879 Cisa Jobs - Page 2

The role of Auditor - COO & Senior Auditor in Bangalore & Hyderabad is a full-time position requiring at least 5+ years of experience and eligibility criteria of being a Qualified CPA or Qualified CA. As a Senior Auditor - COO, you will be responsible for executing and managing multiple concurrent projects or audit engagements under the direction of senior management. You will participate in audits as a subject matter expert, demonstrating a broad knowledge encompassing technology, operations, finance, and regulations across various business areas. Building strong business relationships within the Audit team and with other stakeholders is a key aspect of this role. Additionally, you will be accountable for project management, timely completion of audits, and effective communication. The ideal candidate should have a CA or MBA (Finance) qualification along with 3 to 5 years of relevant experience in Internal Audit or a similar domain, preferably in the banking sector, captives, or Big 4s. Experience across Investment Banking audit, Operations teams, Risk and Control functions is desirable. Possessing a good understanding of internal banking processes, auditing techniques, and audit life-cycle is essential. Post-Graduation degree and certifications like CIA, CFA, CPA, ACCA, and CISA will be advantageous. Furthermore, the role requires excellent communication skills, organizational abilities, multitasking, and prioritizing skills. The candidate should have an agile mindset, problem-solving attitude, good analytical skills, and high attention to detail. An ability to positively impact team environments, adaptability, and flexibility are crucial for success in this position. Travel of up to 10% of the time may be required for this role.,

The role you are applying for will involve coordinating with Group CISO & the Asia Pacific Region (APR) Risk Management team to implement central directives regarding cybersecurity governance, conducting analysis, and organizing committees within APR. This position will report directly to the Regional Head of Risk Management, Asia Pacific Region (APR). The ideal candidate for this role should have experience working as a Chief Information Security Officer (CISO) with a background in Cyber Security, Cyber Risk Management, and Risk Management. You will be responsible for managing the APR region (Asia Pacific/Europe) and should have prior experience working with APR countries or other Asian countries, primarily Europe. It is essential to have expertise in developing and executing security strategies. Candidates with a history of frequent job changes (e.g., almost every year) will not be considered. Knowledge of EU regulations, such as DORA, is advantageous. Certifications such as CISSP, CISM, or CISA are required for this position. Your main responsibilities will include adapting Group documents to enhance local cyber resilience, organizing quarterly regional ISS Committees, cascading risk mapping to the local level, supporting the assessment of local third parties" security, advising on local/regional IT and Cyber Projects, and overseeing cybersecurity regulations in Asia Pacific. You will also be involved in conducting Cyber Risk assessments at a regional level and other risk management activities as needed. Candidates should hold a bachelor's degree in information technology, computer science, or a related field. Professional qualifications such as CISSP, CISM, or CISA are necessary. A minimum of 10 years of experience in IT management/cybersecurity governance or related fields, preferably in financial institutions, is required. You should have a strong understanding of security principles, standards, and technologies, including access control, network security, identity management, and cyber incident management. The candidate should possess strong communication and interpersonal skills to collaborate effectively with stakeholders at all levels. Being well-organized, detail-oriented, a good team player, and capable of establishing and maintaining effective working relationships with internal stakeholders are essential attributes for this role. Additionally, you should be able to work independently and demonstrate strong self-motivation.,

