886 Cisa Jobs - Page 10

Consultant/Senior Consultant || SOX || Gurgaon || (Immediate joiners preferred) What are we looking out for: Skilled and detail-oriented SOX Compliance and Internal Audit Consultant who will play a critical role in ensuring compliance with SOX requirements through the design, execution, and assessment of internal controls over financial reporting (ICFR). Job Profile (Non IT SOX): Responsible for executing client-related engagements in the areas of SOX 404 & Clause 49 assistance, Governance, Risk & Compliance (GRC), Internal Audits, Process Reviews, Standard Operating Procedures,. Responsible to discuss with risk owners for identification and assessment of key risks and development of mitigation plans Perform gap assessments by conducting detailed walkthroughs with process owners and identifying opportunities for automation, process transformation Review and assess the design of internal controls to ensure they address key risks and comply with SOX requirements. Develop detailed process narratives, risk control matrices (RCMs), and flowcharts. Information Produced by the Entity (IPE) Testing - Evaluate the reliability of information used in the execution of controls; perform detailed testing to validate the accuracy, completeness, and integrity of IPEs; ensure that data sources and logic align with control objectives. Management Review Controls (MRC) testing Test the design and operating effectiveness of Managements review of financial and operational data; evaluate the documentation, criteria, and frequency of management reviews; assess the quality of evidence and identify any gaps in the review process. Working on SOX readiness Assess the existence, efficiency, and effectiveness of the SOX control environment by directing control/process optimization. Collaborate with cross-functional teams, including accounting, IT, and operations, to ensure control objectives are met. Assist clients in preparation for external audits by addressing auditor inquiries and providing necessary documentation. Inspect companys policies and procedures; perform evaluation of control design; and carry out assessment of the effectiveness of company internal controls concerning business processes and systems. Review of working papers & client folders. Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Create/manage status trackers and report the statuses and/or challenges to the Project Manager/Director, clients and all other stakeholders over status calls. Ensure compliance with engagement plans and internal quality & risk management procedures. Keep abreast of emerging technologies with the IT environment and help in developing audit plans to counter whatever risks that might be associated with the application of such technologies. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coach, counsel and develop junior team members. Attention to detail and mentor young interns and analysts within the practice. Perform other duties that may be assigned by management. Qualification: Graduate/ Post-Graduates

As a candidate for this position, you will be responsible for performing and documenting testing on consulting, compliance, and internal audit engagements with a focus on IT risk, strategy, and governance within financial institutions. You will also provide training and supervision for engagement staff, identify findings, and document opportunities for process improvement. Additionally, you will research technical issues that arise during engagements and assist Managers and/or Senior Managers in developing strategic solutions to meet client needs. Furthermore, you will work closely with Managers and/or Senior Managers on engagement planning, execution, and issuing a final report that meets client deadlines. You will also play a key role in setting the foundation for developing relationships with clients through networking and business development activities. Your motivation to meet client deadlines and provide excellent client service will be crucial to your success in this role. In terms of qualifications, a Bachelor's degree is required for this position. Preferred certifications include CISA, CISM, or CISSP. If not already certified, you must meet the educational requirements to obtain a license upon hire in the state of employment. Additional certifications such as CPA, CIA, CRCM, CAMS, CFIRS, CFE, and/or CFF are considered a plus. The ideal candidate will have a minimum of 3 years of experience in information systems, internal audit, regulatory compliance, or consulting services. Experience in network engineering/administration with a security emphasis is preferred. Knowledge of IT control and/or services management standards such as CObIT, ITIL, and ISO is also preferred. Previous experience in banking or credit unions would be advantageous. You should possess the ability to work effectively as part of a team as well as independently. Creative problem-solving and research skills are essential, along with excellent verbal and written communication abilities. Strong analytical and report writing skills are required, and proficiency with Microsoft Office applications such as Word, Excel, PowerPoint, and Outlook is expected. The ability to handle multiple priorities, tasks, and simultaneous projects is a key attribute for success in this role.,

As the Identity & Security Visionary at Diageo, you will be a crucial part of the Security & Network Enterprise Architecture team, focusing on shaping the future of Identity Management across the organization. Your role will involve contributing to the broader cybersecurity strategy, with a split focus of approximately 60% on Identity and 40% on Security domains, adapting as per the evolving business needs. Your responsibilities will include: - Translating business objectives into a robust architecture for Identity and Access Management (IAM) and cybersecurity. - Collaborating with stakeholders to define Diageo's vision and capabilities in these areas, developing a 3-5 year roadmap for leveraging technology to ensure secure access to critical assets while enhancing user experience. - Designing target and interim architectures, evaluating current capabilities, and guiding technology selection for future requirements. - Ensuring alignment with the overall architecture strategy by fostering collaboration among stakeholders. - Overseeing IAM and cybersecurity changes to ensure strategic alignment, value for money, and suitability for purpose. - Driving the adoption of the architecture roadmap by closely working with internal teams. - Influencing portfolio investments for key technology solutions aligned with the roadmap. - Establishing and maintaining strong relationships with technology vendors and suppliers. - Providing technical expertise and guidance to senior leadership on strategic approaches and solutions. - Staying informed about business priorities, emerging technologies, and cyber threats to identify transformation opportunities in IAM and cybersecurity. - Contributing to the success of Enterprise Architecture within Diageo. Requirements: - A total of 12 years of experience, with a minimum of 5 years in an Enterprise Architect or similar role. - Expertise in developing capability models, reference architecture, and technology roadmap artifacts. - Profound knowledge of IAM principles and frameworks, Privileged Access Management, Identity Governance, and B2B/B2C Identity & Access Management. - Familiarity with cybersecurity best practices and frameworks such as NIST CSF. - Understanding of risk management and security concepts. - Experience with enterprise architecture frameworks like TOGAF and Zachman is advantageous. - Exposure to relevant IAM and security solutions and technologies. - Previous experience in a large and complex enterprise environment is beneficial. - Security certifications like CISSP or CISA are a plus. In addition to technical expertise, the ideal candidate should possess strong business acumen and leadership qualities, including the ability to think strategically, communicate effectively with senior stakeholders, and deliver integrated Business-IT strategies. Building international and cross-functional relationships, working with executive sponsors, and documenting technical solutions clearly and concisely are also essential aspects of the role.,

