232 Itgc Jobs - Page 3

Reference 25000BXB Responsibilities Responsibilities: Preparation of daily/ monthly / Adhoc MIS Follow up and compilation of Balance confirmation certificates Assist in Account Maintenance related activities Perform BOD, EOD checks and day end reconciliation of transactions Handling of basic client queries Preparation of checklists for transactions and raise workflows to back office Respond to queries on documents raised for scrutiny to back office Tracking receipt of documents from clients and filing of soft copies for bank records Assist in preparation of various follow up letters to clients Assist in compilation of regulatory reports, data upload/download from regulatory tools Required Profile required Academic Background (degree and major): Com, MBA Finance Skills & Competencies required: Strong communication skills (written and spoken) Strong interpersonal skills Language Skills: English, Hindi Computer Skill: Good knowledge and experience in using MS tools Experience in IT/systems application will be an added advantage, Business insight Societe Generale is one of the leading financial services groups in Europe Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth, putting its resources to work to finance the economy and its clientsplans With a solid position in Europe and a presence in countries with strong potential, the Groups 145,700 employees in 66 countries support 31 million individual clients, large corporates and institutional investors worldwide by offering a wide range of advisory services and tailored financial solutions, Societe Generale was established in India in the year 1978 In 1985, Societe Generale Bank commenced operations as a Scheduled Commercial Bank in Mumbai Since then, it has a proud legacy of servicing corporates and clients New branches were added in Delhi (1993) Societe Generale not only offers an extensive product portfolio to different market segments, but customizes solutions in investment bankingl, global finance and global markets Societe Generale is an equal opportunities employer and believes that a diverse and inclusive workforce should be encouraged and recognized, Diversity and Inclusion We are an equal opportunities employer and we are proud to make diversity a strength for our company Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination,

Key Responsibilities Collaborate closely with finance and IT teams to ensure adherence to SOX (Sarbanes-Oxley Act) and ITGC (IT General Controls) compliance requirements, supporting audit readiness and control effectiveness. Analyze and document business processes, including accounts payable (AP), accounts receivable (AR), general ledger (GL), financial planning & analysis (FP&A), treasury, Segregation of Duties (SOD) and claims processing, to identify improvement opportunities, risks and recommend control enhancements. Support and facilitate the implementation and continuous improvement of Go-To-Market (GTM) and Gross-to-Net (G2N) sales processes to track revenue leakages (after giving effect of Trade promo/retailor margins etc.), ensuring alignment with business objectives, seamless integration with finance systems and regulatory standards. Translate business requirements into functional and technical specifications for IT tools, ensuring segregation of duties (SOD) compliance. Lead the analysis of claims processing workflows to identify inefficiencies, propose automation opportunities, and develop strategies to enhance operational effectiveness. Partner with cross-functional stakeholders, especially internal IT teams or external Vendors/Auditors, for solution design, system testing, and deployment of finance-related applications to gather requirements, translate business needs into technical specifications, and support solution design and deployment. Monitor compliance metrics, control effectiveness, system performance, identify bottlenecks, and contribute to continuous improvement initiatives for finance operations, preparing reports and dashboards for senior management and audit teams. Conduct user acceptance testing (UAT), develop test cases, and manage defect resolution to ensure high-quality system implementations. Facilitate and assist in training and awareness programs related to compliance, governance, and process improvements within the finance and IT landscape, onboarding, and post-implementation support to drive adoption of new tools and processes. Drive continuous improvement initiatives by leveraging data analytics and business intelligence tools to support decision-making. Ensure all deployed IT solutions align with business goals, compliance standards, and CPG industry best practices. Preferred candidate profile Required Qualifications Bachelors degree in finance, Accounting, Business Administration, Information Technology, or related field. 4-6 years of core experience in finance business partnering, IT compliance, or business analysis within the CPG/FMCG sector or IT/consulting engagements with CPG clients. Strong understanding and practical experience with SOX compliance , ITGC Framework , and segregation of duties (SOD) principles/frameworks, other finance processes, including reporting, budgeting, accounting, treasury, and claims processing. Proven experience supporting GTM and G2N processes in the context of Finance, Supply Chain and Sales operations. Experience analysing and optimising claims processing workflows, working in Agile or hybrid project methodologies. Proven ability to work collaboratively with finance, IT, and audit teams. Excellent communication, documentation, analytical, problem-solving, and stakeholder management skills to liaise between finance and IT teams. Proficiency in business analytics tools (e.g., Excel, Power BI, Tableau) and process documentation software. Hands-on experience in ERP systems (SAP, Oracle, or similar) and their role in compliance and finance operations is preferred. Desired Skills & Competencies Familiarity with modern finance tools such as SAP S/4HANA, BlackLine, Anaplan, or Power BI. Exposure to data visualization, robotic process automation (RPA), or cloud-based finance platforms. Understanding of change management principles to support user adoption and process transitions. Prior experience with claims processing systems or automation in the CPG industry. Detail-oriented with a strong focus on compliance and governance. Ability to interpret complex regulatory requirements and translate them into actionable business processes. Strong stakeholder management and interpersonal skills. Proactive mindset with a continuous improvement approach. Ability to manage multiple priorities and deliver within deadlines. Comfortable working in a fast-paced, matrixed organization. Flexibility to collaborate with cross-functional and global teams, accommodating different time zones as needed

