36 Technology Risk Jobs - Page 2

Visa is looking for a candidate to join its Cybersecurity 3rd Party Technology Risk Management (3PTRM) team as an Associate Cybersecurity Analyst, which works with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet Visa security requirements and mitigate any risks that are associated with engagement of third parties. The Analyst will work closely with Supplier Relationship Owners (SROs) and other Cybersecurity teams such as penetration testers, security architects, etc to assess and monitor third parties that do business with Visa. The role requires the candidate to have strong analytical, communication, and organizational skills, as we'll as a solid understanding of cybersecurity concepts and best practices. Essential Functions: Perform risk/security assessments of Suppliers and Third-Party relationships to identify, validate and remediate risks Cybersecurity Risks. This may include performing interviews, document design assessments and walkthroughs of cybersecurity controls. Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements. Participate and conduct onsite assessments of Third Parties against Visa s security framework and industry security standards. Support risk/security assessments for special projects involving Third Parties. Support PCI-related activities relevant to third parties to ensure compliance with PCI requirements. Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations. Proactively follow-up with Suppliers to ensure prompt remedial actions for assessment findings. Basic Qualifications: Bachelors degree, OR 3+ years of relevant work experience Preferred Qualifications: 2 or more years of work experience. Bachelor s degree in Computer Science, Information Systems, Engineering, or related field, or equivalent work experience. Minimum of 1 years of experience in cybersecurity, IT audit, or IT risk management. Experience in cybersecurity, IT audit, risk management, compliance, or related fields. Knowledge of cybersecurity frameworks and standards such as NIST, ISO, PCI, etc. Strong written and verbal communication skills, and ability to communicate effectively with technical and non-technical audiences. Ability to work independently and collaboratively in a fast-paced environment. Certifications such as CISSP, CISA, CISM, CRISC, or equivalent are preferred.

Risk Analyst (Equity Derivatives) Equity Derivatives Researcher Millennium s Global Risk Management Department is responsible for identifying, measuring, monitoring, managing, and reporting on the risks associated with Millennium equity derivatives portfolios. Our Risk Management organization is designed to accommodate the overall size, nature, and complexity of the firm s trading activities. We are looking to add an inquisitive minded Risk Modeler to join our team. You will have the opportunity to develop and maintain the quantitative frameworks used by our portfolio managers and senior management teams. You will be responsible for the risk framework which involves consistently evolving metrics, improved valuation methodologies and clear identification and resolution of issues associated with inadequate risk measurement. You will understand and monitor closely the strategies of PM s trading in equity derivatives and embed insights in quantitative frameworks. Your primary responsibilities will encompass: Development of Risk Measurement Techniques: Develop and maintain robust frameworks for risk measurements. You will create frameworks to deliver insights on PM strategies and risks through interacting with existing tools or building own framework Quantitative Framework Development: Assist in the creation and optimization of our quantitative framework, which includes collaborating with technology, risk, portfolio, and business managers. Tech Collaboration: Partner with the Technology department to streamline the transition of quantitative models into production environments. The priority is to ensure accuracy and efficiency in day-to-day workflows. Research Model Development: Lead research into and implementation of various quantitative models. Qualifications/Skills Required: The candidate should have a degree in a quantitative major: statistics, mathematics, engineering, and either professional experience of 1-4 years in a quantitative role in a financial organization, or an advanced degree in a quantitative field preferred. A good understanding of derivatives and valuation is a plus, and basic familiarity is generally expected. Prior experience with managing and deploying valuation models is a great add. Strong programming skills, prior experience with Python (Polars and/or Pandas) or SQL. Proficiency in at least a compiled and statically typed language is a plus; so is demonstrated programming ability on public repositories e.g., GitHub. Sense of responsibility and integrity. Intellectual curiosity and spirit of initiative. Ability to work independently and effectively manage ambiguity.

Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

Our Purpose Title and Summary Director, Technology Risk Management Overview: The Payment Gateway Team is seeking a Principal, Technology Risk Management to lead and build our strategy for designing and implementing assurance requirements to meet customer and regulatory expectations regarding security and availability risk and controls via assurance products such as SOC 2. The individual will coordinate and advise management to ensure customer and regulatory obligations are considered for the Payment Gateway Service. The individual will be responsible for reviewing and analyzing strategic plans and identifying risk and controls required to meet Mastercard policies and standards and apply the design of relevant risk and control assessments that meet our assessment obligations. Key Responsibilities: Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