Provide strong domain leadership managing a team of audit professionals in F&A/ HRO/ S&F services Lead teams performing Risk Assessments, Process Walkthroughs, Process Documentation Narratives, Process Flow Diagrams, Finalize Risk and Control Matrix, Lead assignments on Test of Control Effectiveness, Control Design , support remediation efforts for control failures - SOX and ISAE SSAE compliance. Lead Interventions Special Assignments at Client Engagements identifying reasons for operations failures, critical errors, process weaknesses Performing Root Cause Analysis remediating and resolving causes. Requirement to interact with overseas clients and senior stakeholders within and external to the company. Skill Description Working Knowledge of processes like AP,AR and RTR is mandatory Reasonable knowledge of Information Technology ITGC Controls; Information Systems Audit Knowledge of Key F&A Compliances required ISAE 3402, SSAE 16, SOX Strong Analytical Skills; Strong Spreadsheet skills; Excellent command over English Language Experience of working in a GBS delivery environment Mandatory Experience using ERPs SAP, Oracle and other Business Enterprise Applications. Educational Qualifications & Experience Chartered Accountant with minimum 7-9 years post qualification audit experience. Graduate/ MBA with 11 + years of experience CISA with experience of Information Systems Audit with client engagements. Experience in leading Teams of Auditors representing the entities for which they have been Audit Managers. Supervisory review experience of 4+ years.

Provide strong domain leadership managing a team of audit professionals in F&A/ HRO/ S&F services Lead teams performing Risk Assessments, Process Walkthroughs, Process Documentation Narratives, Process Flow Diagrams, Finalize Risk and Control Matrix, Lead assignments on Test of Control Effectiveness, Control Design , support remediation efforts for control failures - SOX and ISAE SSAE compliance. Lead Interventions Special Assignments at Client Engagements identifying reasons for operations failures, critical errors, process weaknesses Performing Root Cause Analysis remediating and resolving causes. Requirement to interact with overseas clients and senior stakeholders within and external to the company. Skill Description Working Knowledge of processes like AP,AR and RTR is mandatory Reasonable knowledge of Information Technology ITGC Controls; Information Systems Audit Knowledge of Key F&A Compliances required ISAE 3402, SSAE 16, SOX Strong Analytical Skills; Strong Spreadsheet skills; Excellent command over English Language Experience of working in a GBS delivery environment Mandatory Experience using ERPs SAP, Oracle and other Business Enterprise Applications. Educational Qualifications & Experience Chartered Accountant with minimum 7-9 years post qualification audit experience. Graduate/ MBA with 11 + years of experience CISA with experience of Information Systems Audit with client engagements. Experience in leading Teams of Auditors representing the entities for which they have been Audit Managers. Supervisory review experience of 4+ years.

