36 Technology Risk Jobs

Job Title Head of IT&IS Risk and Controls Corporate Bank (CB), Investment Bank (IB) Location: Mumbai, India Corporate Title: Director Role Description The first line Tech Risk function for business divisions (Corporate Bank (CB), Investment Bank (IB) and Operations (Ops) at Deutsche Bank sits within the Divisional Control Office (DCO) embedded in the Business. CB and IB front-to-back have the largest footprint within the banking divisions, and you will be part of a dynamic team, consistently in demand for providing insights and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business. You will join the Banks journey and contribute towards our strategic goal of managing risk within appetite whilst enabling adoption of emerging and new technologies for business growth. You will report directly to the Head of Technology Risk for CB and IB, oversee initiatives in India and deputize at management forums as necessary. Your key responsibilities Manage a team of 35+ members across all people related subjects including hiring, identifying, and developing talent across fungible team, staff retention, cross training, cultivating change and risk conscious mindset. Drive understanding and representation of IT& IS risks with business line heads across CB and IB front-to-back divisions and work closely with Head of Tech Risk Governance to successful implement initiatives in India Manage global stakeholders and prioritization of delivery of DCO BOW from the teams located in Mumbai, Pune and Bangalore Lead innovation, efficiency initiatives & automation through use of Data Analytics or AI models to enhance maturity in Technology risk management and empower decision making. Be a strategic partner with Leadership including DCO and business aligned CIO divisions to drive the control-based risk exposure and management discussions Ensure management transparency by way of timely reporting and represent the IT/IS risk types, and remediation plans against appetite at the various divisional Non-financial Risk Council forums Manage all aspects of Front Office Technology risk, working closely with Risk leads in the Technology divisions including tracking of Self-Identified Issues, Audit Findings Work closely with peers leading other pillars in the team (such as Divisional Chief Information Security Office) to establish an effective risk management 1st line function in the Business Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards and risk appetite framework Promote and support proactive IT risk culture at the Bank Your skills and experience Previous experience in similar Technology risk roles in a front office IB/ CB division or IT audit (internal/external) in a cross-cultural and diverse operating environment with knowledge of business products In-depth knowledge of industry-wide risk landscape and global regulatory expectations, and leading engagement prep Strong understanding of Industry best practices in Technology Risk Frameworks such as National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT) and fundamentals of Artificial Intelligence/Machine Learning (AI/ML) and Cloud based services Excellent communication, presentation and collaboration skills, with result-oriented mindset How well support you Training and development to help you excel in your career Coaching and support from experts in the team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs ml

Skill required: Tech for Operations - Agile Project Management Designation: Program & Project Mgmt Associate Manager Qualifications: BTech Years of Experience: 10 to 14 years What would you do "You will be part of the Technology for Operations team that acts as a trusted advisor and partner to Accenture Operations. The team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. We work closely with the sales, offering and delivery teams to identify and build innovative solutions.The Tech For Operations (TFO) team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. Works closely with the sales, offering and delivery teams to identify and build innovative solutions. Major sub deals include AHO(Application Hosting Operations), ISMT (Infrastructure Management), Intelligent AutomationAn iterative, incremental method of managing the design and build activities of engineering, information technology and other business areas that aim to provide new product or service development in a highly flexible and interactive manner. It requires individuals and interactions from the relevant business to respond to change, customer collaboration, and management openness to non-hierarchical forms of leadership. " What are we looking for "Ability to establish strong client relationshipAbility to handle disputesAbility to manage multiple stakeholdersAbility to meet deadlinesAbility to perform under pressure" Roles and Responsibilities: "Coordinate with client Tech Lead to align Accenture and client workplans for dependencies and milestonesResponsible for overseeing the overall implementation and is the owner of the master project planCoordinate with client Tech Lead to gain and track client signoffs for technology projects deliverablesWork with client Tech Lead to schedule and run regular overall project status meetings and RAID log review callsResponsible for overall technology risk and issue resolution management from AccentureManage the overall technology Stabilization/Hypercare activities/status with the client stakeholdersHandle client escalations to assign appreciate resources and inform client and Accenture stakeholders of progress/statusInteract with client tech and business resources to execute any joint activitiesCoordinates all Accenture internal cross technology activities related to projectManages the PMs/Leads for each individual technology component of the solution.Sign off on Deployment ReadinessManage Final Go/No-Go DecisionManage defect and Change Request escalationsReview and approve the selected solution or action proposal from RCAMay participate in regular periodic status calls with account leadership and Steering CommitteeResponsible for overall technology financials, including providing appropriate financial inputs into Accenture financial management systemsResponsible to submit overall project status updates into MyWizard.Manages the creation and estimate for technology CRs. May also be involved in the CR process definition with the client and account leadershipStrong project management skills, specifically proven experience on BPS MobilizationsSkills in deployment and/or project management of Blackline, Tradeshift, Trintech or Celonis. Well-developed risk analysis and mitigation skillsPeople management demonstrated ability to build and lead virtual teamsProactive issue/conflict identification and resolution abilityStrong problem-solving skillsProven client facing skillsCandidate must be willing to work modified shifts to support global clients in other regions (e.g., North America). Shift allowances may be available in accordance with organization policies and practices. Strong understanding of F&A domain is requiredTechno-functional experience in Finance & Accounting domain is required (any domain R2R / P2P / O2C)" Qualification BTech

