188 Itgc Jobs

Roles & Responsibilities: Be part of Banks GRC program and handle regulatory characteristics focused in cybersecurity Identify and Drive improvement initiatives to Enhance Risk posture of the Bank Face off to Various regulators and drive programs for compliance to the Regulatory requirements Be a champion of ITGC initiatives Provide guidance to group companies to ensure consistency in risk governance, cyber risk management and compliance. Be the focal of Group companies for all IRM requirements Collaborate with group companies on IT governance, cybersecurity and control measures across Groups IT landscape. Present cyber risk posture in quarterly IT Strategy meetings for group companies. Promote a strong risk culture within the bank and group companies fostering awareness of risk management principles. Validate Security Policies and Procedures in conjunction with IT controls Manage internal and external stakeholders Ability to endorse cyber risks through publication of dashboards and drive initiatives to Improve Risk posture Job Requirement: Experience required for the Job: 15+ years in information technology & security; Engineer / Post Graduate / MBA Strong understanding of IT governance frameworks, risk management practices and regulatory requirements. Industry acknowledged certifications like CISA / CISSP / CRISC Experience in Team handling / management is must Knowledge on Layered Security - Firewalls, Intrusion Detection, OS Hardening, Project Management, Security Training. Experience in handling regulatory matters will be an added advantage Strategic thinking and strong analytical skills Excellent communication and inter personal skills with focus on verbal, written communication & presentation skills

Technology Risk ( ITGC )- Staff-3 Exp: 1-3 Years Skills: ITGC/ IT general controls+ SAP S4 Hana/ SAP ECC Qualification: Any Graduate / Qualified CA Location: Noida, Pune, Bangalore, Kochi, Kolkata, Chennai , Gurgaon , Hyderabad, Trivandrum Mode: 2 days from office Responsibilities: Participate in IT Risk and Assurance engagements. Work effectively as a team member, sharing responsibility, providing support, maintaining active communication, and updating senior team members on progress. Helping in preparation of the audit reports that will be delivered to clients and other parties. Develop and maintain productive working relationships with onshore and client personnel. Identification and testing of SAP IT security and IT risk (e.g., data systems, network and applications) across the enterprise. Assist with facilitating practice wide training (SAP ITGC/ SAP ITAC /SAP Pre & Post Implementation) curriculum. Work closely with onshore, cross-functional teams and develop strong relationships as project senior across the organisation. Stay updated with and promote awareness of updated ERP versions & its functionalities, industry best practices. Active team member executing project management/ stakeholders management (Client, Assurance, onshore) Planning and Budgeting preparation and perform analysis of budget vs actuals. Provide quality deliverables with value addition on the engagements and is known as SMR across organisation. Skills and attributes for success Experience in reviewing and testing of SAP S4 Hana / SAP ECC IT general controls (ITGC) for key domains such as access management, change management, computer operations, SDLC (System Development Life Cycle) Experience in reviewing and testing SAP S4 Hana / SAP ECC security & configurations such as debugging, client settings, etc. Experience in performing pre & post implementation reviews in SAP S4 Hana / SAP ECC environment and have been through S4 Hana/ ECC lifecycle & performing migration testing. Knowledge and understanding of the TCode, tables used to extract the data from SAP S4 Hana / SAP ECC with relation to ITGC and ITAC testing. Knowledge and understanding of SAP S4 Hana / SAP ECC user access security architecture (Roles, profiles, Authorisation objects) Experience in testing of firefighter controls in SAP S4 Hana / SAP ECC and GRC. Experience in reviewing and testing the Operating System (OS) and Hana Database (DB) controls in SAP S4 Hana / SAP ECC environment. Experience of working with other SAP applications such as GRC, Fiori, BW, BI, Ariba, Concur, Success Factor, VIM, Vistex. Experience in evaluation and testing of sensitive access and SOD (Segregation of Duties) across key business and IT process in SAP S4 Hana / SAP ECC and GRC environment. Experience in SAP GRC access control (AC) & process control (PC), financial compliance management (FCM). Experience in performing the walkthrough (Test of design) directly with the client, Operating Effectiveness and have knowledge of the financial statements assertions. Knowledge and understanding of the auditing methodology. Experience in reviewing and interpretation the ABAP codes with relation to the control testing for ITGCs and ITACs in SAP S4 Hana / SAP ECC environment. Experience in reviewing and testing the key reports ensuring the risks (completeness & accuracy) related to IPEs (Information Produced by Entity) are addressed. Knowledge and experience of industry specific SAP S4 Hana / SAP ECC modules. Knowledge of SAP S4 Hana / SAP ECC standard functionalities in relation to business and IT controls. Experience in reviewing and testing the key business process configurations (ITACs) in SAP S4 Hana / SAP ECC environment. Having strong knowledge of SAP S4 Hana / SAP ECC configurations (e.g., 3-way match, copy controls) is must. Experience in testing of interface controls between multiple systems and middleware controls. Experience in IT audit in the context of a financial audit & related regulations, auditing standards and guidelines. Knowledge and understanding of control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX. Knowledge and understanding of common IT governance, control, and assurance industry frameworks, including COBIT and ISACA best practices. Knowledge and understanding of third-party attestation standards (particularly SSAE16/18), other reporting and industry specific standards.

