence. Coaborate with support management and externa partners to ensure effective support and maintenance of soutions. REQUIREMENTS Bacheors degree in Computer Science, Human Resources, Business Administration or a reated fied. Reevant experience in HR, HRIS and/or IT governance. Proficient in writing comprehensive documentation and maintaining bueprints. Strong understanding of reease management processes and system architecture. Strong anaytica and probem-soving skis. Exceent communication and coaboration skis. Abiity to work independenty with minima supervision and coaborativey with cross-functiona teams and externa partners. Knowedge of HR information systems, data management, goba payro and compiance reguations, and/or payro software. Experience or exposure working with SAP SuccessFactors, ServiceNow, ADP, UKG/Kronos and/or other time management and payro software is highy desirabe. Famiiarity with works counci negotiations and compiance reguations. Experience in handing obsoescence and impementing system updates. You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or famiy, you be proud. If youre up for the chaenge, wed ove to hear from you! Important to note As a goba business, were an equa-opportunity empoyer that ceebrates diversity across the 63 countries we operate in. Were committed to creating an incusive workpace for everyone.

Overview Founded in 1988 and headquartered in Atlanta, Georgia Trimont (trimont,) is a specialized global commercial real estate loan services provider and partner for lenders and investors seeking the infrastructure and capabilities needed to make informed, effective decisions related to the deployment, management and administration of commercial real estate secured credit, We do this with a team of 1100+ extraordinary Team Members who serve a global client base from offices in Atlanta, Bengaluru, Charlotte, Dallas, Hyderabad, Kansas City, London, New York and Sydney We empower our skilled global teams by equipping them with the necessary knowledge and advanced technology, as well as fostering a culture driven by values This approach helps our teams excel and build meaningful client relationships, while providing the highest quality service and feeling proud of the work they do, Trimont is an innovative firm where visionary professionals come to learn, grow, and thrive with colleagues driven by curiosity and collaboration, Learn: We believe ongoing learning is critical and are focused on providing a work environment where all team members can take ownership of their careers, Grow: We work alongside the largest institutional lenders in the world, overseeing the most significant projects in the industry This unique opportunity allows us to broaden our skillset and develop our abilities by tackling some of the industry's most challenging and exciting endeavors, Thrive: Our firm is a place where ethics and excellence meet to create an experience that matches our capabilities There are no limits to what we as team members as an organization, can achieve together, Job Summary The Director of IT Operations will oversee infrastructure and end-user support for Trimont's two office locations in Hyderabad and Bengaluru, as well as for remote employees throughout India As operations expand in India and additional infrastructure resources for cloud engineering are added, this role may include direct reports Responsibilities include coordinating and directing contracted help desk services and nurturing relationships with key outsourced IT service providers Additionally, this position will primarily manage global financial processes related to IT services, hardware, and software The central aim of this role is to ensure a reliable, resilient, secure, and high-performance computing environment for team members in India, Responsibilities Deliver exceptional customer service to team members through an outsourced help desk, Develop and evaluate help desk metrics for ongoing enhancements, Oversee the technological components of office relocations and new office setups in India, Acquire and maintain essential hardware to support business operations, including laptops, servers, and networking equipment, Address infrastructure security vulnerabilities within established Service Level Agreements (SLAs), Partner with the security team to implement new security initiatives, Negotiate contracts with key Information Technology (IT) infrastructure vendors, Manage relationships with IT infrastructure vendors, Uphold and adhere to the IT infrastructure roadmap, Plan, forecast, and oversee technology operational expenditures, Ensure prompt entry of technology expenses into the payables system, Required Qualifications Bachelor's degree in Information Technology, Computer Science, Information Systems, or a related discipline, 7+ years of experience in IT operations, Familiarity with IT governance, risk, and compliance (GRC) frameworks, Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technologies (COBIT), and cybersecurity concepts, Knowledge of IT budgeting, procurement, and