: Job TitleInformation Security Risk Specialist , AVP LocationMumbai, India Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (4+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Reportsto GroupVP/ ChiefDeliveryOfficer, Dotted line to CSandSAVertical Heads ReBIT functions as a think tank for RBI for Information Technology and associated Security adoption for theplanning, executionand strategicroles of RBI in Central Banking. The Cyber Security (CS) Vertical provides the next Gen services and protection in CyberSecurity,Engineering and GovernanceforRBI. TheSystemAudit (SA) vertical is responsible forproviding technicalaudit supportto RBI ssupervision function. TheProject Management functionis responsible for building the platform, Enterprise applications and offer Enterprises services for various functions/ departmentofRBI. In order to offer relevant services and nextgeneration products and solutions in the areas of Cyber Security which are needed for CS and SA vertical core Research in various advancements in Cyber security is needed. Based on the varioustools,solutionsand applications need tobe developed whicharestateofthe art, proactive, smart and AI/ML enabled. The ESRD Business Unit is formed for this purpose and VP is responsible for spearheading this function, strategizing and execution of all functions in this Business Unit. The ESRD BU will have sub COEs of Security Research in multiple domain areas with association with CS/SA COEs and formulations of AI/ML models in association with Data Science COE. TheESRDBU also willhavea Core development teamfor developing and enhancing the solutions and products based on RBI Enterprise Platform. They will be augmented by various expert resources from various COEs/BUs of Project Management (PM) vertical. This role works closely with the teams of RBI in Department of Supervision (DOS), Department of Payment and Settlement Systems (DPSS), Department of IT (DIT) and Department of Risk Management as well as other Depts on a need basis. Mandatory qualifications Graduate degreein information systems,engineering, technology, computer science, or a related field. Masters degree in technology/management preferred Extensive experiencein technology function or in technology Research, Development. Relevant experience in financial services desirable. Strong understanding of application development, databases, networking, technology infrastructure and cyber security technologies. Handson experience in software development preferred Advanced knowledge of Technology Risk Management and cybersecurity Controls, including: Business Continuity Management Privacy and Data Protection Application Security (e.g., user entitlements, authentication, accountability) System Architecture and Design (e.g., availability, performance, scalability, data integrity) Technology Operations (e.g., change and release management, data backup and retention, capacity management) Technology Governance (e.g., technology risk management, metrics/ KRIs, cybersecurity rules and regulations) Interest in broad exposure in banking domain areas - banking operations, payment systems, investment management, sales, trading, operations, risk management, finance, legal, and compliance activities in the banking industry Proficient understanding of current regulatory and industry events Experience in Building solutions and products in Cyber security and AI/ML based Enterprise products Relevant professional certifications are a plus Research Papers, Patents will be definite advantage Desired Skills 22-24 Years of relevant industry experience, ofwhichatleast 5years asCTO/ Head of Engineering / Head of R&D. A history of proven delivery of results. Excellent communication (verbal, written, listening) and interpersonal skills Ability todevelopeffective working relationships with peersand stakeholders Should bea teamplayer with provenleadership qualities Intellectualand researchcuriosity andhealthy skepticism Abilityto synthesize and articulate complex ideas Critical thinking andproblem-solving abilities Strong project management, organizational, and presentation skills Commitmentandstrongwork ethic Domain IT/ITES, Banking captiveunits, Banking / financialservices , CyberSecurity Consulting/Auditing organizations Establishing ESRD asacore Business Unitwithin REBIT Gain respect within RBIand REBIT as Core and high performing Research unit and Building Cyber security-based solutions and Products for the functions of CS, SA and PM which will enable RBI for more effective Central Banking Building ahigh performing team, establishing processand delivery models Key Focus Areas will be NexGen Audit Toolsandapplications basedonAI/ML Modelling Autonomous and human-less/ agenticAI/MLmodels for Audit SIEM enhanced log analysis withML models ThreatHunting models / Proactive threat detections Enhancing threat attack detection with cyber kill chain patterns Critical infrastructure attack surface models NexGen Cybersecurity Mesh solutions and products Quantum based encryptions Data classification and privacy solutions Advanced endpoint/ perimeter security