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality CheckConduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls EvaluationTest and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing DocumentationDocument control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and ReportingIdentify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance ReportingPrepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional CollaborationCollaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team CertificationCISA preferred Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: GRC Consulting. Experience5-8 Years.

Join Barclays as a Analyst SOx role, where core responsibility is to execute design assessment and operating effectiveness testing of controls in accordance with testing plans and aligned to relevant policies, procedures and quality standards providing assurance to Management that the processes and controls within the reviewed Business Unit are effectively designed and operating to mitigating the identified risks. At Barclays, we don't just anticipate the future we're creating it.. To be successful in this role, you should have below skills:. Qualified CMA or ACCA with articleship experience in a reputed firm / MBA Finance with relevant work experience.. Understanding of SOx and Risk Management practices including but not limited to Internal Audit.. Ability to communicate internal control concepts clearly, in a business context.. Ability to interpret, analyze and derive logical conclusions on data patterns.. Verbal and written communication skills to deal with internal and external stakeholders. Keeps stakeholders (including Auditors) up-to-date with the progress of the audit work, observation status. Some Other Highly Valued Skills May Include Below. Basic knowledge of internal control and regulatory requirements & practice e.g. Turnbull, Sarbanes-Oxley, COSO.. Basic awareness of the specific current requirements of the US GAAP / IFRS/IAS regimes.. Proficient in use of MS Office packages (Outlook, Word, Excel, Power-point).. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills.. This role is based in our Noida office.. Purpose of the role. To partner with the bank, to provide independent insurance on control processes and advise on improvements to ensure the efficiency and effectiveness of the bank’s internal controls framework.. Accountabilities. Collaboration across the bank to maintain a satisfactory, robust, and efficient control environment through the execution of ad-hoc assessments and testing on the design and operational effectiveness of the internal controls, aligned to control policies and standards.. Development of detailed test plans and procedures to identify weaknesses in internal controls and other initiatives aligned to the bank’s control framework to mitigate any potential risks and issues, prioritised by its severity to disrupt bank operations, potential losses, and reputational impact.. Communication of key findings and observations to the relevant stakeholders and business units to improve overall control efficiency and provide corrective actions to senior managers. Collaboration with other control professionals to resolve complex issues and ensure consistent testing methodologies across the bank.. Development of a knowledge centre containing detailed documentation of control assessments, testing on design and operational effectiveness of procedures, findings, and the distribution of material on internal controls to train and upskill colleagues within the bank.. Analyst Expectations. To meet the needs of stakeholders/ customers through specialist advice and support. Perform prescribed activities in a timely manner and to a high standard which will impact both the role itself and surrounding roles.. Likely to have responsibility for specific processes within a team. They may lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources. They supervise a team, allocate work requirements and coordinate team resources.. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.. OR for an individual contributor, they manage own workload, take responsibility for the implementation of systems and processes within own work area and participate on projects broader than direct team.. Execute work requirements as identified in processes and procedures, collaborating with and impacting on the work of closely related teams.. Check work of colleagues within team to meet internal and stakeholder requirements.. Provide specialist advice and support pertaining to own work area.. Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.. Maintain and continually build an understanding of how all teams in area contribute to the objectives of the broader sub-function, delivering impact on the work of collaborating teams.. Continually develop awareness of the underlying principles and concepts on which the work within the area of responsibility is based, building upon administrative / operational expertise.. Make judgements based on practise and previous experience.. Assess the validity and applicability of previous or similar experiences and evaluate options under circumstances that are not covered by procedures.. Communicate sensitive or difficult information to customers in areas related specifically to customer advice or day to day administrative requirements.. Build relationships with stakeholders/ customers to identify and address their needs.. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.. Show more Show less

: Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About the role: As a Vendor Risk Operations team member, you will play a critical role in safeguarding Paytm from potential risks associated with our vendor ecosystem. You will be responsible for conducting comprehensive vendor risk assessments, ensuring compliance with internal policies and regulatory requirements, and actively contributing to the continuous improvement of our vendor risk management framework. This role requires a keen eye for detail, strong analytical skills, and the ability to collaborate effectively with various stakeholders. Conduct end-to-end vendor risk assessments across various risk domains (e.g., Vendor deduplication, information security, financial stability, business continuity, regulatory compliance, data privacy). Collaborate with business units to understand their vendor requirements and associated risks. Review vendor-provided documentation, certifications, and audit reports to identify potential vulnerabilities. Conduct Mystery-shopping wherever required Track and monitor vendor remediation efforts to ensure timely closure of identified risks. Maintain accurate and up-to-date vendor risk profiles and assessment records. Assist in the development and enhancement of vendor risk assessment methodologies, tools, and processes. Contribute to the ongoing development and implementation of Paytm's vendor risk management framework. Generate regular reports on vendor risk posture and assessment progress for internal stakeholders. Participate in ad-hoc projects and initiatives related to vendor risk management as required. Expectations/: Educational QualificationBachelor's degree in Business Administration, Finance, IT, Risk Management, or a related field. Experience2-5 years of experience in vendor risk management, third-party risk management, internal audit, compliance, or a similar risk-focused role. Domain KnowledgeStrong understanding of various risk domains, including information security, data privacy (e.g., GDPR, local data protection laws), financial risk, operational risk, and regulatory compliance. Understanding of Technology and User ExperienceAn appreciation for how technology solutions are built and how they impact user experience will be valuable in assessing vendor capabilities and potential risks. Analytical & Problem-Solving Skills: Excellent analytical and problem-solving skills with the ability to conduct deep dives, identify, assess, and mitigate risks effectively. Advanced Knowledge of Excel is required for data analysis and reporting. Basic knowledge of MySQL would be an added advantage for data retrieval and manipulation. Communication & Interpersonal Skills: Good communication and interpersonal skills, with the ability to present complex information clearly and concisely to diverse audiences. Strong written communication for documentation and reporting. High level of drive, initiative, and self-motivation. Ability to work independently, prioritize tasks, and manage multiple assessments simultaneously in a fast-paced environment. A willingness to experiment, learn quickly, and continuously improve processes and personal skills. Certifications (Preferred but not mandatory)CISA, CRISC, CISM, or other relevant certifications in risk management or information security. Why join us: A collaborative output driven program that brings cohesiveness across businesses through technology Improve the average revenue per use by increasing the cross-sell opportunities A solid 360 feedbacks from your peer teams on your support of their goals CompensationIf you are the right fit, we believe in creating wealth for you with enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it

Role & responsibilities Professional responsibilities for this manager position include but are not limited to: Applying internal control principles and technical knowledge, including Application Controls and IT General Controls; Developing and/or supervising the execution of detailed audit work plans for the IT audit component of the IA team through resource allocation, stakeholder coordination and quality review; Managing the identification of key risks and controls, including evaluation of control design; Evaluation of operational effectiveness of IT System Controls, utilizing appropriate testing techniques and professional skepticism; Providing regular status reports to IA management and internal clients/stakeholders, when necessary, to keep relevant parties informed of progress and potential issues; Assessing audit results, translating findings into level of risk, to produce meaningful insights and recommendations; Communicating risk findings, verbally and written, to clients in a pragmatic and helpful manner; Driving follow up and remediation of reported issues in a timely manner; Building meaningful relationships with clients through client engagements and networking; Managing and delivering against deadlines while working on multiple projects; Participating in development and delivery of training curriculum; and Coaching team members and reviewing their work. Minimum years of experience: 5+ year(s) of external/ internal audit experience (big four experience is preferred) Minimum Degree Required: Bachelors or master’s degree in accounting, Management Information Systems, Computer Science, Engineering or business related field Preferred Certifications: CISA, CISM, CISSP, CA and/or CIA Preferred Knowledge/ skills: Demonstrates extensive knowledge and/or proven record of success in the following areas: Security and controls for various on-premise and cloud-based technologies; Control standards (COSO, COBIT), control testing strategies; Public accounting practices and internal audit processes i.e., technology and tools for planning, testing and reporting; IT general controls concepts in the areas of system development, change management, computer operations and access to programs; Identifying and assessing business process controls and linkage to IT systems; and, IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, investigations and ethics. Additionally, candidates should have excellent communication (written and verbal) skills and should be able to work with global teams independently with minimal supervision. Flexible work hours are required to align with US and UK hours as agreed upon. SHift-2pm-11pm

Reference 25000BXB Responsibilities Responsibilities: Preparation of daily/ monthly / Adhoc MIS Follow up and compilation of Balance confirmation certificates Assist in Account Maintenance related activities Perform BOD, EOD checks and day end reconciliation of transactions Handling of basic client queries Preparation of checklists for transactions and raise workflows to back office Respond to queries on documents raised for scrutiny to back office Tracking receipt of documents from clients and filing of soft copies for bank records Assist in preparation of various follow up letters to clients Assist in compilation of regulatory reports, data upload/download from regulatory tools Required Profile required Academic Background (degree and major): Com, MBA Finance Skills & Competencies required: Strong communication skills (written and spoken) Strong interpersonal skills Language Skills: English, Hindi Computer Skill: Good knowledge and experience in using MS tools Experience in IT/systems application will be an added advantage, Business insight Societe Generale is one of the leading financial services groups in Europe Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth, putting its resources to work to finance the economy and its clientsplans With a solid position in Europe and a presence in countries with strong potential, the Groups 145,700 employees in 66 countries support 31 million individual clients, large corporates and institutional investors worldwide by offering a wide range of advisory services and tailored financial solutions, Societe Generale was established in India in the year 1978 In 1985, Societe Generale Bank commenced operations as a Scheduled Commercial Bank in Mumbai Since then, it has a proud legacy of servicing corporates and clients New branches were added in Delhi (1993) Societe Generale not only offers an extensive product portfolio to different market segments, but customizes solutions in investment bankingl, global finance and global markets Societe Generale is an equal opportunities employer and believes that a diverse and inclusive workforce should be encouraged and recognized, Diversity and Inclusion We are an equal opportunities employer and we are proud to make diversity a strength for our company Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination,