About The Role : Job TitleInformation Security Analyst, AS LocationMumbai, India Role Description CRO DCO Resilience team Manages and Governs various risk types for Chief Risk Office (CRO) including but not limited to Information Security, Data Protection, Records Management, Business Continuity, Vendor / Third Party Risk Management (TPRM) The Resilience team in India is a part of CRO's Divisional Control Office (DCO) responsible for Governance on various risk types Information Security Analyst will be responsible for ensuring governance on information security and other risk types for various CRO Functions Information Security Analyst will support CRO DCOs efforts to identify, analyse and report the non-financial risks of the CRO Function, thereby ensuring that Group and Functional standards are consistently applied. The candidate is required to demonstrate very good understanding of risk management activities, paired with strong stakeholder management and Microsoft office skills. The role will have full exposure to all areas within CRO and requires working closely with a variety of stakeholders. The role has considerable scope for professional development across the Risk Management domain What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities As the Information Security & Technology Analyst your responsibilities will include (but not be limited to): Assume ISO ownership for assigned Risk applications Ensure execution of Information Security risk assessments and compliance evaluation Ensure implementation of controls for identified Information Security and Technology risks for designated business applications and functions Ensure implementation and maintenance of Identity and Access Management processes, as well as execution of periodical recertification of User Access Rights Ensure annual validation of key application documentation, including KOP and User access matrix for each assigned application and activities Provide timely updates to the DBISO and/or Risk Chief BISO regarding afore mentioned tasks Ensure accuracy of application entries regarding Information Security in the Group inventory of applications (NAR) Engage and create a positive network across external teams like Technology, respective functions, Chief BISOs, Risk type managers etc. Treatment of escalation questions regarding problems as well as assessments of potential violations of regulatory or internal guidelines regarding Information Security Cooperation in improving existing processes and workflows as well as independent implementation of new processes Regular attendance at scheduled meetings and telephone conferences, e.g., presentations of work results to senior decision-makers/workgroups, processing of meetings and telephone conferences (preparation of agendas, if needed, keeping the minutes) Management of urgent activities at short notice Management of enquiries from auditors and regulators Your skills and experience Core understanding of non-financial risk. Good understanding of risk management activities and internal control frameworks. Strong analytical skills to interpret and analyse data. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with diverse stakeholders across the bank Very good Microsoft Office skills, particularly Excel and PowerPoint A sound knowledge of Information Security would be preferred along with Information Security Certifications / skills How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

