886 Cisa Jobs - Page 13

Overview Skills:-Information Security Governance, GRC Analyst, Security Governance, IT Compliance, Security Risk Analyst Location:- Bangalore, Hyderabad Shift Timings:- 6.30 pm - 3.30 am Analyst, Information Security Governance Omnicom Global Solutions, Hyderabad IN About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Key Responsibilities Operate day-to-day Information Security Governance, Risk, and Compliance (GRC) activities across the organization. Support alignment and implementation of security standards including ISO 27001, PCI, NIST, and TISAX. Assist in the execution of Information Security Risk Management policies and procedures. Collaborate on internal and external audit activities and track remediation efforts to closure. Support documentation, reporting, and evidence gathering for compliance and regulatory assessments. Contribute to the continuous improvement of governance processes, control effectiveness, and risk posture. Coordinate with business units and IT teams to ensure governance standards are understood and adhered to. Qualifications Required Qualifications 3–5 years of experience in information security governance, risk, compliance, or audit. Working knowledge of ISO 27001, PCI-DSS, NIST, TISAX, or other major regulatory frameworks. Experience with policy implementation, risk assessment methodologies, and audit coordination. Ability to evaluate and articulate compliance requirements to technical and non-technical teams. Strong documentation, analytical, and reporting skills with attention to detail. Excellent interpersonal and communication skills to work cross-functionally. Preferred Qualifications Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar. Experience with GRC platforms and tools. Exposure to vendor risk management and compliance monitoring.

Vulnerability Management - Job Title Vulnerability Management x 1 Role Description Responsible for facilitating end to end vulnerability management responsibilities with internal employees and AT&Ts external auditing firms for Service Provider PCI, SOC, and ISO 27001 audits. Key Role and Responsibilities: 1. Schedule and ensure weekly scans are conducted, results are provided to the appropriate Remediation Owners and applicable Critical, High, and medium security risk vulnerabilities are addressed in a timely manner. 2. Schedule and facilitate meetings with internal employees to obtain, review, and analyze device inventory for assets supporting AT&T services in scope for a PCI, SOC, or ISO 27001 audits. 3. Schedule and facilitate meetings with internal employees covering vulnerability scan results providing Remediation Owners with information to help address in scope vulnerabilities to be compliant with PCI and ASPR requirements. 4. Schedule and provide training for internal employees covering vulnerability scanning and remediation for the latest PCI and ASPR requirements. 5. Perform security analysis, drive technical security assessments, and monitor and report on remediation progress. 6. Provide guidance to remediation teams to ensure compliance with regulatory, contractual, and legal requirements. 7. Perform scanning reconciliations to quickly identify in scope devices that were not properly scanned. 8. Follow-up with appropriate representatives to gain an understanding why in scope devices were not scanned and schedule rescans to ensure scanning of all in scope devices. 9. Assist with and perform penetration and segmentation testing for AT&T services. 10. Meet with external auditors as needed to review required audit evidence. 11. Contribute to the overall success of the team by identifying and documenting process improvements and creating and maintaining process documentation. Required Skills 1. Advance project management, time management, Microsoft PowerPoint, Excel, Outlook, and Word skills are required. 2. Advanced verbal and written skills are required. 3. ServiceNow experience using the vulnerability response module. Desired Skills 1. Bachelors degree in Computer Science with an emphasis in information systems is preferred. 2. Minimum of 5 years of experience in IT Operations, external PCI DSS audits, and 3 years of IT Security is preferred. 3. The following certifications are an asset, CISSP, CISM, CCSK, CCSP, PMP, and CISA. Service supported Vulnerability Management Location- Bangalore/Hyderabad Yrs of Exp-5+Yrs

About this role We are looking for an experienced individual to lead the RQA Risk Assessment & Assurance Team in Mumbai, India. Business Overview Understanding and managing risk is the cornerstone of BlackRock s approach to responsible investing. The Risk & Quantitative Analysis (RQA) group provides independent oversight of BlackRock s fiduciary and enterprise risks. Our mission is to advance the firm s risk management practices and to deliver independent risk expertise and constructive challenge to drive better business and investment outcomes. RQA promotes BlackRock as a leader in risk management by providing independent top-down and bottom-up oversight to help identify investment, counterparty, operational, regulatory, technology, and third-party risks. RQA is committed to investing in our people to increase both individual enablement and a strong collaborative environment. As a global group located all around the world, our goal is to create a culture of inclusion which encourages teamwork, innovation, diversity and the development our future leaders. We actively engage in discussions on career growth and work with team members to understand how personal passions and strengths connect with our purpose. Who We Are As part of the broader Thematic Risk Assessment team (TRA) within the Enterprise Risk Management group (a Second Line of Defense function), the RQA Risk Assessment & Assurance (RAA) Team is vital to the true-up understanding of our enterprise risk and control landscape, and continued confidence that our risk management processes are effective and reliable. These help provide assurance that the firm s enterprise risk management framework is adept at managing current and emerging risks, protects protecting our clients and firm, and supports the achievement of firm-wide business goals within our risk tolerance. Key stakeholders include, but not limited to, broader RQA Enterprise Risk Management teams and leaders, Enterprise Technology Risk & Control (First Line of Defense risk function), Innovation Office and Information Security, and other risk and control functions. What You Will Be Doing : Your primary responsibilities include: Execute risk assurance plans that evaluate, monitor and report on the design &/or effectiveness of enterprise risk assessment programs and its activities. Perform and support thematic risk assessments that evaluate enterprise risks of interest. Identify, analyze, execute, and support improvements to enterprise risk assessment programs. Manage the RAA Team and team members performance. Identify, dimension, and propose practical solutions for improving enterprise risk assessment programs, risk management processes, risk and control taxonomies, and risk and control assessment techniques. Identify and escalate potentially systemic enterprise risk issues in a timely manner. Ensure risk assessment and assurance exercises are comprehensively documented and reported. Be a risk champion within the wider BlackRock business. What We Look For : As a Team Lead with people management responsibilities, you must have: Strong risk and control assessment expertise (especially in technology &/or information security). Excellent attention to detail, strong work ethics, and able to work as part of a global team and make informed risk management decisions. 13+ years of practical experience in Enterprise &/or Technology Risk Management, Business Process Engineering, Quality Assurance, or Audit (experience earned in Asset Management or Banking industry is preferred). 5+ years of experience leading and performance managing a team (non project-based). 5+ years of experience in performing risk and control assessments, quality testing, control testing, &/or IT auditing. Demonstrable ability to identify and analyze process, risk and control issues, challenge the status quo, and work with cross-functional and international teams to ideate pragmatic solutions that strengthen the risk management framework. Strong understanding of industry-leading practices and control frameworks (e.g. CRI Profile, NIST CSF, ISO 27001, SOC, SOX, SWIFT, and COBIT). An ability to explain complex ideas &/or sophisticated technical concepts in simple but impactful terms and use effective communication to influence outcomes. Familiarity with office productivity, usage of open-source frameworks and business intelligence tools, including (but not limited to) Microsoft Office, PowerBI &/or Tableau. The following are competitive advantages that we are interested in: You are a Certified in Risk & Information Systems Control (CRISC), a Certified Information Systems Auditor (CISA), &/or Six Sigma-certified. You have both led and performed technology &/or business risk and control assessments. You have automated control assessment activities or analytics using one or more of the following: Python, JavaScript, .NET &/or SQL. Good understanding of worldwide regulatory requirements. Our benefits . Our hybrid work model BlackRock s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock. . This mission would not be possible without our smartest investment the one we make in our employees. It s why we re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com / company / blackrock BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law.