invoice processing, Demonstrated success in managing and planning IT operations, Established success in managing vendor relationships, Strong analytical, problem-solving, and communication abilities, Capable of working independently and collaboratively, Attention to detail with a dedication to producing high-quality work, Skilled in Microsoft Office and Microsoft technologies and platforms, including Azure, Experience in highly regulated sectors, such as financial services, Trimont is an equal opportunity employer, and were proud to support and celebrate diversity in the workplace If you have a disability and need an accommodation or assistance with the application process and/or using our website, please contact us We are proud to maintain a drug-free policy, ensuring that our community is a secure and productive space for all our team members,

Cyber Security Auditor Location: Mumbai Leading Bank Work From office mail at manjeet.kaur@mounttalent.com whatsap at 8384077438 Roles and Responsibilities 4 years of experience (upto 12 yrs.) in the field of information security operations, Information System Audits encompassing experience into any of the Banking Technologies Domains Application Security, Database management and administration, / Network security and SOC / Payment systems in addition to IT General controls (ITGC). Exposure to the Banking / Finance / Payment industry domains would be preferrable. Hands-on experience in the following areas: Writing Information security policies, procedures, and processes Conducting risk assessment covering Cyber Security domains as noted below: Application Security: Mobile application assessment, OWASP security practices for applications, VA/PT/AppSec, source-code review, black/grey/white box testing, application SDLC, Strong knowledge of programming languages for applications. Database Security: Database administration and management - Oracle, MS SQL etc., Database Activity Monitoring tools, data security and localization. Payments Systems Security: Understand payment systems and architecture such as SWIFT, UPI, IMPS, ATM, Internet Banking, Mobile Banking, Core Banking System, payment gateway, ATM switch and terminal. Experience in PCI DSS implementation/assessment and ATM end-point security and Cards data security and operations. Networks Security: Managing firewalls, routers, proxy, WAF, email filtering, DLP, DDoS protection, data encryption, IPS/IDS, Incident response and investigate security breaches, VA-PT for networks. Security Operations Centre- Implementation and review. IT General Controls: Familiarity with Technical Security controls of Identity & Access Management, Network, Server, Application, Change management, Backup and Restoration etc. and process controls reviews. Understand BCP and DR processes and architecture. Experience in conducting reviews based on ISO standards and regulatory guidelines in banking sector for a medium to large sized organization would be preferred. Experience in conducting Information System Audits Must have experience in preparing quality deliverables such as audit reports, presentations etc. Excellent written, oral communication and presentation skills Excellent organizational and interpersonal skills Ability to work independently or as part of a team Information technology / Banking and Financial services / Auditing / Cyber Security consulting Candidate will have to travel extensively within Mumbai and across the country for performing audits, as per RBI requirements. Conducting audit of Information security policies, procedures, and processes to identify process/design gaps. Conduct audits of information security systems and infrastructure to verify systems are secure and support the related applications/business processes. Conducts audits in different banking technology domains such as Active Directory, WAF, Network access security, End-point security, Application VA/PT/AppSec, SDLC, Database management and security, PCI-DSS, ATM controls, Cards (Debit/Credit) security, Payment-gateway, Cloud and API Security and IT General Controls etc. Additional weightage will be given to candidates with experience in domains such as Cloud Security, API security. Developing project plans, work programs, evaluating system controls, identify risks and audit gaps, documenting results in proper audit report format, making recommendations, and communicating information to stakeholders. Support in maintaining audit checklist and documents, trend analysis, preparing presentations etc. Should be a self-learner and must keep updated with the latest security guidelines issued by regulators, international standards for information security, threats and vulnerabilities researched/discovered. Research public domain to keep up to date knowledge on latest banking applications / technologies and emerging technologies Cloud, Virtualisation, AI-ML, IOT etc. and ensure continuous learning in identified security competencies and new/emerging technologies. Experience into people management / team management will be preferred.