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Manager and Assistant Manager Department BAS -IT Risk Assurance Experience At least 3 to 8 year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Location: Gurgaon Sector 58 Preference: Candidates with experience in NBFCs Compensation: Up to 00 LPA Requirements: Strong communication skills, a compelling personality, and relevant profile exposure -----JOB DESCRIPTION--- For a role that encompasses IT GRC (Governance, Risk, and Compliance) along with IT Security Audit responsibilities, especially in the context of NIST, ISO 27001, SOC2, ITGC audit, RBI (Reserve Bank of India) regulatory compliance, IT Security Compliance, Business Continuity Management (BCM), Disaster Recovery (DR), and Vulnerability Assessment (VA), the roles and responsibilities would typically include: Governance, Risk, and Compliance (GRC): Develop and maintain IT governance frameworks aligned with industry standards and regulatory requirements. Establish and enforce policies, procedures, and controls to ensure compliance with applicable laws, regulations, and standards. Coordinate risk assessment and management activities across the organization. Monitor and report on compliance status to senior management and stakeholders. Facilitate audits and assessments to verify adherence to compliance requirements. Implement continuous improvement initiatives to enhance the effectiveness of GRC processes. IT Security Audit: Plan, coordinate, and conduct IT security audits based on regulatory requirements and industry best practices. Perform risk-based assessments of IT systems, networks, and applications to identify security vulnerabilities and weaknesses. Review and evaluate controls related to access management, change management, data protection, and incident response. Document audit findings, including recommendations for remediation and improvement. Collaborate with internal and external auditors to facilitate audit engagements and address audit findings. Track and monitor the implementation of audit recommendations to ensure timely resolution. Regulatory Compliance: Interpret and apply relevant regulatory requirements, including NIST Cybersecurity Framework, ISO 27001, and RBI guidelines. Conduct gap assessments against regulatory requirements to identify areas of non-compliance and develop remediation plans. Coordinate with business units and stakeholders to implement controls and measures to achieve compliance objectives. Prepare documentation and evidence to demonstrate compliance with regulatory requirements. Stay informed about changes in regulations and standards and assess their impact on the organization's compliance posture. IT Security Compliance: Establish and maintain IT security policies, standards, and guidelines in accordance with regulatory requirements and industry best practices. Conduct periodic reviews and assessments to ensure adherence to security policies and standards. Implement controls and measures to mitigate security risks and vulnerabilities. Monitor and analyse security events and incidents to detect and respond to security breaches. Provide guidance and support to business units on security compliance matters. Business Continuity Management (BCM) and Disaster Recovery (DR): Develop and maintain business continuity and disaster recovery plans aligned with organizational objectives and regulatory requirements. Run BCP/DR frameworks Conduct business impact analyses and risk assessments to identify critical business functions and dependencies. Coordinate the development, testing, and maintenance of BCM and DR plans. Ensure alignment between BCM/DR plans and IT systems, applications, and infrastructure. Provide training and awareness programs to ensure effective response and recovery during emergencies. Vulnerability Assessment (VA): Plan and execute vulnerability assessment activities to identify security weaknesses and vulnerabilities in IT infrastructure and applications. Utilize automated scanning tools and manual techniques to identify and prioritize vulnerabilities based on risk. Analyse and interpret scan results to provide actionable recommendations for remediation. Coordinate remediation efforts with IT teams to address identified vulnerabilities in a timely manner. Monitor and track the status of vulnerability remediation efforts and report on progress to stakeholders. In summary, this role involves a comprehensive approach to managing IT governance, risk, and compliance, along with conducting IT security audits, ensuring compliance with regulatory requirements such as NIST, ISO 27001, and RBI guidelines, and overseeing BCM, DR, and VA activities. Effective communication, collaboration, and coordination with various stakeholders are essential for success in this role. Digital Personal Data Protection Act (DPDPA) and GDPR Compliance: Interpret and ensure compliance with the provisions of the Digital Personal Data Protection Act (DPDPA) and the General Data Protection Regulation (GDPR), as applicable. Conduct data protection impact assessments (DPIAs) to identify and mitigate risks associated with the processing of personal data. Develop and maintain data protection policies, procedures, and controls to safeguard the privacy and confidentiality of personal data. Implement measures such as data encryption, pseudonymization, and access controls to protect personal data from unauthorized access and disclosure. Establish mechanisms for obtaining and managing consent for the processing of personal data in accordance with regulatory requirements. Monitor and respond to data subject requests (e.g., access requests, erasure requests) in compliance with GDPR and DPDPA requirements. Facilitate training and awareness programs to ensure compliance with data protection regulations and promote a culture of privacy within the organization. Collaborate with legal and compliance teams to address data protection issues and ensure alignment with regulatory requirements. Maintain records of processing activities and data protection measures to demonstrate compliance with GDPR and DPDPA obligations. Conduct regular audits and assessments to evaluate the effectiveness of data protection controls and identify areas for improvement. Competencies: Proactively contribute to leadership & handle work stress & people skills Strong analytical skills, problem solving skills, and project/program management skills Excellent communication skills working with all levels of management across the entire organization Ability to handle team strength and work cohesively Ability to act in Leadership position Work and stretch as required in corporate scenario Extrovert and Outspoken Experience Needed: 8+ years' demonstrable experience in IT security GRC management, IT security project management, IT & Data security policy management, and other security practices w.r.t Cloud Infra , Basic IT infra design and architecture Hands-on experience with designing, implementing and managing security IT GRC programs Past experience managing a small to mid-sized team Educational Requirements: Bachelor's degree or equivalent business experience in Computer Science, Business Management. Certified training in IT & Data security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, ISO 27K LA or related certification will be added advantage