Business Function Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Banks operational processes and inspire to delight our business partners through our multiple banking delivery channels. Job Purpose This is to manage risks for LOBTs acting as Line 1 risk manager Key Accountabilities: Assist Line of Business Technology in managing technology and operational risks Drive and ensure regulatory compliance for the LOBT Liaise and co-ordinate audit activities involving the LOBT Issue & Action management for LOBT including is impacted (across external and internal audits and reviews and excluding IT Information Security) and action planning. Engagement across Technology verticals, Operations, Business, Compliance to prioritize, plan, act, prove, close all open findings within committed timelines. Scan regulatory requirements, circulars to ensure forward planning and execution for compliance. This includes Singapore and India regulatory requirements. Prepare, maintain and conduct control testing for units Risk Control Self Assessments (RCSAs) Outsourcing Risk assessment for the LOBT Monitor risk issues and incidents for LOBT. Job Duties & Responsibilities: Liaise with stakeholders within and outside DBS, including at Group level to have a comprehensive view of all Technology Risks. Engage with Technology verticals and others as appropriate within DBS, to progress on closure of all open points. Engage with Compliance, understand the regulatory requirements at country and group level, and add these to the action points which Technology must ensure. Early identification of execution challenges in risk mitigation actions and being an effective catalyst with Technology teams and seniors to resolve bottlenecks such as cost or resource approvals, conflicting priorities. Risk assessment for LOBT covering partners, external environment and identify potential risks such as relating to scale-preparedness, DR & BCP support for the organization, code quality in terms of testing and deployment governance. Regular updates as per agreed rhythm, and fronting dialogues with stakeholders/LOBT, to highlight process on Risk Management and Risk Mitigation. Liaise with relevant departments to ensure awareness of Technology Risk within the DBS India Technology Team, and partner for this awareness across DBS India. Liase with Line of Business Risk in the region and co-ordinate efforts for the LOBT landscape used by India. Requirements Ideally, 10+ years of successful experience in Technology Risk Management, Information Security, Technology Audit. Education / Preferred Qualifications: Ideally, risk-accreditations like CISA, CRISC, CISM, CISSP experience on Information System audits and remediation, Agile Scrum accreditation and/or experience, and has worked as a Lead Auditor in Information System audits including ISO audits. Minimum Computer Science or Technology Management graduate, preferably in Info-Sec specialization. Core Competencies: Awareness of Information Systems and their complexity, potential points of failure from a risk perspective. Good communication skills and ability to manage dialogues with seniors. Readiness to raise the red flag” for risks, in the interests of the bank.

New requirement - JD for Cybersecurity risk manager: Key responsibilities As a Cyber Risk & compliance Professional in our Group CISO office, you will be occupied in the following domainsa) Risk management b) Compliance.This role is responsible for planning, managing and coordinating various cybersecurity risk management activities focused on identifying, assessing, and mitigating risks for the enterprise from a business perspective. Skill requirement: Degree, or equivalent, in Information Security or Cyber Security or Computer science or similar course Self-motivation to continuously develop in the areas of cybersecurity Ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience Cyber / technology risk assessments & management methodologies Hands on with assessment report preparation and presenting to senior technical and business stakeholders Articulative and confident in presentation to senior stakeholders Knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Advanced knowledge and understanding of ITGC, NIST 800-53, NIST CSF controls and Risk management frameworks Expertise in complex business processes and technological risks Deep understanding of security technologies including firewalls, proxies, SIEM, XDR, CSPM, IGA, PAM, Data protection Experience8 12 years. Applications from people with disabilities are explicitly welcome.

Manager (IT) Compliance & Audit The ZS IT Governance, Risk & Compliance (GRC) team is a global function that plays a critical role in aligning with ZS' business strategy and operating model. The team's mission is to empower ZS' 13,000+ employees and their clients with the tools, insights, and frameworks needed to effectively manage operational risk and meet compliance requirements in an increasingly complex regulatory landscape. The GRC team is responsible for ensuring that ZS maintains the highest standards of compliance by managing a diverse portfolio of certifications and audits across multiple domains, including Information Security, Privacy, and Environmental, Social & Governance (ESG) . The team's scope of work includes maintaining compliance with industry-recognized standards such as ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and ESG , providing comprehensive oversight on risk management, security, and privacy practices. By offering independent assurance to both internal stakeholders and external parties, the GRC team ensures that ZS consistently adheres to globally established compliance frameworks, controls, policies, and industry standards. This stewardship strengthens ZS' ability to mitigate risks, meet client and regulatory expectations, and uphold its reputation as a trusted partner across industries. Additionally, the GRC team fosters continuous improvement, not only by responding to evolving regulations but by driving proactive initiatives that embed a culture of compliance and risk awareness throughout ZS operations. This holistic approach helps safeguard ZS assets, data, and relationships in a fast-paced and increasingly interconnected business environment. Manager (IT) Compliance & Audit The Manager, IT Compliance & Audit will be a seasoned leader in the information security compliance domain, driving projects related to critical certifications like ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and others. The individual will play a pivotal role in managing and ensuring compliance with regulatory and operational security standards while collaborating with various stakeholders, including the CISO, CRO, DPO, Head of Cloud Engineering, IT Stakeholders, and other senior leaders. The role requires hands-on technical and functional expertise, along with the ability to manage and develop teams, oversee compliance programs, and report to leadership committees. Key Responsibilities: Compliance & Audit Management: Lead and manage the implementation, maintenance, and certification processes for ISO 27001, 27701, 27017, HITRUST, SOC 2, SOC 3, and similar standards. Oversee and manage internal and external audits, identifying gaps, and ensuring timely closure of audit findings. Collaborate with cross-functional teams, including IT, security, legal, and risk management, to ensure alignment on security compliance initiatives. Drive continuous improvement initiatives to enhance compliance posture, developing and enforcing security policies, procedures, and controls. Stakeholder Collaboration & Communication: Act as the primary liaison between teams and external auditors, certification bodies, and regulators. Build and maintain strong working with key stakeholders, including the CISO, CRO, DPO, Head of Cloud Engineering, IT, and legal teams, to ensure compliance objectives are met. Provide expert advice on compliance issues and support various departments with technical and policy-driven . People Management & Leadership: Lead, mentor, and develop a team of professionals, fostering a high-performance culture. Manage team workload, project , and career development, ensuring that the team is up-to-date with industry standards and compliance practices. Oversee team training programs to ensure sharing and skills development in compliance and audit. Project Management & Reporting: Lead compliance projects, including forecasting, resource planning, and reporting progress to leadership committees. Develop project timelines, track, and ensure timely delivery of compliance and audit activities. Provide regular reports and updates to management, including dashboards and key performance indicators (KPIs) to assess the organizations compliance and risk posture. Collaborate with internal teams to ensure smooth integration of compliance requirements into new and existing technologies, including AI, cloud services, and data privacy technologies. Strategic Planning & Operational Compliance: Contribute to the development of the organizations broader compliance strategy, aligning with industry trends and emerging regulations. Proactively identify potential risks and vulnerabilities and develop risk mitigation strategies. Lead operational compliance efforts across various functions, ensuring comprehensive coverage of security, privacy, and data protection requirements. Qualifications & Experience: Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field. A masters degree or MBA is preferred. Minimum 10-12 years of experience in IT compliance, audit, and information security, with specific experience managing ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and related certifications. Proven track record of managing compliance programs and leading audits across large, complex organizations. Strong leadership and people management experience, with a demonstrated ability to lead, develop, and motivate high-performing teams. Excellent project management skills with the ability to manage budgets, forecasts, timelines, and complex stakeholder requirements. Deep understanding of cloud security (Azure, AWS, GCP) and privacy standards, with experience working with cloud engineering and DevSecOps teams. Strong problem-solving skills with the ability to influence and engage with C-level executives and senior stakeholders. Certifications (Preferred): CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) ISO 27001 Lead Auditor/Lead Implementer HITRUST Certified CSF Practitioner Certified Cloud Security Professional (CCSP) PMP (Project Management Professional) or equivalent certification Skills: Strong technical knowledge in information security standards and frameworks. Exceptional communication and presentation skills, with the ability to articulate complex compliance issues to technical and non-technical audiences. Experience with AI and its implications n compliance, security, and data privacy will be an advantage. Proficiency in GRC (Governance, Risk, and Compliance) tools and software. Why Join Us? ZS is a global consulting firm; fluency in English is required. Candidates must possess work authorization for their intended country of employment. An on-line application, including a cover letter expressing interest and a full set of transcripts (official or unofficial), is required to be considered. ZS offers a competitive compensation package with salary and bonus incentives, plus an attractive benefits package. Opportunity to lead and shape the compliance landscape of a forward-thinking organization. Work with cutting-edge technologies in a collaborative, dynamic environment. Competitive compensation and benefits package.