Location: Gurgaon Sector 58 Preference: Candidates with experience in NBFCs Compensation: Up to 00 LPA Requirements: Strong communication skills, a compelling personality, and relevant profile exposure -----JOB DESCRIPTION--- For a role that encompasses IT GRC (Governance, Risk, and Compliance) along with IT Security Audit responsibilities, especially in the context of NIST, ISO 27001, SOC2, ITGC audit, RBI (Reserve Bank of India) regulatory compliance, IT Security Compliance, Business Continuity Management (BCM), Disaster Recovery (DR), and Vulnerability Assessment (VA), the roles and responsibilities would typically include: Governance, Risk, and Compliance (GRC): Develop and maintain IT governance frameworks aligned with industry standards and regulatory requirements. Establish and enforce policies, procedures, and controls to ensure compliance with applicable laws, regulations, and standards. Coordinate risk assessment and management activities across the organization. Monitor and report on compliance status to senior management and stakeholders. Facilitate audits and assessments to verify adherence to compliance requirements. Implement continuous improvement initiatives to enhance the effectiveness of GRC processes. IT Security Audit: Plan, coordinate, and conduct IT security audits based on regulatory requirements and industry best practices. Perform risk-based assessments of IT systems, networks, and applications to identify security vulnerabilities and weaknesses. Review and evaluate controls related to access management, change management, data protection, and incident response. Document audit findings, including recommendations for remediation and improvement. Collaborate with internal and external auditors to facilitate audit engagements and address audit findings. Track and monitor the implementation of audit recommendations to ensure timely resolution. Regulatory Compliance: Interpret and apply relevant regulatory requirements, including NIST Cybersecurity Framework, ISO 27001, and RBI guidelines. Conduct gap assessments against regulatory requirements to identify areas of non-compliance and develop remediation plans. Coordinate with business units and stakeholders to implement controls and measures to achieve compliance objectives. Prepare documentation and evidence to demonstrate compliance with regulatory requirements. Stay informed about changes in regulations and standards and assess their impact on the organization's compliance posture. IT Security Compliance: Establish and maintain IT security policies, standards, and guidelines in accordance with regulatory requirements and industry best practices. Conduct periodic reviews and assessments to ensure adherence to security policies and standards. Implement controls and measures to mitigate security risks and vulnerabilities. Monitor and analyse security events and incidents to detect and respond to security breaches. Provide guidance and support to business units on security compliance matters. Business Continuity Management (BCM) and Disaster Recovery (DR): Develop and maintain business continuity and disaster recovery plans aligned with organizational objectives and regulatory requirements. Run BCP/DR frameworks Conduct business impact analyses and risk assessments to identify critical business functions and dependencies. Coordinate the development, testing, and maintenance of BCM and DR plans. Ensure alignment between BCM/DR plans and IT systems, applications, and infrastructure. Provide training and awareness programs to ensure effective response and recovery during emergencies. Vulnerability Assessment (VA): Plan and execute vulnerability assessment activities to identify security weaknesses and vulnerabilities in IT infrastructure and applications. Utilize automated scanning tools and manual techniques to identify and prioritize vulnerabilities based on risk. Analyse and interpret scan results to provide actionable recommendations for remediation. Coordinate remediation efforts with IT teams to address identified vulnerabilities in a timely manner. Monitor and track the status of vulnerability remediation efforts and report on progress to stakeholders. In summary, this role involves a comprehensive approach to managing IT governance, risk, and compliance, along with conducting IT security audits, ensuring compliance with regulatory requirements such as NIST, ISO 27001, and RBI guidelines, and overseeing BCM, DR, and VA activities. Effective communication, collaboration, and coordination with various stakeholders are essential for success in this role. Digital Personal Data Protection Act (DPDPA) and GDPR Compliance: Interpret and ensure compliance with the provisions of the Digital Personal Data Protection Act (DPDPA) and the General Data Protection Regulation (GDPR), as applicable. Conduct data protection impact assessments (DPIAs) to identify and mitigate risks associated with the processing of personal data. Develop and maintain data protection policies, procedures, and controls to safeguard the privacy and confidentiality of personal data. Implement measures such as data encryption, pseudonymization, and access controls to protect personal data from unauthorized access and disclosure. Establish mechanisms for obtaining and managing consent for the processing of personal data in accordance with regulatory requirements. Monitor and respond to data subject requests (e.g., access requests, erasure requests) in compliance with GDPR and DPDPA requirements. Facilitate training and awareness programs to ensure compliance with data protection regulations and promote a culture of privacy