Job Title: IT Security & Audit Compliance Analyst Location: Mumbai, Thane Experience Required: 1 to 3 Years Employment Type: Full-Time Job Description: We are seeking a highly motivated and detail-oriented IT Security & Audit Compliance Analyst to support end-to-end audit, compliance, and security operations across enterprise systems. The ideal candidate will be responsible for managing audit logs, ensuring policy compliance, generating reports, and supporting internal and external audit requirements. Key Responsibilities: Active Directory Audit Logs Management Manage and analyze audit logs for incident troubleshooting Ensure all log-on, log-off, and failed login attempts are captured #ActiveDirectory #AuditLogs #SecurityMonitoring Audit Journal & Security Compliance Reporting Generate, review, and submit audit reports as per schedule Identify and resolve discrepancies and respond to audit queries Ensure timely support for all audit activities (minimum 16 audits per year) #SecurityCompliance #AuditReporting #IncidentManagement User ID Management & Policy Compliance Maintain audit records for user ID approvals, revalidations Manage exceptions for shared IDs and non-expiring passwords #UserIDManagement #AccessControl #PolicyCompliance System Log Management & Retention Enable and manage logging on servers, network, and storage devices Ensure log retention for a minimum of 90 days within client infrastructure #LogRetention #SystemMonitoring #NetworkSecurity Desired Skills: Experience with Active Directory auditing and compliance Strong understanding of IT audit processes and security controls Ability to handle audit queries independently Familiarity with enterprise infrastructure and log management Strong communication and analytical skills #ITSecurity #InfoSec #AuditCompliance #InfrastructureSecurity #ITGovernance Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field 1+ years of relevant experience in IT Security, Audit, or Compliance roles Application Process: Interested candidates are requested to share their updated resume along with the following details: Total Experience: Relevant Experience: Current CTC: Expected CTC: Notice Period: Current Location: Willing to Relocate to Mumbai (Yes/No):