Lowe s Companies, Inc. (NYSE: LOW) is a FORTUNE 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe s supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need. For more information, visit Lowes.com . Job Summary The primary purpose of this role is to manage a team focused on defining, implementing and/or maintaining processes and tools that support enterprise technology security. This includes accountability for optimizing performance of services that span security and technology domains, including Operations, Policy, Governance and Delivery. In addition, this role provides insight and recommendations to inform the ongoing strategy for health and care of assigned security processes and tools. This individual manages people which includes responsibility for setting individual and team expectations, delegating assignments and managing performance, identifying talent needs, and coaching and developing team members. With a focus specifically on Network Security Engineering , this role manages the technical aspects of developing, implementing and maintaining security infrastructure systems within various computing environments. This role manages team(s) through all system development lifecycle phases and provides insight and recommendations to inform the ongoing strategy for health and care of assigned domain(s) and/or platform(s). With a focus specifically on Security Threat & Vulnerability , this role manages a team and associated processes focused on vulnerability identification or remediation. This includes providing day-to-day management of information security and risk activities, including oversight of vulnerability assessments and remediation programs serving both internal and external stakeholders. Qualifications Minimum Qualifications Bachelor's Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent work or military experience in a related field) 10+ years IT experience with a broad range of exposure to all aspects of business/system planning, analysis, and application development 10+ years of experience leading project or technical teams with or without formal direct report responsibility; this includes experience providing technical direction, thought leadership, coaching and mentoring to team members 10+ years of experience with information security tools, concepts and practices Familiarity with multi-platform technology environments and their operational/security considerations Experience managing projects and project resources to meet goals on simultaneous/multiple projects Preferred Qualifications Master s Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field IT experience in the retail industry Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen) Experience in a PCI/Retail technology environment Leadership experience with direct report responsibility Experience managing in an Agile environment Experience leading global teams Experience with process management methodologies such as Six Sigma or ITIL Delivery methodologies (Agile, Scrum, SAFe) Broad knowledge of infrastructure (network and servers), network architecture, services and security policies Security Governance, Risk & Compliance 4 years of experience in one or more of the following fields: technical, security or privacy education/training, information security, external/internal audit, risk management (specific to Security Governance, Risk and Compliance role) 3 years of experience conducting or leading PCI-DSS assessments (specific to Security Governance, Risk and Compliance role) Network Security Engineering 10+years of experience in Security Engineering (specific to Security Engineering role) Advanced knowledge of core Information Security concepts related to security infrastructure components (specific to Security Engineering role) Knowledge of retail regulatory scope (PCI, SOX, etc.) (specific to Security Engineering role) 5 years of experience in Security Engineering (VPN, layer 4 to layer 7 firewalls, etc.) (specific to Security Engineering role) Security Threat & Vulnerability 6 years of experience in Information, Network, or Application Security (specific to Security Threat & Vulnerability role) Advanced knowledge of core Information Security concepts related to Threat and Vulnerability Management or Offensive security testing (specific to Security Threat & Vulnerability role) Knowledge of retail regulatory scope (PCI, SOX, etc.) (specific to Security Threat & Vulnerability role) Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

ASSOCIATE CONSULTANT Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course Good to have: CISSP, CISA, CISM, ISO22301QualificationBE/ BTech, MCA, MBA with specialization in Information Security #eviden

ASSOCIATE CONSULTANT Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course Good to have: CISSP, CISA, CISM, ISO22301QualificationBE/ BTech, MCA, MBA with specialization in Information Security #eviden

Policy & Framework Management: Define, review, and update cybersecurity policies, procedures, and standards to align with business and regulatory requirements.Regularly review and update Security Configuration Documents (SCDs).Drive the adoption and alignment of the NIST Cybersecurity Framework.Implement and manage the Unified Compliance Framework to streamline regulatory mapping.Security Controls & Automation: Conduct configuration reviews across critical systems and platforms.Lead initiatives to automate policy management and control validation.Evaluate and recommend risk management solutions and security technologies.Risk & Change Management: Perform third-party/vendor risk assessments, including onboarding, periodic review, and offboarding processes.Collaborate with IT and operations teams for firewall rule lifecycle management.Participate in and govern the Change Management process to ensure security reviews and approvals.Compliance & Audit: Ensure continuous compliance with RBI, IRDAI, UIDAI, ISO 27001, IT Act 2000, and other applicable regulatory and industry standards.Prepare, maintain, and manage documentation for internal and external audits.Track, report, and drive mitigation for audit findings and exceptions.Implement and maintain continuous compliance monitoring tools and practices.Reporting & Governance: Develop and report on cybersecurity posture to senior leadership and key stakeholders.Maintain and deliver Service Level Agreements (SLA) reports and performance metrics.Design and manage Key Risk Indicators (KRI) dashboards to support informed decision-making.Conduct periodic exception reviews and manage approval workflows. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.6+ years of experience in cybersecurity governance, risk, and compliance (GRC).Strong understanding of NIST, ISO 27001, UCF, and regulatory standards (RBI, IRDAI, UIDAI, IT Act).Proven experience in policy lifecycle management, audit coordination, and risk assessment.Familiarity with firewall rule governance, change management, and automated compliance tools.Excellent communication, analytical, and stakeholder management skills. Preferred technical and professional experience CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, CGEIT