About The Role : Job Title Technology Risk Manager Corporate Title Director Location Pune, India Overview Our Corporate Bank group is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. This means that technology is more important than ever for the business. The CIO Corporate Bank (CB) division sits in the Banks Technology, Data and Innovation (TDI) group. The Risk and Control (R&C) team ensures the Bank's technology control priorities are effectively implemented across CIO - CB. The R&C team offers dedicated support for each Chief Information Officer (CIO) business line, advisory services for control responses, and program management services for broad control uplifts. The team's mission is to reduce the organization's technology risk exposure by implementing key bank controls, ensuring appropriate and timely resolution of audit and regulatory issues, and participating in the Bank's design of control implementations. Therefore, a role on the R&C team is integral in supporting the front-line management in identifying, assessing/measuring risks, developing/implementing remediation actions, and monitoring risks. We are looking for a technology risk manager (also known as embedded risk team lead) to join the Risk & Control team to ensure robust and sustainable control governance across CIO CB, in particular for CB Data and head for India Risk and Control team. You will be responsible for supporting the CB Chief Data Office in managing audit/regulatory/self-identified findings, participating in regulatory and audit exams, monitoring stakeholders compliance with key risk indicators, and ensuring controls are implemented effectively and sustainably. Your role will be integral in supporting the front-line management in identifying and assessing/measuring risks, determining remediation plans, monitoring levels of risk, and implementation of remediation. You will work directly with CIO-1s, the CIO Corporate Bank Risk Leads, senior technology management, business and operations stakeholders, regulatory management, and other embedded risk teams and will represent CB Risk & Control . As a senior member in the region, you will spearhead risk initiatives within the region and will oversee India applications. As a Tech Risk and Controls Director, you will play a pivotal role in shaping and implementing the firms technology risk management strategy. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under child care assistance benefit (gender neutral) Flexible working arrangements Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities: Partner with CB CDO, in risk management and control implementation. Create deep and productive relationships with the teams and finding owners for audit/regulatory/self-identified issues to ensure overall risk posture for the area is improved. Support CIO-1 portfolio(s) in managing audit/regulatory/self-identified findings to ensure appropriate and timely resolution of risks/gaps in controls, and resolve non-compliance with Bank policies, procedures and processes and non-compliance with regulations and laws. Review and revise findings lifecycle event documentation. Provide strategic direction on risk management matters to senior leadership including implementation of detailed data driven narratives to inform leadership of risks related to IT and Cybersecurity topics. Provide credible challenge across all information technology and cybersecurity enabling business growth while ensuring that risks remain within appetite. Participate in, and coordinate with technology stakeholders, on internal and external audits and regulatory exams Ensure Risk & Control topics and standards are effectively included in all Change Programs related to CB Data, in particular within the perimeter of the EDM Program. Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified technology issues Support application teams in control implementation requirements Ensure risk remediation programs are initiated and executed. Design and implement processes to test effectiveness and sustainability of technical controls. Develop strategies for reducing the risk exposure of CIO CB portfolio(s), including preparedness of critical applications for audit and regulatory exams and working with application owners to address and prevent common risk issues Assist application owners and other technology stakeholders in identifying and documenting risks and developing remediation Tracking and reporting on CIO CB portfolio(s) key risk indicators (KRI) and control uplift programs. Assisting application owners in developing plans to ensure compliance with KRIs. Close control gaps. Ensure risk remediation programs are initiated and executed in line with the Banks policies, procedures and standards. Work with the application teams and control owners to identify and resolve potential issues in control design. Advise on effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling. Create risk awareness and positive attitudes through specialized trainings and educate the wider Corporate Bank CDO stakeholders regarding Risk & Control. Develop and guide a culture of talent development to meet business objectives and strategy. Your Skills and Experience: Excellent communication skills, both written and verbal to present ideas and concepts effectively Extensive experience (15-20 years) in technology risk management and risk advisory Strong understanding of three lines of defense model and compliance frameworks, Experience with regulatory environments and financial services technology. Robust knowledge and experience of data risks, in particular data-related technology controls, - policies, - standards and - tools Excellent analytical and investigatory skills to identify underlying technology issues Extensive experience in assessing risk, writing issues, and developing appropriate corrective actions Demonstrate viable solutions and problem solving Relevant experience working with auditors, regulators and external auditors on exams, reports and information requests Prefer experience with designing and testing technology controls and processes Prefer technical background (application development, infrastructure engineering, etc.) How we'll support you Training and development to help you excel in your career Flexible working to assist you balance your personal priorities Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Join us as a Technology Controls Manager You ll be navigating the fast-changing landscape of technology risk to protect our customers and the day-to-day banking services they rely on Its a role that will see you building and influencing strong relationships with senior stakeholders across the bank , giving you an excellent platform to boost your profile Surrounded by subject matter experts, inspiring innovators and technology specialists, this is your opportunity to access our expertise and vast industry knowledge to open doors to further career success Were offering this role at vice president level What youll do To keep pace with the evolving needs of our customers, we re constantly investing in the latest cutting-edge technology to deliver a banking experience like no other. But new technology presents new and increasingly complex risks. And a s we become increasingly reliant on systems, networks and devices in our day-to-day lives, the importance of safeguarding the banking services that our customers rely on is greater than ever - and this is where you can make an important impact as our Technology Controls Manager. Day to day, you ll be: Identifying the risks presented by technology and helping our teams to understand and grab the opportunities they present too Exercising sound judgment to assess the potential impact of technology risks, along with their risk position Partnering with senior leaders to develop and deliver remedial action plans for risks that fall outside of our risk appetite Championing a culture of proactive and pre-emptive risk management that empowers our people to unlock value, embrace new technologies and navigate risk with confidence Demonstrating risk leadership and advocacy to develop relationships with colleagues and senior leaders that are built on trust The skills youll need We re looking for someone who can inspire confidence and build trust, and to do that your risk management expertise will be key. You ll need a deep understanding of risk management methodologies too, along with practical experience managing regulatory and operational risks in a technology environment. You ll also need: Knowledge of control and process design methods A deep understanding of IT service management processes The ability to benchmark the inherent resilience of technology architecture Experience of assessing and managing the efficacy of processes and controls Great communication, collaboration and stakeholder management skills

Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management. As a Tech Risk & Controls Lead in Infrastructure Platforms which is aligned to Enterprise Technology division, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firms standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. Job responsibilities Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred

Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firms robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity & Technology Controls, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firms standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards. Job responsibilities Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Support implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firms risk posture Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 3+ years applied experience Expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders Proficient knowledge of risk management frameworks and industry best practices Understanding of national and international Laws, Regulations and Rules (LRR) related to cybersecurity in the financial industry. A demonstrated ability to analyze technology-focused regulations (from US and international agencies) Develop and maintain strong partnerships with key stakeholders at both working & executive levels, and to work across diverse businesses and regions, balancing the needs of multiple organizations Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or other industry-recognized risk certifications

Qualification and Minimum Entry Requirements B.Tech (IT/CSE) with 8+ Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities As a Manager in RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education

As a part of RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization.Qualification and Minimum Entry Requirements Job Description B.Tech(CSE/IT)/MCA/MBA/CA with 0-5 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Preferred candidate profile