Experience: 6-7 Years Job Location - Bangalore and UAE Managing GRC Projects – Risk Management Specialist Any one Relevant certification is mandatory: CISSP, CISA, CISM, CRISC, CGEIT, GRCP, GRCA Should have team lead experience

A Day in the Life We value what makes you unique. Be a part of a company that thinks differently to solve problems, make progress, and deliver meaningful innovations. The Cardiac and Vascular Group brings all of our cardiac and vascular businesses together into one cross-functional, collaborative operating unit to employ the full breadth of our talent, technologies, products, services, and solutions to address the needs of customers and patients across the globe. Cardiac Rhythm Management offers devices and therapies to treat abnormal heart rhythms, as well as cardiac monitoring solutions. Be on the frontlines of the emerging area of medical device cybersecurity as an integral member and technical leader within a team responsible for creating, deploying, and monitoring cybersecurity and information security solutions for Medtronic s medical devices and supporting IT infrastructure. Interact with external and internal cybersecurity researchers to identify and remediate vulnerabilities within Medtronic products and systems. Work directly with R&D teams to ensure all relevant security risks are identified and evaluated, and appropriate and well-balanced solutions are implemented. Develop project security management deliverables for regulatory bodies to comply with standards / guidance documents, and successfully communicate cybersecurity technology to customers, regulatory bodies, and other stakeholders. Job Summary: We are seeking a highly skilled and experienced Senior Mobile Application Security Engineer to lead the security efforts for our mobile platforms (iOS and Android). You will be responsible for identifying vulnerabilities, implementing security best practices, and working closely with development teams to ensure secure mobile application design and deployment. Responsibilities may also include the following and other duties may be assigned. Conduct security assessments and code reviews of mobile applications (iOS and Android). Perform in-depth security assessments of mobile applications using static and dynamic analysis tools. Perform threat modeling and risk assessments for mobile app features and architecture. Integrate security tools and processes into the CI/CD pipeline for mobile development. Deep understanding of OWASP Mobile Top 10 and mobile attack vectors. Collaborate with developers to remediate vulnerabilities and implement secure coding practices. Lead penetration testing efforts and coordinate with third-party security vendors. Expert knowledge of iOS and Android security architectures and frameworks Proficiency in mobile security testing tools (OWASP ZAP, Burp Suite, MobSF, etc. ) Strong understanding of mobile apps reverse engineering and binary analysis Monitor and respond to mobile security incidents and vulnerabilities (e. g. , OWASP MASVS, CVEs). Stay updated on the latest mobile security threats, tools, and trends. Develop and maintain mobile security policies, standards, and guidelines. Mentor junior security engineers and provide technical leadership. Participate in incident response activities for mobile security events. Leads or participates in security architecture and design review meetings. Must Have: Minimum Requirements An undergraduate (bachelors) or graduate degree in computer science, computer engineering, electrical engineering, or similar discipline. Experience in embedded devices vulnerability assessment, especially medical devices and Threat Modelling and risk scoring Formal education in cybersecurity and information assurance. Minimum 7-year experience & 4 years of technical, cybersecurity-related experience, Experience in analyzing security posture and vulnerability assessment. experience in penetration testing, fuzz testing of Web, enterprise cloud and Desktop solutions, (Black box, gray box and Whitebox testing) Demonstrated understanding of information security practices, risk management processes, cybersecurity principles, and incident response methodologies. Nice to Have: Proficiency in mobile development languages (Swift, Objective-C, Java, Kotlin) Security Certifications (i. e. CEH, CISA, CISM, Security+, GSEC, OSCP, etc. ) Familiarity of embedded environments, vulnerability scanning tools, and common attack routes Strong technical and troubleshooting skills. Capability to research and evaluate emerging technologies. Innovative thinker with the ability to think outside of the current norms and processes. Demonstrated ability to be flexible. Excellent written and verbal communication skills Demonstrated ability to develop and grow productive, trusting, and open relationships with a wide variety of constituencies. Demonstrated leadership and teamwork skills. Demonstrated ability to communicate complexity in a clear manner. Demonstrated experience interfacing with customers and other external stakeholders regarding cybersecurity system design and behavior. Demonstrated strong analytical, critical thinking skills. Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health, and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be. We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let us work together to address universal healthcare needs and improve patients lives. Help us shape the future. The physical demands described within the Day in the Life section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Benefits & Compensation Medtronic offers a competitive Salary and flexible Benefits Package A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95, 000+ passionate people. We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Third-Party Security Assessment- Senior Consultant Specialist. In this role, you will: Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability and segregation of duties. Ensure compliance with internal audit and external regulators that any organisational changes are fit for purpose and meet their expectations Analyse and execute activities to ensure compliance with HSBC Cybersecurity policies and standards. Contribute to process, procedures and tool identification/development that will strength the bank s response to threats and incidents Assess new technology products and projects utilising security technologies pertinent to the department Act as a role model to more junior members of the team Engagement with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues Expand their skills, knowledge and experience to enhance the overall capability of the function. Ensuring adherence to global standard methodology, SLA s, quality, templates and tools Ensuring good stakeholder engagement Supporting overall activities of Global TPS, including admin and any special initiatives / projects MI / Reporting (actual generation of reports or contribution to appropriate reports) Mentoring / Coaching / Guidance for other team members / Deputizing for manager Remain current with industry and competitor trends and work to apply latest / best practices internally Owning and driving special projects aligned to industry best practices Overseeing larger and more complex engagement requests and / or reviews Subject Matter Expert in own domain with, broad basic knowledge of other domains ensuring appropriate delivery of services along with aligning with the wider strategy and objectives of the bank overall. Requirements To be successful in this role, you should meet the following requirements: Minimum Bachelor Degree and/or experience in operational processes or third party information security reviews in the Financial Services industry or global corporate service provider Background - desirable but NOT essential one or more; risk management, Audit, ISR Qualifications - desirable but NOT essential one or more; ISO270001, CISA, CISM, CISSP, CRISC Availability to travel (if required) for this role, i. e. travel within country as well as occasional International travel Positive and professional attitude, team player, flexible and adaptable, open to change(s) Confident and takes responsibility and ownership for work and personal development Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English) Ability to communicate technical subject matter to non-technical stakeholders Previous experience of delivering an excellent customer service Ability to quickly develop good working relationships with stakeholders Ability and motivation to learn and pick things up quickly. You ll achieve more when you join HSBC. .