Key Responsibilities Collaborate closely with finance and IT teams to ensure adherence to SOX (Sarbanes-Oxley Act) and ITGC (IT General Controls) compliance requirements, supporting audit readiness and control effectiveness. Analyze and document business processes, including accounts payable (AP), accounts receivable (AR), general ledger (GL), financial planning & analysis (FP&A), treasury, Segregation of Duties (SOD) and claims processing, to identify improvement opportunities, risks and recommend control enhancements. Support and facilitate the implementation and continuous improvement of Go-To-Market (GTM) and Gross-to-Net (G2N) sales processes to track revenue leakages (after giving effect of Trade promo/retailor margins etc.), ensuring alignment with business objectives, seamless integration with finance systems and regulatory standards. Translate business requirements into functional and technical specifications for IT tools, ensuring segregation of duties (SOD) compliance. Lead the analysis of claims processing workflows to identify inefficiencies, propose automation opportunities, and develop strategies to enhance operational effectiveness. Partner with cross-functional stakeholders, especially internal IT teams or external Vendors/Auditors, for solution design, system testing, and deployment of finance-related applications to gather requirements, translate business needs into technical specifications, and support solution design and deployment. Monitor compliance metrics, control effectiveness, system performance, identify bottlenecks, and contribute to continuous improvement initiatives for finance operations, preparing reports and dashboards for senior management and audit teams. Conduct user acceptance testing (UAT), develop test cases, and manage defect resolution to ensure high-quality system implementations. Facilitate and assist in training and awareness programs related to compliance, governance, and process improvements within the finance and IT landscape, onboarding, and post-implementation support to drive adoption of new tools and processes. Drive continuous improvement initiatives by leveraging data analytics and business intelligence tools to support decision-making. Ensure all deployed IT solutions align with business goals, compliance standards, and CPG industry best practices. Preferred candidate profile Required Qualifications Bachelors degree in finance, Accounting, Business Administration, Information Technology, or related field. 4-6 years of core experience in finance business partnering, IT compliance, or business analysis within the CPG/FMCG sector or IT/consulting engagements with CPG clients. Strong understanding and practical experience with SOX compliance , ITGC Framework , and segregation of duties (SOD) principles/frameworks, other finance processes, including reporting, budgeting, accounting, treasury, and claims processing. Proven experience supporting GTM and G2N processes in the context of Finance, Supply Chain and Sales operations. Experience analysing and optimising claims processing workflows, working in Agile or hybrid project methodologies. Proven ability to work collaboratively with finance, IT, and audit teams. Excellent communication, documentation, analytical, problem-solving, and stakeholder management skills to liaise between finance and IT teams. Proficiency in business analytics tools (e.g., Excel, Power BI, Tableau) and process documentation software. Hands-on experience in ERP systems (SAP, Oracle, or similar) and their role in compliance and finance operations is preferred. Desired Skills & Competencies Familiarity with modern finance tools such as SAP S/4HANA, BlackLine, Anaplan, or Power BI. Exposure to data visualization, robotic process automation (RPA), or cloud-based finance platforms. Understanding of change management principles to support user adoption and process transitions. Prior experience with claims processing systems or automation in the CPG industry. Detail-oriented with a strong focus on compliance and governance. Ability to interpret complex regulatory requirements and translate them into actionable business processes. Strong stakeholder management and interpersonal skills. Proactive mindset with a continuous improvement approach. Ability to manage multiple priorities and deliver within deadlines. Comfortable working in a fast-paced, matrixed organization. Flexibility to collaborate with cross-functional and global teams, accommodating different time zones as needed