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes and for that, we need you to join us.. The Team:. As part of the Information Security Organization, you will be working closely with different departments for their information security compliance. This role will be part of the new and growing Compliance Engineering function. The Information Security team plays a critical role in ensuring Celonis's technology and information assets are appropriately guarded from external and internal threats. The Security GRC Department you'll be joining is responsible for maintaining existing security attestations at Celonis globally, balancing risk with appropriate controls and assessing control effectiveness.. The Role:. This isn't a typical compliance role. It is a technical, hands-on position within our GRC organization, at the critical interface between business operations and technology. Here, you can be a data analyst, an engineer, an auditor, and a builder, using leading technology to design, create, and run automated solutions that test our security controls. In addition to that your analytical skills will contribute to our overall security process intelligence. You will get hands-on experience with our own Celonis platform, modern GRC (Governance, Risk, and Compliance) tools, and low-code automation.. The work you’ll do:. Design and build assets to test and continuously monitor the effectiveness of our internal security controls including continuous evidence collection. Rigorously test and validate the data and logic within your solutions to ensure accuracy, completeness, and reliability.. Participate in and support internal as well as external security compliance audits, applying your technical understanding as well as business acumen to assess control design and effectiveness.. Develop and manage insights to measure program effectiveness. This includes metrics for compliance and offers the opportunity to support broader security performance and risk management analytics.. Work with technical and non-technical teams across Celonis to translate security requirements into automated tests and operational workflows.. The qualifications you need:. Academic background in Computer Science, Engineering, Information Systems, Physics, Mathematics or a related field, or equivalent work experience.. You thrive on big challenges, can anticipate and adapt to changes in direction, and are driven to continuously improve the solution.. A Builder's Mindset: You have foundational experience with data integration and analyzing data using SQL, Python, or similar languages in a database-like environment.. Strong Problem-Solving Skills: You are a self-starter who can troubleshoot issues independently and enjoys tackling open-ended challenges.. Excellent Communication Skills: You can clearly articulate and right-size complex technical issues in English to both technical and non-technical people.. This role requires working in shifts aligned with Central European Time (CET) to collaborate effectively with our global teams.. Preferred Qualifications:. A strong interest in or foundational knowledge of Process Mining, Continuous Controls Monitoring, Evidence Collection, GRC platforms, and IT Auditing.. Knowledge of cloud technologies from different cloud service models and security frameworks ( ISO 27001, SOC 2, NIST etc.). Demonstrated knowledge of technology risks, infrastructure, and information security princip. What Celonis Can Offer You:. Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business.. Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities.. Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more.. Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs.. Connect and Belong: Find community and support through dedicated inclusion and belonging programs.. Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future.. Collaborate Globally: Join a dynamic, international team of talented individuals.. Empowered Environment: Contribute your ideas in an open culture with autonomous teams.. About Us:. Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It’s system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.. Get familiar with the Celonis Process Intelligence Platform by watching this video.. Celonis Inclusion Statement:. At Celonis, we believe our people make us who we are and that “The Best Team Wins”. We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard that's when creativity and innovation happen.. Your Privacy:. Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices. By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.. Please be aware of common job offer scams, impersonators and frauds. Learn more here.. Show more Show less