Risk Management: Identify, assess, and mitigate risks related to compliance, security, and other relevant areas Compliance Programs: Develop and implement compliance programs to ensure adherence to regulations and standards Audit Support: Assist with internal and external audits, providing documentation and evidence Policy Development: Create and maintain clear, concise policies and procedures Regulatory Change Management: Stay abreast of regulatory changes and adjust policies and procedures accordingly Reporting and Documentation: Prepare detailed reports on compliance findings and security gaps Training and Communication: Provide training to employees on compliance and security policies Collaboration: Work with cross-functional teams to achieve compliance goals Skills and Knowledge: Analytical skills: Analyze data to identify risks and compliance gaps Communication skills: Communicate findings and recommendations effectively Problem-solving skills: Identify and resolve compliance issues Understanding of GRC tools and software: Proficiency in using GRC tools for audits, risk assessments, and compliance management Requirements Bachelors degree in a related field Minimum of 5 years of experience in governance, risk management, and compliance roles Strong knowledge of regulatory frameworks and compliance standards , GDPR, SOX, ISO 27001) Excellent analytical, problem-solving, and decision-making skills Proven ability to communicate effectively with stakeholders at all organizational levels Professional certifications such as CISA, CRISC, CISSP, or similar are highly desirable Experience conducting audits and assessments, and developing compliance documentation

Some careers open more doors than others. If you re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. Business Descriptors Global Internal Audit provides independent, objective assurance to management and the risk and audit committees as to whether the framework of risk management, control, and governance processes, as designed and represented by management, is adequate and functioning. This team with skilled business, process, data, change, and culture analysts helps HSBC to achieve its strategic purpose, safely and sustainably. Responsibilities: Contribute to the audits for CIB Banking i. e. commercial banking, coverage activities, financing activities, investment banking activities (ECM, DCM, LAF, M&A) Deliver assigned work within the given timeframes, standards, methodology, budget, and where applicable, lead and deliver audits. Confirm that audit findings and recommendations are understood and with proposed mitigations. Demonstrate knowledge of the applicable Business, Functional, and Regulatory environment, including developing trends, risks, controls, and expectations. Support a strong risk and conduct culture across the Group and promote awareness and sound operational and strategic decision-making. Critically analyse and determine key drivers of change for area of coverage and assess how these will impact audits. Use insights, industry knowledge and current developments to assess areas of concern. Coherently articulate audit exceptions and findings to GIA team members and management, and as necessary to business and/or functional stakeholders. Effectively discuss potentially challenging matters and ability to communicate with impact and articulated in a meaningful way to wide and varied audiences. Be an analytical and critical thinker, who can effectively manage competing priorities and complex challenges to deliver positive outcomes. Apply qualitative and quantitative methods to analyze and investigate challenging scenarios and situations. Be a proactive team player, who leads by example and works constructively across GIA. Effective communication and ability to maintain constructive relationships with stakeholders, team members, and GIA Management. Actively promote collaboration and sharing of ideas across GIA Produce smart, simple, and pragmatic solutions. Requirements The ideal candidate for this role will have the below experience and qualifications: Minimum of 8 to 10 years internal or external audit, business, and/or accounting experience or equivalent, and external audit will be considered, but is not always essential. We also welcome exceptional talent with data analytics or data science background who are keen to work in a leading audit function. Minimum of a bachelor s degree in business, accounting, finance, related field or equivalent experience. Strong understanding of financial services business, risks (e. g. regulatory compliance) and related controls, with a specific focus on retail banking and wealth management. Good analytical skills in identifying risks and control implications. Good communication skills (written and verbal) for managing multiple stakeholders to drive consensus and influence the outcomes. Broad knowledge of the Company, Group and financial services industry, business supported and the regulatory framework they operate in. Knowledge of Data Analytics and ability to apply technology or expertise to business issues or operational problems is desirable, but not essential. Prior International work experience is a plus. Fluency in English. Mature team player who is highly professional. Willingness to travel (max 20%). Ideally hold role relevant qualifications, or pursuing professional qualification (e. g. , CISA, CPA, CFA, CIA, ACAMs etc. ). Useful Link Link to Careers Site: Click HERE

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

CISA, CISM, CISSP SAP GRC Expert SAP GRC 10.1 and 12 SAP IDM MSMP and BRF+ workflow SOD Analysis Required Candidate profile Experience of SAP GRC 10.1 & 12 SAP modules (e.g., FICO, MM, SD) (R/3/ECC, BW4HANA, S4HANA)

Senior SAP Basis Consultant, SAP BTP and Integration Suite SAP SYBASE SAP Basis activities like system installations, configurations, upgrades, migrations, and performance tuning. Required Candidate profile Immediate or Serving Notice Period CISA, CISM and CISSP SAP systems - Linux / HANA and SAP ASE (Sybase) SAP BTP and Integration Suite