Job Area: Finance & Accounting Group, Finance & Accounting Group > IT Internal Audit Qualcomm Overview: Qualcomm is a company of inventors that unlocked 5G ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. General Summary: Unique opportunity to join Qualcomms Corporate Internal Audit & Advisory Services department within the SOX Program Management Office (PMO) organization to support the IT SOX 404 and 302 Compliance efforts. The departments activities and services focus on assisting the Audit Committee of the Qualcomm Board of Directors and Management in the evaluation and improvement of processes that identify and manage risks related to achieving Qualcomms business objectives. Key responsibilities include: Lead the IT SOX 404 risk assessment and scoping exercise, execute the process and control walkthroughs, assess the design of controls, develop and enhance comprehensive test plans, and perform independent testing Perform deficiency root cause analyses and assist management with the development of remediation plans Offer effective supervision to, and review the work of other auditors, including the companys co-sourcing audit partners Collaborate with Qualcomm management to identify financial risks, assess business impacts, and present potential solutions (leading practices) As a key member of the SOX PMO, the successful candidate will be a primary interface between IT management and the external auditors to provide guidance, support, training, and project management Collaborate with the external auditors in the planning and execution of SOX 404 requirements and ensure all deadlines are met with high quality deliverables Participate and assists in ad-hoc projects such as system implementations when needed Three to seven years of recent relevant professional experience in IT SOX compliance for a fast-paced global company or a public accounting firm (Big 4 or mid-tier). Prior SOX PMO experience preferred. Independent and adaptable team player with strong project management skills to comfortably lead and conduct multiple significant projects and tasks with quality, accuracy, and attention to detail. Strong critical thinking with sound judgment and decision-making skills. Self-motivated, positive, and professional attitude. Exceptional prioritization, organization, and time-management skills to consistently meet deadlines with quality deliverables in a fast-paced environment. Strong interpersonal skills (including oral and written communications) with the ability to lead all related interactions with various levels of the organization including middle and senior management. Excellent understanding of internal controls, frameworks (COSO, COBIT), fundamental audit methodology, SOX 302 and 404 requirements. Strong ability to understand IT and business process risks and related controls Experienced with leading practices for business processes, financial accounting, and reporting risks to ensure compliance with GAAP and external reporting requirements Delivers high-quality work products (form and substance) including the ability to prepare written documents (e.g., work papers, PowerPoint presentations, audit reports, etc.) that clearly lay out key messages Professional Certifications (e.g., CPA, CISA, CIA preferred) ERP experience with Oracle EBS a plus Semiconductor business experience or familiarity Fluent English; multi-lingual capability is a plus Strong communication (oral and written) and presentation skills Fast learner with strong, organization, analytical, critical thinking, and problem-solving skills Ability to work in flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously, and multi-task to meet deadlines with high-quality deliverables Bachelor's degree in Accounting, Business Administration, Management Information Systems, or related field. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail or call Qualcomm's toll-free number found . Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies: Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact .

You will be responsible for conducting application security reviews for Web, Mobile (Android and iOS), and API technologies. Your role will involve assessing and identifying potential vulnerabilities in the technology being developed before implementation. You should have expertise in application security testing methodologies such as SAST, DAST, and MAST, with experience in web application, API security, and mobile application security testing according to industry standards like OWASP top 10, SANS top 25, etc. It would be beneficial to have knowledge of programming and scripting languages such as Java, JavaScript, Angular, Spring Boot, Kotlin, and Swift. Familiarity with tools like Burp Suite, Postman, SoapUI, Checkmarx, Netsparker, Nexus IQ, Kryptowire for security testing and analyzing scanned reports is essential. Moreover, a strong understanding of application security tooling and experience in driving automation within the delivery environment is required. You must hold industry-recognized Information Security and Cyber Security qualifications such as CISSP, CISA, OSCP, GIAC GPEN, GIAC GMOB. A deep understanding of security industry trends, major vulnerabilities, and security threat landscape is crucial. Knowledge of Zero Trust security principles and practical implementations is necessary. While a degree is desirable, it is not mandatory. Experience in supporting major programs, security architecture, creating security designs, and displaying positive leadership behaviors related to risk management and mitigation is expected. Proficiency in collaboration tools like SharePoint, Teams, Confluence, and JIRA is advantageous. Hands-on experience in working with DevOps and Agile teams to incorporate security in the software development lifecycle is a key requirement. Additionally, experience in application risk assessment, threat modeling, and working closely with delivery teams for security risk remediation is important. About the Company: Purview is a leading Digital Cloud & Data Engineering company with headquarters in Edinburgh, United Kingdom and a presence in 14 countries including India, Poland, Germany, USA, UAE, Singapore, Australia, among others. The company provides services to Captive Clients and top-tier IT organizations, delivering solutions and resources to clients worldwide. Company Information: Purview Services 3rd Floor, Sonthalia Mind Space Near Westin Hotel, Gafoor Nagar, Hitechcity, Hyderabad Phone: +91 40 48549120 / +91 8790177967 Gyleview House, 3 Redheughs Rigg South Gyle, Edinburgh, EH12 9DQ Phone: +44 7590230910 Email: careers@purviewservices.com Login to Apply!,

You will be responsible for conducting third-party risk assessments in alignment with ISO 27001:2022 and ISO 22301:2019 frameworks. Your duties will include identifying, assessing, and mitigating risks related to information security, business continuity, and third-party vendors. Collaboration with cross-functional teams and external stakeholders to drive risk mitigation strategies will be a key aspect of your role. Additionally, drafting and reviewing policies, procedures, and audit reports will be part of your responsibilities. As a TPRM Consultant / Senior Consultant, you will need to effectively communicate complex risks and findings to both technical and non-technical audiences. Strong verbal and written communication skills will be essential for this. Furthermore, you will be expected to solve complex problems using structured critical thinking and issue-resolution approaches. Ensuring adherence to internal standards and client requirements at every phase of the engagement will be crucial. Excellent stakeholder management, critical thinking, and problem-solving abilities are key skills required for this role. Language proficiency in English is mandatory for this position. Additionally, fluency in Tamil and Hindi would be considered a plus. Certifications in ISO 27001:2022 or ISO 22301:2019 are mandatory for this role. Possessing certifications such as CEH, CISA, CISM, CompTIA Security+, or GISF would be advantageous.,