within the organization. Collaborate with legal and compliance teams to address data protection issues and ensure alignment with regulatory requirements. Maintain records of processing activities and data protection measures to demonstrate compliance with GDPR and DPDPA obligations. Conduct regular audits and assessments to evaluate the effectiveness of data protection controls and identify areas for improvement. Competencies: Proactively contribute to leadership & handle work stress & people skills Strong analytical skills, problem solving skills, and project/program management skills Excellent communication skills working with all levels of management across the entire organization Ability to handle team strength and work cohesively Ability to act in Leadership position Work and stretch as required in corporate scenario Extrovert and Outspoken Experience Needed: 8+ years' demonstrable experience in IT security GRC management, IT security project management, IT & Data security policy management, and other security practices w.r.t Cloud Infra , Basic IT infra design and architecture Hands-on experience with designing, implementing and managing security IT GRC programs Past experience managing a small to mid-sized team Educational Requirements: Bachelor's degree or equivalent business experience in Computer Science, Business Management. Certified training in IT & Data security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, ISO 27K LA or related certification will be added advantage

Job Title: IT Security & Audit Compliance Analyst Location: Mumbai, Thane Experience Required: 1 to 3 Years Employment Type: Full-Time Job Description: We are seeking a highly motivated and detail-oriented IT Security & Audit Compliance Analyst to support end-to-end audit, compliance, and security operations across enterprise systems. The ideal candidate will be responsible for managing audit logs, ensuring policy compliance, generating reports, and supporting internal and external audit requirements. Key Responsibilities: Active Directory Audit Logs Management Manage and analyze audit logs for incident troubleshooting Ensure all log-on, log-off, and failed login attempts are captured #ActiveDirectory #AuditLogs #SecurityMonitoring Audit Journal & Security Compliance Reporting Generate, review, and submit audit reports as per schedule Identify and resolve discrepancies and respond to audit queries Ensure timely support for all audit activities (minimum 16 audits per year) #SecurityCompliance #AuditReporting #IncidentManagement User ID Management & Policy Compliance Maintain audit records for user ID approvals, revalidations Manage exceptions for shared IDs and non-expiring passwords #UserIDManagement #AccessControl #PolicyCompliance System Log Management & Retention Enable and manage logging on servers, network, and storage devices Ensure log retention for a minimum of 90 days within client infrastructure #LogRetention #SystemMonitoring #NetworkSecurity Desired Skills: Experience with Active Directory auditing and compliance Strong understanding of IT audit processes and security controls Ability to handle audit queries independently Familiarity with enterprise infrastructure and log management Strong communication and analytical skills #ITSecurity #InfoSec #AuditCompliance #InfrastructureSecurity #ITGovernance Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field 1+ years of relevant experience in IT Security, Audit, or Compliance roles Application Process: Interested candidates are requested to share their updated resume along with the following details: Total Experience: Relevant Experience: Current CTC: Expected CTC: Notice Period: Current Location: Willing to Relocate to Mumbai (Yes/No):

Qualifications: A minimum of seven (7) years of professional experience in information security risk and compliance management within a complex organizational setting is required. Preference will be given to applicants possessing experience in the development and management of internal IT risk and compliance programs, rather than advising external clients or conducting audits. Essential skills include proven expertise in ISO/IEC 27001 implementation, maintenance, internal review procedures, and managing ongoing maintenance projects. The role also requires experience in liaising with non-technical departments. A robust understanding or practical engagement with ISO 27001, PCI DSS and SOC2 standards is necessary. Experience in organizations subject to regulatory oversight by the RBI, NPCI,SEBI or IRDAI is advantageous. A comprehensive knowledge of information security operational processes and technologies is critical. Advanced documentation and reporting capabilities are mandatory. Exceptional stakeholder management skills are requisite. Certifications such as CISSP , CISM, ISO 27001 Lead Implementer are highly desirable. Experience within the financial services industry, with particular emphasis on regulated fintech, is considered a significant asset.

Mega Hiring for IT AUDIT Please send cv on zeenat@contactxndia.com / it@contactxindia.com Call on 9359055605 / 8971092439 Role & responsibilities We are hiring for one of the Big4 for IT Audit Location: Bangalore / Hyderabad Experience : 2 to 10 Years Candidate Should have : T Audit ITGC ITAC SOC1 SOC 2 Candidate should be from well know firm ((Big4 ,Big6 , MNC , Tier1 & 2 Companies ) Responsibilities Roles & responsibilities Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls.• Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions)• Hands on experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Qualifications Education Qualification : BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA,M.Tech, CA.•• Work Experience : The candidate must have 2-10years of relevant experience in a similar role, preferably with a Big 4 firm.•Team leading / Performance Management experience for a minimum of 1-2 years. Send cv on zeenat@contactxndia.com Call on 9359055605 Visit our website for more details / positionswww.contactxindia.com Preferred candidate profile

