11 Cisa Certification Jobs

About SMFG India SMFG India Credit Co. Ltd. (Formerly Fullerton India Credit Co. Ltd.) is registered as an NBFC - Investment and Credit Company (NBFC-ICC) with the Reserve Bank of India and is a member of SMBC Group. SMFG India Credit started its India operations in 2007 and today is a leading NBFC with a Pan India presence. The firm has invested in technology and digital capabilities to enhance customer and stakeholder experience, and paved the way for Pragati Ki Nayi Pehchaan . This echoes our core values and ethos of making things simpler, in our journey to empower people. We remain gender neutral and do what is right for the community. Job Overview The IT Security Governance Lead is responsible for overseeing the development, implementation, and maintenance of the IT security governance framework. This role ensures that IT security strategies align with business objectives and comply with industry standards and regulations. The Lead will manage a team of analysts and work closely with senior management to enhance the organization's security posture. Key Roles & Responsibilities Strategic Planning: Develop and execute IT security governance strategies that align with the organization's goals and regulatory requirements. Policy Development: Oversee the creation and maintenance of IT security policies, procedures, and guidelines. Risk Management: Lead risk assessments to identify vulnerabilities and develop mitigation strategies. Compliance Oversight: Ensure compliance with IT security policies and regulatory requirements, addressing any non-compliance issues. Audit Management: Coordinate internal and external IT security audits, ensuring all necessary documentation and evidence are available. Team Leadership: Manage and mentor a team of IT security analysts, providing guidance and support. Stakeholder Engagement: Collaborate with IT staff, business leaders, and external vendors to implement and maintain IT security measures. Incident Response: Develop and oversee incident response plans to address security breaches and other IT security incidents. Training and Awareness: Lead training sessions and awareness programs to educate employees about IT security policies and best practices. Continuous Improvement: Stay informed about emerging IT security threats and trends, and continuously improve the IT security governance framework. Candidates who have experience (hands on) on Identity & access management, DLP, DAM etc from various product knowledge, implementation experience and operations. Experience Required (In Years) Extensive experience in IT governance, risk management, and compliance, with a proven track record in a leadership role. Qualification Required Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) are highly desirable.

About BNP Paribas India Solutions: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10,000 employees to provide support and develop best-in-class solutions. About BNP Paribas Group: BNP Paribas is the European Union's leading bank and a key player in international banking. Operating in 65 countries, the Group has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in Commercial, Personal Banking & Services, Investment & Protection Services, and Corporate & Institutional Banking. With a strong diversified and integrated model, BNP Paribas helps clients realize their projects through financing, investment, savings, and protection insurance. The Group is committed to Corporate Social Responsibility across all its activities. Commitment to Diversity and Inclusion Position Purpose: RISK Operational Risk Management (RISK ORM) was created in early 2021 to oversee operational risks within the RISK function's mandate. The team is organized around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks, and RISK ORM Network. The position, based in India Solutions Pvt. Ltd. (ISPL) Mumbai, reports to Head of RISK ORM Network, India CoE, functionally to Group Head of ICT Controls Testing. Responsibilities: Lead the delivery of the COE CICEP India team in performing LOD2 check and challenge on ICT controls, determining design and operating effectiveness, reviewing and assisting with control deficiencies, drafting high-quality reports, ensuring completion of testing reviews, and contributing to the maturity of services provided by the CICEP platform. Enhance CICEP methodology, identify areas of improvement, support standardization, contribute to Group methodologies and tools, provide advice on ICT controls, monitor and report ICT control results. Collaborate at the India CoE level, contribute to Group mandates, objectives and priorities, participate in recruitment, and demonstrate effective leadership in the CICEP team. Technical & Behavioral Competencies: Skills Required: - 7+ years of experience in IT audit / ITGC controls testing / technical assessments, preferably in Cyber and Technology domains. - Ability to manage team workload independently, interface and coordinate efficiently with business partners, excellent analytical and communication skills, adaptability, commitment, and self-motivation. - Ability to express views clearly, work under strict timelines, and collaborate effectively. - Openness to work under global time zones. Skills Preferred: - Team management capabilities, ability to think innovatively, strong stakeholder management, and solutions-focused approach. Competencies: - University degree (technical) and/or relevant certifications. - Professional qualifications/trainings relevant to technology and/or cyber risk. Conduct: - Consider implications before making decisions and escalate issues when unsure. Specific Qualifications: - Bachelor's degree and certification in Information Systems. - At least 12 years of experience. - Professional qualifications/trainings relevant to Information Security, Risk Management are preferred. Other/Specific Qualifications: - Professional qualifications/trainings relevant to Information Security, Risk Management are a strong plus (ISO 27001, ISO 31000, CISSP, CRISC, CISM, CISA, CCSP) preferred.,