JOB ROLE: Oracle Tech Risk and Controls Requirements: Any Graduation degree from a reputed college with minimum 3-8 years of Oracle EBS/Fusion audit Or one end to end implementation experience or Oracle EBS/Fusion maintenance & support in AP, AR, GL, FA, PO, CM modules. Candidate should be well versed with the configuration across different processes for the respective modules. Must have good business process knowledge and excellent communication skills Oracle certification would be a plus point. Work experience in a Big4 - PwC, Deloitte or system integrator companies (Infosys, HCL, Siemens, IBM, Accenture, Wipro, TCS) would be an advantage Knowledge and working on Oracle GRC/RMC (Roles Re-design, GRC functional rule setups) is plus Quick learner, adapt to new client situations quickly and work under a competitive environment Must have problem solving skills, a strong drive and resilience and excellent documentation/ report writing skills Experienced resources who have knowledge and worked on PMO activities will be an added advantage (include but not limited to planning project management activities, analyzing financial information to keep projects on track, collaborating steerco meetings, provide financial reports and budget outlines to Executives, evaluate projects to ensure they are meeting company standards, adhere to budgets, and meet deadlines) Responsibilities: Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Would be required to execute Oracle related audit and advisory engagements, as tabulated below Pre & Post implementation review (configurations controls review, Role Review, Go-Live strategy & Cut over strategy review) System utilization review Advisory related to above., Data migration review, Pre & Post Go-Live reviews, Segregation of duties, SOD Ruleset review and design, Oracle GRC / RMC Access Control and Process Controls review. Is expected to demonstrate strong business process understanding and provide reasonable recommendation as per industry best practice. Would be responsible for ensuring quality and timely delivery of projects Would be responsible to interact independently with various Head of Departments and CXO level personnel, Oracle implementation partner, client IT teams and other stakeholders. Is expected to maintain excellent client relationship Supervise associates and interns on engagements Preferred candidate profile: Minimum of 3 year of experience in any of the following areas: Oracle implementation (modules mentioned above) Oracle EBS/Fusion audit and advisory, Oracle EBS/Fusion security and role design/re-design, Bachelor's degree in an appropriate field from an accredited college/university Hands-on Oracle Financial and/or security implementation and/or effective Oracle audit experience, ideal candidate will have both Project or team lead experience, specifically within a consulting firm is preferred Excellent written and verbal communication, facilitation, and presentation skills with the ability to gain the confidence and respect of senior level executives Strong analytical and problem solving skills Ability to work well in teams Ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours Willingness to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic and lead by example

Role & responsibilities Carrying out ITGC testing, IT Audits Managing SOX audit for both ITAC, ITDM and ITGC controls Ability to effectively perform the technical components of risk assessments to provide an accurate view of the clients current risk state IT SOX Readiness and Compliance IT SOX Testing and Reporting General IT Controls Experience with Oracle ERP, SAP is a plus Experience with Cloud Platforms and Services is a plus Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the clients business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Leading / execution of Internal Audit /Concurrent Audit/Advisory engagements

Responsibilities: Assist client in identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement • Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects • Facilitate use of technology-based tools or methodologies to review, design, and/or implement products and services • Understand clients' business environment and basic risk management approaches. Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions. Play substantive/lead role and engagement planning, economics, and billing o Generate innovative ideas and challenge the status quo. Participate in proposal development efforts o Participate in "add-on" sales to client. Membership and visibility in professional & civic organizations. Identify opportunities to cross-sell other services. Build and nurture positive working relationships with clients with the intention to exceed client expectations. Eligibility criteria and requirements: Have experience in Third Party Assurance/IT Attestation (i.e. SOC 1, SOC 2, SOC 3, AUP, ISAE 3402, ISAE 3000). Preferred experience on HIPAA/HIRUST/Cloud Assurance. Performed end-to-end reporting on IT attestation/assurance engagements. Have knowledge of controls related to ICOFR, Security, Availability, Privacy, Confidentiality and Processing Integrity in SOC report.