As an organization focused on re-imagining agricultural insurance through the innovative integration of Public Cloud, GIS, Remote-sensing, and cutting-edge AI-based algorithms, we at Kshema are dedicated to empowering the future of agricultural insurance. Leveraging the latest advancements in Mobile and Geospatial technologies, we are committed to revolutionizing the industry. We are currently seeking a Chief Information Security Officer (CISO) who will play a pivotal role in driving our cyber security strategy and ensuring strict compliance with regulatory and statutory guidelines pertaining to information and cyber security. As the CISO, you will be entrusted with the responsibility of enforcing policies aimed at safeguarding the organization's information assets and coordinating all information/cyber security-related matters internally and externally. **Key Responsibilities:** - Develop a comprehensive Information Security Roadmap for the organization with a forward-looking perspective. - Establish and oversee an enterprise-wide information security and IT risk management program. - Lead the implementation and review of Hardware, Network, and Software Security Standards and Controls to fortify systems, data, and assets against internal and external threats. - Implement Security Assessment and Testing Processes, including Penetration Testing, Secure Software Development, and Vulnerability Management. - Identify and deploy cutting-edge Security Products/Tools for various purposes. - Proactively monitor and address security issues, potential threats, and vulnerabilities to enhance security standards continually. - Conduct Information Security awareness training for all employees. - Execute Security Assessment practices such as Audits and Reviews. - Provide strategic guidance and consultation for IT Projects, including security risk assessments. - Conduct real-time analysis, investigations, and forensics when necessary to enhance security measures. - Develop strategies to manage security incidents and conduct investigations. - Maintain regular communication with stakeholders on Information and Data Security Practices and Activities. - Implement a strategy for deploying information security technologies to mitigate cyber-attack risks. - Continuously evaluate current IT security practices and systems for enhancement. - Ensure compliance with the latest regulations and requirements. - Develop and implement business continuity plans. **Desired Skills and Experience:** - Engineering Graduate/Post-Graduate in fields such as Computer Science, IT, Electronics, Communications, or Cyber Security. - Minimum of 15 years" experience in risk management, information security, or cyber security. - Profound knowledge of information security management frameworks like ISO/IEC 27001 and NIST. - Familiarity with DevSecOps, Secure SDLC, Security Automation, Security Testing, DR & BCP Concepts. - Experience in financial forecasting and budget management. - Understanding of Industry Security Standards, Protocols, and Data Privacy Regulations. - Ability to navigate ambiguity and devise solutions for complex problems. - Experience in contract and vendor negotiations and management. - Proficiency in Agile software development practices. - Collaboration skills to work effectively with cross-functional teams. - Relevant certifications such as CISSP, CEH, CISA, and CISM are advantageous. - Hands-on experience in designing, implementing, and operating security in public clouds like AWS, Azure, Oracle, or GCP. - Strong written and verbal communication skills with a high level of integrity. - Excellent presentation skills. Join us at Kshema and be a part of our mission to redefine agricultural insurance through innovation and technology.,

Risk Management Service Engineer 1 Job Summary Assist in implementing and maintaining SOX controls supporting the Application Managers for Intern applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Assist in maintaining SOX controls for 1P and 3P products Support internal and external audits related to SOX compliance Support engineering teams and Application Managers during SOX walkthrough Managing evidence requirements initiated by Internal audit Performing quality and compliance check of evidence submitted by engineering and Application management Support engineering and Application Management for remediation of SOX deficiencies Test and evaluate the effectiveness of SOX controls Document control testing procedures and findings Identify and report control deficiencies Prepare reports and documentation for SOX compliance activities Communicate SOX compliance status and findings to management and stakeholders Support onboarding, testing and maintenance of controls for new systems in SOX scope Collaborate with cross-functional teams to ensure thoroughness and accuracy of controls testing Educational Qualifications: Bachelors degree in accounting, finance, or a related field Experience: 5-7 years of experience in SOX compliance, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team Certification: CISA preferred.

Risk Management Service Engineer 1-QA Job Summary: Assist in implementing and maintaining SOX controls supporting the Application Managers for Intern applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Assist in maintaining SOX controls for 1P and 3P products Support internal and external audits related to SOX compliance Support engineering teams and Application Managers during SOX walkthrough Managing evidence requirements initiated by Internal audit Performing quality and compliance check of evidence submitted by engineering and Application management Support engineering and Application Management for remediation of SOX deficiencies Test and evaluate the effectiveness of SOX controls Document control testing procedures and findings Identify and report control deficiencies Prepare reports and documentation for SOX compliance activities Communicate SOX compliance status and findings to management and stakeholders Support onboarding, testing and maintenance of controls for new systems in SOX scope Collaborate with cross-functional teams to ensure thoroughness and accuracy of controls testing Educational Qualifications: Bachelors degree in accounting, finance, or a related field Experience: 5-7 years of experience in SOX compliance, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles Skills: Strong analytical and problem-solving skills 5+yrs of relevant exp on Support or implementation projects. Manual Testing experience & have written test cases. Good Communication for an Individual contributor role. Location of Work Bangalore, Kodathi office. Excellent communication and interpersonal skills Ability to work independently and as part of a team Certification: CISA preferred

Partner with the best As an IT SOX Analyst, you will be responsible for ensuring the organization is compliant to regulatory (SOX) policies within the IT landscape. Your primary role consists of testing the IT General controls across key ERP systems such as SAP and Oracle. In this role, you will build relationships with the business, finance controllership, Internal and External auditors to achieve shared objectives. Responsibilities, authorities and accountabilities Conduct walkthrough meetings with internal and external stakeholders to support audit activity Perform assurance activities to assist management in the testing of Internal Controls Over Financial Reporting (ICOFR) Develop and monitor compliance of IT General controls across multiple ERPs and application within the Baker Hughes global IT landscape Perform control testing to assess the effectiveness of the internal control environment Identify new risks across the enterprise applications and assess the design of controls Assist management in the evaluation of deficiencies and impact assessment to financials Create high-quality document in compliance with audit standards Communicate audit progress to stake holders Coordinate with external auditors Participate in pre-implementation reviews to assess control environment prior to deployment Provide guidance to management to drive improvement in control environment Required Qualifications Bachelors Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math). A minimum 9 years of professional experience. Desired Characteristics Knowledge of SAP or Oracle ERP is a plus Knowledge and experience in auditing SAP or similar ERP systems Knowledge of COSO framework, UA Generally Accepted Accounting Principles (GAAP) Ability to resolve medium to critical problems within a highly technical environment Good knowledge of IT governance, Internal Control framework and risk management Strong verbal/written communication skills R ecent experience in IT SOX Audits or IT Risk Assessment Prior experience working in a matrix environment Prior experience doing Lean or Six Sigma Process improvement work Prior experience working on developing and leading strategy definition Prior experience managing IT operations and support ServiceNow (IRM) experience is a plus CISSP/CISM/CISA certification

As an Information Security professional in our organization, you will be responsible for various key tasks related to ensuring the security of our third-party suppliers and information systems. Your role will involve assessing and managing the security risks associated with our suppliers, interpreting security assurance reports such as SOC2 and pen test reports, as well as reviewing security requirements in contracts. Your responsibilities will also include understanding outsourced solutions and the information classification associated with them, assessing supplier security controls based on ISO27001/2 standards, and identifying and documenting security risks. Additionally, you will be expected to suggest recommendations to address the identified security risks and potentially perform information classification assessments. To excel in this role, you should hold relevant security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. Your experience of at least 4 years in Information Security along with a strong understanding of security policies, processes, and standards will be valuable in this position. If you are a proactive professional with a keen eye for detail and a passion for enhancing information security practices, we encourage you to apply for this position. Please note that the location of this role is in Mumbai (Andheri East) and the ideal candidates should be able to join within an immediate to 30 days" notice period. Interested candidates are requested to share their updated resumes with us at manasa.chilla@visionyle.com.,

Summary Implements the information security, governance and strategy per the information management framework through business partnering. Perform ISRM compliance activities for a specific area or technology within TT. About the Role Major accountabilities: Deep understanding of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST, GDPR, NIS2. Hands-on experience in GRC tools such as ServiceNow to configure, build and automate controls / assessments logic for the compliance management. Provide input to GRC team on risk and control register business requirements. Aptitude for technology, open-mindedness towards picking up new skills and working in various trending areas such as AI, GenAI, OT, Mobile, Cloud technologies etc. Basic knowledge on industry regulations e. g. SOX, GxP etc. Deliver effective security training and awareness programs and coordinate delivery across functions and countries. Experience in designing and implementing controls and policy framework, laws and regulations and best in class industry standards. Work experience in risk, control, and governance disciplines (e. g. , Risk Management, Audit, Information Security, Regulatory Compliance). Establish close collaboration with stakeholders to facilitate alignment with policies, risks as well as internal and external audits. Strong communication to manage various levels of collaboration/working relationship with global teams. Desirable Skills: 8-10 years of experience in various industry framework and GRC tools. Strong presentation, analytical and communication skills. Ability to, influence, work collaboratively and contribute to high performing teams. CISA/CISM and Big 4 experience preferred.