Working with the technology department to govern, analyze and better understand their risk profile Identifying and assessing the impact of technology risk through complex Thematic Reviews/ Risk Assessments and develop mitigation strategies in areas of User Access Management, IT Change Management & SDLC, IT Incident Management, IT Disaster Recovery, IT Project Management, IT Assets, IT Services and Operations, IT Vendor Management etc. Review product and process notes for new product launches and technology enhancement in existing systems. Ensuring key risks are identified and relevant controls are documented in Risk Control Matrix (RCM)/Risk Registers Review of User Acceptance Testing (UAT) scenarios and test cases for new products/system enhancements and provide inputs for new/additional UAT scenarios for the products Updation of technology risk framework used in conducting risk assessments. Review of IT and IS processes and updation of risk registers in the central risk repository Facilitate the Risk Control Self-Assessment (RCSA) process for IT and IS processes, highlight key findings and develop a mitigation plan with the process unit Proactively managing IT and IS risks so that there are no major incidents, losses, breaches or examples of non-compliance Develop on going technology risk monitoring metrics through Key Risk indicator Reporting (KRIs), monitoring and analyzing key trends and defining metrics to regularly measure control effectiveness Regularly engaging with internal & external stakeholders on the Banks IT risk posture Driving effective implementation & communication of Technology Risk Management policies & guidelines Engagement with auditors (internal and external) as per the audit calendar and provide timely and appropriate responses/action plans Experience and Skills 10-15 years of relevant experience Expert knowledge of Technology Risk, IT Security and risk discipline and practice Graduation in engineering, IT or computer science and/or A Masters Degree in Business with computer skills/ certifications or Masters in Information Systems Strong skills in Microsoft Excel and Power Point Professional certifications such as CISA, CISSP, CISM, CRISC, ISMS, CCNA or equivalent are preferred Knowledge of regulatory guidelines, frameworks and alignment with banking policies and processes

As an ideal candidate for this position, you should hold either a CEH Certification or ECSA Certification. Having additional certifications such as CISA Certification or CISSP Certification would be highly beneficial. With 2-3 years of experience, you will be responsible for various operational roles and responsibilities. Proficiency in programming languages like C/C++, Java, Dot Net, as well as familiarity with scripting languages like perl, php, python, or bash is essential. Your expertise in web application penetration testing and network penetration testing will be crucial for this role. Moreover, you should have a good understanding of hardening guidelines for databases, servers, firewalls, and other relevant systems. Knowledge of secure software development standards, processes, techniques, and tools is required. Familiarity with security technologies like cryptography, authentication techniques, and protocols is also important. You should possess knowledge of security development lifecycle processes across different technologies. In addition to technical skills, analytical skills, the ability to work independently with minimal supervision, and strong communication skills are essential. Proficiency in using tools like Word, Excel, and PowerPoint is also expected.,

As a fresher joining our team at ACPL, you will be offered a stipend of 22K for the first six months, which will serve as a training period. Following this initial phase, the revision of stipend will be based on your performance. It is important to note that candidates are required to start immediately upon selection. ACPL is a renowned Cyber Security specialist company that assists corporates in establishing their Cyber security platform comprehensively. Our services range from selecting adaptable security tools to deploying them, and providing dedicated cybersecurity services. Founded in 1990, ACPL holds the distinction of developing India's first antivirus software, SmartDog. We excel in offering solutions and services by integrating advanced technologies from leading IT companies through strategic partnerships. Our primary focus lies in catering to challenging industry verticals such as BFSI, Manufacturing, Telecommunication, Retail, Healthcare, IT/ITES, Power, Media Education, Distribution, and more. As a $35 million company with a PAN India presence and services extending across ASIA, including a branch office in Singapore, ACPL comprises a team of 160+ highly qualified professionals holding certifications like CISSP, CISA, GICH, among others. With a dedicated customer base of 200+, ACPL has been recognized with various industry awards and certifications, including being 100% RBA Compliant and a certified Great Place to Work. The job type for this position is Full-time, Permanent, and Fresher friendly, with benefits including health insurance and Provident Fund. The work schedule involves rotational shifts, and the work location is in person. The expected start date for the position is 30/06/2025. We look forward to receiving your updated CV and acknowledgment to proceed further with the selection process.,