Position Purpose RISK Operational Risk Management (RISK ORM) CIB belongs to the second line of defence of BNP Paribas Corporate and Institutional Bank (CIB). It belongs to the Risk Function (RISK) of BNP Paribas and is placed under the responsibility of the Head of RISK ORM CIB, who reports to the CRO of CIB. The department has responsibility for independently challenging and supervising the Operational Risk management of CIB activities (Global Banking, Global Markets, Securities Services, Information Technology (IT), Operations and Functions) on a worldwide scope. In the territories that CIB operates, there is responsibility to cover the Assets Liability Management and Treasury (ALM-T) operations too. This is achieved through: framing operational risk methodology for CIB and disseminating of risk management culture across CIB; assessing the adequacy of the CIB operational risk management set-up; controlling effectiveness of CIB control environment; contributing to the detection, anticipation and response to risks; alerting CIB and RISK stakeholders on any significant risk issue; providing a consolidated view on CIB operational risks profile. As the second line of defence for technology & transversal risks (Information and Communications Technology (ICT), anti-fraud, third party and operational resilience), RISK ORM has the responsibility for oversight and supervision on those risks for CIB, ensuring and opining that appropriate risk management efforts are underway and raise any alerts in case of issues to the stability of the Bank and influencing business, functions and technology partners to take sound risk management decisions. Key Responsibilities Purpose : To provide independent and control function opinion on DORA implementation at CIB level Scope : CIB activities worldwide, covering all business lines and all geographies Corporate and Institutional Banking ( CIB ) businesses are fast paced, dynamic, growing and complex. RISK ORM CIB oversees, evaluates and supervises the wider operational risks of all its business lines. The main responsibility of the role is to participate, oversee and check and challenge the programme of CIB to be compliant with DORA regulation. The candidate will work closely with the first level of defence in charge of the DORA programme and ensure the programme actions and roadmap, adequately covers DORA requirements in a sustainable and risk-controlled manner. COORDINATION with business lines ORO for DORA requirements. with reporting on DORA updates from the CIB programme to wider RISK ORM CIB and OROss with Coordination with Group RISK ORM and IT teams on any updates and instructions on DORA requirements fulfilment with RISK ORM CIB T&TR practices and OROs (i.e., TPRM, Operational Resilience, ICT) FIELD WORK Working on HIs that are in scope of DORA and ensuring these are raised and challenged adequately Working with CIB Regulatory affairs team to ensure that all supervisory requests are answered and proactive monitoring of upcoming requests by interacting with peers and other banks. DORA TPRM aspects and coordination with TPRM OROs across CIB REPORTING to the wider RISK ORM CIB community to the business lines ORO for their respective scope to RISK ORM CIB management As part of the role, the candidate will as well coordinate the RISK ORM CIB community worldwide on the DORA aspects, especially in EMEA region and be the SPOC for any DORA related matters. CONDUCT Be a role model, supporting and fostering a culture of good conduct including respect for others. Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks. Considerate of the implications of actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure, Listens and responds to feedback. Gives feedback to others. Specific Qualifications Required EXPERIENCE The successful candidate will have a proven track record in managing risks and technology in a large/global organization, with robust knowledge of technology, risks and controls, third party technology risk management. Prior experience to ICT/Business Continuity/Operational Resilience Risk Management and exposure to financial services industry is a requirement Knowledge of DORA regulation 10 years or more of suitable professional experience QUALIFICATIONS Bachelors degree in business or risk management, Information Technology, Information Security (or equivalent professional qualification). Excellent written and verbal communication skills (ENGLISH) is an absolute requirement due to the need to foster strong relationships with a broad base of stakeholders across the Bank (beyond the market activities perimeter) and to present often at senior level of the bank. FRENCH language is a plus. Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate. Team player, contributes to the success of the whole T&TR team, as well as being able to be autonomous Ability to communicate, co-operate and work well with other teams The position requires a strong analytical background across the main categories of risk and the ability to synthesize large amounts of diverse information at any one time. A strong delivery focus is required as strict deadlines are to be respected and limited time is available to roll out the program.