Job Description: Job Title: Divisional Risk and Control Analyst TDI Controls Testing & Assurance, AS Location: Pune, India Role Description Infrastructure Chief Operating Office (COO) is responsible for the effective operation of the infrastructure functions, driving operational efficiency whilst supporting the effective delivery of infrastructure services in line with business objectives and control requirements. It also includes oversight of Infrastructure Divisional Control Office (DCO) and Trade Settlement and Confirmations Operations (TSCO). Infrastructure Divisional Control Office (IDCO) as part of Infrastructure COO, provides services to multiple functions in infrastructure. The IDCO function is a dedicated risk, control, and regulatory oversight function, with prime responsibility for managing and proactively mitigating risk across the full breadth of the Technology and Infrastructure organization. Function also provides a consolidated view and central coordination of (non-financial) risks, as well as effective, efficient, and consistent standards and policies. (Technology Data & Innovation) TDI Control Testing & Assurance team part of IDCO identifies, tracks and reports control testing & assurance activities, conducts independent controls testing (design and operating effectiveness) on different risk types in line with the Control Testing Standards. The team also focuses on regulatory and risk-based assurance requirements. This role is within TDI Control Testing & Assurance team. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Perform Control Testing in line with Control Testing methodology/minimum standard Identify control deficiencies (findings), risks related to elements of controls, participate in findings agreement with stakeholders, escalate potential issues and exception items noted during the testing to senior management for discussion and further investigation, if deemed necessary Prepare Control Testing workpapers for senior management detailing testing results, document findings with highest quality Track Control Testing identified findings, perform required follow-up on open findings Consider regulatory and internal firm policy requirements as well as established best practices for control assurance. Support controls assurance activities Support in monitoring Control testing teams adherence to Control Testing methodology/minimum standards Support, contribute in managing Control Testing vendor resources, where applicable Track testing related effort/budget Plan Vs. Actuals throughout the testing lifecycle Build and maintain solid working relationships with key stakeholders such as within the DCO, IDCO, TSCO, GTI and other Testing Teams including Divisions/sub-divisions, 2 LoD and Group Audit (GA) Your skills and experience University degree preferably in Computer Science, Mathematics, Engineering or a related subject or equivalent qualification in the areas of information security. Professional/industry recognized qualifications e. g. , CISA, CISSP, CISM, CRISC are beneficial. Experience in Cloud Security audit/testing, GCP (Google Cloud Platforms) or Professional/industry recognized qualifications e. g. , CCSP, CCSK will be an advantage Good knowledge of auditing IT application controls, e. g. , from IT audits or IT risk management. Understanding of the relationship between IT risk and underlying business process risk. Knowledge of regulations governing financial institutions is beneficial. Strong written and verbal communication skills and the ability to communicate effectively in conflict situations. Strong organizational skills and attention to detail. Ability to work under pressure, multi-task and prioritize workload. Strong analytical skills and structured thought process with the ability to clearly articulate control deficiencies and related risk Flexible, proactive, and innovative mind set with strong organizational skills to take ownership and responsibility for agreed targets and to meet them within budget to enable a timely and efficient completion of projects. This is an IC (individual contributor) role. How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. https://www. db. com/company/company. htm Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

If you are a strategic thinker passionate about driving solutions and mitigating risk; you have found the right team. The Testing CoE (Center of Excellence) team is responsible for ensuring a strong and consistent control environment across the firm. This role is a great opportunity to be working with a large Controls Testing team and help establish a newly formed organization which provides the potential hire a good starting point within the firm. Job Summary As an Associate within the Testing Center of Excellence, you will be responsible for the execution of independent risk-based, point-in-time evaluations of the control design adequacy and execution effectiveness, to mitigate compliance, conduct and operational risks. The role requires overseeing the performance of complex evaluations of business processes through a comparison of actual processes against expected practices (policies, standards, procedures, laws, rules and regulations). Testing activities often include sophisticated data analytics on large datasets and regular engagement with senior stakeholders across the firm. This is an exciting opportunity to work on key risk initiatives as they become the focus of the firm and across the financial services industry. You will excel at creative thinking and problem solving; be self-motivated, confident and ready to work in a fast-paced, energetic environment. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job responsibilities Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 3+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, within the financial services industry. Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications preferred. A background in auditing and the ability to understand of internal controls is beneficial. Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint.

Business Title Sr. Lead - Zero Trust and IAM Country India What we look for 10+ years experience implementing enterprise Identity and Access Management (IAM), Privileged Access Management (PAM) solutions (e. g. Saviynt, Okta, SailPoint, Ping Identity, Omada, Microsoft Identity Manager, Beyond Trust, CyberArk or equivalent IAM solution) in client environments. Familiarity with Zero Trust Network Architecture is desirable Familiarity with service now Ticketing and CMDB is desirable Design, build, operate and automate security solutions and processes to protect the integrity of the organizations networks, systems, applications and data. Experience developing technical strategies, architectures, and roadmaps. Outstanding communication and presentation skills. Able to articulate complex, technical concepts to non-technical audiences. Respond to security incidents, including data breaches, and coordinate with other IT teams to mitigate the impact of any security breaches. Preferred Experience hardening security for Active Directory, Windows, *nix OS. Experience with IDaaS providers such as Microsoft, Okta, Ping Identity, Google Cloud Identity. Experience with cloud architectures particularly Azure, AWS, GCP native IAM controls. Experience with Identity Governance processes and solutions such as Saviynt, SailPoint, Ping Identity or equivalent. Experience with Microsoft 365, Active Directory, SAML, OIDC Knowledge of Applied Cryptography and PKI Manage and network security infrastructure o Firewall configuration and rule management o Cloud proxies services & Network Access control o Employee and Partner remote access VPN services o Cloud based Web application firewall Development knowledge e. g. Python, Java, C#, . NET, Web Services (SOAP/REST/RESTful, APIs), Shell programming/scripting Preferred Network Infrastructure Security background in both on prem physical security components (firewalls, IDS/IPS , remote access and internet proxies) as well as cloud security services (Zscaler , Azure, GCP). Strong experience of working on SIEM tools like Splunk to analyse logs and correlate events. Experience with User Behaviour Analytics & Workday, SAP, Salesforce Experience with MDM capabilities such as Intune or AirWatch Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR) Certifications o CISSP or SANS, GIAC, CIMP, CEH, CISM or CISA certifications is a plus o OKTA Professional or Consultant is a plus o Google/AWS/Microsoft Professional Cloud Architect is a plus Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www. johnsoncontrols. com/careers.

