3 Cgeit Jobs

Client interface for understanding the SOX IT General Controls as applicable to Application &Infrastructure operations Conducting assessment of existing processes and align them to COBiT 2018 standard. Conducting TOE and TOD for ITGCs Documentation of as-is SOX 404 IT General Controls as they are currently being executed in client environment. Identify process exceptions and risk with respect to materiality defined by the SOX controller. Evaluating 3rd parties and their ITGC environments by assessment of SSAE18 reports Create Process Summaries, Compliance runbooks and RCMs. Define RACI for Control owners, executioners etc. Work with Senior Management of the organization and business teams in getting assertions. Point of contact for the client compliance & IT audit team for provisioning SOX audit evidence within the SLAs defined. Provide strategic guidance& consulting support on implementation of SOX controls for Networks, Operating Systems, System Security, Backup & Recovery, Storage, BCP/DR Identify technical remediations for SOX 404 ITGC and create short term and long term roadmap for remediation Conducting regular training for technical teams for SOX control implementation & audits Should have worked on consulting/implementation & audit of SOX IT General Controls associated with IT Operations (Mandatory) CGEIT, COBiT Experience & COSO ERM execution (preferred) Excellent understand & experience in IT applications &infrastructure management which includes SDLC, App Security, DevOps, Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc. Excellent understanding of IT Service Management processes. ITIL certified. Should be able to identify & report risks related to SOX ITGC design effectiveness & operational effectiveness gaps Should have experience in executing end-to-end SOX ITGC audit life cycle Exposure to other regulatory compliances such as Data Protection Act Candidate should have client facing experience B.E/B.Tech with MBA preferred. Candidates with following Certifications will be preferred: CISA/CGEIT/CISM/CISSP ISO 27001 Implementer, Lead Auditor ITIL V3.0

Who You Are Who You Are Youre good at what you do and possess the required experience to prove it. However, equally as important you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused someone who prioritizes customer success in their work. And finally, youre open and borderless naturally inclusive in how you work with others. Required Skills and Experience Mastery of security tools and technologies, such as firewalls, intrusion detection/prevention systems, endpoint security, , and SIEM solutions 6-7 years of experience in deploying and configure WAF solutions in various environments (cloud, on-premises, hybrid).Monitor and tune WAF rules and policies to optimize performance and security.(preferably-F5), IPS and DDOS knowledge Analyze security logs and incidents to identify potential threats and vulnerabilities. Collaborate with the incident response team to investigate and remediate security incidents. Proven experience with WAF solutions (F5 on-prem, Azure Application Gateway, F5, Imperva, etc.). Strong understanding of web application vulnerabilities (e.g., OWASP Top Ten). Proficiency in security protocols, firewalls, intrusion detection systems, and network security. Familiarity with scripting languages (e.g., Python, Bash) for automation tasks. Excellent analytical and problem-solving skills. Preferred Skills and Experience Valid and current certification in: CRISC Certified in Risk and Information System Controls ; CGEIT Certified in the Governance of Enterprise IT ; CERA Chartered Enterprise Risk Analyst; CISM Certified Information Security Manager; CISA Certified Information Security Auditor; CISSP Statistical analysis and models Basic skills in network, compute, cloud computing Understanding and daily use of Microsoft Office 365 Suite and other productivity tools (e.g., Excel, Word, PowerPoint, SharePoint) to accomplish audit and compliance related tasks Experience with project management and ability to manage security initiatives or projects

Role: 1.Develop Data Governance Framework: Design and implement a comprehensive data governance framework that aligns with the bank's overall data strategy and regulatory requirements. 2. Data Quality and Security: Ensure data quality and security by developing and implementing data validation rules, data encryption standards, and access controls. 3. Data Compliance: Ensure compliance with regulatory requirements, such as GDPR, CCPA, and BCBS 239, by developing and implementing data governance policies and procedures. 4. Data Governance Training: Develop and deliver data governance training programs to ensure that employees understand their roles and responsibilities in maintaining data quality and security. 5. Data Governance Metrics: Develop and track data governance metrics to measure the effectiveness of the data governance framework and identify areas for improvement. 6. Collaboration with Stakeholders: Collaborate with stakeholders, including business leaders, data owners, and technical teams, to ensure that data governance policies and procedures are aligned with business requirements. 7. Data Governance Tools: Evaluate, recommend and implement data governance tools and technologies to support the data governance framework. 8. Risk Management: Identify and mitigate data-related risks, including data breaches, data loss, and data corruption. Expereince : 13+ years of experience in data governance, risk, or compliance, preferably in a banking or financial services organization Strong knowledge of data governance frameworks, data quality, data security, and data compliance. Experience with data governance tools and technologies, such as Alation, Collibra, Informatica, or Talend Certification in data governance, risk, or compliance, such as CDPSE, CGEIT, or CRISC. Strong understanding of banking and financial services business operations and regulatory requirements Excellent communication, leadership, and collaboration skills. Ability to work effectively with stakeholders at all levels of the organization