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. About The Team/Project The Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will support security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the analysts will enable security controls aligning with client contractual obligations, regulatory requirements, and industry best practices. The analyst will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges What You’ll Do The position is within the Information Security team. Main activities will include but are not limited to: Internal Audit & Assurance: Support the implementation and operations of the ISMS within the region. Support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Support continuous assessment and improvement of security controls and processes. Information Security Risk Management Support, identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Support the delivery of security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Support the assessment and management of security risks associated with third-party vendors and suppliers. Support security requirements are included in vendor contracts and SLAs. Enable regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). • 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. • Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. • Experience in security risk management, audits, compliance, and client security assurance. • Knowledge of security operations, incident response, and managed security services. • Familiarity with supply chain security and third-party risk management. • Good communication and stakeholder management skills, with experience working with clients on security matters. • Ideally security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme. Flexible working hours, we value work-life balance. Maternity/ Parental (including secondary) leave policy. Cab facility available in Delhi/NCR. Meal facility available Free Medical Insurance So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. Position Overview The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. The position is within the Information Security team. Main activities will include but are not limited to: Responsibility Internal Audit & Assurance: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Information Security Risk Management Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so. Qualifications and Experience Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme 2 paid volunteering days and a range of community-based initiatives to get involved in Parental (including secondary) leave policy Free meals and transport So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Our client is leading Global IT Service and Consulting Organization Location : Pune NP: Immediate to 45 days Skill: Security Audits Role description: The role involves managing technology risks, driving compliance conversations with clients and regulators, and overseeing internal and external audits. Excellent communication skills are essential, as this person will need to constantly interface with clients and auditors. Additionally, the individual should have experience managing a team.

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

We re seeking a future team member for the role of Vice President to join our Information Security team. This role is located in Pune, Maharashtra -HYBRID BNYM is seeking an initiative-taking professional to join its Cyber Security Third Party Governance (CTPG) team. The successful candidate will work in a technically diverse and dynamic environment with a team of Cyber Security professionals responsible for the assessment, analysis and governance of cyber security for third party vendors. The successful candidate will have deep technical and assessment skills to identify vendor cyber vulnerabilities that puts the BNYM at risk. The individual works closely with the Cyber TPG Security Leader, Business Sourcing Leads (BSL), enterprise sourcing, technology risk management, engagement managers, business teams and vendors on identified cyber risks in vendor environments. This requires both good oral and written communications skills and the ability to negotiate. Must be able to keep sensitive information confidential and know how to use appropriately. In this role, you ll make an impact in the following ways: Assess the cyber security risk of third party vendors with an appropriate level of detail Travel to vendor locations for on-site assessments Interface with enterprise sourcing, technology risk management, business teams and engagement management on vendor cyber security issues identified Review and challenge vendor evidence for issue closure Assist in the design and implementation Cyber TPG related processes and tools Define and create relevant metrics, presentations and reports Review the cyber related attestations by third parties such as SOC2 and ISO 27001 and report any observations for further review and tracking Review vendor risk reports created by internal and external entities for impacts to cyber security Keep up to date on the latest trends, methodologies and tools related to third party Interface with industry coalitions working on third party cybersecurity issues To be successful in this role, we re seeking the following: Bachelors degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or CISM a plus 17+ years of experience in cyber security related activities required Firsthand experience in performing control-level technical cyber risk assessments In-depth technical knowledge in 1-2 cyber domains Experience in the securities or financial services industry is a plus Experience in third party governance and related tools is strongly desired but not required Ability to manage multiple projects and priorities Familiarity with various global regulations and industry standards concerning cyber security Strong verbal and written communication skills