Job Description: You are Responsible for Below are the roles and responsibilities of the candidate Assists the senior management in defining the control objectives and monitoring compliance efforts. Manage organization's compliance with the Sarbanes Oxley Act. Develops processes to ensure compliance with all SOX requirements. Designs and administers internal controls over financial reporting relating to the IT automated controls. Reports test results to the top management. Review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to the senior management. Serve as a liaison between internal and external auditors. Stays abreast of changes in SOX regulations to ensure timely compliance. Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures. Responsible for maintaining and updating all aspects of the internal SOX compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls. Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Develop and conduct SOX compliance training for employees. To succeed in this role you should have the following Applicants should be a University Degree holder (preferably Master degree), CPA or Chartered Accountant (or equivalent), Certified Information Systems Auditor (CISA) with 5+ years of experience in Finance / Internal/ IT Controls/Audit and relevant business area. Knowledge of SOX and IT controls. Big 4 public accounting experience with Fortune 500 clients. Extensive knowledge of the internal control framework (specifically COSO) and a solid understanding of the concepts of control design and operational efficiency. Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts. Strong risk management experience, including: performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Experience working in a dynamic IT environment similar to a high tech start-up. Experience of solving multiple and complex challenges. Exposure in audit planning and execution, controls operation, and handling audit queries with external/internal auditors. Strong governance, risk and assurance management background which encompass knowledge of corporate governance, control framework and risk. Aptitude for leading teams; influencing and galvanizing others to follow you toward a solution. Ability to guide and train team members. Strong interpersonal written and oral communication skills. Solid organizational skills along with an aptitude for information technology. Excellent analytical skills Understanding of business drivers and related risk and ability to interpret the relevant management information is appreciated. Good communication and Analytical skills Having risk and controls mindset Ability to challenge and open to different views and opinions. Self-starter and ability to manage diverse cultural/ethnic sensitivities. Ability to deal effectively with complexity and having focus on details. Ability to prioritize and ensure delivery of priorities. Quick learner and resilient Mandatory Skills :Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of DBS Senior Control Tester. In this role, you will: Carrying out thorough preparation, driving and participating in execution of a wide range of Technology control testing activities Timely delivery of control testing and being transparent and accurate in the completion of testing deliverables Applying judgment in relation to the identification and publication of control testing findings through identifying the key risks and issues Embedding quality into the control testing deliverables and ensuring compliance with the CCO Control Testing Methodology Providing expertise and guidance on control testing across CCO and applying critical judgment and decision making in relation to the identification and publication of control testing findings through identifying the key risks and issues Maintaining working relationships with key stakeholders including keeping abreast of key business, regulatory and industry developments and any changes to procedures and practices Supporting the preparation of testing reports to inform key stakeholders of the outcome of testing and review work. Track and follow-up actions identified as a result of testing and review work and escalating when necessary. Understand, follow and demonstrate compliance with all relevant internal and external rules, regulations and procedures that apply to the conduct of the business in which the jobholder is involved, specifically Internal Controls and any supporting policies and procedures. Requirements To be successful in this role, you should meet the following requirements: Minimum 3 - 5 years of relevant experience in IT controls testing in Financial Service industry / Process assessment experience. ITGC, SOX, NON-SOX, Internal Control, Automated control Testing (BACs) The successful candidate will also meet the following requirements: SOC IT Risk qualifications (CRISC, CISM, CISA, CISSP or equivalent) are desirable. Demonstrable knowledge in Technology control testing and risk management, internal control, or internal audit preferably within a financial / banking services operations environment Self-starter and effective collaborator

This is a remote position, so you ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings. Join Our Team... At GoDaddy, we are seeking an IT Senior, SOX Compliance & Risk Management, to join our Finance Assurance, Risk and Compliance (ARC) Team! This role will play a key part in driving high-quality execution of our SOX compliance efforts across the full annual SOX cycle, bringing to bear technology, including AI, to optimize execution! We re looking for a meticulous and proactive team member who will test IT general and IT automated controls, identify control enhancement opportunities, and contribute to the ongoing improvement of the SOX program. This role reports to the Senior Manager, SOX Compliance & Risk Management. What youll get to do... Assist in driving the SOX program by supporting SOX compliance activities including performing walkthroughs and testing of IT general and IT automated controls, while ensuring alignment with regulatory expectations and industry standard processes Support the development and continuous improvement of SOX-related documentation, risk assessments, and reporting, maximising automation tools where possible Identify control deficiencies and trends, and partner with internal teams to support remediation planning Contribute to ongoing program improvement by recommending updates to testing approach and documentation standards. Maintain strong cross-functional relationships across business and IT collaborators to support program objectives Your experience should include... 3+ years of experience in SOX compliance, internal audit or external audit Bachelors degree or equivalent experience in accounting, finance, computer information systems or related field Recent public accounting background from a Big 4 Firm Strong understanding of SOX 404 and internal control frameworks (e.g., COSO, COBIT) Experience testing SOX controls CPA (equivalent), CIA, CISA, or other relevant certifications Weve got your back... We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.

This position is reporting to the Senior Manager, Internal Controls in our Milpitas office. The senior will assist in leading and executing projects for the Internal Controls SOX pillar globally, assisting in Internal Controls function improvement projects, and working on improving projects in collaboration with the other internal audit pillars, and business process owners. Execution of projects in the Internal Controls pillar globally including: Assisting in performance of annual SOX scoping, materiality, and risk assessment Assisting in development of the overall SOX program plan including the detailed timeline and resource planning Implementing the SOX program, including interactions with the internal and external stakeholders, coordination of the planning and testing phases across the global business and IT functions Maintaining SOX program documentation on methodology, quality, testing templates, and flowcharts. Delivering SOX related trainings to the finance, IT and internal audit functions. Maintaining status dashboards for all phases and aspects of the SOX program, reporting to the Sr. Manager and other relevant stakeholders. Assisting in reviewing controls documentation, testing approach, and testing execution for SOX related work, as needed. Assisting with management and oversight of our co-sourced testing function. Serving as a single point of contact for ongoing communication with the external auditor team on the finance & operations area and liaising with the business to execute on the SOX program throughout the year. Developing, cultivating, and growing relationships with key stakeholders across various business functional and operational areas. Assisting with continued development and refinement of strategy, structure, operations, and model for the Internal Controls SOX PMO function as part of the leadership team. Qualifications Required and preferred knowledge and job skills: Work experience: 2+ years of progressive work experience required. Strong preference for background with a large public accounting firm and/or some US Public Company Internal Audit experience Certification: CIA or CPA (or equivalent) professional certification strongly preferred with expectation of base certification shortly upon hire if not already obtained. Preference for additional certifications including CIA, CPA (or equivalent), CISA, or PMP. Education: Bachelor s degree with focus on Accounting, Information Systems, or Finance required. Preference for a Master s degree. Internal Audit Project Execution Skills: Risk assessment, testing, sampling, review, root cause analysis and evaluating of deficiencies, audit reporting, and some consulting skills required. Internal Audit Operations Execution Skills: Outstanding project and time management skills required. Internal Audit Technical Skills: Strong understanding of SOX theory, materiality, scoping and COSO 2013 framework. Knowledge of SOX best practices and methodology Ability to understand and analyze business process end to end, articulate risks and execute independent judgement Understanding of IT-related controls and IT-dependencies as an integral part of the business processes Recent experience with global public multilocational audits leading multiple SOX cycles required. Technical skills in data analytics is a plus. Internal Audit Soft Skills: Ability to conceptualize and apply judgment across a number of finance, operations, compliance, and cross functional areas, constructively assisting with difficult conversations, excellent presentation skills, ability to assist in influencing and managing expectations of stakeholders, coaching and developing team members, relationship building, and business partnering skills required. Language: Excellent verbal and written English language skills required. Secondary written and verbal language skills a plus. Travel: Ability and willingness to travel throughout globally - up to 10%.