Mega Hiring for IT AUDIT Please send cv on zeenat@contactxndia.com / it@contactxindia.com Call on 9359055605 / 8971092439 Role & responsibilities We are hiring for one of the Big4 for IT Audit Location: Bangalore / Hyderabad Experience : 2 to 10 Years Candidate Should have : T Audit ITGC ITAC SOC1 SOC 2 Candidate should be from well know firm ((Big4 ,Big6 , MNC , Tier1 & 2 Companies ) Responsibilities Roles & responsibilities Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls.• Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions)• Hands on experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Qualifications Education Qualification : BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA,M.Tech, CA.•• Work Experience : The candidate must have 2-10years of relevant experience in a similar role, preferably with a Big 4 firm.•Team leading / Performance Management experience for a minimum of 1-2 years. Send cv on zeenat@contactxndia.com Call on 9359055605 Visit our website for more details / positionswww.contactxindia.com Preferred candidate profile

IT SOX Compliance Analyst Contractual (6months) - Remote Mandatory skills: - SOX System scoping AWS, Azure Oracle SaaS, Salesforce, etc. Job Description : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities : Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications : Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant & Senior Assistant Department BAS -IT Risk Assurance Experience At least 1 to 3year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant & Senior Assistant Department BAS -IT Risk Assurance Experience At least 1 to 3year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

Job Role / Responsibilities Perform internal audits and process reviews for functions to assess the adequacy, effectiveness and efficiency of the established internal controls and procedures Lead and perform control design assessments; Lead walkthroughs, identifying controls in the processes/ functions/ products/services, etc. Identify key areas of risk within processes and propose appropriate controls with the objective of mitigating the risks and increasing efficiency Responsible for operational testing of the controls (test scripts), including validation procedures. Evaluate the testing scripts on a regular basis to ensure changes are incorporated Evaluate the corrective action plans received from reviewee for appropriateness and/or Sufficiency. Collaborate with relevant functions to ensure timely closure of corrective action plans. Report on status of implementation of management action plans Work with 2nd line of defence Compliance functions to align audit activity Demonstrate skills to lead auditors, remain flexible, prioritize and maintain a strong attention to detail in a fast-paced environment. Strong collaboration and project management skills to complete quality work on the time with budgeted resources. Essential Skills & Qualification Bachelor’s degree with focus on Information Systems required Sound understanding of control environment, compliance and risk frameworks such as CoBIT; COSO; ISO standards, etc. Minimum 4+ years of experience in relevant field Working knowledge and experience in SOX programs / IT systems/ General Computer controls / Cybersecurity. Etc Experience in performing Technology Audits / IT Operations reviews / Integrated Audits Effective Verbal and Written Communication Skills Be able to work in a fast-paced role with competing priorities. Adaptable to project requirements and does what is required to get the job done Demonstrate ability for seamless execution, continuous improvement and problem solving Preferred Skills & Qualification Experience in BFSI / FinTech companies Experience integrating data analytics in audits Big 4 experience Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