Job Description: In Scope of Position based Promotions (INTERNAL only) Job Title: General Auditor - AVP Location: Mumbai, India Role Description The Auditor participates in internal audits of a specific business/functional area in accordance with the Audit methodology and evaluates the adequacy and effectiveness of internal controls relating to risks within those business areas under moderate supervision. The Auditor participates in Concurrent Audit deliverables of Group Audit. The Auditor may also be required to participate in ad hoc projects and Special Investigations. The Auditor works in a cooperative manner with subject matter experts and other teams from across the function to provide front-to-back /SME audit coverage. The Auditor undertakes multiple audit assignments; drafts high-quality audit reports for review by audit management, facilitates issue tracking and validates the closure of audit Issues. The Auditor must typically proactively develop and maintain professional consultative working relationships with clients and respective support areas and will use a range of approaches to collect relevant and readily available information to assess risk, resolve issues or carry out tasks. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Executes day-to-day operational audit work and contributes to the delivery of audits (including risk assessment profiles and business monitoring). Undertakes audit assignments, drafts audit reports for review by audit management, facilitates issue tracking and validates closure of issues. Drafts high quality issues for review by audit lead/Principal Audit Manager, facilitates issue tracking and validates the closure of issues (as required). Executes audit fieldwork in line with the agreed audit approach e.g. documenting Activity Flows, identification of key risks, testing of key controls to determine whether they are properly designed and are operating effectively and documenting work in accordance with divisional standards. Partners with other divisional/teams during audit engagement to guarantee an integrated approach. Reviews and provides expert opinions on action plans provided by clients, helping them develop robust remediation plans. Completes all assigned audit work in line with agreed budgets, including ad hoc projects and special investigations. Proactively manages and executes day-to-day responsibilities with group audit deliverables on Concurrent Audit Acts as a challenger to clients in the issue closure process. Communicates openly with divisional management and the internal stakeholders; keeps them informed of potential issues and escalate problems/delays accordingly. Proactively keeps abreast of pertinent industry, regulatory and business practices. Proactively develops and maintains professional working relationships with colleagues, the business and respective support areas. Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution. Highlights performance issues within the team, where appropriate, to drive for high performance. Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of the new environment. Your skills and experience Audit/business knowledge and experience and an understanding of the risks and regulatory requirements in one or more of the following business/functional areas: Investment Banking, Transaction Banking, Retail & Corporate Banking, Asset & Wealth Management, Business Services (operations), Risk, Legal & Compliance, Finance and Information Technology. Familiarity with operational requirements of a global bank. Sound understanding of global banking control environment and compliance issues in the banking/finance industry. Solid communication skills, communicating with clarity, both orally and in writing, in a logical order and structured approach. Fluent in English (written and verbal) and local languages if necessary. Solid relationship management, analytical, problem solving, communication, influencing, planning and presentation skills. Good knowledge of auditing standards and concepts. Ability to work in a fast-paced business environment. Able to work in virtual, global teams in a matrix organisation, transfer knowledge and develop capability of team members. Education/Certification Bachelor Degree (or equivalent) from an accredited college or university (or equivalent) or equivalent work experience. Professional/industry recognised qualifications e.g. CISA (for IT auditors), Accounting qualifications such as ACA and CPA How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

Job Description: Job Title: DCO Risk Control Assessment (RCA) AVP Location: Mumbai, India Role Description Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture. The Corporate Bank (CB) DCO has functional responsibility for providing a central point of oversight over the CB Risk Control Assessments (RCA). This includes supporting the business by driving Risk Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM guidelines. RCA is a key component of the banks non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. What we will offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Flexible working arrangements Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Collaborate with businesses and support them in conducting Risk Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business Coordinate with businesses/2LoD and assist in 2LoD challenges Prepare RCA reports and obtain business sign-offs Document risk mitigation decisions, if required, with consideration of risk appetite Deliver high quality Global Governance decks and reporting trends to support senior management Your Skills Qualifications: CISA/CRISC or relevant security qualifications with experience of Risk Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks Experience in SOX/ ISO27001 control framework Knowledge related to risk management (including conducting Risk Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment Strong quantitative and analytical skills required to critically evaluate information for key risk assessments Familiarity with DB organization a plus, but not mandatory Strong project management skills and a proactive team partner Influencing, negotiation skills and stakeholder management expertise Strong verbal and written communication skills Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory How we ll support you Training and development to help you excel in your career Flexible working to assist you balance your personal priorities Coaching and support from experts in your team in Germany Pune A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams https: / / www.db.com / company / company.html