You are a strategic thinker passionate about driving solutions in Sales, Research & Data Services Ops . You have found the right team. As VP of the SRDS Ops iMaintain team, you will lead efforts to manage regulatory-critical processes across various business areas, oversee transformation projects, and streamline operations using new technology. Based in Mumbai, you will develop metrics frameworks, identify business opportunities, and collaborate with stakeholders like Product Management, Operations, Technology, Risk & Control, and Finance to implement industry best practices for change and transformation, driving innovation and efficiency in regulatory processes. The primary responsibility of this position is to manage the iMaintain team in Mumbai, overseeing transformation projects and streamlining processes with new technology to contribute to the broader DCS vision. The candidate will maintain a strong control environment, define a future state vision for the functional area, and lead program execution from an operations perspective by building strategic platforms and decommissioning legacy systems. They will identify new business opportunities and synergies with other areas like Markets Operation, Research, and Sales, while managing people through training, upskilling, and hiring based on future needs. Collaboration with stakeholders such as Product Management, Operations, Technology, Risk & Control, and Finance is essential, leveraging industry best practices for change and transformation. Job responsibilities Maintain a strong control environment within the regulatory-critical iMaintain team. Define and implement a future state vision for the functional area with the BAU Operations team. Lead program and project execution, focusing on strategic platform development and legacy system decommissioning. Identify and pursue new business opportunities and synergies with Markets Operation, Research, and Sales. Manage people through training, upskilling, and hiring diverse skill sets for future team needs. Collaborate with stakeholders, leveraging industry best practices for change and transformation. Ensure a stable operational environment with robust controls, checks, and balances. Leverage new technology or tools to enhance processes, track metrics, and improve controls. Govern by providing updates to senior stakeholders and ensuring compliance with laws and regulations. Engage in each stage of the Project Delivery Framework (PDF) from requirements to implementation. Focus on the people agenda, including coaching, training, talent management, and recognition. Required qualifications, capabilities and skills Minimum 10+yrs experience with strong experience of 4-5 years on Tech Change programs, Process Improvements, Operating Model improvements Excellent problem-solving skills in order to identify, understand and address operational and technical issues. Proactive in displaying these skills and developing solutions. Strong knowledge of technology solutions available in the market for Operations business Must have Microsoft Office skills Excel, Word, Access and PowerPoint Influencing and negotiation skills - leverage subject matter expertise in driving conversations, challenging status quo and influence decisions/direction with stakeholders Ability to operate in a fast-paced environment under high pressure with time critical deliveries; multi-tasking, prioritizing and able to adjust to changing priorities Strong partnership record - ability to build effective relationships across different parts of the organization as required Should have a collaborative work style; fostering co-operation and teamwork. Ability to develop relationships across various stakeholders including senior business executives Control mindset to identify process control gaps, prioritize and mitigate operational risk Effective change management and transformation experience. Ability to challenge current state and mind set, adapt to a changing environment Good understanding of downstream impact of actions undertaken, particularly the requirement for strong and timely controls throughout the life cycle of the trade

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred

Dear Candidate, We are hiring an IT Risk Analyst to identify, assess, and mitigate risks to the organization's information systems and data. This role supports compliance initiatives and strengthens the IT risk management framework. Key Responsibilities: Conduct IT risk assessments, gap analysis, and control evaluations. Develop mitigation strategies for identified security and compliance risks. Monitor regulatory changes and ensure adherence to frameworks (e.g., NIST, ISO 27001). Prepare risk reports, scorecards, and presentations for stakeholders. Collaborate with audit, security, and IT teams on risk response plans. Required Skills & Qualifications: Experience in IT risk, governance, or audit. Familiarity with frameworks like NIST, COBIT, ISO 27001, and SOX. Analytical skills to evaluate threats, vulnerabilities, and control gaps. Excellent documentation and stakeholder communication abilities. Certifications such as CRISC, CISA, or CISSP are a plus. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Consultant Specialist. In this role, you will: Identify opportunities and deliver consistent and interconnected risk and control environment reporting and governance Protect the bank via proactive regulatory risk reduction actions. Drive consistent regulatory reporting across regions, businesses, and global functions. Collaborate closely with global functions, businesses, and regional stakeholders to integrate risk and control insights into strategic technology planning and decision-making processes. Assist CTO RC Control teams to enhance technology control frameworks, ensuring they are inclusive and adaptable aligned with industry regulations and standards. Provide advice, guidance, and assessment of application of policies, control standards, and procedures. Advocate the desired behavioural changes across the CTO Enablement community required to mature the understanding and management of technology risk controls. Requirements To be successful in this role, you should meet the following requirements: Excellent understanding of HSBC Technology Controls, especially Cybersecurity Controls. Strong communication skills to be able influence and challenge stakeholders Analytical and problem-solving skills, with the ability to navigate technology landscapes. Excellent understanding of key reporting metrics. .