Responsible for assessing, challenging, and testing the design and operational effectiveness of controls using TRs control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected. About the Role: In this opportunity as Compliance Program Technical Auditor, you willassess, challenge, and test the design and operational effectiveness of controls using TRs control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected. Execute a testing plan by communicating requirements to control owners, reviewing evidence submitted, agreeing on deficiencies found and finalizing the next steps in meeting control requirements. Oversee and act as a liaison for both external and internal audits. Identify procedures and practices that are not compliant with industry Frameworks Recommend and support stakeholders making changes to address non-compliance issues. Compile reports on audit results and present them to managers & supervisors. Propose efficiencies and automation where possible to optimize workflow. Work closely with other teams like ERM, Finance, business and application owners, third party or contractors supporting processes to report and track remediation plans for any control deficiencies identified. Ensure awareness about security risks, best practices and policy/standard requirements are essential to ensure compliance. Work independently, act decisively and ensure personal deadlines and team requirements are met. Willingness and drive to learn continuously and approach change with openness. About You: You're a fit for the role of Senior Business Technology Analyst if your background includes: Bachelor's degree in IT, Accounting, Finance or equivalent education and experience. At least 4+ years of relevant work experience in SoX, ITGC, SOC, PCI within Audit, Big 5, consulting firms or as line 1a or line 1b completing IT-IS control testing or working within a Governance or Compliance function across Financial Services organizations. One of these certifications in order of preference is essential CISA, CISSP, CCAK, CISM, CRISC. Strong ethical principles and understanding of business and IS ethics. Awareness about common security vulnerabilities of web and cloud applications and operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA). Experience in testing Cloud controls and related technologies will be an asset. Excellent oral and written communication skills in English. Additional expertise in French, Spanish or another language will be an asset. Knowledge about GRC platforms like ServiceNow, Process Unity, RSA Archer, MetricStream and like. #LI-HS1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 09 The Role This position is an individual contributor within the Internal Audit team responsible for performing audit engagements including U.S. Sarbanes-Oxley (SOX) Compliance testing. This position will contribute significantly to SOX testing efforts and evaluating compliance with corporate policies, assessing risks over the IT operating environment and identifying operational efficiencies. The Impact The IT SOX Specialist will work closely with your direct manager and the process owners to gain an understanding of key processes, key controls, identify control gaps by strengthening and monitoring the internal control environment to provide assurance in the accuracy of reported financial information for a leading data provider worldwide. Whats in it for you You will interact with key process owners and colleagues across the Company. You will also be responsible for completing the audits and projects as outlined in the Internal Audit Plan and play a critical role in assessing the effectiveness of the control environment and providing value added recommendations across the organization. You will gain a robust understanding of the operations of all divisions and functions within the company. Ability to collaborate with a global team of seasoned financial services/audit professionals and access to the latest technological and data analytic tools Competitive compensation package with excellent benefits, including generous paid time off, tuition reimbursement, parental leave and more Advancement opportunities in a global company with presence in 30+ geographies The Team / The Business We have teams made up of people that work effectively together, while working with the larger group of auditors. Opportunities are presented every day to work with people from a wide variety of backgrounds and to develop a close team dynamic with coworkers from around the globe. The Internal Audit function is a global team with presence in all regions (Americas, EMEA and Asia Pacific). The function is independent and reports functioning to the Audit Committee. Responsibilities Lead and perform IT audits focused on compliance with Sarbanes-Oxley (SOX) regulations, ensuring that IT general controls and IT automated controls are effectively designed and operating. Develop, document, and execute test plans for IT controls, ensuring that they meet SOX requirements and are functioning as intended. Utilize GenAI, data analytics and automation tools to enhance audit processes, identify trends, and uncover anomalies in IT systems. Evaluate the SDLC processes to ensure proper controls are in place during system development, implementation, and maintenance. Stay updated on emerging IT risks and controls, including cloud computing, cybersecurity threats, and data privacy regulations. Participate in projects across the internal audit department, including risk-based audits and project assurance initiatives, to enhance overall audit effectiveness and efficiency. What Were Looking For You will be an effective communicator, in both verbal and written form, and an analytical thinker who employs logic and persuasion to influence with diplomacy and tact. You will be a proactive, innovative, collegial team player who can be accountable and absorb/integrate ideas from diverse views, create partnerships and collaborate with others. You will be nimble in learning and support the implementation of agile techniques. You will be responsible for balancing stakeholders and building/fostering relationships with stakeholders. You have a strong interest to learn, embrace agile auditing techniques, adoption of data analytics and emerging tools to strengthen quality of audit execution and SOX controls testing. Basic Qualifications: The ideal candidate must be an experienced audit professional with skills in IT SOX, internal audit, or related roles in control function organizations. Experience/exposure with different data analytics tools (such as Tableau, Alteryx, Power BI, etc.). Agility to support different Internal Audit capabilities such as business/data/IT auditing and SOX compliance. Minimum 3-5 years of relevant experience of IT controls-based testing through planning audits, conducting audit procedures, and preparing audit reports. Understanding and operational application of Sarbanes-Oxley Section 404 Public Accounting experience. Knowledge of or experience with providing audit support during integrated financial and operational audits. Knowledge or experience with information security controls. Experience with electronic work papers and standard productivity tools Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field. Willing to travel (domestic and international), limited to 10 - 15% Professional certifications preferred but not required (CISA, CIA, CPA, etc.). #L1-RS2 Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 203 - Entry Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), FINANC202.1 - Middle Professional Tier I (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