Role Description The Vice President of Transformation Risk and Control will lead the strategic oversight and management of risks associated with the organizations transformation initiatives. This executive role is pivotal in ensuring that transformation projects align with the companys risk appetite and regulatory requirements, while driving sustainable growth and innovation. Your key responsibilities Strategic Risk Management: Develop and implement a comprehensive risk management strategy for transformation projects, ensuring alignment with the organizations overall risk framework. Leadership and Governance: Provide leadership and direction to the Transformation initiatives by fostering a culture of risk awareness and proactive risk management across the organization. Risk Assessment and Mitigation: Oversee the identification, assessment, and mitigation of risks, ensuring robust control frameworks are in place and effective. Stakeholder Engagement: Collaborate with senior executives, project leaders, and key stakeholders to integrate risk management practices into all transformation initiatives. Regulatory and Compliance Oversight: Ensure all transformation activities comply with relevant laws, regulations, and internal policies, and stay abreast of regulatory changes. Reporting and Communication: Regularly report to the executive team and board of directors on risk exposure, control effectiveness, and mitigation strategies. Continuous Improvement: Drive continuous improvement in risk management practices, leveraging industry best practices and emerging technologies. Your skills and experience Experience in risk management, internal control, or a related field, with significant experience in managing risks for large-scale transformation projects. Strategic thinking and leadership skills, strong analytical and problem-solving abilities, excellent communication and interpersonal skills, and proficiency in risk management software and tools. CRISC, CISA, or similar certifications are highly preferred. Experience in a senior risk management role within a large organization or consultancy. Deep understanding of industry-specific regulations and standards. Experience in leading cross-functional teams and managing complex projects.

Your key responsibilities Engage and contribute to the Identity & Access Management projects Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress Execute the engagement requirements, along with review of work by junior team members Help prepare reports and schedules that will be delivered to clients and other interested parties Develop and maintain productive working relationships with client personnel Build strong internal relationships within EY Consulting Services and with other services across the organization Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Contribute to people related initiatives including recruiting and retaining IAM professionals Maintain an educational program to continually develop personal skills Understand and follow workplace policies and procedures Building a quality culture at GTH Manage the performance management for the direct reportees, as per the organization policies Foster teamwork and lead by example Training and mentoring of project resources Participating in the organization-wide people initiatives Skills and attributes for success Hands-on experience on end-to-end implementation of various IAM tool, with expertise in Okta. Completed at least 2-6 implementations. Good understanding of Access Management and CIAM solutions. Strong Understanding of Okta API's andgood understanding of XML, HTML, CSS. Should be capable of dissecting large problems and designing modular, scalable solutions. Validated experience of onboarding applications on leading IAM platforms like Okta, PINGFED. Knowledge on FIDO, OAuth, Open ID connect and REST Concepts. Hands-on experience in setting up the Identity and Access Management environment in standalone and cluster environment. Hands-on experience on configuring the tool as per the requirements. Hands-on experience on Directory level integration with Okta for AD, LDAP, Azure AD, Oracle AD. Good Understanding on IWA and Okta Workflows. Hands-on experience on Okta APIs. Should be knowledge on Okta Access Gateway, Okta Advance Server Access and SCIM. Hands-on experience on developing custom UI pages, branding and email template as per business needs. Should be familiar with the RBAC, ABAC, User provisioning, data synchronization, password management and IAM governance with AM tools such as Okta. Strong understanding of access management fundamentals like SSO, authentication and authorization. Good hands-on experience on OAuth 2.0, OIDC, WS-Fed protocols. Define and set up approach for risk-based MFA and applications access control. Hands-on experience on security related assessments and configuration for AM platforms, adaptive risk configurations and Multi-factor authentications. Capability of understanding the business requirements and converting that into design. Ability to perform risk assessment and threat modelling exercises with technology engineering teams. Should be flexible to work on new technologies in IAM domain. Worked in client facing role. Need to be thorough in their respective tool with hands-on experience involving configuration, implementation & customization. Hands-on Java/Python development and debugging experience. Use case design, Solution Requirements Specification and mapping business requirements to technical requirements (Traceability Matrix). Architecture Design (optimising the resources made available servers and load sharing etc.). Involvement in a successful pursuit of a potential client by being part of the RFP response team. To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Experience Access Management tools such as Okta, PingFed Strong interpersonal and presentation skills. 5-8 Years Work Experience Security Analyst IAM (Okta) Very good understanding of information security concepts with in-depth knowledge of IAM solutions and latest trends. Should be able to understand business requirement and translate them in technical requirement and implement the same. Experience ininstallation, configuration, deployment, and implementationon Okta tool. Experience over integration of on-prem and legacy applications with Okta. Good understanding of federation protocols like SAML2.0, OAuth, OIDC, WS-Fed, SWA Working knowledge on multi-factor authentication, Security Rules, Policies and Provisioning. Hands-on experience in troubleshooting the issues related with Okta and any other AM specific tools. Scripting knowledge in Python Unix Shell scripting. Basic AD and LDAP Functionality authentication, authorization. Experience inDirectory Integration with Okta. Experience in troubleshooting the access related issue reported by application team. Self-motivated and works with minimal direction. Takes ownership of task and executes. Should have had direct client experience, including working with client teams in an on-site and offshore mode. Good soft skills i.e., verbal & written communication, technical document writing etc Customer orientation skills Certification: Desirable to have certifications in security domain, such as CISSP and CISA or any IAM product specific certifications.