As a Enterprise Technology Internal Audit Associate in the Technology Internal Audit Team, you will be executing technology audits across Asia and globally. You will be responsible for maintaining effective relationships with key technology stakeholders throughout the audit lifecycle and for continuous monitoring purposes. This role provides an opportunity to apply your auditing and communication skills, as well as your knowledge and experience of auditing IT infrastructure, processes, and applications. You will also have the chance to enhance your data analytics skills in the audit process. This position is based in India and reports to the India Technology Audit Lead. Job responsibilities Working closely with business and technology audit colleagues to identify and assess key risks in the program of audit coverage Assisting in audit planning, audit testing, control evaluation, report drafting and follow up and verification of issue closure Performing audit work in accordance with department and professional standards, and complete assignments in an efficient manner Documenting audit work papers and reports with minimal supervision by the Audit manager Partnering with line of business auditors and stakeholders to evaluate, test and report on the adequacy and effectiveness of management controls with appropriate recommendations for improvement. This may be delivered through specific audit reviews or through involvement in other audit related activities Providing continuous monitoring of technology areas. Establish and maintain strong relationships with technology leaders and related control group Staying up to date with evolving industry and regulatory changes impacting the technology environment Effectively manage relationship with key audit and technology stakeholders responsible for the technology control processes Monitoring key risk indicators, significant change activities and escalate any emerging issues to management attention Required qualifications, capabilities, and skills A bachelor s degree in Accounting, Technology or Finance A minimum of 7 years relevant internal or external auditing experience Good understanding of controls related to operating systems, database platforms, technology processes, and business applications Ability to articulate and present complex technical issues verbally and in writing, shortlisted candidates are expected to go through a scenario based written test. Data Analytics experience with track record of implementing tools / dashboards to assist with audit continuous monitoring process. Knowledge of Alteryx, SQL, Python, Excel or other common DA tools Effective verbal and written communication skills is a must. Also, good interpersonal skills with the ability to present complex and sensitive issues to senior management, and influence change Good understanding of internal control concepts and audit methodology with the ability to evaluate and determine the adequacy and effectiveness of controls by considering business and technology risks in an integrated manner Team player who works well individually and in teams, shares information and collaborates with colleagues during execution of the audit plan Enthusiastic, self-motivated, with an interest to learn, effective under pressure and willing to take personal responsibility / accountability Preferred qualifications, capabilities, and skills Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) designation is preferred Proficient with technology related regulations and prior experience in Banking is preferred Any public cloud related certification is an advantage

As a Central Technology Internal Audit Associate in the Technology Audit Team, you will be executing technology audits across Asia and globally. You will be responsible for maintaining effective relationships with key technology stakeholders throughout the audit lifecycle and for continuous monitoring purposes. This role provides an opportunity to apply your auditing and communication skills, as well as your knowledge and experience of auditing IT infrastructure, processes, and applications. You will also have the chance to enhance your data analytics skills in the audit process. This position is based in India and reports to the India Technology Audit Lead. Job responsibilities Working closely with business and technology audit colleagues to identify and assess key risks in the program of audit coverage Assisting in audit planning, audit testing, control evaluation, report drafting and follow up and verification of issue closure Performing audit work in accordance with department and professional standards, and complete assignments in an efficient manner Documenting audit work papers and reports with minimal supervision by the Audit manager Partnering with line of business auditors and stakeholders to evaluate, test and report on the adequacy and effectiveness of management controls with appropriate recommendations for improvement. This may be delivered through specific audit reviews or through involvement in other audit related activities Providing continuous monitoring of technology areas. Establish and maintain strong relationships with technology leaders and related control group Staying up to date with evolving industry and regulatory changes impacting the technology environment Engaging with key audit and technology stakeholders responsible for the technology control processes Monitoring key risk indicators, significant change activities and escalate any emerging issues to management attention Required qualifications, capabilities, and skills A bachelor s degree in Accounting, Technology or Finance Minimum 7 years relevant internal or external auditing experience Good understanding of controls related to operating systems, database platforms, technology processes, and business applications Ability to articulate and present complex technical issues verbally and in writing, shortlisted candidates are expected to go through a scenario based written test. Data Analytics experience with track record of implementing tools / dashboards to assist with audit continuous monitoring process. Knowledge of Alteryx, SQL, Python, Excel or other common DA tools Effective verbal and written communication skills is a must. Also, good interpersonal skills with the ability to present complex and sensitive issues to senior management, and influence change Good understanding of internal control concepts and audit methodology with the ability to evaluate and determine the adequacy and effectiveness of controls by considering business and technology risks in an integrated manner Team player who works well individually and in teams, shares information and collaborates with colleagues during execution of the audit plan Enthusiastic, self-motivated, with an interest to learn, effective under pressure and willing to take personal responsibility / accountability Preferred qualifications, capabilities, and skills Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) designation is preferred Proficient with technology related regulations and prior experience in Banking is preferred Any public cloud related certification is an advantage

You will be joining M&G Global Services Private Limited, a subsidiary of M&G plc group of companies, as a Manager Business Senior Auditor. In this role, you will report to the Assistant Vice President in M&G Global Services Private Limited, located in Mumbai. Your primary responsibility will be in the Internal Audit function, which is crucial for meeting business ambitions and protecting customer interests by ensuring internal control, risk, and governance frameworks are effective. As a Business Senior Auditor, you will work closely with stakeholders to identify risks and control improvements across various business functions. This role requires at least three to six years of experience in financial services and/or internal/external audit. You will need to understand operational processes, identify operational risks, plan and conduct audit tests, and effectively communicate findings to stakeholders. Your key responsibilities will include planning and risk assessment, audit performance, audit reporting, business partnering, and team management. You will collaborate with stakeholders, lead discussions on audit testing results, build relationships, and provide guidance to junior team members. Additionally, you will actively participate in the Audit Community, seek learning opportunities, and contribute to a positive team environment. To excel in this role, you must be eager to learn, build relationships, communicate effectively, and demonstrate strong organizational skills. Knowledge of the COSO framework, business risk and control frameworks, and financial services/products is essential. Ideally, you should have certifications such as CISA, FRM, or CIA, along with a degree or relevant professional qualification. In summary, as a Manager Business Senior Auditor at M&G Global Services, you will play a vital role in ensuring the effectiveness of internal controls and governance frameworks, contributing to the overall success of the organization while upholding high standards of professionalism and integrity.,

As a professional in IT Risk, Compliance, and security, you will play a crucial role in ensuring the security and integrity of core IT projects. Your responsibilities will include assessing audit findings and control weaknesses, collaborating with stakeholders to develop management action plans, and implementing security classification, change controls, and SDLC. Your expertise in industry frameworks such as ISO standards, GDPR, NIST, and PCI DSS will be essential in identifying and mitigating cyber security risks. In addition to your technical skills, you will also utilize your project management experience to plan and execute multiple IT Risk, Compliance, and security operations. You will contribute to the planning of SOX programs, conduct follow-ups on security control implementations, and develop project plans and resource plans to meet client needs. Your ability to communicate effectively and provide regular project updates to clients and leaders will be crucial in ensuring the success of GRC and Security engagements. Your primary skills in Governance, Risk and Compliance (GRC), Security Frameworks, and ISMS Implementation will be instrumental in driving the security initiatives forward. Additionally, possessing certifications such as CISA, CISM, CRISC, or CISSP will further enhance your expertise in the field. Joining Capgemini will provide you with the opportunity to work alongside a collaborative community of colleagues from around the world and contribute to building a more sustainable and inclusive world through technology. Capgemini is a global leader in business and technology transformation, with a strong legacy of over 55 years. As part of a diverse team of 340,000 members in more than 50 countries, you will have the chance to make a tangible impact on enterprises and society. Leveraging your skills in IT Risk, Compliance, and security, you will help unlock the value of technology for clients and address their business needs with innovative solutions. If you are passionate about technology and seeking to shape your career in a dynamic and supportive environment, we invite you to join us at Capgemini.,

As a Cyber Assurance Assistant Vice President (AVP) at Barclays in Pune, you will play a crucial role in partnering with the bank to provide independent assurance on control processes and offer advice on enhancements to ensure the efficiency and effectiveness of the bank's internal controls framework. Your responsibilities will include collaborating across the bank to maintain a robust control environment by conducting ad-hoc assessments and testing the design and operational effectiveness of internal controls aligned with the bank's policies and standards. You will develop detailed test plans and procedures to identify weaknesses in internal controls and other initiatives within the bank's control framework to mitigate potential risks and issues that could disrupt bank operations, lead to losses, or impact reputation. In this role, you will communicate key findings and observations to relevant stakeholders and business units to enhance overall control efficiency and provide corrective actions to senior managers. You will work closely with other control professionals to address complex issues and ensure consistent testing methodologies across the bank. Additionally, you will establish a knowledge center containing detailed documentation of control assessments, testing results, findings, and distribute material on internal controls to train and upskill colleagues within the bank. As an Assistant Vice President, you are expected to advise and influence decision making, contribute to policy development, and take responsibility for operational effectiveness. You will lead a team in performing complex tasks, set objectives, coach employees, appraise performance, and determine reward outcomes. If the position involves leadership responsibilities, you will demonstrate a clear set of leadership behaviors to create an environment for colleagues to excel. Your role may involve collaborating on assignments, guiding team members, identifying new directions for projects, and consulting on complex issues. You will identify ways to mitigate risks, develop new policies and procedures to support the control and governance agenda, and take ownership of managing risk and strengthening controls related to your work. Furthermore, you will engage in complex data analysis, communicate complex information effectively, and influence stakeholders to achieve desired outcomes. It is essential for all colleagues to uphold the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as demonstrate the Barclays Mindset of Empower, Challenge, and Drive in their behavior.,

As a Presales Consultant at Netenrich, you will play a crucial role in the sales process, specializing in advanced cybersecurity solutions with a focus on SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) technologies. Your deep understanding of these technologies will enable you to tailor solutions to meet the unique security needs of our clients. Your responsibilities will include collaborating with the sales and marketing teams to drive sales by presenting and demonstrating comprehensive security solutions that incorporate SIEM and SOAR capabilities. You will oversee partner support for Netenrich partners, managing account management, pricing and quoting support, and identifying opportunities to drive growth in partner accounts. To excel in this role, you must become intimately familiar with partner businesses, work closely with the sales team to identify growth opportunities, and assist partners with day-to-day requirements such as pricing, quoting, and solution development. You will be responsible for presenting and demonstrating cybersecurity solutions to clients, addressing technical queries, and ensuring a high-quality customer experience throughout the partner/customer lifecycle. Qualifications and Requirements: - Ability to quickly understand client business structures and needs - Professional certifications in cybersecurity such as CISSP, CISM, or CISA preferred - Strong understanding of various cybersecurity concepts, technologies, and best practices - Sales acumen and the ability to understand client needs - Experience in working with US channel partners preferred - Proficient at communicating with US sellers and professionals - Ability to develop and execute efficient and repeatable business processes - Comfortable interacting with senior executives, sales technical, engineering, and operations teams - Efficient multitasking and prioritization skills - Prior experience in Security Services, Information Technology, and Management Services If you are a self-motivated individual with a passion for cybersecurity and a track record of success in presales roles, we invite you to join our team at Netenrich and make a significant impact on our partner relationships and revenue growth.,

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications - CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.