JOB SUMMARY Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associates career development. Additionally, senior associates daily activities are closely supervised by the management teams of their assigned projects. Senior associates may supervise associates and/or senior associates when serving as a member of a project management team. There is no typical day for our SOC teams. While our lead focus is on SOC examinations, our clients also rely on us to perform multiple types of attestations similar to SOC across a variety of network, application, or cloud environments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest technologies. Our teams are mostly remote (yet extremely collaborative) and work together to utilize their unique backgrounds and experience to provide the high level of quality service that our clients have come to expect. In addition to the hands-on knowledge youll develop with each project, client also promotes a continuous learning environment. Team members are encouraged to attend at least one training event every year to build upon their skills and acquire new certifications. A Senior Associate will hold the following roles and responsibilities as part of their role: • Demonstrate proficiency in client's Methodology • Guide associates and peers • Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.) • Successfully run a project from fieldwork through completion • Understand and demonstrate ability to speak to client's service lines at a high level and their leaders • Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria • Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2 • Know all four report opinion outcomes and ability to draft modified opinions • Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion • Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly • Client's Methodology o Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.) o Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide o Review and demonstrate ability to apply concepts of EWP WP Guidance” • Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP) • Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2 • Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc. • Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories • Ability to articulate qualified vs unqualified opinion; know all four types of opinions • Learn client's services and service line leaders • Adhere to and complete all matters included in the Associate Score Card • Accurately manage and report time worked to each project / initiative Essential Functions: • Complying with client's code of ethics and professional conduct, methodologies, policies, and procedures • Adhering to the professional and regulatory standards relevant to assigned service line specialization(s) • Promoting client's company culture and exemplifying client's values • Establishing high quality relationships and rapport with client personnel • Managing client expectations to ensure expectations are exceeded • Completing assigned duties in a timely manner and with a high attention to detail • Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project • Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks • Escalating issues internally in a proper and timely manner • Using discretion and decorum in the timing, form, and content of all client communications • Booking travel reservations in a timely manner and in accordance with client's travel and expense policies and procedures • Performing the essential functions of other service delivery positions when qualified and called upon to do so • Attending project kick-off and closing meetings • Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable • Drafting project deliverables • Serving as a contact for clients' basic questions regarding an engagement • Participating in recruiting and candidate interview activities • Training project team members • Acclimating newer team members to client • Contributing to client's practice development efforts • Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s) • Contributing to client's thought leadership (e.g., articles, webinars, public speaking, etc.) Knowledge, Skills, and Abilities: • Working knowledge of client's services, methodology, and relevant professional standards • Requisite knowledge of applicable technology and security domains • High level of attention to detail and quality of work product • Client service oriented • Excellent time management, organizational, and verbal and written communication skills • Ability to work on-site or remotely as a valuable contributor to a collaborative team • Capable of simultaneously managing assigned tasks for multiple projects • Proficient using Microsoft Word, Excel, and PowerPoint, as well as client's service delivery applications • Full understanding and application of ethics, independence and client's values Education, Work Experience and Certifications • Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified • 2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls • Ability to work well independently, within a team and with clients as well as travel ~40-50% (MTh) • Maintains (preferred) or working towards obtaining least one certification relevant to client's services (i.e. CPA, CCSK or CISA)

Key Responsibilities Assist in planning and scoping IT compliance and internal control assessments. Identify risk areas and develop internal control testing programs. Perform end-to-end IT compliance assessments, including evaluating effectiveness of risk and control frameworks. Test IT General Controls (ITGCs) across domains like change management, logical access, SDLC and IT operations. Assess IT Automated Controls across business functions such as payroll, inventory, and revenue. Document control walkthroughs using narratives and flowcharts. Develop, maintain, and present compliance workpapers and reports highlighting control deficiencies and recommendations. Collaborate with management to communicate findings and ensure timely remediation of audit issues. Support external audit activities by coordinating information requests and walkthroughs. Stay up to date with regulatory and industry developments in IT compliance and risk management. Engage in continuous improvement efforts to enhance the efficiency and effectiveness of compliance processes. Qualifications Bachelor's degree in Information Technology, Computer Science etc. Professional certification (or working towards) such as CISA, CRISC, CISSP, or CISM preferred. 710 years of experience in IT audit, compliance, or risk management; minimum 3-5 years in a Big 4 or similar professional services firm preferred . Strong understanding of IT infrastructure, applications, and enterprise systems. Knowledge of Sarbanes-Oxley (SOX), ITGCs, automated controls, and internal control principles. Experience with audit and compliance tools (e.g., eAudit, Auditboard, or equivalent). Ability to understand cross-functional business processes and their integration with IT systems. Strong interpersonal, communication, and report-writing skills. Able to work independently and collaboratively under tight deadlines. Demonstrated sound judgment, critical thinking, and attention to detail. Preferred Skills Hands-on experience in documenting business processes and identifying control gaps. Ability to present findings to senior stakeholders and recommend practical remediation steps. Familiarity with GRC platforms and data analytics tools. Understanding of global business practices and regulatory environments.