We are looking for a skilled IS Auditor with 2 to 8 years of relevant experience to join our team at ESAF Small Finance Bank's Corporate Office in Thrissur. The ideal candidate must hold a CISA certification and possess a strong background in Information Systems Audit.,

Job Description Job Summary: We are seeking an experienced IAM Lead to develop and execute an Identity and Access Management (IAM) strategy aligned with business objectives and security standards. This role involves overseeing IAM governance, integrating solutions across a hybrid environment, and ensuring compliance with industry best practices. Key Responsibilities: Define and implement IAM policies, frameworks, and roadmaps. Manage identity lifecycle, access controls, authentication, and authorization. Ensure secure, scalable, and compliant IAM solutions (SSO, OAuth, SAML, OIDC, etc.). Lead integration of IAM with internal and client-facing applications. Train and mentor the IAM team while managing vendor relationships and contracts. Collaborate with stakeholders, IT teams, and auditors to align IAM with business needs. Monitor IAM performance, risks, and compliance metrics, ensuring uninterrupted services. Identify and mitigate IAM-related risks, vulnerabilities, and incidents. Oversee IAM audits, risk assessments, and implement security best practices. Stay updated on IAM trends, emerging technologies, and recommend improvements. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or related field. 6-8 years of IAM experience, with at least 3 years as an SME. Proficiency in IAM tools like Microsoft EntraID , Okta, SailPoint, CyberArk, etc. Strong understanding of identity governance, privileged access management, and federation. Excellent communication, analytical, and problem-solving skills. Ability to work in a fast-paced, hybrid cloud environment. Preferred certifications: CISSP, CISM, CISA, CRISC. Experience in Architecture & Design

The purpose of IT Audit role is understanding and evaluating the organizations IT processes, infrastructure and applications to ensure they are in-line with the compliance standards. Planning, coordinating and executing IT audits to assess the effectiveness of IT Controls, Policies and Procedures. Developing detailed audit programs and identifying key risks associated IT Systems and process. Reviewing change management process, disaster recovery plans and backup procedures. Ensuring compliance with industry standards, legal regulations (Ex: SOX, HIPAA) and internal policies. Preparing detailed audit reports with findings, risks and actionable recommendations for improvement. Troubleshooting security network problems. Willingness to travel PAN India.

This role is on contract basis for 1 year, extendible and convertible based on performance. Please apply only if interested. Key Responsibilities Perform and review design and operating effectiveness testing procedures on internal controls over Cyber Security and Information Technology across various areas such as Identity and Access Management, Backups, Incident, Change & Continuity Management etc. Document your testing procedures and present findings to the relevant stakeholders Support ICAR's central team on planning, execution and reporting of ICAR assurance cycles Provide support and mentoring to other ICAR team members Develop and maintain automated control testing solutions leveraging on data analytics Engage with various stakeholders across the business representing the ICAR team About You 10+ years of work experience in IT assurance functions (internal / external auditing, control testing, risk management) and/or practical experience in the field of IT and Cyber Security Good understanding of IT risk and control frameworks and the underlying technologies, concepts, and processes Strong knowledge of SQL and relational databases and proficiency in programming languages such as Python or R . Knowledge of data analytics and visualization applications (e.g., Palantir Foundry, Tableau) is preferred University degree in related field, qualified or working towards a CISA, CISM, CISSP, CSX-P, CIA or CRISC professional certification is a plus Knowledge of Cloud Security and DevSecOps practices will be considered advantageous Critical thinker that sees the "big picture" (e.g. overall themes, trends, goals) Result oriented individual with agile mindset and ability to work independently , able to plan well, work in the field and able to deliver results in time Good communicator , able to gain and maintain trust while delivering difficult messages Team worker , able to listen to others but also influence Fluent in English, written and spoken