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Manager and Assistant Manager Department BAS -IT Risk Assurance Experience At least 3 to 8 year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Location: Gurgaon Sector 58 Preference: Candidates with experience in NBFCs Compensation: Up to 00 LPA Requirements: Strong communication skills, a compelling personality, and relevant profile exposure -----JOB DESCRIPTION--- For a role that encompasses IT GRC (Governance, Risk, and Compliance) along with IT Security Audit responsibilities, especially in the context of NIST, ISO 27001, SOC2, ITGC audit, RBI (Reserve Bank of India) regulatory compliance, IT Security Compliance, Business Continuity Management (BCM), Disaster Recovery (DR), and Vulnerability Assessment (VA), the roles and responsibilities would typically include: Governance, Risk, and Compliance (GRC): Develop and maintain IT governance frameworks aligned with industry standards and regulatory requirements. Establish and enforce policies, procedures, and controls to ensure compliance with applicable laws, regulations, and standards. Coordinate risk assessment and management activities across the organization. Monitor and report on compliance status to senior management and stakeholders. Facilitate audits and assessments to verify adherence to compliance requirements. Implement continuous improvement initiatives to enhance the effectiveness of GRC processes. IT Security Audit: Plan, coordinate, and conduct IT security audits based on regulatory requirements and industry best practices. Perform risk-based assessments of IT systems, networks, and applications to identify security vulnerabilities and weaknesses. Review and evaluate controls related to access management, change management, data protection, and incident response. Document audit findings, including recommendations for remediation and improvement. Collaborate with internal and external auditors to facilitate audit engagements and address audit findings. Track and monitor the implementation of audit recommendations to ensure timely resolution. Regulatory Compliance: Interpret and apply relevant regulatory requirements, including NIST Cybersecurity Framework, ISO 27001, and RBI guidelines. Conduct gap assessments against regulatory requirements to identify areas of non-compliance and develop remediation plans. Coordinate with business units and stakeholders to implement controls and measures to achieve compliance objectives. Prepare documentation and evidence to demonstrate compliance with regulatory requirements. Stay informed about changes in regulations and standards and assess their impact on the organization's compliance posture. IT Security Compliance: Establish and maintain IT security policies, standards, and guidelines in accordance with regulatory requirements and industry best practices. Conduct periodic reviews and assessments to ensure adherence to security policies and standards. Implement controls and measures to mitigate security risks and vulnerabilities. Monitor and analyse security events and incidents to detect and respond to security breaches. Provide guidance and support to business units on security compliance matters. Business Continuity Management (BCM) and Disaster Recovery (DR): Develop and maintain business continuity and disaster recovery plans aligned with organizational objectives and regulatory requirements. Run BCP/DR frameworks Conduct business impact analyses and risk assessments to identify critical business functions and dependencies. Coordinate the development, testing, and maintenance of BCM and DR plans. Ensure alignment between BCM/DR plans and IT systems, applications, and infrastructure. Provide training and awareness programs to ensure effective response and recovery during emergencies. Vulnerability Assessment (VA): Plan and execute vulnerability assessment activities to identify security weaknesses and vulnerabilities in IT infrastructure and applications. Utilize automated scanning tools and manual techniques to identify and prioritize vulnerabilities based on risk. Analyse and interpret scan results to provide actionable recommendations for remediation. Coordinate remediation efforts with IT teams to address identified vulnerabilities in a timely manner. Monitor and track the status of vulnerability remediation efforts and report on progress to stakeholders. In summary, this role involves a comprehensive approach to managing IT governance, risk, and compliance, along with conducting IT security audits, ensuring compliance with regulatory requirements such as NIST, ISO 27001, and RBI guidelines, and overseeing BCM, DR, and VA activities. Effective communication, collaboration, and coordination with various stakeholders are essential for success in this role. Digital Personal Data Protection Act (DPDPA) and GDPR Compliance: Interpret and ensure compliance with the provisions of the Digital Personal Data Protection Act (DPDPA) and the General Data Protection Regulation (GDPR), as applicable. Conduct data protection impact assessments (DPIAs) to identify and mitigate risks associated with the processing of personal data. Develop and maintain data protection policies, procedures, and controls to safeguard the privacy and confidentiality of personal data. Implement measures such as data encryption, pseudonymization, and access controls to protect personal data from unauthorized access and disclosure. Establish mechanisms for obtaining and managing consent for the processing of personal data in accordance with regulatory requirements. Monitor and respond to data subject requests (e.g., access requests, erasure requests) in compliance with GDPR and DPDPA requirements. Facilitate training and awareness programs to ensure compliance with data protection regulations and promote a culture of privacy within the organization. Collaborate with legal and compliance teams to address data protection issues and ensure alignment with regulatory requirements. Maintain records of processing activities and data protection measures to demonstrate compliance with GDPR and DPDPA obligations. Conduct regular audits and assessments to evaluate the effectiveness of data protection controls and identify areas for improvement. Competencies: Proactively contribute to leadership & handle work stress & people skills Strong analytical skills, problem solving skills, and project/program management skills Excellent communication skills working with all levels of management across the entire organization Ability to handle team strength and work cohesively Ability to act in Leadership position Work and stretch as required in corporate scenario Extrovert and Outspoken Experience Needed: 8+ years' demonstrable experience in IT security GRC management, IT security project management, IT & Data security policy management, and other security practices w.r.t Cloud Infra , Basic IT infra design and architecture Hands-on experience with designing, implementing and managing security IT GRC programs Past experience managing a small to mid-sized team Educational Requirements: Bachelor's degree or equivalent business experience in Computer Science, Business Management. Certified training in IT & Data security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, ISO 27K LA or related certification will be added advantage