Who we are? Who We Are: At Inchcape Shipping Services, our vision is to create a connected world where customers can trade successfully and make informed decisions in every port, everywhere. We achieve this by combining our worldwide infrastructure with local expertise, through our global network of more than 250 proprietary offices and a team of over 3,000 dedicated professionals. Our diverse customer base includes owners and charterers in the oil, cruise, container, and bulk commodity sectors, as well as naval, government, and intergovernmental organisations. We have an ambitious growth model, and a career here is certainly going to be a rewarding one that will allow you to bring your skills & experience. We embrace change and are open to new thinking and pushing for positive change in our industry. Job Summary: Inchcape Shipping Services is a global shipping agent providing predominantly port agency and marine services as well as market/ port intelligence, operational performance, and payment solutions/ cash management to principals and customers. The company is dynamic, entrepreneurial, and fast-paced, with 300 offices in almost 70 countries, with 3 main operational hubs in London, Houston, and Dubai. The recent period of leadership change has strengthened the appetite for a robust internal audit department to use a risk-based approach to provide assurance over the broad spectrum of Inchcape Shipping Services. Internal Audit is expected to be experts providing hands-on experience to improve risk awareness/ knowledge and improve the overall control environment in all areas. The main purpose of the job is to carry out the responsibilities of the Internal Audit Manager, covering all control review and internal auditing requirements of Inchcape Shipping Services World and its Group Companies. This includes: Consulting with the business to help identify and document key controls either in place or required to improve the control framework and mitigate key risks. Planning and delivering a portfolio of audit and control review engagements to provide an independent assessment of the effectiveness of managements controls over managing key group risks. This includes planning, conducting, and reviewing controls, audit fieldwork, and developing audit reports or other deliverables for agreement with the Head of Risk and Internal Audit and key stakeholders. Working with the business to identify, document, and assess the control in place and required to assist in the development and production of an internal control framework for the organisation; Providing control framework updates on the effectiveness of the controls in place; Delivering assigned audits to help ensure timely delivery of the audit plan; Assisting in preparing and reviewing periodic reports to the Audit Committee and the Business, summarizing results and status of internal controls, audit activities, and resulting actions; Assisting in the development and production of an Internal Audit Manual, including associated Policies and Procedures; Identifying red flags in existing systems and processes, and assisting in the investigation of suspected fraudulent activities or incidents in the company in accordance with relevant fraud prevention procedures; and Ensuring that Internal Audit (IA) complies with and keeps abreast of sound internal auditing principles and best practices, such as guidance provided by the Standards issued by the Institute of Internal Auditors (IIA). Key Responsibilities: Assisting the business in developing the Internal Control Framework; Reviewing and testing the effectiveness of Internal Controls; Plan and manage audits from scoping through to reporting in a timely manner, including: Leading the communications to auditees and entity stakeholders, agreeing scope of audits, liaising During fieldwork and discussing and agreeing on audit findings and reports; Terms of Reference/Scope Development; Audit test completion, including documentation of work performed; Applying judgment to draw conclusions and agree on appropriate management actions with auditees, to improve risk, control, and governance processes; and Drafting Audit Reports for Management and the Audit Committee; Applying audit principles to engagements and ensuring compliance with Internal Procedures and the IIA Standards; Developing and implementing Internal Audit Policies and Procedures; Ensuring a high quality of Governance, Risk, and control environment within Inchcape Shipping Services. Maintaining professionalism, integrity, and objectivity; Managing key relationships with internal customers and stakeholders, responding to special requests for audits and controls advice; Perform follow-up reviews to verify that necessary corrective actions have been implemented to rectify previously identified control weaknesses; and Raise awareness and credibility of internal audit within the organization, developing a proactive, supportive culture towards problem resolution that fosters a spirit of being a key member of the team. Key Deliverables: Internal Control Framework Assurance Reviews and Updates Internal Audit Plan Internal Scope memo Internal Audit working papers Internal Audit reports Presentations to management Internal Audit Policies and Procedures Knowledge, Experience, and Skills: Professional experience in an internal controls, internal or external audit team, and relevant business processes and/ or knowledge of the industry; Experience in the development, review, and updating of control frameworks; Experience in the development, review, and updating of audit policies, procedures, and templates; Possess a strong knowledge of auditing, governance, risk management, information technology, finance, and commercial operations, and have the ability to demonstrate a good understanding of risk, control, and governance in an operations-focused business; Excel advanced skills including VLOOKUPs, pivot tables, macros, etc. A self-driven, pro-active, and motivated individual with an ability to work independently to deliver factually accurate, professional, and proactive audit reports, working with minimal supervision; Approachable with good communication and people skills, and an ability to influence and enlist support from a wide range of individuals whilst being aware of and respecting cultural differences; Able to undertake travel across the ISS world at reasonable notice (25-40% usually for 1-2 weeks at a time); Demonstrates effective time, organizational, and prioritization skills. Excellent English language skills; demonstrates effective presentation and report writing skills. Education and Professional Qualifications University degree; Audit and/or IT/ accounting qualification i.e. CMIIA, CIA, CISA, ACCA, or equivalent experience #LI-MB1

Not Applicable Specialism Risk Management Level Senior Associate & Summary . Why PWC & Summary ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) s Strong understanding of IT General Controls domains such as Change Management, User Access Management, IT Operations, Back and Recovery Management etc Strong understanding of the thirdparty risk management Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc Understanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycle Interview client stakeholders and conducts walkthrough meetings and develop assessment artifacts Should understand complete assessment lifecycle from assessment scoping to project deliverables Great communication skills and the ability to break down and explain complex data security problems Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education Minimum Qualification BE/ BTech/MBA/Mtech/MCA Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CIA/CISA/CISM will be added advantage Mandatory skill sets ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Preferred skill sets ISO 27001 Reviews, HIPAA/ HITRUST Reviews Years of experience required 28 years Education qualification BE, B.tech, ME, M.tech, MCA, MBA, Mcom, CA, CS Education Degrees/Field of Study required Degrees/Field of Study preferred Required Skills Information Technology General Controls (ITGC), ITGC Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more} Travel Requirements Government Clearance Required?

Job Title Vulnerability Management x 1 Role Description Responsible for facilitating end to end vulnerability management responsibilities with internal employees and AT&Ts external auditing firms for Service Provider PCI, SOC, and ISO 27001 audits. Key Role and Responsibilities: 1. Schedule and ensure weekly scans are conducted, results are provided to the appropriate Remediation Owners and applicable Critical, High, and medium security risk vulnerabilities are addressed in a timely manner. 2. Schedule and facilitate meetings with internal employees to obtain, review, and analyze device inventory for assets supporting AT&T services in scope for a PCI, SOC, or ISO 27001 audits. 3. Schedule and facilitate meetings with internal employees covering vulnerability scan results providing Remediation Owners with information to help address in scope vulnerabilities to be compliant with PCI and ASPR requirements. 4. Schedule and provide training for internal employees covering vulnerability scanning and remediation for the latest PCI and ASPR requirements. 5. Perform security analysis, drive technical security assessments, and monitor and report on remediation progress. 6. Provide guidance to remediation teams to ensure compliance with regulatory, contractual, and legal requirements. 7. Perform scanning reconciliations to quickly identify in scope devices that were not properly scanned. 8. Follow-up with appropriate representatives to gain an understanding why in scope devices were not scanned and schedule rescans to ensure scanning of all in scope devices. 9. Assist with and perform penetration and segmentation testing for AT&T services. 10. Meet with external auditors as needed to review required audit evidence. 11. Contribute to the overall success of the team by identifying and documenting process improvements and creating and maintaining process documentation. Required Skills 1. Advance project management, time management, Microsoft PowerPoint, Excel, Outlook, and Word skills are required. 2. Advanced verbal and written skills are required. 3. ServiceNow experience using the vulnerability response module. Desired Skills 1. Bachelors degree in Computer Science with an emphasis in information systems is preferred. 2. Minimum of 5 years of experience in IT Operations, external PCI DSS audits, and 3 years of IT Security is preferred. 3. The following certifications are an asset, CISSP, CISM, CCSK, CCSP, PMP, and CISA. Service supported Vulnerability Management Approx. vendor billing rate* (INR /Day) 7600 INR per day.