Preferred candidate profile Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports

Location: Thane What does a successful Internal Audit- IT professional do at FISERV? Efficiently conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About Team The Internal Audit team at Paytm comprises seasoned professionals with diverse skill sets and experience across different verticals like process audits, technology audits and forensics. The team focuses on implementing the approved audit plan, ensuring delivery of qualitative audits and conducting internal / special reviews while leveraging technology & data analytics and gauging key risks across business processes. About the role: We are seeking an experienced and detail-oriented Information Security and Cloud Security Auditor to join our team. The ideal candidate will have 3-7 years of expertise in data security and privacy control implementation, internal auditing, third-party risk management, cybersecurity governance, and cloud security (banking sector preferred). This role will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing our information security policies and procedures. Key Responsibilities: Conduct IT and cloud security audits across various domains, including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. Follow up on and ensure closure of non-compliance issues identified during audits. Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions. Conduct risk-based security assessments on internal, vendor, and third-party hosted environments, focusing on both traditional IT and cloud infrastructure. Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions. Experience/ Skills Required: Minimum 5 years of experience in information security and auditing, with a strong background in cloud security, and the banking and IT industries. Proven experience in performing IT and cloud security audits, validating ITGC and cloud application controls, and maintaining audit documentation. Hands-on experience with vulnerability management, risk management, physical security, identity & access management, encryption, secure development, incident management, security infrastructure, and security policy for both on-premises and cloud environments. Expertise in third-party risk management, regulatory compliance, and managing IT audit findings in both traditional and cloud-based contexts. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Qualifications & Certification: Bachelor's / Master s degree in Information Technology, Cyber Security, or a related field. ISO 27001/CNSS/CCNA/CISA/CISM/CISSP Preferred Detailed knowledge of security tools, PCI-DSS, general ITGC controls, compliance testing, cloud risk assessment, GRC, OWASP, MITRE ATT&CK, change management, and policies and procedures. Proficiency in various security and cloud technologies including AWS, Azure, Google Cloud Platform, Palo Alto, Fortinet & Checkpoint Firewalls, SOAR (Cortex), Force scout Why join us 1. A collaborative output driven program that brings cohesiveness across businesses through technology 2. Improve the average revenue per use by increasing the cross-sell opportunities 3. A solid 360 feedback from your peer teams on your support of their goals 4. Respect, that is earned, not demanded from your peers and manager Compensation: If you are the right fit, we believe in creating wealth for you With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants - and we are committed to it. India s largest digital lending story is brewing here. It s your opportunity to be a part of the story!

Experience: 1-3years Work Mode: Remote Job Description: About this Role The SOX Centre of Excellence (COE) team within Vodafone Group FinOps and Controls plays a pivotal role in the second line of defence for the Vodafone Group Finance function. This role is based in Pune and is responsible for enhancing SOX compliance by developing, implementing, and monitoring business controls. The individual will ensure that financial processes are executed with high standards of timeliness, accuracy, and data integrity. The role involves leading compliance reviews across Vodafone Group Markets and collaborating with first-line teams to establish and maintain a robust control framework. Key responsibilities include assessing the design and operational effectiveness of controls for SOX compliance, conducting quality assurance, and performing compliance reviews across finance operations and control self-attestations. Who are you You are a detail-oriented and collaborative professional with a strong background in IT SOX compliance. You bring a proactive approach to risk identification and control implementation, and you are comfortable working in a global, cross-functional environment. You are committed to continuous improvement and delivering high-quality outcomes. What you will do Conduct SOX compliance and s404 testing for in-scope Vodafone finance processes, focusing on General IT Controls. Deliver the SOX cycle in alignment with Group methodology and timelines. Track audit engagements and observations to ensure timely resolution. Coordinate and communicate effectively with internal audit teams, global markets, and external auditors. Collaborate with process owners to resolve control issues and strengthen the control environment. Perform quality assurance and compliance reviews across finance operations. What skills you need Chartered Accountant or IT Engineer qualification. CISA certification (preferred). Minimum 2 years of post-qualification experience in Audit, SOX Compliance, or Risk Management. Hands-on experience in testing IT SOX controls. Strong understanding of risk identification and control frameworks. Excellent communication and stakeholder management skills. Ability to work collaboratively across cultures and teams. What skills you will learn Advanced knowledge of SOX compliance frameworks and methodologies. Cross-functional collaboration with global finance and audit teams. Enhanced skills in risk management and control design. Exposure to telecom industry compliance standards (if not already experienced). Continuous improvement and quality assurance techniques in a global finance environment.