Job Title: IT Security & Audit Compliance Analyst Location: Mumbai, Thane Experience Required: 1 to 3 Years Employment Type: Full-Time Job Description: We are seeking a highly motivated and detail-oriented IT Security & Audit Compliance Analyst to support end-to-end audit, compliance, and security operations across enterprise systems. The ideal candidate will be responsible for managing audit logs, ensuring policy compliance, generating reports, and supporting internal and external audit requirements. Key Responsibilities: Active Directory Audit Logs Management Manage and analyze audit logs for incident troubleshooting Ensure all log-on, log-off, and failed login attempts are captured #ActiveDirectory #AuditLogs #SecurityMonitoring Audit Journal & Security Compliance Reporting Generate, review, and submit audit reports as per schedule Identify and resolve discrepancies and respond to audit queries Ensure timely support for all audit activities (minimum 16 audits per year) #SecurityCompliance #AuditReporting #IncidentManagement User ID Management & Policy Compliance Maintain audit records for user ID approvals, revalidations Manage exceptions for shared IDs and non-expiring passwords #UserIDManagement #AccessControl #PolicyCompliance System Log Management & Retention Enable and manage logging on servers, network, and storage devices Ensure log retention for a minimum of 90 days within client infrastructure #LogRetention #SystemMonitoring #NetworkSecurity Desired Skills: Experience with Active Directory auditing and compliance Strong understanding of IT audit processes and security controls Ability to handle audit queries independently Familiarity with enterprise infrastructure and log management Strong communication and analytical skills #ITSecurity #InfoSec #AuditCompliance #InfrastructureSecurity #ITGovernance Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field 1+ years of relevant experience in IT Security, Audit, or Compliance roles Application Process: Interested candidates are requested to share their updated resume along with the following details: Total Experience: Relevant Experience: Current CTC: Expected CTC: Notice Period: Current Location: Willing to Relocate to Mumbai (Yes/No):

JOB ROLE: Oracle Tech Risk and Controls Requirements: Any Graduation degree from a reputed college with minimum 3-8 years of Oracle EBS/Fusion audit Or one end to end implementation experience or Oracle EBS/Fusion maintenance & support in AP, AR, GL, FA, PO, CM modules. Candidate should be well versed with the configuration across different processes for the respective modules. Must have good business process knowledge and excellent communication skills Oracle certification would be a plus point. Work experience in a Big4 - PwC, Deloitte or system integrator companies (Infosys, HCL, Siemens, IBM, Accenture, Wipro, TCS) would be an advantage Knowledge and working on Oracle GRC/RMC (Roles Re-design, GRC functional rule setups) is plus Quick learner, adapt to new client situations quickly and work under a competitive environment Must have problem solving skills, a strong drive and resilience and excellent documentation/ report writing skills Experienced resources who have knowledge and worked on PMO activities will be an added advantage (include but not limited to planning project management activities, analyzing financial information to keep projects on track, collaborating steerco meetings, provide financial reports and budget outlines to Executives, evaluate projects to ensure they are meeting company standards, adhere to budgets, and meet deadlines) Responsibilities: Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Would be required to execute Oracle related audit and advisory engagements, as tabulated below Pre & Post implementation review (configurations controls review, Role Review, Go-Live strategy & Cut over strategy review) System utilization review Advisory related to above., Data migration review, Pre & Post Go-Live reviews, Segregation of duties, SOD Ruleset review and design, Oracle GRC / RMC Access Control and Process Controls review. Is expected to demonstrate strong business process understanding and provide reasonable recommendation as per industry best practice. Would be responsible for ensuring quality and timely delivery of projects Would be responsible to interact independently with various Head of Departments and CXO level personnel, Oracle implementation partner, client IT teams and other stakeholders. Is expected to maintain excellent client relationship Supervise associates and interns on engagements Preferred candidate profile: Minimum of 3 year of experience in any of the following areas: Oracle implementation (modules mentioned above) Oracle EBS/Fusion audit and advisory, Oracle EBS/Fusion security and role design/re-design, Bachelor's degree in an appropriate field from an accredited college/university Hands-on Oracle Financial and/or security implementation and/or effective Oracle audit experience, ideal candidate will have both Project or team lead experience, specifically within a consulting firm is preferred Excellent written and verbal communication, facilitation, and presentation skills with the ability to gain the confidence and respect of senior level executives Strong analytical and problem solving skills Ability to work well in teams Ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours Willingness to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic and lead by example