Job Description: Work with the company s external auditor in leading walkthroughs, test of design and operational effectiveness of IT general controls; Coordinate and perform SOX program testing/auditing of IT General Controls with control owners and management; Evaluate IT General Control deficiencies for impact and perform risk assessments and root cause analysis to determine appropriate management actions. Monitor management s associated remediation efforts to closure, including review of supporting evidence; Create and maintain supporting documentation for SOX compliance testing; Engage and deliver appropriate workpapers timely to external auditors; Engag e , develop relationships and maintain open communication with a wide variety of cross functional internal resources and management as appropriate; Assess new products, systems, databases or changes to existing processes to identify and evaluate financial risks; Recommend process efficiencies to drive effective SOX IT compliance; Assist second line of defense organizations in ensuring that approved IT General controls are embedded in current processes; Support development and delivery of training programs to educate development teams and other stakeholders on compliance requirements, best practices, and policies; Foster a culture of compliance awareness and accountability within the organization. Qualifications: CISA, CISSP, CISM, ISO 27001, and other security certifications preferred; 5 years relevant experience; Graduate Degree in Computer Science, Information Technology, or any other related discipline or commensurate work experience or demonstrated competence; Strong IT SOX & audit experience, particularly IT controls; Demonstrated understanding of information management systems and infrastructure including IT processes, tools, controls; Technical acumen and the ability to understand and interpret technical specifications; Ability to meet stringent deadlines in a fast-paced environment, deliver quality product and work well in a dynamic team environment; Exceptional written and verbal skills.

Job Description: Reporting to the IT SOX Senior Manager-Internal Audit, the IT SOX Associate Manager, Internal Audit will be primarily responsible for the day-to-day conduct and execution of the IT SOX efforts within the Internal Audit department to support the annual SOX compliance program. This role will be a key member of the Internal Audit team in helping management ensure controls and compliance activities are well designed and effective from implementation. This individual will gain broad exposure to the operations of Envista and will interact with leaders across the organization, as well as our external auditors and third-party internal audit co-source partner. This position is intended to be hybrid with 3 days on-site and 2 days remote. PRIMARY DUTIES & RESPONSIBILITIES: Manage IT SOX efforts in conjunction with the external audit team. Review existing SOX program scope and identify areas for control rationalization, control enhancement, and adjustments to testing approach strategy. Oversee and manage walkthroughs as well as review IT general controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as Oracle EBS, SAP, Oracle Hyperion Financial Management, and Workday. Monitor SOX testing approach and manage expectations with control owners and external auditors to ensure key risks are proactively addressed and facilitate the evaluation of process changes to ensure ongoing SOX compliance. Work with control owners to periodically update narratives and other standard operating procedures. Liaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are met. Manage communication with external auditors and serve as a liaison for IT stakeholders. Provide thought leadership to control owners and operators on best practices for control documentation and performance. Research and assess deficiencies and work with Management to identify an appropriate solution. Follow-up on remediation activities to verify appropriate resolution. The position may be hybrid or remote depending on the candidates location. This Job is also suitable for persons with disabilities; attendance required - disabled-accessible building. #LI-PG1 Job Requirements: REQUIRED QUALIFICATIONS: Bachelor s Degree in Management Information Systems, Finance, Accounting, or Business Administration is required. Prior role within Big-4 /internal audit function in IT SOX/compliance audit. Big-4 experience highly preferred. 5-7 years of experience with assessing and testing IT controls for complex ERP systems to support audits. US CPA, CISA, CISSP, CIA, or non-US equivalent certified is required. Familiarity with SAP and Oracle IT general and IT application controls (supporting revenue, general ledger, accounts receivables/payables, etc.). Strong IT background or working knowledge of application infrastructure (Hana/Oracle database, Windows/UNIX/Linux operating systems). Excellent project and time management skills with the ability to self-start, prioritize, and handle multiple tasks in a time-sensitive, team-oriented environment. Strong analytical and problem-solving skills, detailed-oriented and able to work well under pressure. High level of integrity and dependability with a strong sense of urgency and results-orientation. Effective verbal and written communication skills when interacting both internally across multiple business units with various levels of management and externally with auditors. Effective interpersonal skills with ability to influence peers, subordinates, and superiors. Flexibility to collaborate with team members in the PST (UTC-8) time zone. PREFERRED QUALIFICATIONS: Experience in the manufacturing industry is preferred. Experience in business process and control walkthroughs is preferred. Operating Company: Corporate Envista is a global family of more than 30 trusted dental brands, united by a shared purpose: to partner with professionals to improve lives. Envista helps its partners deliver the best possible patient care through industry-leading products, solutions, and technology. Our comprehensive portfolio, including dental implants and treatment options, orthodontics, and digital imaging technologies, covers an estimated 90% of dentists clinical needs for diagnosing, treating, and preventing dental conditions as well as improving the aesthetics of the human smile. Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate. Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes. An Agency must obtain advance written approval from Envistas internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening. Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.