Role: Senior Manager, IT Infrastructure, Tech Enablers We are looking for a seasoned and strategic IT Infrastructure professional to lead the planning, execution, and management of IT infrastructure and technology enablement initiatives. This role will be responsible for driving enterprise-wide infrastructure architecture, managing networks and data centres, ensuring system reliability and cybersecurity, and enabling technology solutions that support institutional goals. The candidate must have strong business acumen, outstanding communication skills, strategic planning skills and knowledge of an organization's internal operations and technology initiatives. Oversee the technological infrastructure (networks and computer systems) in the organization to ensure optimal performance. Managing IT Infra and AV staff. Developing IT policies, procedures, and best practices related to hardware. Stay abreast of relevant laws and regulations impacting IT, especially in areas such as data privacy and security. Approve purchases of technological equipment and software and establish partnerships with IT providers. Design and customize technological systems and platforms to improve stakeholders experience. Overseeing relationships with vendors, contractors, and service providers. Developing and overseeing the IT budget. Participate in contract negotiation and agreements with vendors. Oversee the design, implementation, and maintenance of the university's IT infrastructure, including networks, servers, and storage systems. Provide support services to end-users, including students, faculty, and staff. Implement and maintain helpdesk services for prompt issue resolution. Generate reports and insights to support decision-making processes. Education and Experience Bachelors or masters degree in computer science, IT, or a related field. Minimum 12+ years of progressive experience in IT infrastructure management, with at least 34 years in a leadership role with strong expertise in: Networking (Cisco, Aruba, Fortinet, etc.) Server/Cloud environments (Windows/Linux, AWS/Azure) Location Mohali

Designation : IT Contracts Analyst Location : Hyderabad Work mode : Work from office (Hyderabad) Interested candidates with relevant experience only share us your updated resume on ashwin.kumar@globaldata.com We are seeking a detail-oriented, technologically proficient IT Contracts Analyst to join our dynamic Legal and Procurement team, working closely with the Information Security function. In this role, you will be responsible for reviewing, analyzing, and managing a wide range of IT-related contracts, including compliance requirements, service agreements, SaaS/cloud agreements, NDAs, and vendor contracts. This position plays a key role in supporting risk management, legal compliance, and alignment with our internal IT and security policies. Key Responsibilities: Review and analyze IT contracts and SLAs to ensure compliance with internal policies, legal standards, and information security requirements. Collaborate cross-functionally with Legal, IT Security, and Procurement teams to review, negotiate, and finalize contract terms. Track and manage the full lifecycle of IT contracts, ensuring timely renewals, amendments, and terminations. Identify key clauses, compliance gaps, risks, and client-specific requirements, aligning them with internal IT and security policies. Maintain a structured repository of all contracts, amendments, and associated documentation using contract management tools. Conduct risk assessments, perform compliance checks, identify critical clauses, and prepare concise contract summaries and reports. Remain current with industry trends, regulatory changes (e.g. data protection laws such as GDPR and CCPA), and best practices in IT contracting. Support the continuous improvement of contract review processes and contribute to internal documentation and policy alignment. Ideal Candidate Profile: Strong analytical skills with a keen eye for detail and the ability to interpret complex legal and technical terms. Technologically proficient, with a solid understanding of IT terminology, particularly relating to SaaS, cloud services, cyber security, and data privacy. Proactive, well-organized, and capable of managing multiple contracts and priorities in a fast-paced environment. Excellent written and verbal communication skills, with experience collaborating across departments. Qualifications: Bachelors degree in Business Law, Information Technology, or a related field (technical certifications are a plus). 2+ years of experience reviewing and managing IT/Technology contracts, ideally within a legal, procurement, or corporate compliance environment. Solid understanding of IT contracting concepts, including SLAs, SaaS agreements, and third-party vendor risk. Working knowledge of data protection regulations (e.g. GDPR, CCPA) and their implications in IT contracting. Familiarity with contract lifecycle management tools (e.g. DocuSign, Icertis, Jira, or AI-based review tools). Proficiency in Microsoft Excel, PowerPoint, and other documentation tools. Ability to work both independently and collaboratively across legal, IT, and procurement functions.

Role Description The IT Application Owner (ITAO) has sound IT risk management skills. They follow one of several possible service delivery approaches, acknowledge interference with the IT applications life cycle and assist with incorporating the adopted approach into best practice. The ITAO is aware of the gap in the current infrastructure solutions and where industry innovations are along the maturity lifecycle.They work with application stakeholders to improve the infrastructure, ensuring compliance with the technical roadmap. The ITAO has a sound knowledge of development methodologies and the IT policies necessary to perform effectively in the organization, aligned to the banks appetite for risk. The ITAO acts to improve safety and security of the application, compliance with regulations, policies, and standards,enhance operational readiness, and ease maintenance of the environment for delivering change into production. The ITAO supports the banks audit function in the remediation of audit points and self-identified issues to reduce risk. The ITAO is responsible for producing and maintaining accurate documentation on compliance with methodologies, IT policies and IT security requirements. The ITAO interacts with and influences colleagues on the governance of IT platform reliability and resilience. You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support. What well offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Your key responsibilities Strategy & Architecture Enterprise IT governance: Reviews current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy. Provides specialist advice to those accountable for governance to correct compliance issues. Information security: Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing: Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Specialist advice: Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organisation's planning and operations. Recognises and identifies the boundaries of their own specialist knowledge. Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organisation. Knowledge management: Maintains knowledge management systems and content to meet business needs. Supports others to enable them to complete knowledge management activities and form knowledge management habits. Reports on progress of knowledge management activities. Configures and develops knowledge management systems and standards. Supports changes to work practices to support capture and use of knowledge. Business risk management: Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management: Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management: Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools: Provides support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools. Change and Transformation Requirements definition and management: Assists in the definition and management of requirements. Uses standard techniques to elicit, specify, and document requirements for simple subject areas with clearly-defined boundaries. Assists in the creation of a requirements baseline and in investigating and applying authorised requests for changes to base-lined requirements, in line with change management policy. Delivery and operation Availability management: Contributes to the availability management process and its operation and performs defined availability management tasks. Analyses service and component availability, reliability, maintainability and serviceability. Ensures that services and components meet and continue to meet all of their agreed performance targets and service levels. Implements arrangements for disaster recovery and documents recovery procedures. Conducts testing of recovery procedures. Service acceptance: Engages with project management to confirm that products developed meet the service acceptance criteria and are to the required standard. Feeds into change management processes. Configuration management: Applies tools, techniques and processes to track, log and correct information related to configuration items. Verifies and approves changes ensuring protection of assets and components from unauthorised change, diversion and inappropriate use. Ensures that users comply with identification standards for object types, environments, processes, lifecycles, documentation, versions, formats, baselines, releases and templates. Performs audits to check the accuracy of information and undertakes any necessary corrective action under direction. Asset management: Applies tools, techniques and processes to create and maintain an accurate asset register. Produces reports and analysis to support asset management activities and aid decision making. Change management: Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change. Security administration: Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard security administration tasks and resolves security administration issues. Application support: Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures. Problem management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Enables development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Analyses patterns and trends. Incident management: Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process. Skills and quality Quality assurance: Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organisational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences. Conformance review: Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services. Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences. Digital forensics: Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports. Relationships and engagement Relationship management: Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining, and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information. Your skills and experience Autonomy: Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance, and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level. Influence : Interacts with and influences colleagues. Has working level contact with customers, suppliers, and partners. May supervise others or make decisions whichimpactthe work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work. Complexity: Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution. Knowledge: Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organization typically gained from recognized bodies of knowledge and organizational information. Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge. Business skills: Demonstrates effective communication skills. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client. Demonstrates an analytical and systematic approach to issue resolution. Takes the initiative in identifying and negotiating appropriate personal development opportunities. Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work. Expectations There are several common expectations that all experts should demonstrate over and above their technical/specialist contribution. These are also important for reinforcing our Deutsche Bank Values and Beliefs: Acts as role model for individuals aspiring to follow an expert career path by passionately promoting the merits of expert roles and the contribution of their Profession. Challenges the status quo and influences key stakeholders to ensure industry best practice is adhered to within their area of expertise. Mentors individuals across the Bank who wish to follow an expert career path through sharing their experience, expertise, and insight. Acts as training faculty on key internal technical/specialist development programmes (NB Annual number of hours/days to be agreed at start of year with Manager in consultation with the Profession Owner). Designs innovative, sustainable solutions which are congruent with the strategic direction of the Bank. Challenges colleagues to do the same, pushing the boundaries of what is possible to deliver potential for higher levels of organizational performance. Builds, captures, and manages the transfers of knowledge across the Professional community. Provides Profession Owners with input that shapes the curriculum. Defines and implements best practices, solutions and standards related to their area of expertise. Demonstrates thought leadership through seeking out opportunities to shape the agenda with Regulators, Government Departments and Professional bodies. Cultivates and maintains effective working relationships with stakeholders and clients by articulating the contribution, commercial impact, and benefits of expert roles.

Role Description ITAO is the custodian of the application and is responsible to apply and enable during Life-Cycle of the application the IT policies and procedures with specific consideration to IT management and Information Security. The ITAO ensures a clear separation of the responsibility within the project, aimed at achieving a safe and secure running of the application and compliance to regulations, policies and standards. ITAO is responsible for application documentation, application infrastructure reliability and compliance, and is usually the IT SPOC for audit initiatives. . What well offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Strategy & Architecture Enterprise IT governance Reviews current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy. Provides specialist advice to those accountable for governance to correct compliance issues. Cloud Security & Governance Migration on Cloud from on-prem setup end to end with ensuring application/infrastructure and Data Security Information security Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Specialist advice Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organisation's planning and operations. Recognises and identifies the boundaries of their own specialist knowledge. Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organisation. Knowledge management Maintains knowledge management systems and content to meet business needs. Supports others to enable them to complete knowledge management activities and form knowledge management habits. Reports on progress of knowledge management activities. Configures and develops knowledge management systems and standards. Supports changes to work practices to support capture and use of knowledge. Business risk management Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools Provides support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools. Change and Transformation definition and management Assists in the definition and management of requirements. Uses standard techniques to elicit, specify, and document requirements for simple subject areas with clearly-defined boundaries. Assists in the creation of a requirements baseline and in investigating and applying authorised requests for changes to base-lined requirements, in line with change management policy. Delivery and operation Availability management Contributes to the availability management process and its operation and performs defined availability management tasks. Analyses service and component availability, reliability, maintainability and serviceability. Ensures that services and components meet and continue to meet all of their agreed performance targets and service levels. Implements arrangements for disaster recovery and documents recovery procedures. Conducts testing of recovery procedures. Service acceptance Engages with project management to confirm that products developed meet the service acceptance criteria and are to the required standard. Feeds into change management processes. Configuration management Applies tools, techniques and processes to track, log and correct information related to configuration items. Verifies and approves changes ensuring protection of assets and components from unauthorised change, diversion and inappropriate use. Ensures that users comply with identification standards for object types, environments, processes, lifecycles, documentation, versions, formats, baselines, releases and templates. Performs audits to check the accuracy of information and undertakes any necessary corrective action under direction. Asset management Applies tools, techniques and processes to create and maintain an accurate asset register. Produces reports and analysis to support asset management activities and aid decision making. Change management Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change. Security administration Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard security administration tasks and resolves security administration issues. Application support Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures. Problem management Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Enables development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Analyses patterns and trends. Incident management Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process. Skills and quality Quality assurance Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organisational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences. Conformance review Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services. Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences. Digital forensics Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports. Relationships and engagement Relationship management Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information. Experience/Exposure Autonomy Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level. Influence Interacts with and influences colleagues. Has working level contact with customers, suppliers and partners. May supervise others or make decisions whichimpactthe work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work. Complexity Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution. Knowledge Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organization typically gained from recognized bodies of knowledge and organizational information. Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge. Business skills Demonstrates effective communication skills. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client. Demonstrates an analytical and systematic approach to issue resolution. Takes the initiative in identifying and negotiating appropriate personal development opportunities. Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work. Cloud Migration and Understanding Basic Knowledge on IaaS/PaaS/SaaS and migration from different environments to Cloud Your skills and experience Experience 6 to 9 years IT Service Management, IT Governance or IT Project Management background. Excellent communication and presentation skills, highly organized and disciplined. Experienced in working with multiple stakeholders. Ability to create and naturally maintain good business relationships with all stakeholders. Comfortable working in VUCA (Volatility Uncertainty Complexity Ambiguity) and highly dynamic environments. ITAO will typically have a rather limited technical hands on involvement. A high-level understanding on the products/technologies below is welcomed: Databasesmainly Oracle Application/web servers (like J2EE based, especially JBoss, Tomcat, WebLogic Server, Apache) Management of security certificates. Unix servers very basic administration Microservices and SOA Communication and encryption protocols (mainly HTTP(S), SSL) Networking (firewalls, load balancers, etc) High Availability Architecture. Reasonable understanding and relevant experience in Agile-Scrum delivery and main tools (Jira & Confluence); 4-5 years of work experience in IT; 2-3 years project management or application owner experience. Preferable skills: Experience working with distributed development teams; Experience in finance products Experience on Google Cloud Security and Management How well support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

Dear Candidate, Greetings. We are hiring for the role of Biso Helius Technologies Hyderabad. Work mode – Work from office Project – Singlife Exp – 10 to 15 years Please find the below JD for your reference. Role: BISO Work Location: Hyderabad (ODC) Key Responsibilities Focuses on Core BISO activities: Conduct Information Security Business Impact Assessments (ISBIA) for Projects, Applications, and Third-Party Outsourcing arrangements, aligning with Singlife Standards. Collaborate with Technology and Business units to evaluate the impact of control deficiencies. Lead the implementation of IS standards at the business level, ensuring alignment of procedures and practices with established standards. Collaborate in creating Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) using appropriate tools. Engage with Security Incident Response Teams to guide the resolution and closure of incidents, offering proactive recommendations. Generate periodic IS risk management reports, highlighting critical issues and proposing corrective action plans. Ensure adherence to IS standards and best practices across diverse disciplines. Support the business during audit reviews and regulatory inspections related to IS matters. Maintain vigilant oversight of IS programs, encompassing programs, policies, and associated reporting within the business landscape. Collaborate with business units to rectify non-compliance in processes, applications, and outsourcing activities. 1. 2. Act as a Business Partner Regularly communicate and interact with Management and Employees, enhancing understanding of IS-related programs, policies, and standards. Leverage the ISO network to share resources, extract best practices, and enhance operational efficiency. Validate compliance with security controls within business contracts. Evaluate the alignment of IS processes with business needs, particularly concerning software and internet usage. Conduct Information and Cyber Security Awareness training to fortify organizational preparedness. Partner with application managers or the Technology Information Security Officer (TISO) to address specific technical requirements. Stay relevant to evolving cybersecurity regulations (MAS, CSA, GIA, LIA) to provide subject matter expert feedback. Assess the impact of new and updated regulations promptly by partnering with the ISO, Technology & Operations community. 3. Other Requirements Demonstrate skill in delivering compelling presentations and managing complex programs. Display exceptional aptitude in consulting, problem-solving, and analytical capabilities. Exhibit a proactive, assertive, service-oriented demeanour while effectively functioning as a cohesive team player. Demonstrate the ability to manage concurrent tasks and prioritize effectively, even in conflicting timelines. Key Decisions within the Role Be the gatekeeper of the IS business impact assessments (ISBIA) processes and ensure applications within Singlife adhere to IS standards. Team Direct and indirect accountability for Information Security Officers Requirements Experience Minimum 10 years of experience in Information security. In areas such as security governance, risk management, application security design, security project management or security operation. • Professional Certifications CISSP, CISM, CISA, SANS, Cloud would be preferred. Education Bachelor’s degree in IT, Engineering or equivalent Skill Matirx- Skill Candidate's self- assessment (Score 1-5) Primary: InfoSec experience Secondary: Risk/Governance/Assurance framework Experience in conducting Infosec Training Excellent Communication/Presentation skills Infosec Certifications Primary: Cybersecurity regulations Secondary: Creation of Risk Acceptance/Risk Exceptions/CAPs Monetary Authority of Singapore (MAS) regulations Awareness of Security Control . Compliance Security Audits . Please revert with update profile if you find it interesting. Feel free to reach out for any queries. Role & responsibilities Preferred candidate profile

Please share your CV on sv17@svmanagement.com The IT Infrastructure & IT Security Head will drive the strategic planning, deployment, and management of robust, scalable, and secure IT infrastructure for a large-scale, multi-plant automotive manufacturing company. The role demands deep expertise in manufacturing IT ecosystems, cybersecurity governance, and a strong understanding of operational technology (OT) environments, including Industry 4.0 integrations. Qualifications & Experience: Bachelors or Masters degree in computer science, IT, Electronics, or related field. 1620 years of relevant experience, preferably in large-scale manufacturing, with at least 5 years in a leadership role. Strong expertise in IT infrastructure design, cloud computing (Azure/AWS/GCP), industrial networks, and cybersecurity. Experience working in automotive/engineering/manufacturing sectors is highly preferred. Professional certifications such as ITIL, CCNP, MCSE, CISSP, CISM, TOGAF, or PMP will be an added advantage. Extensive experience of managing IT Budgets. Excellent understanding of IT service management/ITIL processes. Experience of managing multiple / complex infrastructure projects. Expertise in modern hosting, computing, storage, and data delivery platforms. Strong knowledge of IT control frameworks (e.g., SOX, access & security, privacy) and implementing controls. Extensive experience in implementing and managing SAP (ECC, S/4 HANA) landscapes Infrastructure with good SAP Basis expertise. Extensive experience with SaaS platform integration and optimization. Proficient in Microsoft Cloud products, IT budgeting, staff recruitment, and vendor management. Familiar with AWS well-architected framework and IT architecture, data integration, and networking infrastructure. Knowledge of automation, RPA, EDR, MDR, vulnerability management, and penetration testing. Hands-on expertise in various IT infrastructure, cloud, and cybersecurity platforms.