Job Description: Job Title: Information Security Specialist - AVP Location: Pune, India Role Description The Information Security Analyst is responsible for supporting the execution of the Information Security strategy. The Information Security Analyst provides data and analysis to measure the effectiveness of Information Security controls across group wide products and services. The Information Security Analyst identifies and evaluates potential areas of Information Security threats by assessing the probability and impact and facilitates feedback for mitigation. Roles within Information Security may cover one or more areas of specialty, e.g., Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.); Information Security ( IS ) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) and IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.) What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Review Risk Assessment (Application/Technical Risk profile) and Assurance spot checks for Compliance evaluation (e.g., IS/Cloud/SOx/MAS/Client Access Management/other regulatory controls) Analysis and verification of compliance issues Support stakeholder remediation activities Collect and review evidence (e.g., from de-centrally managed applications) Create compliance issue tickets and address issues to responsible stakeholders. Analyze and identify root causes. Provide and prepare data for management communication. Preparing reports for stakeholders and management Improvement and documentation of operational tracking activities Raise Business Requirements to Central Solutions run by other CSO teams. Your skills and experience Attitude of diligence and precision Ability to integrate in heterogeneous teams. Proactively driving topics, not shunning to address issues to higher management levels. Structured way of thinking and working Very good communicator Very good analytical and problem-solving skills Very good English (verbal and written) Experience in Excel (advanced) Good German skills beneficial Good Python programming skills beneficial Certifications in ISO 27001 or information security (e.g., CISSP, CISA) beneficial Practical experience in Governance or Compliance Monitoring beneficial. Knowledge about basic principles of Identity and Access Management beneficial How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams https: / / www.db.com / company / company.htm

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Risk Advisory is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Your work profile As a Manager in our Cyber - Extended Enterprise team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You will: Role Description Lead ISMS or Third-Party Risk Assessments Lead engagement team in delivering client engagements Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements Should be able to work as independently on short term engagements Perform quality reviews of work performed by team members Desired qualifications 8+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits and Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Location and way of working Base location: Pune This profile involves frequent / occasional travelling to client locations OR this profile does not involve extensive travel for work. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As an Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Role Description ISMS or Third-Party Risk Assessments Ability to effectively liaise with clients and manage stakeholder expectations Work with client teams from various departments such as compliance teams, auditing and regulators to identify and document various requirements/obligations Conducting risk assessments and audits with respect to people, process and technology Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures and standards Documenting information security risk, recommendation and compensating controls in the form of assessment/audit reports Collaborate with other members of the engagement team to plan and develop relevant work papers/deliverables for vendor information security reviews, define approach for vendor assessment and develop vendor evaluation model Handle key activities of assessment/ audit life cycle: planning, execution, reporting, quality review and tracking Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues Desired qualifications 8+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Location and way of working Base location: Bangalore Professional is required to work from office Your role as an Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

About The Role : Job TitleInformation Security Specialist - AVP LocationPune, India Role Description The Information Security Analyst is responsible for supporting the execution of the Information Security strategy. The Information Security Analyst provides data and analysis to measure the effectiveness of Information Security controls across group wide products and services. The Information Security Analyst identifies and evaluates potential areas of Information Security threats by assessing the probability and impact and facilitates feedback for mitigation. Roles within Information Security may cover one or more areas of specialty, e.g., Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.); Information Security (IS) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) and IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.) What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Review Risk Assessment (Application/Technical Risk profile) and Assurance spot checks for Compliance evaluation (e.g., IS/Cloud/SOx/MAS/Client Access Management/other regulatory controls) Analysis and verification of compliance issues Support stakeholder remediation activities Collect and review evidence (e.g., from de-centrally managed applications) Create compliance issue tickets and address issues to responsible stakeholders. Analyze and identify root causes. Provide and prepare data for management communication. Preparing reports for stakeholders and management Improvement and documentation of operational tracking activities Raise Business Requirements to Central Solutions run by other CSO teams. Your skills and experience Attitude of diligence and precision Ability to integrate in heterogeneous teams. Proactively driving topics, not shunning to address issues to higher management levels. Structured way of thinking and working Very good communicator Very good analytical and problem-solving skills Very good English (verbal and written) Experience in Excel (advanced) Good German skills beneficial Good Python programming skills beneficial Certifications in ISO 27001 or information security (e.g., CISSP, CISA) beneficial Practical experience in Governance or Compliance Monitoring beneficial. Knowledge about basic principles of Identity and Access Management beneficial How well support you . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Location: Kolkata Designation: Assistant Manager Audit & Assurance - Assurance Assistant Manager - Internal audit What impact will you make? Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential. The Team Discover the various Internal Audit services, we offer to help organizations look below the surface to achieve superior performance through a full range of outsourcing, co-sourcing, and advisory services including with respect to technology and data analytics . We enhance the overall value delivered by IA functions through strengthening quality, flexibility, efficiency, and value. Additionally, Deloitte helps clients extend their IA oversight to gain greater understanding of key enterprise risks such as evolving IT systems, applications, and other technologies. Work you ll do As Assistant Manager in our Internal Audit team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Key Job Responsibilities As a part of our team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Ability to effectively perform the technical components of risk assessments to provide an accurate view of the client s current risk state Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the client s business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Ability to enhance quality and efficiency of recommended conduct risk solutions by applying relevant frameworks, conducting research, and performing analyses Ability to conduct internal audits by leveraging approved processes and methodologies Ability to set the stage for a successful assessment of client s internal audit processes and controls by collecting and organizing data Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Ability to form a core Extended Enterprise Risk Management (EERM) skillset through proactively conducting research, and participating in internal and external initiatives Qualifications CA BBM / BBA / B. Com Must have one of the certifications - CFE, CPA, CIA, CISA Experience in Advanced Analytics and ERP is preferred Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. In addition to living our purpose, Assistant Manager across our organization: Builds own understanding of our purpose and values; explores opportunities for impact Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent Understands expectations and demonstrates personal accountability for keeping performance on track Actively focuses on developing effective communication and relationship-building skills Understands how their daily work contributes to the priorities of the team and the business How you ll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Centre. Audit & Assurance - Assurance Assistant Manager - Internal audit Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our purpose Deloitte is led by a purpose: To make an impact that matters . Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloittes impact on the world Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Join us as a Security Consultant This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information As our Security Consultant, you ll be providing advice and guidance on the best course of action needed to manage and solve security risks As well as the opportunity to enhance your security knowledge, you ll also be exposed to a wide range of stakeholders across the wider bank Were offering this role at associate level What youll do Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains. We ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible. You ll also be: Acting as the interface with security experts when needed Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation The skills youll need To be successful in this role, you ll need knowledge of one or more security subject areas and experience of setting risk appetites. You ll also demonstrate experience of, or a willingness to learn risk management frameworks. Additionally, you ll need: A background of at least 4 years in security assessment in information system An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc Industry certification such as CISSP, CISM, CISA Experience in c onducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines S trong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions Hours 45 Job Posting Closing Date: 01/08/2025

About the Role Wells Fargo is seeking a Senior Independent Testing Specialist This role is in the Technology IT&V group. The Independent Testing & Validation team is responsible for the development and design of methodologies and standards for review activities across the Enterprise in alignment with the Risk Management Framework, and ensuring effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies. The Independent Testing & Validation team is responsible for the development and design of methodologies and standards for review activities across the Enterprise in alignment with the Risk Management Framework and ensuring effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies. In this role, you will: Lead or participate in moderate to high risk or complex review activities in a matrixed environment and communicate emerging risks to management within Independent Testing Contribute to large scale planning related to Independent Testing deliverables Review and research moderately complex potential corrective actions, and follow through on reporting, escalation, and resolution Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs and controls according to standards and other applicable policies Resolve moderately complex issues and lead team to meet Independent Testing deliverables while leveraging solid understanding of risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners, management and lines of business regarding risk management Required Qualifications 4+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications 4+ years of experience in risk management (includes compliance, operational risk, internal audit, IT systems security, business process management). Direct experience Audit, Compliance, Risk and testing Knowledge and understanding of financial services industry: compliance, risk management, or audit operations Specialized knowledge or prior regulatory compliance testing or review experience Experience reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, initiatives, products and internal controls; and identifying issues resulting from internal and/or external compliance examinations Experience testing policy, procedures, control and business process testing Experience creating, executing, and documenting compliance, control, and business process testing Intermediate Microsoft Office (Word, Excel, Outlook, and PowerPoint) Ability to take on a high level of responsibility, initiative, and accountability Ability to present to executives Minimum two years at Big Four/super regional public accounting firm with experience in business process, regulatory, or IT audit and/or business process, regulatory, or IT SoX advisory/consulting service. Knowledge and understanding of Technology and Information Security Frameworks and standards (COBIT, COSO, FFIEC, NIST, ISO). Experience supporting SOX/SOC, Regulatory Exams (Domestic and Intl), Audits, or other technology control related assessments. Demonstrated success with influencing business units to identify, formulate and implement processes/procedures to mitigate risk. Demonstrated negotiation skills, especially with difficult topics when partnering with lines of business and technology. This includes the willingness and ability to question decisions, understand direction and escalate issues, where necessary One or more of the following certifications: Certified Internal Auditor (CIA) Certified Information Systems Auditor (CISA) Certified Anti-Money Laundering Specialist (CAMS) Certified Financial Crimes Specialist (CFCS) Certified Information Security Manager (CISM) CISM Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Job Expectations: Responsibilities of the Senior Independent Testing Specialist role include, but are not limited to: Providing meaningful operational and compliance risk assessments of business and IT processes Leading and supporting efforts to effectively challenge risks in processes and evaluate and/or test controls designed to mitigate those risks. Developing control design and operating effectiveness testing procedures. Executing the testing of controls with moderate supervision. Executing the testing of design and performance for RCSA based controls. Proactively engaging business partners to kick-off testing and lead ongoing meetings with moderate supervision. Providing consultation and subject matter expertise for business process and IT control related matters including evaluating severity of control deficiencies and related remediation efforts. Documenting test results and any issues identified while also providing recommendations to management, including identifying compensating controls and residual risk to issues identified. Proactively communicating issues to stakeholders and identifying issue ownership. Developing clear and concise reporting to be shared with IT&V management and Front Line Units. Providing Credible Challenge to the First Line Units as needed. Building relationships and collaborating with key stakeholders in the applicable line of business and IT functions related to assigned areas.

Role & responsibilities Perform internal audits as per the Risk Based Audit Plan approved by the Audit Committee of the Board Maintain audits and relevant work papers in accordance with the documented Audit Methodology in Audit software. Discuss with Line managers identified control gaps before finalising the audit reports. Follow up for open audit actionables on a periodic basis Co-ordinate / manage co-sourced audits, concurrent audits to ensure the work is completed as per agreed timelines and as per requisite quality. Assist in developing / maintaining audit analytics and utilising the exception reports during audit execution. Keep abreast of technological innovations, regulatory updates, etc in the financial domain especially for digital payments.

Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk & Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web & mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing & cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / Certification: ISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

Role & responsibilities Audit IT Infrastructure: Evaluate systems, processes, and controls in place. Ensure compliance with IT-specific laws, policies, ISMS policies, and standards. Identify vulnerabilities in IT systems and associated management. Discuss findings with the auditee department and finalize audit reports. Submit reports to the reporting manager. Collect auditee replies and present them to management (PRM). Follow up on findings from previous internal audits. Risk-Based Audits: Analyze applications or processes when there is a process change or weakness in controls. Present risks to management. External Audit Support: Present external audit status to management as required Support other Manappuram group audit teams as needed. Sample Audits: Vendor Risk Management Audit Software License Audit Software and Hardware Asset Inventory Audit Business Continuity Plan and Disaster Recovery Audit Software Patch Management and Hardening Tech-Specs Audit Physical and Environmental Security Audit Information Security and Management Systems (ISMS) Audit of HR, Administration, Facilities, Access Control, and Password Policy. System Audit of PPI MAKASH as per RBI norms. Audit of IT Governance Information and Cyber Security Audit as per RBI Master Direction on NBFC IT Framework. IT Operations Audit as per RBI Master Direction on NBFC IT Framework. Managing Audit of Outsourced IT Services

Position Summary : At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our company's internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelor's or Master's degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 4 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment Role: IT & Information Security - Other Industry Type: IT Services & Consulting Department: IT & Information Security Employment Type: Full Time, Permanent Role Category: IT & Information Security - Other Education UG: B.Tech/B.E. in Any Specialization PG: M.Tech in Any Specialization

Jul 24, 2025 Location: Pune Designation: Assistant Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The Team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As an Assisstant Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Youll : Role Description : 1. ISMS or Third-Party Risk Assessments 2. Lead engagement team in delivering client engagements 3. Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities 4. Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations 5. Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology 6. Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements 7. Should be able to work as independently on short term engagements 8. Perform quality reviews of work performed by team members Desired qualifications 1. 3+ Relevant years of experience in Third party risk management 2. Relevant years of experience in IT Audits, Cloud security 3. Experience with ISO22301 implementation and audits 4. Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ 5. Understanding of Third party/vendor/supplier risk management considerations 6. Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management 7. Excellent written/verbal communication 8. Excellent documentation and presentation skills 9. Highly motivated and willing to work in local and global environments 10. Security certifications like CISSP, CISA, CISM, CEH, ISO27001 11. Work experience in Infrastructure / Application Security 12. Work experience in IT Audit 13. Work experience in Information Risk Management Location and way of working Base location: Pune 5 days work from Office Your role as an AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Assistant Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Job Title: Deputy Manager IS Audit Department: Information Systems Audit Location: Mumbai/Hyderabad Interview Date Reference: Candidate qualifications & certifications must be valid as of 30.06.2025 Basic Qualifications (As on 30.06.2025): Educational Qualification: B.E. / B.Tech. in Computer Science / Software Engineering / IT / Electronics or equivalent discipline Minimum 50% aggregate marks Degree must be from a Govt. of India recognized university / institution / board or one approved by a government regulatory body. Professional Certifications: Mandatory: CISA (Certified Information Systems Auditor) from ISACA, USA (Must be valid on the date of interview) Desirable: CEH (Certified Ethical Hacker) from EC-Council, USA Experience (Post-Education) (As on 30.06.2025): Essential: Minimum 4 years of work experience in BFSI / IT / Information Security Consultancy Out of which, 2 years must be in IS Audit / Cyber Security Audit / Information Security Consultancy Note: Training / Teaching experience will not be considered All claimed experience should be supported by employer-issued certificates Desired Technical Skills: Proficiency in Vulnerability Assessment & Penetration Testing (VAPT) tools such as: Nessus, Retina, SAINT, Kali Linux Key Responsibilities: Conduct Information Systems (IS), Cyber Security, and IS Concurrent Audits. Perform IT Outsourced Activities Audit in line with organizational and regulatory standards. Evaluate compliance with internal IS / IT / Cyber Security Policies, RBI & regulatory guidelines, and international best practices. Identify system vulnerabilities and support mitigation actions to enhance the Banks security posture. Execute Compliance, Migration, and Special audits as directed. Draft and maintain detailed audit synopsis reports and value statements as per policy and audit guidelines. Liaise with various auditee departments for evidence-based compliance and timely closure of audit observations. Regularly upgrade knowledge and share insights with the IS Audit team to build team capability. Key Result Areas (KRA): Timely and efficient conduct of all assigned Information System Audits. Ensuring prompt follow-ups for compliance reporting. Achieving timely audit report closure in line with internal timelines. Submitting accurate and regular audit status reports to senior management. Contributing to knowledge-sharing, mentoring, and skill development within the IS Audit team. Periodically reviewing and updating audit frameworks and checklists to reflect current regulatory and cyber trends.

At EY, you will have the opportunity to shape your future with confidence by joining a globally connected powerhouse of diverse teams. As part of our highly successful Cyber Security team, we are currently seeking Security Architects with varying levels of experience. Whether you are considering a career change now or in the future, we invite you to connect with us and explore this exciting opportunity to contribute to building a better working world. As a Security Architect at EY, you will play a crucial role in leading the implementation of security solutions for our clients. You will work alongside an international team of specialists to address complex information security needs and enhance our clients" business resilience. Your responsibilities will include designing security solutions, developing security policies and guidelines, evaluating existing security controls, and collaborating with stakeholders to ensure effective security measures are in place. To excel in this role, you must possess expert-level knowledge in technical IT security domains such as infrastructure, networks, databases, security monitoring, and cloud security. Additionally, you should have experience in assessing solution architectures for security issues, managing multiple stakeholders, and implementing security vulnerability remediation strategies. Industry certifications such as CISSP, CISA, CISM, and experience in areas like Cyber Threat Management, Identity & Access Management, and Data Protection will be advantageous. To qualify for this role, you should have 8-10 years of professional experience in cyber security consulting, strong project management skills, and advanced communication abilities. While technical skills are essential, we value candidates who demonstrate strong interpersonal skills, relationship-building capabilities, and a commitment to delivering excellence in client service. Joining EY offers you the opportunity to work on inspiring projects, receive support and coaching from engaging colleagues, and develop new skills to progress your career. You will be part of a diverse and interdisciplinary environment that promotes knowledge exchange and emphasizes high quality in all endeavors. At EY, you will have the freedom and flexibility to shape your role in a way that suits you best, supported by a culture that values individual growth and personal development. If you are looking to be part of a market-leading team of professionals, collaborate with leading businesses globally, and contribute to building a better working world, we invite you to explore the exciting opportunities available at EY.,

The role of Senior Technology Auditor at Booking Holdings involves planning and executing IT operational, governance, and compliance related audits at Booking.com and other Booking Holdings companies. This position is based in Bangalore COE and may require occasional travel to other Booking Holdings companies. In this role, you will be responsible for planning and executing SOX control testing across Booking Holdings companies, as well as IT operational audits covering a wide range of topics. You will coordinate with stakeholders such as Risk & Compliance, Product Development & Engineering, Central Security & Technology teams, External Auditors, and others. Additionally, you will assist in conducting risk assessments, identifying controls to mitigate risks, and documenting audit results in accordance with internal audit department and Institute of Internal Auditors (IIA) standards. Furthermore, you will support in preparing audit reports for senior management and leadership teams, provide advice on internal control, participate in enhancing control procedures for Holdings companies, and drive continuous improvement of the internal audit function. The ideal candidate for this role should have strong knowledge of various IT environments gained through at least 5 years of relevant experience in IT. They should possess an understanding of risk definitions and controls implementation in an IT environment, negotiation skills, relationship building skills, problem-solving abilities, and timely problem escalation skills. Excellent analytical, report writing, oral communication, time management, and organizational skills are essential, along with a minimum of a Bachelor's degree preferably in Technology and certifications such as CISA/CISM/CISSP or equivalent. The successful candidate should be a culture fit for the energetic and fast-paced environment at Booking Holdings, displaying a self-starter attitude, commercial awareness, results-oriented approach, data-driven decision-making skills, stakeholder management abilities, relationship-building skills, and a commitment to self-development. Being detail-oriented while grasping the bigger picture is crucial for this role. Booking Holdings values diversity and inclusivity within its team, aiming to provide an environment that fosters innovation, creativity, and collaboration. The Global Internal Audit function at Booking Holdings plays a key role in providing assurance, analysis, insights, and advice on key risks, working towards making the company stronger and more successful. GIA operates globally, partnering with brands and individuals across cultures to drive positive change and growth within the company.,

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security #Eviden

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security Let s grow together.

Ready to be pushed beyond what you think you re capable of? At Coinbase, our mission is to increase economic freedom in the world. It s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform and with it, the future global financial system. To achieve our mission, we re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company s hardest problems. Our work culture is intense and isn t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Team/ Role Paragraph: The Internal Audit Function at Coinbase works to enhance and protect organizational value by providing independent, risk-based, objective assurance and advisory services designed to add value and improve the Companys operations. The Internal Audit Function helps Coinbase accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, compliance, risk management, and control processes. The Coinbase Internal Audit function is looking for a highly Internal Audit Findings Senior to help set up a Findings Validation Function. This role is based in India (Remote) and will be reporting to an Internal Audit Manager. The individual will be responsible for learning and supporting all aspects of the Finding validation process, including validation, testing and reporting. What you ll be doing (ie. job duties): To be completed by all business teams except Eng. Meticulously assessing managements corrective actions to ensure they are sufficient, implemented promptly, and are sustainable. This includes findings from internal audits, external exams, and regulatory bodies. Proactively engaging with auditees and business stakeholders to efficiently acquire necessary evidence for testing and validation. Partnering with cross-functional teams and global internal audit colleagues across the US, APAC and EMEA to facilitate and align remediation efforts. Producing comprehensive reports on the status of findings remediation for various legal entities Serve as a value-add and advisory function to business partners by identifying ways to address audit findings or opportunities for enhancements with the goal of mitigating risk and improving technology, security, and operational performance without compromising 3rd Line of Defense independence and objectivity. Assist with responses to regulatory inquiries as they relate to internal audit matters. Communicate with and educate process owners effectively, including non-finance individuals, on the importance of controls, an effective control environment, and the role of Internal Auditor Findings. Remain current and increase knowledge of regulatory requirements that impact the organization, as well as in the areas of internal control, technology, security, business, company products and company information. Championing new ideas and innovative solutions to enhance the efficiency and effectiveness of the findings validation process and overall internal infrastructure. What we look for in you (ie. job requirements): To be completed by all business teams except Eng. Professional Internal Audit / IT Audit qualification (e.g., CA, CIA, CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice 6+ years of experience in Internal Audit, Risk Management, Compliance or Management Consulting Excellent understanding of an internal control environment Working knowledge of laws, regulations, risk management practices for the financial services industry Relevant industry experience and/or public accounting experience preferred Solid analytical and problem solving skills, with high standards for quality, accuracy and attention to detail Excellent written and verbal communication skills Demonstrated proficiency in leveraging Google Suite, GRC Tools and AI tools. Nice to haves: Experience working in a fast paced organization Experience with Regulatory Finding/Issue Validation Entrepreneurial attitude and experience with, or the ability to adapt to, a rapidly growing start-up with associated complexities and ambiguities Experience working with/in an out-sourced or co-sourced internal audit function Ability to work across functions and time zones Understanding of crypto, payments and/or financial services industry and experience in auditing information systems and controls Professional Internal Audit / IT Audit qualification (e.g., CA, CIA, CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice ID: P71685 #LI-Remote Pay Transparency Notice: The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision). Pay Range: 2,755,300 2,755,300 INR Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbases roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here) . Global Data Privacy Notice for Job Candidates and Applicants Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here . By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. AI Disclosure For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment . To request a reasonable accommodation due to disability, please contact accommodations@coinbase.com .