About Us Diligent is the AI leader in governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and 700,000 board members to clarify risk and elevate governance. The Diligent One Platform gives practitioners, the C-Suite and the board a consolidated view of their entire GRC practice so they can more effectively manage risk, build greater resilience and make better decisions, faster. At Diligent, were building the future with people who think boldly and move fast. Whether youre designing systems that leverage large language models or part of a team reimaging workflows with AI, youll help us unlock entirely new ways of working and thinking. Curiosity is in our DNA, we look for individuals willing to ask the big questions and experiment fearlessly - those who embrace change not as a challenge, but as an opportunity. The future belongs to those who keep learning, and we are building it together. At Diligent, you re not just building the future - you re an agent of positive change, joining a global community on a mission to make an impact. Learn more at diligent.com or follow us on LinkedIn and Facebook Position Overview: You are intense about technology and exceed all expectations with your clients, from deadlines to deliverables. This position is responsible for executing and delivering solutions related managed services requests from customers. This role is expected to be an expert in the Diligent solutions and collaborate with internal teams to get the job done. Key Responsibilities Deliver Professional Services over the course of the entire customer journey and/or product enablement lifecycle. Assist PS management, CS team, and other stakeholders (where relevant and appropriate. Example: Sales, PM, PMM or Marketing) in the different stages of the customer lifecycle. Leverage Domain, Industry and Product expertise to provide guidance to customers on best practices regarding solution rollout and project execution. Continue to develop Domain and Product expertise to provide guidance to customers on best practices for solution rollout and project execution through continuous learning and personal development. Build confidence to lead the implementation process end-to-end independently including engagement with the customer. Work with clients to understand their program goals and how they collect/process data Leverage Diligent methodology to configure and implement our product and enable customers to use our products Provide guidance on best practices and usage of our products to achieve best results. Ensure a good customer experience during the implementation journey. Ensure timely and quality delivery of the services contracted by customers. Collaborate with Delivery Managers to ensure any new service requests are handled appropriately or routed request to the correct teams. Required Experience/Skills Upto 3 years of experience in an internal or external client-facing or consulting role Embody Customer First mindset in all undertakings, operating with urgency, excellence, and accountability to customer outcomes and experiences. Maintains a consistently high-quality level of work ethic including attention to detail, accuracy, and following processes and procedures with stakeholders and customers. Demonstrate effective time management and organization skills and ability to multi-task in a fast-paced environment Shows a willingness to problem-solve and take on new challenges Ability to work as part of a team to deliver in tight timeframes and respond quickly in a constantly changing environment Passionate about GRC (i.e. governance, audit, compliance, internal controls, information security, ESG and/or risk management, etc) Excellent communication skills-including delivery of presentations or workshop Ability to effectively engage customer personnel in solution discussions to resolve issues regarding GRC requirements and goals Relevant Professional GRC accreditation (planned, in progress, or obtained) (e.g., CIA, CA, CGA, CMA, CPA, CFE, CISA, CRISC, CISSP etc.) Preferred Experience/Skills Amazing communication skills Demonstrate effective time management and ability to multi-task in a fast-paced environment Experience with GRC and/or analytics tool is a plus Experience in a platform based products/solutions is an added advantage. GRI Sustainability Reporting, ISB or other relevant certification desired Undergraduate degree in a relevant area (e.g. Business Administration, Compliance Management, Legal & Ethics, Supply Chain Management, Engineering, Information Security or MIS) is a plus. What Diligent Offers You Creativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clients We care about our people. Diligent offers a flexible work environment, global days of service, comprehensive health benefits, meeting free days, generous time off policy and wellness programs to name a few We have teams all over the world . We may be headquartered in New York City, but we have office hubs in Washington D.C., Vancouver, London, Galway, Budapest, Munich, Bengaluru, Singapore, and Sydney. Diversity is important to us. Growing, maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team, facilitate dialogue, and foster understanding. Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology, insights and connections they need to drive greater impact and accountability - to lead with purpose. Our employees are passionate, smart, and creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place. Headquartered in New York, Diligent has offices in Washington D.C., London, Galway, Budapest, Vancouver, Bengaluru, Munich, Singapore and Sydney. To foster strong collaboration and connection, this role will follow a hybrid work model. If you are within a commuting distance to one of our Diligent office locations, you will be expected to work onsite at least 50% of the time. We believe that in-person engagement helps drive innovation, teamwork, and a strong sense of community. We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Diligents EEO Policy and Know Your Rights . We are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at recruitment@diligent.com . To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes.

About Us Diligent is the AI leader in governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and 700,000 board members to clarify risk and elevate governance. The Diligent One Platform gives practitioners, the C-Suite and the board a consolidated view of their entire GRC practice so they can more effectively manage risk, build greater resilience and make better decisions, faster. At Diligent, were building the future with people who think boldly and move fast. Whether youre designing systems that leverage large language models or part of a team reimaging workflows with AI, youll help us unlock entirely new ways of working and thinking. Curiosity is in our DNA, we look for individuals willing to ask the big questions and experiment fearlessly - those who embrace change not as a challenge, but as an opportunity. The future belongs to those who keep learning, and we are building it together. At Diligent, you re not just building the future - you re an agent of positive change, joining a global community on a mission to make an impact. Learn more at diligent.com or follow us on LinkedIn and Facebook Shift Pattern: Supporting EMEA, 1.30 to 10.30 PM IST Position Overview: You are intense about technology and exceed all expectations with your clients, from deadlines to deliverables. This position is responsible for executing and delivering solutions related managed services requests from customers. This role is expected to be an expert in the Diligent solutions and collaborate with internal teams to get the job done. Key Responsibilities Deliver Professional Services over the course of the entire customer journey and/or product enablement lifecycle. Assist PS management, CS team, and other stakeholders (where relevant and appropriate. Example: Sales, PM, PMM or Marketing) in the different stages of the customer lifecycle. Leverage Domain, Industry and Product expertise to provide guidance to customers on best practices regarding solution rollout and project execution. Continue to develop Domain and Product expertise to provide guidance to customers on best practices for solution rollout and project execution through continuous learning and personal development. Build confidence to lead the implementation process end-to-end independently including engagement with the customer. Work with clients to understand their program goals and how they collect/process data Leverage Diligent methodology to configure and implement our product and enable customers to use our products Provide guidance on best practices and usage of our products to achieve best results. Ensure a good customer experience during the implementation journey. Ensure timely and quality delivery of the services contracted by customers. Collaborate with Delivery Managers to ensure any new service requests are handled appropriately or routed request to the correct teams. Required Experience/Skills 3-5 years of experience in an internal or external client-facing or consulting role Embody Customer First mindset in all undertakings, operating with urgency, excellence, and accountability to customer outcomes and experiences. Maintains a consistently high-quality level of work ethic including attention to detail, accuracy, and following processes and procedures with stakeholders and customers. Demonstrate effective time management and organization skills and ability to multi-task in a fast-paced environment Shows a willingness to problem-solve and take on new challenges Ability to work as part of a team to deliver in tight timeframes and respond quickly in a constantly changing environment Passionate about GRC (i.e. governance, audit, compliance, internal controls, information security, ESG and/or risk management, etc) Excellent communication skills-including delivery of presentations or workshop Ability to effectively engage customer personnel in solution discussions to resolve issues regarding GRC requirements and goals Relevant Professional GRC accreditation (planned, in progress, or obtained) (e.g., CIA, CA, CGA, CMA, CPA, CFE, CISA, CRISC, CISSP etc.) Preferred Experience/Skills Amazing communication skills Demonstrate effective time management and ability to multi-task in a fast-paced environment Experience with GRC and/or analytics tool is a plus Experience in a platform based products/solutions is an added advantage. GRI Sustainability Reporting, ISB or other relevant certification desired Undergraduate degree in a relevant area (e.g. Business Administration, Compliance Management, Legal & Ethics, Supply Chain Management, Engineering, Information Security or MIS) is a plus. What Diligent Offers You Creativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clients We care about our people. Diligent offers a flexible work environment, global days of service, comprehensive health benefits, meeting free days, generous time off policy and wellness programs to name a few We have teams all over the world . We may be headquartered in New York City, but we have office hubs in Washington D.C., Vancouver, London, Galway, Budapest, Munich, Bengaluru, Singapore, and Sydney. Diversity is important to us. Growing, maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team, facilitate dialogue, and foster understanding. Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology, insights and connections they need to drive greater impact and accountability - to lead with purpose. Our employees are passionate, smart, and creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place. Headquartered in New York, Diligent has offices in Washington D.C., London, Galway, Budapest, Vancouver, Bengaluru, Munich, Singapore and Sydney. To foster strong collaboration and connection, this role will follow a hybrid work model. If you are within a commuting distance to one of our Diligent office locations, you will be expected to work onsite at least 50% of the time. We believe that in-person engagement helps drive innovation, teamwork, and a strong sense of community. We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Diligents EEO Policy and Know Your Rights . We are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at recruitment@diligent.com . To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes.