886 Cisa Jobs - Page 11

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications - CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Qualifications for Internal Candidates IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications - CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Have in-depth knowledge of governance, risk, and compliance, including internal auditing, audit standard, risk and compliance, cyber security review, policy review, ISO 27001, ISMS etc. Have a good understanding of a Cyber security landscape primarily to prevent them from cyber security threats Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery. Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Exposure to international standards like NIST, CIS 20, ISO27001, ISO 22301, ISO 42001, PCI-DSS etc. Exposure to Privacy, Data Security, Data Governance processes etc. would be an added advantage Conducting controls assessment in manual/ automated environment Support in the Creation of IT Audit Plans for Internal Audit Teams Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Certifications like CISA, CISSP etc. would be an added advantage. .

Job Title : Analyst Function : Governance, Risk and Compliance Services (GRCS) Location : Mumbai OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes - Oxley 404 Assistance Compliance Assistance - Contracts and regulations Corporate Governance Advisory- Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Analysts are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Consistently deliver quality client services Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes Demonstrate basic accounting and process related knowledge. Demonstrate ability to assimilate to new knowledge Remain current on new developments in advisory services capabilities and industry knowledge The job would require travel to client locations within India and abroad THE INDIVIDUAL Have basic understanding of process consulting/ internal audit/ risk consulting Strong analytical and problem solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage Strong written and verbal communication skills Ability to work well in teams Basic understanding of IT systems, Knowledge of MS office ( MS Excel, PowerPoint, Word etc) Have the ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours Be willing to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic Qualification Graduates (BE/B.Tech, BCom, BMS, BBM or similar degree) with 1 - 2 years of related audit, business or sector experience Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desk Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - KPMG Advisory Services is for you! .

Job Title : Analyst Function : Governance, Risk and Compliance Services (GRCS) Location : Hyderabad OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes - Oxley 404 Assistance Compliance Assistance - Contracts and regulations Corporate Governance Advisory- Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Analysts are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Consistently deliver quality client services Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes Demonstrate basic accounting and process related knowledge. Demonstrate ability to assimilate to new knowledge Remain current on new developments in advisory services capabilities and industry knowledge The job would require travel to client locations within India and abroad THE INDIVIDUAL Have basic understanding of process consulting/ internal audit/ risk consulting Strong analytical and problem solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage Strong written and verbal communication skills Ability to work well in teams Basic understanding of IT systems, Knowledge of MS office ( MS Excel, PowerPoint, Word etc) Have the ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours Be willing to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic Qualification Graduates (BE/B.Tech, BCom, BMS, BBM or similar degree) with 1 - 2 years of related audit, business or sector experience Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desk Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - KPMG Advisory Services is for you! .

5+ years in network/security compliance roles Job Summary: We are seeking a highly experienced and detail-oriented Network Device Compliance Lead to develop, enforce, and maintain compliance and security standards across our network infrastructure. The ideal candidate will ensure that all network devices such as routers, switches, firewalls, and load balancers adhere to internal policies and external regulations including ISO 27001, NIST SP 800-53, PCI-DSS, HIPAA, and CISA directives. Key Responsibilities: Develop and maintain network compliance strategies aligned with regulatory standards and industry best practices Ensure secure baseline configurations for all network devices using CIS Benchmarks and custom hardening guidelines Manage vulnerability detection and remediation processes across the network environment using tools like Nessus or Qualys Oversee firmware and software patch management for all network hardware Monitor compliance using logging, SNMP, NetFlow, and integration with SIEM tools Maintain a real-time inventory of network assets including IPs, firmware versions, and configuration status Conduct regular audits and reviews of device configurations and access controls Work cross-functionally with security, IT, and compliance teams to address gaps and implement remediation plans Lead the preparation of compliance evidence and documentation for internal and external audits Ensure secure remote and local access to devices, using multi-factor authentication and encrypted protocols (SSH, HTTPS) Qualifications : Bachelor s or Master s degree in Information Technology, Cybersecurity, Computer Science, or related field Minimum of 5 years of hands-on experience managing network infrastructure and enforcing compliance requirements Strong understanding of regulatory frameworks: NIST, ISO 27001, PCI-DSS, HIPAA, and CISA guidance Proficiency in configuring and securing network devices from vendors such as Cisco, Fortinet, Palo Alto, or Juniper Experience with compliance tools and platforms (eg, Nipper, RANCID, NetBox, SIEM systems) Excellent documentation skills and experience producing audit-ready reports and configurations Ability to manage cross-team collaboration and influence technical and non-technical stakeholders Relevant certifications such as CCNP, CISA, CISSP, or CEH are strongly preferred

Required Skills Technology | Cybersecurity Principles, Best Practices and Threat Landscape | Level 4 Support Technology | Project Management Skills | Level 5 Support Technology | Risk Management | Level 5 Support Technology | Leadership skills to guide and motivate Cybersecurity Teams | Level 5 Support Technology | Incident Response Coordination | Level 5 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | ITIL F/CompTIA Project+/Certified ScrumMaster/CISSP/CISA/AWS Certified Solutions Architect/Microsoft Certified: Azure Administrator Associate/Project Management Professional/Certified Kubernetes Administrator/CRISC Delivery Skills required are: - Project and Program Management: - *Overseeing large-scale and complex technology projects and programs. *Allocating resources effectively, including personnel, budget, and technology infrastructure. *Conducting comprehensive risk assessments specific to technology operations. *Developing and implementing risk mitigation strategies to minimize disruptions and ensure continuity. Communication and Stakeholder Engagement: - *Communicating complex technical concepts and strategies to stakeholders at all levels of the organization. *Tailoring communication approaches to meet the needs of diverse audiences, both technical and non-technical. *Building and maintaining relationships with key stakeholders to ensure their support and alignment with technology operations initiatives. Strategic Leadership and Management: - *Developing and implementing long-term technology strategies aligned with organizational goals and industry trends. *Aligning technology initiatives with business objectives and ensuring they support overall organizational strategy. *Leading organizational change initiatives related to technology transformations, upgrades, and process improvements. Continuous Improvement and Innovation: - *Driving innovation initiatives within technology operations to enhance efficiency, effectiveness, and competitiveness. *Identifying opportunities to streamline processes, automate tasks, and improve operational efficiencies within technology operations. *Promoting a culture of innovation and knowledge sharing across technology teams. Team Leadership and Development: - *Building and leading high-performing technology operations teams. *Cultivating a culture of collaboration, innovation, and continuous improvement. *Setting strategic performance goals and objectives for technology operations teams. *Resolving conflicts and addressing challenges within technology teams and with stakeholders.

Job Title: Assistant Manager Function: Governance, Risk and Compliance Services (GRCS) Location: Gurgaon OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes - Oxley 404 Assistance Compliance Assistance - Contracts and regulations Corporate Governance Advisory- Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Executives are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Executives may lead a small team of analysts/trainees on engagements. Consistently deliver quality client services and take charge of the project area assigned to him/her. Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes. Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge. Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge. The job would require travel to client locations within India and abroad. THE INDIVIDUAL Have experience in process consulting/ internal audit/ risk consulting. Possess strong domain knowledge, understanding of business processes and possible risks in operations of various Sectors. Ability to perform and interpret process gap analysis. Understanding of control rationalization, optimization, effectiveness, and efficiency Strong analytical and problem-solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage. Strong written and verbal communication skills (presentation skills) Ability to work well in teams. Basic understanding of IT systems, Knowledge of MS office (MS Excel, PowerPoint, Word etc) Have the ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours. Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic. Qualification Qualified CAs/ MBAs with 0 - 2 years OR Graduates with 7 - 9 years of relevant experience in risk consulting/ operations or compliance function role (Understanding of internal audit, business processes, sector understanding). Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage. SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills. Compensation Compensation is competitive with industry standards. Details of the compensation breakup will be shared with short-listed candidates only. People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desks. Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - KPMG Advisory Services is for you! .

Job Title: Assistant Manager Function: Governance, Risk and Compliance Services (GRCS) Location: Mumbai OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes - Oxley 404 Assistance Compliance Assistance - Contracts and regulations Corporate Governance Advisory- Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Executives are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Executives may lead a small team of analysts/trainees on engagements. Consistently deliver quality client services and take charge of the project area assigned to him/her. Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes. Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge. Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge. The job would require travel to client locations within India and abroad. THE INDIVIDUAL Have experience in process consulting/ internal audit/ risk consulting. Possess strong domain knowledge, understanding of business processes and possible risks in operations of various Sectors. Ability to perform and interpret process gap analysis. Understanding of control rationalization, optimization, effectiveness, and efficiency Strong analytical and problem-solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage. Strong written and verbal communication skills (presentation skills) Ability to work well in teams. Basic understanding of IT systems, Knowledge of MS office (MS Excel, PowerPoint, Word etc) Have the ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours. Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic. Qualification Qualified CAs/ MBAs with 0 - 2 years OR Graduates with 7 - 9 years of relevant experience in risk consulting/ operations or compliance function role (Understanding of internal audit, business processes, sector understanding). Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage. SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills. Compensation Compensation is competitive with industry standards. Details of the compensation breakup will be shared with short-listed candidates only. People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desks. Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - KPMG Advisory Services is for you! .

We are currently looking for an ambitious and dynamic IT SOX/Internal Auditor to join our Global SOX Team based in Bangalore. The main purpose of the role is to assess the adequacy of IT controls design and complete the test of effectiveness covering all aspects of Visa s in-scope key financial systems and applications. It is expected that this position will include responsibility for the understanding of complex IT areas in accordance with plan. The Analyst should expect to assume supporting role in the completion of the SOX 404 testing stage for several IT controls under the direction of managers. Skills Strong problem-solving skills, with demonstrated ability to identify and resolve issues and risks, including root cause analysis. Ability to anticipate and identify opportunities to establish standards and controls, as well as develop and recommend solutions. Effective communication, interpersonal and influencing skills and ability to drive effective change at all levels of the organization. Detailed, conscientious and highly responsible team player. Responsibilities Review and assess adequacy of walkthrough documentation, perform test of effectiveness through review of supporting documents, meeting control owners and report control issues identified. Attend and support IT controls meetings with control owners, external auditors and SOX team members. Document test results in Visa s work papers template ready for review by SOX team members and external auditors. Interacts with management to assess control exceptions. Keep control owners and SOX team informed of exceptions and assist the IT teams with the development of Management Action Plans to mitigate issues, and evaluate adequacy of managements actions. Possess good written and oral communication skills, demonstrate these skills during meeting with control owners and IT teams. To be a key member of the SOX team and contribute to the planning and execution of the annual SOX program for IT controls. Provide best practice expertise to management and the SOX team on the COSO and IT SOX internal control frameworks. Handling day-to-day relationships with the external auditors on control matters and related issues. Professional 3 - 5 years of experience in SOX, internal audit, or risk with focus on IT controls (ITGC/ITAC) Experience in financial services or payments industry preferred . Big 4 experience preferred Qualification . Bachelor of Technology/ Commerce degree . CISA/CISM certification preferred

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

Partner with the best As an IT SOX Analyst, you will be responsible for ensuring the organization is compliant to regulatory (SOX) policies within the IT landscape. Your primary role consists of testing the IT General controls across key ERP systems such as SAP and Oracle. In this role, you will build relationships with the business, finance controllership, Internal and External auditors to achieve shared objectives. Responsibilities, authorities and accountabilities Conduct walkthrough meetings with internal and external stakeholders to support audit activity Perform assurance activities to assist management in the testing of Internal Controls Over Financial Reporting (ICOFR) Develop and monitor compliance of IT General controls across multiple ERPs and application within the Baker Hughes global IT landscape Perform control testing to assess the effectiveness of the internal control environment Identify new risks across the enterprise applications and assess the design of controls Assist management in the evaluation of deficiencies and impact assessment to financials Create high-quality document in compliance with audit standards Communicate audit progress to stake holders Coordinate with external auditors Participate in pre-implementation reviews to assess control environment prior to deployment Provide guidance to management to drive improvement in control environment Required Qualifications Bachelors Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math). A minimum 9 years of professional experience. Desired Characteristics Knowledge of SAP or Oracle ERP is a plus Knowledge and experience in auditing SAP or similar ERP systems Knowledge of COSO framework, UA Generally Accepted Accounting Principles (GAAP) Ability to resolve medium to critical problems within a highly technical environment Good knowledge of IT governance, Internal Control framework and risk management Strong verbal/written communication skills R ecent experience in IT SOX Audits or IT Risk Assessment Prior experience working in a matrix environment Prior experience doing Lean or Six Sigma Process improvement work Prior experience working on developing and leading strategy definition Prior experience managing IT operations and support ServiceNow (IRM) experience is a plus CISSP/CISM/CISA certification

Type: Hybrid (work from office) Job Description Who We Are: Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and detail-oriented Internal Auditor to lead and execute internal audits across all business functions. This role will support in accomplishing risk management and governance objective by bringing a systematic and disciplined approach. The Internal Auditor will work closely with various teams to identify risks, control gaps, and improvement opportunities, and support the organization in achieving operational efficiency, compliance, and strategic objectives, thereby bringing a preventive approach in effective risk management and control. Job Description and Responsibilities: Plan and execute internal audits covering business operations, financial controls, technology processes, and information security. Identify control gaps, process inefficiencies, and areas for operational improvement. Perform risk-based audits aligned with the annual audit plan and enterprise risk priorities. Review and assess the effectiveness of internal controls, policies, and procedures. Draft detailed audit reports summarizing findings, risk exposure, and actionable recommendations. Investigate, as required by senior management fraud, embezzlements and defalcations Follow up on audit findings to ensure timely and effective closure of identified issues. Collaborate with process owners, risk champions, and management to develop corrective action plans. Participate in enterprise-wide risk assessments and contribute to risk heat maps. Support operational effectiveness initiatives by identifying data leakage risks and monitoring process adherence. Coordinate with external auditors and regulatory bodies during assessments and audits. Keep abreast of all trends and developments in regulatory requirements, general accounting principles or audit techniques; implement and react quickly to any changes. Obtain buy in of the Business Heads on the Audit Scope Be transparent with the Business owners on the audit scope. Be flexible to take their inputs on the timing of the meetings, sharing data, etc. considering their other work commitments. Communication of the Audit findings to the Business Owners Share the Audit observations as and when they surface during the audit, Give due consideration to any mitigating controls/ procedures or specific scenarios, if any. Take the inputs of the business owners for the recommendations/possible solutions to plug the control gaps, Discuss tentative timelines for the implementing the recommendations Communication of the Audit findings to the Management Classification of the Audit findings and providing a risk ranking for presenting to the management. Present the Audit findings along with the overall status of the Audit Plan and other special initiatives/projects being performance by the function. Agreement of the Business owners of on the action for the recommendations Formally communicate the audit findings to the Business Heads and seek their responses and action plan with timelines. Draw and share the plan for regular follow- up with the Business owners for implementing the recommendations and share the plan Schedule meetings at agreed frequency to check status of the implementation plan. Conduct follow up reviews of financial, operational or regulatory compliance deficiencies noted during audit Skill/Qualification Requirement: Strong conceptual thinking skills especially in the area of operational risks and internal controls Qualified Chartered Accountant/Degree in Information Security/IT/Computer Science 5-7 years of experience in internal audit or the domain of processes, risks and controls, process re-engineering reviews Strong data analysis and analytical skills Self-starter with strong motivation and capacity to work in a newly established team Ability to work independently, manage multiple priorities concurrently and complete projects on schedule Working knowledge of professional auditing standards Knowledge on compliances like ISO 27001/PCI DSS, etc. 3+ years of experience of a Big 4 or consulting background preferred Professional certifications preferred: CISA, CIA, or equivalent. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice. Type: Hybrid (work from office) Job Description Who We Are: Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and detail-oriented Internal Auditor to lead and execute internal audits across all business functions. This role will support in accomplishing risk management and governance objective by bringing a systematic and disciplined approach. The Internal Auditor will work closely with various teams to identify risks, control gaps, and improvement opportunities, and support the organization in achieving operational efficiency, compliance, and strategic objectives, thereby bringing a preventive approach in effective risk management and control. Job Description and Responsibilities: Plan and execute internal audits covering business operations, financial controls, technology processes, and information security. Identify control gaps, process inefficiencies, and areas for operational improvement. Perform risk-based audits aligned with the annual audit plan and enterprise risk priorities. Review and assess the effectiveness of internal controls, policies, and procedures. Draft detailed audit reports summarizing findings, risk exposure, and actionable recommendations. Investigate, as required by senior management fraud, embezzlements and defalcations Follow up on audit findings to ensure timely and effective closure of identified issues. Collaborate with process owners, risk champions, and management to develop corrective action plans. Participate in enterprise-wide risk assessments and contribute to risk heat maps. Support operational effectiveness initiatives by identifying data leakage risks and monitoring process adherence. Coordinate with external auditors and regulatory bodies during assessments and audits. Keep abreast of all trends and developments in regulatory requirements, general accounting principles or audit techniques; implement and react quickly to any changes. Obtain buy in of the Business Heads on the Audit Scope Be transparent with the Business owners on the audit scope. Be flexible to take their inputs on the timing of the meetings, sharing data, etc. considering their other work commitments. Communication of the Audit findings to the Business Owners Share the Audit observations as and when they surface during the audit, Give due consideration to any mitigating controls/ procedures or specific scenarios, if any. Take the inputs of the business owners for the recommendations/possible solutions to plug the control gaps, Discuss tentative timelines for the implementing the recommendations Communication of the Audit findings to the Management Classification of the Audit findings and providing a risk ranking for presenting to the management. Present the Audit findings along with the overall status of the Audit Plan and other special initiatives/projects being performance by the function. Agreement of the Business owners of on the action for the recommendations Formally communicate the audit findings to the Business Heads and seek their responses and action plan with timelines. Draw and share the plan for regular follow- up with the Business owners for implementing the recommendations and share the plan Schedule meetings at agreed frequency to check status of the implementation plan. Conduct follow up reviews of financial, operational or regulatory compliance deficiencies noted during audit Skill/Qualification Requirement: Strong conceptual thinking skills especially in the area of operational risks and internal controls Qualified Chartered Accountant/Degree in Information Security/IT/Computer Science 5-7 years of experience in internal audit or the domain of processes, risks and controls, process re-engineering reviews Strong data analysis and analytical skills Self-starter with strong motivation and capacity to work in a newly established team Ability to work independently, manage multiple priorities concurrently and complete projects on schedule Working knowledge of professional auditing standards Knowledge on compliances like ISO 27001/PCI DSS, etc. 3+ years of experience of a Big 4 or consulting background preferred Professional certifications preferred: CISA, CIA, or equivalent. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

GPS XSector Specialism Operations Management Level Senior Associate & Summary At PwC, our people in software and product innovation focus on developing cuttingedge software solutions and driving product innovation to meet the evolving needs of clients. These individuals combine technical experience with creative thinking to deliver innovative software products and solutions. In business analysis at PwC, you will focus on analysing and interpreting data to provide strategic insights and recommendations for improving business performance. Your work will involve strong analytical skills and the ability to effectively communicate findings to stakeholders. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary At PwC, our purpose is to build trust in society and solve important problems. We re a network of firms in 157 countries with more than 300,000 people who are committed to delivering quality in Assurance, Advisory and Tax services. Within Advisory, PwC has a large team that focus on transformation in Government through Digital inclusion. The open position is for a candidate who desires to work with government clients and bring about a change in society. A successful candidate will be expected to work proactively and effectively on multiple client engagements over the period of time and take ownership of the entire project delivery he/she entrusted with. Responsibilities Lead the design, implementation and monitoring of cyber security strategies for government programs and infrastructure. Conduct risk assessments, vulnerability assessments and threat modeling of existing and planned IT systems. Coordinate and support the implementation of security controls as per national frameworks such as CERTIn, NISG and DPDP Act and global standards like ISO 27001, NIST, CIS Controls, etc. Define security architecture requirements and ensure integration with IT systems (cloud/onprem/hybrid). Support drafting of cyber security policies, SOPs, compliance guidelines, incident response plans and data protection protocols. Work with internal IT teams and thirdparty vendors to ensure compliance with security guidelines. Perform gap analysis, prepare audit reports and recommend mitigation measures. Provide expert guidance on emerging threats, vulnerabilities and compliance requirements. Engage with stakeholders hand other agencies as required. Monitor and respond to security incidents and support forensic analysis and remediation efforts. Mandatory skill sets Strong understanding of cyber security governance, risk and compliance (GRC). Handson experience with security assessment tools (Nessus, Qualys, Burp Suite, etc.). Experience with ISO 27001 implementation, audits and documentation. Familiarity with firewalls, endpoint protection, SIEM, IAM and DLP solutions. Proven experience in stakeholder management and working with government clients. Excellent documentation and presentation skills. Preferred skill sets Certifications such as CISSP, CISA, CISM, ISO 27001 LA/LI, CEH, or equivalent. Exposure to cloud security (AWS/Azure/GCP). Experience in incident response and digital forensics. Knowledge of data privacy regulations (DPDP, GDPR). Years of experience required 4 to 6 years of experience in cyber security, preferably with exposure to government or largescale public sector projects. Education qualification Bachelor s or Master s degree in Engineering, Information Technology, Computer Science, or equivalent. Additional qualifications in Cyber Security or Information Security are Desirable. Education Degrees/Field of Study required Bachelor of Engineering, Master of Business Administration Degrees/Field of Study preferred Required Skills Burp Suite Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Business Administration, Business Analysis, Business Case Development, Business Data Analytics, Business Process Analysis, Business Process Modeling, Business Process ReEngineering (BPR), Business Requirements Analysis, Business Systems, Communication, Competitive Analysis, Creativity, Embracing Change, Emotional Regulation, Empathy, Feasibility Studies, Functional Specification, Inclusion, Intellectual Curiosity, IT Project Lifecycle, Learning Agility {+ 19 more} No

GPS XSector Specialism Operations Management Level Senior Associate & Summary At PwC, our people in software and product innovation focus on developing cuttingedge software solutions and driving product innovation to meet the evolving needs of clients. These individuals combine technical experience with creative thinking to deliver innovative software products and solutions. In business analysis at PwC, you will focus on analysing and interpreting data to provide strategic insights and recommendations for improving business performance. Your work will involve strong analytical skills and the ability to effectively communicate findings to stakeholders. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . & Summary At PwC, our purpose is to build trust in society and solve important problems. We re a network of firms in 157 countries with more than 300,000 people who are committed to delivering quality in Assurance, Advisory and Tax services. Within Advisory, PwC has a large team that focus on transformation in Government through Digital inclusion. The open position is for a candidate who desires to work with government clients and bring about a change in society. A successful candidate will be expected to work proactively and effectively on multiple client engagements over the period of time and take ownership of the entire project delivery he/she entrusted with. Responsibilities Lead the design, implementation and monitoring of cyber security strategies for government programs and infrastructure. Conduct risk assessments, vulnerability assessments and threat modeling of existing and planned IT systems. Coordinate and support the implementation of security controls as per national frameworks such as CERTIn, NISG and DPDP Act and global standards like ISO 27001, NIST, CIS Controls, etc. Define security architecture requirements and ensure integration with IT systems (cloud/onprem/hybrid). Support drafting of cyber security policies, SOPs, compliance guidelines, incident response plans and data protection protocols. Work with internal IT teams and thirdparty vendors to ensure compliance with security guidelines. Perform gap analysis, prepare audit reports and recommend mitigation measures. Provide expert guidance on emerging threats, vulnerabilities and compliance requirements. Engage with stakeholders hand other agencies as required. Monitor and respond to security incidents and support forensic analysis and remediation efforts. Mandatory skill sets Strong understanding of cyber security governance, risk and compliance (GRC). Handson experience with security assessment tools (Nessus, Qualys, Burp Suite, etc.). Experience with ISO 27001 implementation, audits and documentation. Familiarity with firewalls, endpoint protection, SIEM, IAM and DLP solutions. Proven experience in stakeholder management and working with government clients. Excellent documentation and presentation skills. Preferred skill sets Certifications such as CISSP, CISA, CISM, ISO 27001 LA/LI, CEH, or equivalent. Exposure to cloud security (AWS/Azure/GCP). Experience in incident response and digital forensics. Knowledge of data privacy regulations (DPDP, GDPR). Years of experience required 4 to 6 years of experience in cyber security, preferably with exposure to government or largescale public sector projects. Education qualification Bachelor s or Master s degree in Engineering, Information Technology, Computer Science, or equivalent. Additional qualifications in Cyber Security or Information Security are desirable. Education Degrees/Field of Study required Bachelor of Engineering, Master of Engineering Degrees/Field of Study preferred Required Skills Burp Suite Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Business Administration, Business Analysis, Business Case Development, Business Data Analytics, Business Process Analysis, Business Process Modeling, Business Process ReEngineering (BPR), Business Requirements Analysis, Business Systems, Communication, Competitive Analysis, Creativity, Embracing Change, Emotional Regulation, Empathy, Feasibility Studies, Functional Specification, Inclusion, Intellectual Curiosity, IT Project Lifecycle, Learning Agility {+ 19 more} No

New requirement - Associate , Analyst - GRC Work Location : Jui Nagar, Navi Mumbai Job Description : Assist in conducting audit engagements to ensure compliance with standards and frameworks such as ISO 27001, PCI DSS, SOC 2, CISA and GDPR. Support the planning, execution, and reporting of audits under the supervision of senior auditors. Gather and analyze evidence to evaluate client compliance and provide initial recommendations. Detailed Responsibilities : Conduct audits based on defined standards, collecting and verifying evidence. Perform control testing, evaluate processes, and identify compliance gaps. Assist in evaluating policies, procedures, and systems for compliance Draft sections of audit reports with findings, observations, and initial recommendations. Maintain accuracy and completeness in audit documentation, following the organization's standards. Support in preparing final audit deliverables for senior review Communicate with client representatives during evidence collection. Participate in meetings to discuss audit findings and recommendations. Assist in tracking client remediation actions. Professional Skills : Basic understanding of audit standards and regulatory frameworks (e.g., ISO 27001, SOC 2, CISA). Competency in using audit tools and software (e.g., spreadsheets, document management systems). Strong analytical skills for evidence evaluation and compliance assessment. Personal Skills : Attention to detail and accuracy in documenting findings. Good communication skills for interacting with team members and clients. Willingness to learn and adapt to new standards and regulations Knowledge/Competency Requirements : Basic knowledge of auditing principles, risk assessment, and compliance. Understanding of industry standards relevant to information security and data privacy. Competency in basic project management tasks, such as tracking timelines and deliverables Please go through our website - www.qrcsolutionz.com

About this role Job Description . This mission would not be possible without our smartest investment the one we make in our employees. It s why we re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. Your team Join our distributed team of cyber security experts, protecting our business and developing exciting capabilities on the frontline of cyber defense! Apply your passion and knowledge of cyber security to improve the security of internal and external business workflows by supporting optimal cybersecurity control alignment and empower all employees to protect information our clients and investors entrust us with, and the systems and technology that enable our mission. Your Responsibilities This individual will join the Cyber Diligence team that is responsible for: Providing consultative advice to information security customers that enables them to make informed risk management decisions Identifying appropriate controls to effectively handle information risks as needed Finding opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk Maintaining strong working relationships with individuals and groups involved in handling information risks across the organization Identifying and assessing the severity and potential impact of risks and communicate/assess/implement solutions in a way that influences optimum risk mitigation Supporting the documentation of Information Security Policies and Standards Assessing the risk and providing governance of high-risk security related requests Assisting with pre-M&A information security reviews Reviewing of security components of technology changes, and other security risk related areas BlackRock is committed to building great Cyber Security careers for our people, and we are looking for an individual with a passion for cyber security defense to continue the growth of our exceptional team. You have Experience in coordinating and leading all aspects of complex Technology projects The ability to effectively influence others to account for the plans and collaborative behaviors for results Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner Ability to identify and assesses the cybersecurity threats, risks and controls to cost-effectively mitigate risks Ability to react to high pressure dynamic changing environments Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part. Ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one s network within an organization. Ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches. A discipline and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations Degree in Business, Computer Science, Information Security, or a related field 4+ years Information Security experience 2+ years with risk advisory Experience with information security management frameworks (e. g. , IS027000, COBIT, NIST 800, etc. ) Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) Our benefits . Our hybrid work model BlackRock s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock. At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress. This mission would not be possible without our smartest investment the one we make in our employees. It s why we re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www. linkedin. com/company/blackrock BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law.