Role & responsibilities Carrying out ITGC testing, IT Audits Managing SOX audit for both ITAC, ITDM and ITGC controls Ability to effectively perform the technical components of risk assessments to provide an accurate view of the clients current risk state IT SOX Readiness and Compliance IT SOX Testing and Reporting General IT Controls Experience with Oracle ERP, SAP is a plus Experience with Cloud Platforms and Services is a plus Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the clients business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Leading / execution of Internal Audit /Concurrent Audit/Advisory engagements

Responsibilities: Assist client in identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement • Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects • Facilitate use of technology-based tools or methodologies to review, design, and/or implement products and services • Understand clients' business environment and basic risk management approaches. Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions. Play substantive/lead role and engagement planning, economics, and billing o Generate innovative ideas and challenge the status quo. Participate in proposal development efforts o Participate in "add-on" sales to client. Membership and visibility in professional & civic organizations. Identify opportunities to cross-sell other services. Build and nurture positive working relationships with clients with the intention to exceed client expectations. Eligibility criteria and requirements: Have experience in Third Party Assurance/IT Attestation (i.e. SOC 1, SOC 2, SOC 3, AUP, ISAE 3402, ISAE 3000). Preferred experience on HIPAA/HIRUST/Cloud Assurance. Performed end-to-end reporting on IT attestation/assurance engagements. Have knowledge of controls related to ICOFR, Security, Availability, Privacy, Confidentiality and Processing Integrity in SOC report.

Mega Hiring for IT AUDIT Please send cv on zeenat@contactxndia.com / it@contactxindia.com Call on 9359055605 / 8971092439 Role & responsibilities We are hiring for one of the Big4 for IT Audit Location: Bangalore / Hyderabad Experience : 2 to 10 Years Candidate Should have : T Audit ITGC ITAC SOC1 SOC 2 Candidate should be from well know firm ((Big4 ,Big6 , MNC , Tier1 & 2 Companies ) Responsibilities Roles & responsibilities Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls.• Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions)• Hands on experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Qualifications Education Qualification : BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA,M.Tech, CA.•• Work Experience : The candidate must have 2-10years of relevant experience in a similar role, preferably with a Big 4 firm.•Team leading / Performance Management experience for a minimum of 1-2 years. Send cv on zeenat@contactxndia.com Call on 9359055605 Visit our website for more details / positionswww.contactxindia.com Preferred candidate profile

IT SOX Compliance Analyst Contractual (6months) - Remote Mandatory skills: - SOX System scoping AWS, Azure Oracle SaaS, Salesforce, etc. Job Description : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities : Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications : Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant & Senior Assistant Department BAS -IT Risk Assurance Experience At least 1 to 3year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant & Senior Assistant Department BAS -IT Risk Assurance Experience At least 1 to 3year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

Job Role / Responsibilities Perform internal audits and process reviews for functions to assess the adequacy, effectiveness and efficiency of the established internal controls and procedures Lead and perform control design assessments; Lead walkthroughs, identifying controls in the processes/ functions/ products/services, etc. Identify key areas of risk within processes and propose appropriate controls with the objective of mitigating the risks and increasing efficiency Responsible for operational testing of the controls (test scripts), including validation procedures. Evaluate the testing scripts on a regular basis to ensure changes are incorporated Evaluate the corrective action plans received from reviewee for appropriateness and/or Sufficiency. Collaborate with relevant functions to ensure timely closure of corrective action plans. Report on status of implementation of management action plans Work with 2nd line of defence Compliance functions to align audit activity Demonstrate skills to lead auditors, remain flexible, prioritize and maintain a strong attention to detail in a fast-paced environment. Strong collaboration and project management skills to complete quality work on the time with budgeted resources. Essential Skills & Qualification Bachelor’s degree with focus on Information Systems required Sound understanding of control environment, compliance and risk frameworks such as CoBIT; COSO; ISO standards, etc. Minimum 4+ years of experience in relevant field Working knowledge and experience in SOX programs / IT systems/ General Computer controls / Cybersecurity. Etc Experience in performing Technology Audits / IT Operations reviews / Integrated Audits Effective Verbal and Written Communication Skills Be able to work in a fast-paced role with competing priorities. Adaptable to project requirements and does what is required to get the job done Demonstrate ability for seamless execution, continuous improvement and problem solving Preferred Skills & Qualification Experience in BFSI / FinTech companies Experience integrating data analytics in audits Big 4 experience Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

Responsible for assessing, challenging, and testing the design and operational effectiveness of controls using TRs control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected. About the Role: In this opportunity as Compliance Program Technical Auditor, you willassess, challenge, and test the design and operational effectiveness of controls using TRs control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected. Execute a testing plan by communicating requirements to control owners, reviewing evidence submitted, agreeing on deficiencies found and finalizing the next steps in meeting control requirements. Oversee and act as a liaison for both external and internal audits. Identify procedures and practices that are not compliant with industry Frameworks Recommend and support stakeholders making changes to address non-compliance issues. Compile reports on audit results and present them to managers & supervisors. Propose efficiencies and automation where possible to optimize workflow. Work closely with other teams like ERM, Finance, business and application owners, third party or contractors supporting processes to report and track remediation plans for any control deficiencies identified. Ensure awareness about security risks, best practices and policy/standard requirements are essential to ensure compliance. Work independently, act decisively and ensure personal deadlines and team requirements are met. Willingness and drive to learn continuously and approach change with openness. About You: You're a fit for the role of Senior Business Technology Analyst if your background includes: Bachelor's degree in IT, Accounting, Finance or equivalent education and experience. At least 4+ years of relevant work experience in SoX, ITGC, SOC, PCI within Audit, Big 5, consulting firms or as line 1a or line 1b completing IT-IS control testing or working within a Governance or Compliance function across Financial Services organizations. One of these certifications in order of preference is essential CISA, CISSP, CCAK, CISM, CRISC. Strong ethical principles and understanding of business and IS ethics. Awareness about common security vulnerabilities of web and cloud applications and operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA). Experience in testing Cloud controls and related technologies will be an asset. Excellent oral and written communication skills in English. Additional expertise in French, Spanish or another language will be an asset. Knowledge about GRC platforms like ServiceNow, Process Unity, RSA Archer, MetricStream and like. #LI-HS1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 09 The Role This position is an individual contributor within the Internal Audit team responsible for performing audit engagements including U.S. Sarbanes-Oxley (SOX) Compliance testing. This position will contribute significantly to SOX testing efforts and evaluating compliance with corporate policies, assessing risks over the IT operating environment and identifying operational efficiencies. The Impact The IT SOX Specialist will work closely with your direct manager and the process owners to gain an understanding of key processes, key controls, identify control gaps by strengthening and monitoring the internal control environment to provide assurance in the accuracy of reported financial information for a leading data provider worldwide. Whats in it for you You will interact with key process owners and colleagues across the Company. You will also be responsible for completing the audits and projects as outlined in the Internal Audit Plan and play a critical role in assessing the effectiveness of the control environment and providing value added recommendations across the organization. You will gain a robust understanding of the operations of all divisions and functions within the company. Ability to collaborate with a global team of seasoned financial services/audit professionals and access to the latest technological and data analytic tools Competitive compensation package with excellent benefits, including generous paid time off, tuition reimbursement, parental leave and more Advancement opportunities in a global company with presence in 30+ geographies The Team / The Business We have teams made up of people that work effectively together, while working with the larger group of auditors. Opportunities are presented every day to work with people from a wide variety of backgrounds and to develop a close team dynamic with coworkers from around the globe. The Internal Audit function is a global team with presence in all regions (Americas, EMEA and Asia Pacific). The function is independent and reports functioning to the Audit Committee. Responsibilities Lead and perform IT audits focused on compliance with Sarbanes-Oxley (SOX) regulations, ensuring that IT general controls and IT automated controls are effectively designed and operating. Develop, document, and execute test plans for IT controls, ensuring that they meet SOX requirements and are functioning as intended. Utilize GenAI, data analytics and automation tools to enhance audit processes, identify trends, and uncover anomalies in IT systems. Evaluate the SDLC processes to ensure proper controls are in place during system development, implementation, and maintenance. Stay updated on emerging IT risks and controls, including cloud computing, cybersecurity threats, and data privacy regulations. Participate in projects across the internal audit department, including risk-based audits and project assurance initiatives, to enhance overall audit effectiveness and efficiency. What Were Looking For You will be an effective communicator, in both verbal and written form, and an analytical thinker who employs logic and persuasion to influence with diplomacy and tact. You will be a proactive, innovative, collegial team player who can be accountable and absorb/integrate ideas from diverse views, create partnerships and collaborate with others. You will be nimble in learning and support the implementation of agile techniques. You will be responsible for balancing stakeholders and building/fostering relationships with stakeholders. You have a strong interest to learn, embrace agile auditing techniques, adoption of data analytics and emerging tools to strengthen quality of audit execution and SOX controls testing. Basic Qualifications: The ideal candidate must be an experienced audit professional with skills in IT SOX, internal audit, or related roles in control function organizations. Experience/exposure with different data analytics tools (such as Tableau, Alteryx, Power BI, etc.). Agility to support different Internal Audit capabilities such as business/data/IT auditing and SOX compliance. Minimum 3-5 years of relevant experience of IT controls-based testing through planning audits, conducting audit procedures, and preparing audit reports. Understanding and operational application of Sarbanes-Oxley Section 404 Public Accounting experience. Knowledge of or experience with providing audit support during integrated financial and operational audits. Knowledge or experience with information security controls. Experience with electronic work papers and standard productivity tools Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field. Willing to travel (domestic and international), limited to 10 - 15% Professional certifications preferred but not required (CISA, CIA, CPA, etc.). #L1-RS2 Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 203 - Entry Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), FINANC202.1 - Middle Professional Tier I (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)