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Key Responsibilities Areas will be as follows - Control Audits goal/purpose is to Identify security controls gaps, remediate and drive compliance for all accounts/programs across Sutherland. ALL deviations MUST be remediated or have an APPROVED Exception Request. ALL non-compliance findings will be worked with peers across InfoSec Risk and Compliance and create a remediation plan by working with respective stakeholders. Results are tracked, trended and reported. Meetings are hosted with Senior InfoSec Leadership: results reviewed, gaps address, risks identified, remediation progress confirmed Audits are performed internally and via a 3rd party audit team that this leader oversees in tandem with Regional Risk and Compliance. Risk Assessments to be conducted and implemented as per various Complaince requirements to protects and prevents the misuse of Sensitive Customer Information (SCI) handled in client programs, in order to: Proactively identify risks and vulnerabilities Address potential data leakage areas Assess Sutherland s implementation of standards Identify Sensitive Customer Information (SCIN) belonging to clients. Remediates by tightening or establishing controls. Implements security best practices that minimize the risk & avoid incident / data breaches. 2. In addition to the above, the candidate will be asked to look beyond the task at hand and to question how can we do this better, how can we automate and improve upon business as usual, challenge the status quo so that we work smarter (not harder) 3. Demonstrate control effectiveness to the Infosec Leadership Core Infosec exp 4 yrs or IT domain exp of 5 yrs above Infosec certifications will be added advantage IT certification can also add value

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. What you'll do Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains – Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What you'll bring: Bachelor’s degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT – Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 – Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX – Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR – General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Bachelor s degree in information technology, Computer Science, Risk Management, or a related field; advanced degree or professional certification (e.g., CISA, CISSP, CRISC) Mandatory. Minimum of 10 years of experience in technology risk management, cybersecurity, or information security roles. Proven expertise in conducting technology risk assessments, developing risk management frameworks, and implementing controls and mitigation strategies. In-depth knowledge of regulatory requirements, industry standards, and best practices related to technology risk management and information security (e.g.,FAIR, NIST Cybersecurity Framework, ISO 31000, OCTAVE & TARA). Strong analytical, problem-solving, and decision-making skills with the ability to evaluate complex issues and develop practical solutions. Excellent communication and interpersonal skills with the ability to effectively engage and influence stakeholders at all levels of the organization. Demonstrated leadership abilities with a track record of driving results, managing projects, and leading cross-functional teams in a fast-paced, dynamic environment. Basic Requirements Effective verbal and non-verbal communication skills at all levels of the organization Leadership teamwork and collaboration Discretion Problem solving Critical Thinking Self-initiated/sufficient Motivated