Role description As a Sr Internal Auditor here at Honeywell, you will play a pivotal role in ensuring the effectiveness of our internal audit processes and enhancing our risk management practices. Honeywell is a global leader in innovation and technology solutions, and your expertise will be instrumental in maintaining the integrity and accuracy of our operations. In this role, you will play a crucial role in evaluating and enhancing the effectiveness of the companys internal controls and risk management processes. Your expertise in internal audit methodologies and practices will directly impact the companys ability to identify and mitigate risks, improve operational efficiency, and ensure compliance with policies and procedures. By providing guidance and recommendations to management, you will contribute to the continuous improvement of internal control enhancements and risk mitigation strategies. Join us in shaping the future of internal audit at Honeywell and maintaining the highest standards of corporate governance. Honeywell helps organizations solve the worlds most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable. YOU MUST HAVE Basic knowledge of SAP or Similar Systems (Must know how to run reports) Big 4 Audit Experience, Industry Audit Experience or Industry FP&A/controllership Manufacturing Industry Auditing Experience preferred WE VALUE Bachelor s degree with focus on Accounting or Finance CA, CPA or CIA, CFE, CISA, CISSP, CISM, PMP or similar IT certification CFE certification from the Association of Certified Fraud Examiners Experience conducting fraud investigations and performing Anti-Bribery and Corruption compliance reviews Some experience planning and executing audits in global environments Recent Big 4 audit experience SAP audit experience Hyperion audit experience Extensive knowledge and experience in project management Strong analytical, problem solving, and organizational skills Effectively demonstrates ability to deliver on complex situations or problems without guidance or supervision Consistently makes timely decisions even in the face of complexity, balancing systematic analysis with decisiveness Honeywell helps organizations solve the worlds most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable. YOU MUST HAVE Basic knowledge of SAP or Similar Systems (Must know how to run reports) Big 4 Audit Experience, Industry Audit Experience or Industry FP&A/controllership Manufacturing Industry Auditing Experience preferred WE VALUE Bachelor s degree with focus on Accounting or Finance CA, CPA or CIA, CFE, CISA, CISSP, CISM, PMP or similar IT certification CFE certification from the Association of Certified Fraud Examiners Experience conducting fraud investigations and performing Anti-Bribery and Corruption compliance reviews Some experience planning and executing audits in global environments Recent Big 4 audit experience SAP audit experience Hyperion audit experience Extensive knowledge and experience in project management Strong analytical, problem solving, and organizational skills Effectively demonstrates ability to deliver on complex situations or problems without guidance or supervision Consistently makes timely decisions even in the face of complexity, balancing systematic analysis with decisiveness Job Description Work with advanced technologies, global customers, and the most innovative, talented minds in the industry. Your career path will encompass diverse, challenging assignments that span product lines, job types, businesses, and countries, within Honeywells Corporate Audit group. You will lead technology risk assessments, pre-audit planning and conduct independent and objective audit reviews across Honeywells diversified organizations globally. Key Responsibilities Project risk assessment Risk mitigation Pre-audit planning Independent Audit reviews Execution of annual audit plans Acquisition support Integrated Supply Chain reviews Metrics and dashboard reporting Global monitoring activities Controls design Job Description Work with advanced technologies, global customers, and the most innovative, talented minds in the industry. Your career path will encompass diverse, challenging assignments that span product lines, job types, businesses, and countries, within Honeywells Corporate Audit group. You will lead technology risk assessments, pre-audit planning and conduct independent and objective audit reviews across Honeywells diversified organizations globally. Key Responsibilities Project risk assessment Risk mitigation Pre-audit planning Independent Audit reviews Execution of annual audit plans Acquisition support Integrated Supply Chain reviews Metrics and dashboard reporting Global monitoring activities Controls design

Build your career in the Internal Controls working across functions like Quality Assurance Program, SOX/CCAP Testing, Resolution and Recovery, Program Management while working in the world s most innovative bank which values creativity and excellence. As a Control Management Analyst in our Finance team, you will spend each day defining, refining and delivering set goals for our firm. Job Responsibilities Perform an independent review and validation of external reporting processes and data to mitigate the risk of external reporting errors. Possess strong auditing skills, a solid understanding of internal control systems within a financial institution, and knowledge of consumer businesses and products. Assist in the development, execution, and refinement of new and existing control reporting processes. Maintain the integrity of review documentation and provide it when requested for various reviews, such as SCG QA, Internal Audit Review, and External Audit Requests. Manage program implementation and monitoring of control programs impacting CCB Finance, such as Intelligent Solution Standards, Model/Estimations Governance, and User Tools. Monitor adherence to CCB and firmwide policies and standards. Maintain the integrity of program management/reporting documentation and provide it when requested for various reviews. Contribute to the development and enhancement of the business control environment through the execution of the Control and Operational Risk Evaluation (CORE). Required qualifications, capabilities, and skills 3 years experience in Auditing, Accounting, Internal Control and/or Finance Bachelor s in accounting or Finance. Internal audit / ITGC / automated controls testing experience required Strong communication (written and verbal) and attention to detail; demonstrated influencing skills; interact comfortably with staff at all levels Strong quantitative and qualitative analytical skills; ability to synthesize data from many sources, design and draw persuasive conclusions for plans A willingness to challenge conventional thinking and assumptions and to constructively dissent when appropriate. Strong working knowledge of Microsoft Office applications Ability to work in an evolving environment, manage multiple projects and support a growing business Preferred qualifications, capabilities, and skills Knowledge of Tableau and Alteryx Big Four public accounting experience and /or CA / CISA / CPA/CIA/ MBA certification preferred Build your career in the Internal Controls working across functions like Quality Assurance Program, SOX/CCAP Testing, Resolution and Recovery, Program Management while working in the world s most innovative bank which values creativity and excellence. As a Control Management Analyst in our Finance team, you will spend each day defining, refining and delivering set goals for our firm. Job Responsibilities Perform an independent review and validation of external reporting processes and data to mitigate the risk of external reporting errors. Possess strong auditing skills, a solid understanding of internal control systems within a financial institution, and knowledge of consumer businesses and products. Assist in the development, execution, and refinement of new and existing control reporting processes. Maintain the integrity of review documentation and provide it when requested for various reviews, such as SCG QA, Internal Audit Review, and External Audit Requests. Manage program implementation and monitoring of control programs impacting CCB Finance, such as Intelligent Solution Standards, Model/Estimations Governance, and User Tools. Monitor adherence to CCB and firmwide policies and standards. Maintain the integrity of program management/reporting documentation and provide it when requested for various reviews. Contribute to the development and enhancement of the business control environment through the execution of the Control and Operational Risk Evaluation (CORE). Required qualifications, capabilities, and skills 3 years experience in Auditing, Accounting, Internal Control and/or Finance Bachelor s in accounting or Finance. Internal audit / ITGC / automated controls testing experience required Strong communication (written and verbal) and attention to detail; demonstrated influencing skills; interact comfortably with staff at all levels Strong quantitative and qualitative analytical skills; ability to synthesize data from many sources, design and draw persuasive conclusions for plans A willingness to challenge conventional thinking and assumptions and to constructively dissent when appropriate. Strong working knowledge of Microsoft Office applications Ability to work in an evolving environment, manage multiple projects and support a growing business Preferred qualifications, capabilities, and skills Knowledge of Tableau and Alteryx Big Four public accounting experience and /or CA / CISA / CPA/CIA/ MBA certification preferred

Name of the Post: Deputy Chief Information Security Officer (Dy. CISO) Type of the Post: Contractual on full time basis . No. of Posts: 01 (one) Place of Posting: Tobacco Board - Guntur, Andhra Pradesh Scope of Work The Dy. CISO will be responsible for the following: a) Define information security roadmap for the organization with a futuristic vision b) Lead, implement and review hardware, network and software security standards and security controls within the organization, to protect systems, data and assets from both internal and external threats and prevent information and data loss/frauds. c) Identify and implement security assessment and testing processes across the organization, including but not limited to penetration testing, secure software development, vulnerability management etc. d) Identify best security products/tools for various purposes and implementation of same e) Lead security automation efforts for the organization f) Proactively monitor and identify security issues and potential threats, new vulnerabilities/threats and continuously improve security standards within the organization. g) Managing the daily operation of CSOC and implementation of the IT security strategy h) Implement and lead Security Assessment practices including Security Audits, Information Security Reviews, etc. i) Provide strategic risk guidance and consultation for IT Projects, including security risk assessment of Implementation Architecture, technical standards, and protocols j) Real-time analysis, investigations, and forensics, if a need arises and ensure to avoid and strengthen security measures. k) Developing strategies to handle security incidents and trigger investigation l) Regular Stakeholder communication on Information and data security practices and activities m) Develop a strong security team and enable employees be security aware with continuous training on security awareness n) Creating and implementing a strategy for the deployment of information security technologies and solutions to minimize the risk of cyber-attacks o) Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement p) Conducted network audit of all sites to study network response and performance. Running security audits and risk assessments q) Directed significant effort into IT asset management, involving hardening, tagging, tracking and auditing all IT assets across the companies r) Ensuring compliance with the latest regulations and compliance requirements s) Developing and implementing business continuity plans. t) Lead security automation efforts for the organization Eligibility Criteria / Age Limit: The candidate should not be more than 50 years old as on November 30, 2022 . Educational Qualification Engineering Graduate/ Post-Graduate in related field such as Computer Science, IT, Electronics and Communications or a Cyber Security related field OR MCA or equivalent qualification from recognized University. Note: Candidates having following professional certifications/ qualifications shall be preferred: Certified Information Systems Security Professional (CISSP) / Certified Information Security Manager (CISM)/ Certified Chief Information Security Officer (CCISO) / Certified Information Systems Auditor (CISA). Experience 8 - 10 years of relevant experience, including five years in a leadership / Senior Management role Demonstrated leadership, versatility and integrity Demonstrated broad management knowledge to lead project teams in one department. Skill Requirement Experience in Information Security Risk Management and Cybersecurity Technologies and strategy Knowledge of SIEM, PIM and NAC Solutions etc. Should have practical experience in implementing these solution Deep understanding and Knowledge of EDR, MDR, XDR, WAF solutions Expertise in Cloud based Security Solutions Expertise in FIM, DAM, IAM, Access control Solutions Expertise in Linux, Virtualization, Networking Concepts & OS, Data, Application Security Concepts and Tools Familiarity with Industry Security Standards and Protocols, Information and Data Privacy Regulations Good understanding of DevSecOps, Secure SDLC, Security Automation, Security testing concepts, DR & BCP concepts Strong in leadership skills and excellent interpersonal communications skills, stakeholder and vendor management Capable to understand and articulate impact of InfoSec Operations to the leadership

Role & responsibilities Perform Security and Privacy review of existing and new business process and solution implementations. Review product architectures for IT control security design gaps and vulnerabilities and consult with product teams and cyber security to remediate or mitigate cyber risk. Identify IT application end to end security deficiencies and implement approved remedial actions. Perform Privacy Impact Assessments for new processes involving personal data. Support adoption of comprehensive application security processes, procedures, and guidelines. Undertake required tactical application security skills and awareness training as required. Implement systems and integrations to drive greater automation and remove areas of human error. Collaborate with internal and external auditors during IT audits. Regularly assess the effectiveness of IT application controls using defined metrics and indicators. Prepare regular reports on outcomes and recommend enhancements to bolster IT governance. Proactively monitor IT security controls (data validation, authorization, encryption, audit logging, etc.) for key applications (on-premises and cloud-based) to identify weaknesses and potential vulnerabilities. Analyze security alerts and application security control deficiencies, recommending and implementing corrective actions. Regularly assess the effectiveness of IT security controls using defined metrics and indicators to identify areas for improvement. Collaborate with internal and external auditors during IT audits, providing technical expertise and insights. Ensure IT security controls operate efficiently and effectively, aligned with information security policies, standards, and compliance requirements. Identify and address gaps in security control design to mitigate cyber risks. Support the adoption of comprehensive application security processes and procedures, ensuring adherence to security best practices. Collaborate with cross-functional teams (product, development, security) to ensure a secure and seamless customer experience across platforms. Prepare regular reports on security control effectiveness and recommend enhancements to strengthen IT governance. Communicate effectively with technical and non-technical audiences regarding security controls and findings. Minimum Requirements Bachelors degree required. 10+ years of Cybersecurity and Privacy experience, with a heavy background managing cybersecurity and privacy functions. Knowledge of information security and privacy management frameworks (example: ISO 27001/NIST CSF). Knowledge of Global and India Data protection laws and regulations. (example: GDPR, India DPDPA, SG PDPA etc.) Ability to communicate clearly and effectively with both technology/development and business partners. Strong relationship, team building and facilitation skills. Ability to translate technical/security issues to business users. Proven analytical and problem-solving abilities. Ability to independently influence others to achieve objectives. High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. Preferred skills and experiences: Bachelors degree in computer science, information systems or equivalent. Security certifications to include: CISSP, CISM, CRISC, CISA and other technical certifications. Privacy Certifications to include: CIPM, CIPT, CIPP and other product specific certifications. MBA or Master's degree in a management, scientific, technical, or engineering field. Significant work experience with different regions/business units on risk management and leading information security initiatives.

Hiring TPRM (third party risk management) risk assessment In a world of growing cyber threats and regulatory demands, role of a TPRM Analyst has never been more vital We are seeking Governance, Risk, and Compliance (GRC) to implement robust frameworks that integrate risk management, compliance, and governance processes into our business strategy. Experience - 4 -7Years Location - Bengaluru Work Mode - Hybrid Certifications: ISO 27001 LA/LI, ISC2 CC, Security+, CTPRP, CTPRA, CISA, CISM, CRISC, CISSP (any one is preferable ) Information Security Governance, Compliance and Security Assessment, experience, with a focus on IT and IS Risk Assessments and program reviews / establishment. Familiarity with and demonstrated experience assessing against the BS ISO/IEC/SIG 27002:2005 BS 7799 standard domains, BS 25999 including Risk Assessment; Security policy; Organization of Information Security; Asset Management; HR Security; Physical and Environmental Security; Communications and Operations Management; Access Control; IS Acquisition, Development and Maintenance; IS Incident Management; Business Continuity Management; and Compliance. Broad understanding of Information Security trends, services and disciplines and experience applying them in dynamic environments. Were ready to fast-track your application if youre available to start! Think youre a perfect fit? Drop your resume bhumika.soni@weareams.com or Share this with someone you know who fits the bill.

Job Description: The Information Security GRC Specialist will be responsible for leading and managing the Governance, Risk, and Compliance (GRC) function within the organization. This role ensures adherence to regulatory requirements, conducts control testing, and implements security risk management practices in alignment with global standards. The ideal candidate should have a deep understanding of security frameworks, compliance requirements, and risk assessment methodologies. Key Responsibilities: 1) Regulatory Compliance and Coordination with Regulators Lead the development and implementation of system-wide risk management frameworks to identify and monitor information security risks. Understand regulatory and business requirements and ensure information security compliance in alignment with RBI, UIDAI, CERT-IN, DPSC, IRDAI, and other global regulations. Act as the primary liaison with regulatory bodies, ensuring timely compliance with cybersecurity mandates and regulatory filings. 2) Control Testing (ITGC) and Global Standards (NIST, ISO 27001) Conduct technical risk assessments for applications, IT general controls (ITGC), and cloud environments. Perform compliance assessments aligned with international security standards such as NIST, ISO 27001, and CIS controls. Validate the effectiveness of security controls and ensure continuous improvement in security postures. 3) Security KPIs and KRI’s Identify and define Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for measuring the effectiveness of information security initiatives. Develop security metrics to track compliance, risk mitigation, and operational security efficiency. 4) Understanding of Security Technologies Strong knowledge of security tools and technologies such as Firewalls, IDS/IPS, DDoS protection, SIEM, DLP, and vulnerability management solutions. Ability to interpret security logs, alerts, and incident data to enhance security operations. 5) Project Management Skills Lead and manage complex security projects, ensuring timely implementation and compliance with regulatory mandates. Collaborate with cross-functional teams and senior management to align security initiatives with business objectives. 6) Soft Skills Strong communication skills to articulate security risks and solutions effectively. Ability to engage with stakeholders, auditors, and regulators confidently.

Job Requirements IT/OT Auditor Perform assigned internal audit engagements in the domain of IT and Operational Technology (OT) for ACWA POWER group, from start to finish, inclusive of preplanning, wrap-up activities ensuring application of risk and control concepts to scenarios encountered and identify any potential issues. Job Specific Accountabilities: Perform IT/OT Audits, Cybersecurity reviews, advisory engagements and other influencing activities in highly technical areas of current/emerging technologies within ACWA Power Group. Adapt the audit approach to the ever-changing technology landscape and deliver critical and complex technology audits that impact the group-wide internal controls. Develop detailed Audit Program/Risk & Control Matrix (RCM) for the assigned audit, including potential risk, key controls, audit procedures and the use of audit techniques and tools to evaluate governance, risks, and controls processes. Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, sampling method, etc. Identify high-risk areas, key control points, root causes and implications in relation to IT/OT environments reviewed. Prepare audit report with the conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems, and recommend improvement options to rectify reported deficiencies. Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures. Appraise the adequacy of the corrective actions taken by management on audit recommendations through follow-up audits and periodically review and update the status of management action plans. Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit activities, performance, significant risk exposures, controls/governance issues, and other related matters. Provide relevant business and technology insights into the current, emerging & potential technology issues, trends & opportunities affecting ACWA Power Group. Participate in conducting special reviews and undertake administrative duties as directed by Management. Supplement integrated audits and support business and group auditors in reviewing the technology controls within an operational audit. Minimum Qualification: Bachelor's Degree in Computer Science or related Technology discipline, or equivalent discipline. Minimum Experience, Knowledge & Skills: 5-7 years of varied experience in IT internal auditing and a minimum of 3+ years of work experience in Operational Technology or Industrial Control Systems. Expertise in developing or reviewing IT/OT security programs and conducting cybersecurity assessments for IT/OT environments including ICS, SCADA systems etc. and associated OT network architecture. Solid foundational knowledge of IT/OT security landscape including but not limited to, network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and OT integration with traditional IT systems (IT and OT Convergence). Solid understanding of OT security technologies such as Data diode, EDR, Antimalware, patch management, SIEM solution etc. Advance technical knowledge of different operating systems, databases, network infrastructure components (routers, switches, firewalls etc.). Advanced knowledge of OT/ICS-related standards like IEC 62443, NIST 800-82. Knowledge and understanding of Regulatory Standards such as NCA (ECC, OTCC, CCC etc.), NESA, ISR etc. Knowledge and experience with OEMs Honeywell, Yokogawa, Siemens etc. systems will be added advantage. In-depth knowledge of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, ISO27000, NIST) and their interpretation/application to IS/IT auditing practice. Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action. Expertise in collecting and analyzing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions. Extensive knowledge of planning and project management areas. Professional Certifications: IT audit certification such as CISA OT or ICS-related certifications are highly desirable. Other related certifications (CISSP, CISM, GIAC, GICSP, IEC-62443 etc.) are preferred.