About Us At ANZ, were shaping a world where people and communities thrive, driven by a common goal: to improve the financial wellbeing and sustainability of our millions of customers. About the Role As a Privacy Governance Manager in our Data and Technology Risk team, you ll play a key role in the ANZ Privacy Office to ensure ANZ s compliance with Privacy and Data Protection laws across the bank globally. The role will provide Subject Matter Expertise on Privacy and Data Protection obligations across the bank to support the operational governance oversight. This role will also assist business units across the bank to understand privacy risks by identifying and implementing appropriate control measures. Banking is changing and we re changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you ll be building your future, while helping to build ours. Role Location: Bengaluru Role Type: Permanent, Fulltime What will your day look like Monitoring and ensuring compliance with Privacy and Data Protection laws across various jurisdictions. Identifying, assessing, and mitigating privacy risks through reviews and assessments. Collaborating with ANZ stakeholders and business units to align privacy practices with organizational goals. Overseeing data mapping initiatives and maintaining records of processing activities (RoPA). Managing, evaluating and reporting third-party vendors attestation outcomes and identifying risks or concerns related to Privacy or Data Protection. Reviewing and updating new obligations in NFR Hub. Tracking and reporting privacy KPIs and metrics for the ANZ Privacy Office. What will you bring Minimum of 8 to 10+ years experience in Privacy or a related field, preferably with a bachelors degree in law. Recognised Privacy and Data Protection qualification (e.g., IAPP - CIPM, CIPT, CIPP/E). Comprehensive knowledge of global Privacy and Data Protection legislation (including AU Privacy Act, GDPR, PDPA). Thorough understanding of privacy management practices and the ability to identify privacy risks and manage interactions across business operations. Proficient writing, organisational and problem-solving skills. Effective communication and interpersonal skills for collaborative work with stakeholders and employees at all levels. You re not expected to have 100% of these skills. At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we d love to hear from you. Job Posting End Date 13th June 2025, 11.59pm, (Melbourne Australia)

A Day in the Life Responsibilities may include the following and other duties may be assigned. Provides project management and sourcing expertise to cross-functional, cross-divisional commodity teams. Facilitates these teams in the development and execution of long-term strategies that will optimize Medtronics position in terms of quality, cycle/response time, technology, risk, and total cost. Mitigates risk, leverages technology and purchase power, improves processes and systems, and reduces overall cost of ownership and acquisition. Negotiates, establishes and monitors supplier agreements. SPECIALIST CAREER STREAM: Typically an individual contributor with responsibility in a professional discipline or specialty. Delivers and/or manages projects assigned and works with other stakeholders to achieve desired results. May act as a mentor to colleagues or may direct the work of other lower level professionals. The majority of time is spent delivering and overseeing the projects - from design to implementation - while and adhering to policies, using specialized knowledge and skills normally acquired through advanced education. DIFFERENTIATING FACTORS Autonomy: Recognized expert, managing large projects or processes . Exercises considerable latitude in determining deliverables of assignments, with limited oversight from manager . Coaches, reviews and delegates work to lower level specialists. Organizational Impact: Contributes to defining the direction for new products, processes, standards, or operational plans based on business strategy with a significant impact on work group results . May manage large projects or processes that span outside of immediate job area. Innovation and Complexity: Problems and issues faced are difficult, moderately complex and undefined, and require detailed information gathering, analysis and investigation . Develops solutions to moderately complex problems, and/or makes moderate to significant improvements of processes, systems or products independently to enhance performance of job area. Implements solutions to problems. Communication and Influence: Represents organization as a primary contact for specific projects and initiatives; communicates with internal and external customers and vendors at various levels . May negotiate with others to reach understanding or agreement, and influence decision-making. Leadership and Talent Management: Typically provides guidance, coaching and training to other employees within job area. Typically manages major / moderately complex projects, involving delegation of work and review of work products, at times acting as a team leader. Required Knowledge and Experience: Requires mastery of a specialty area and full knowledge of industry practices, typically obtained through advanced education combined with experience. May have broad knowledge of project management. Requires a Baccalaureate degree (or for degrees earned outside of the United States, a degree which satisfies the requirements of 8 C.F.R. 214.2(h)( 4)(iii)(A) and minimum 7 years of relevant experience, or advanced degree with a minimum of 5 years of relevant experience. Benefits Compensation About Medtronic We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people. We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the RD lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firms robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity & Tech controls team , you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firms standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards. Job responsibilities Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Support implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firms risk posture Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 3+ years applied experience Experience in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders Proficient knowledge of risk management frameworks, regulations, and industry best practices Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or other industry-recognized risk certifications