You Lead the Way. We ve Got Your Back. At American Express, you ll be recognized for your contributions, leadership, and impact every colleague has the opportunity to share in the company s success. Together, we ll win as a team, striving to uphold our company values and powerful backing promise to provide the world s best customer experience every day. And we ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong. Join Team Amex and lets lead the way together. About the Internal Audit Group at American Express: Our Internal Audit Group (IAG) is a worldwide function with 300+ team members and offices across nine countries within American Express. We are committed to growing our audit staff significantly. Our mission is to protect and enhance organizational value by providing independent, objective, risk-based assurance, advisory services and to influence the way the company manages risk. Our assurance and risk professionals have diverse backgrounds including internal controls, consumer compliance, technology, operational risk, financial accounting, data analytics, and banking operations. Our audit teams align to key risk areas and business units to ensure IAG can provide comprehensive and risk-based audit coverage. In addition, IAG has a Professional Practices group responsible for managing audit operations, quality, and standards; regulatory relations; reporting; training and professional development; and key internal capabilities and technologies. American Express IAG has reinvented our audit process and is leading the financial services industry with our Data-Driven Continuous Auditing, and Auditor of the Future initiatives. Each uniquely support our Winning Aspiration to be a world class internal audit function that: Provides data-driven and technology-enabled assurance Delivers timely risk insights that are business-aware and forward-looking Supports our colleagues with experiences that prepare them to be enterprise leaders About the Role: Our Internal Audit Group is seeking an eager Manager Technology Audit to help advance and grow our audit coverage across our IT general controls (ITGC) portfolio. In this role, the ideal candidate will lead a staff or senior auditor with a focus on technology processes and technology risk management. This opportunity may include supporting Enterprise Projects, Third-Party Risk audit entities, as needed. Additionally, this role will work immediately alongside colleagues that provide coverage over IT Applications, Cybersecurity and Resiliency. Key Responsibilities include: Effective and efficient execution of audit procedures through planning, fieldwork and reporting in conformance with professional and department standards, assigned schedule and within budgeted hours. Lead one or more senior/ staff and/or co-sourced auditor(s) in diverse geographic locations through coaching throughout the audit lifecycle of planning Engage in continuous learning through department training and self-study on audit methodology, technology processes & controls, stakeholder communication and effective workpaper documentation. Contribute to the development of audit analytics that use data to tell the business story, evaluate results and work with audit and business colleagues to synthesize and document findings. Participate in and support planning and capture of meetings with management to represent audit objectives, scope, and results, clearly articulating the potential impact of control gaps capturing clarity and accuracy. Execute simultaneous global audit projects within the technology, projects or third-party risk domains including support of integrated audits that consider financial, operational and compliance. Minimum Qualifications Bachelor s or equivalent degree in technology, information systems or related field Big 4 audit/consulting experience 4+ years of experience in technology audit, IT risk management, cybersecurity or related fields including the audit life cycle and professional auditing practices Experience coaching and developing colleagues in audit procedures or risk management methodologies with or without direct authority, in a way that inspires, develops, and delivers results Strong verbal and written communication skills that deliver clear and comprehensive articulation of risk and controls with actionable feedback to audit leaders Effectively works within a team and across teams utilizing project management skills, employing creative thinking, a focus on quality, and the ability to work on competing priorities Familiarity with technology frameworks e. g. NIST and experience testing technology control domains Ability to embrace complex scenarios with curiosity and confidence using process, risk/control knowledge and knowledge/research of IA standards, regulatory, and financial industry guidance and best practices relevant to business, technology and data implications Strong sense of integrity and the ability and willingness to challenge and be challenged. Preferred Qualifications Experience in a regulated financial services environment Technology or other audit credentials e. g. Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) or willingness to obtain within 12 months of hire. Experience testing interface inputs, reports, application security, business continuity and third parties Experience with using data analytic tools, data visualization, key risk indicators (KRIs), key performance indicators (KPIs), and scorecards / dashboards Benefits include: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities

Supply Chain Cybersecurity - Senior Analyst The future is being built today, and Johnson Controls is making that future more productive, more secure, and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people s lives - and the world - better. What you will do Supply Chain Cybersecurity (SCC) senior analyst will bring analytical and technical expertise to further mature supplier cybersecurity in JCI. This person will work with our internal IT and product security stakeholders; engaging with them to identify, analyze, and evaluate complex systems, supplier security posture and associated risks. Ability to assess supplier cybersecurity effectiveness and drive continuous program improvement in response to evolving requirements is key to success in this role. You will play a pivotal role in fostering supplier relationships, confidence, and trust. How will you do it You will provide analytical support for delivering changes in SCC processes and tooling to support new initiatives or required changes. Coordinate and manage the Supply Chain Cybersecurity processes and deliverables. Effectively perform supplier cybersecurity assessments to determine alignment to JCI product security controls. Document and quantify supply chain cybersecurity risks for JCI and share with internal stakeholders in a timely manner. Effectively manage supplier cybersecurity assessment and reporting tools. Maintain interfaces with the suppliers and track milestones and deliverables in a timely manner. Develop the maturity of supplier cybersecurity assessment capability through continuous improvement. Develop and maintain strong relationships with IT, security, legal and procurement process owners. Ensure security practices are followed during supplier procurement, mergers and acquisitions, and compliance audits. Define, gather, and monitor relevant metrics for compliance and continuous improvement. Participate in relevant security reviews and working groups. What we Look For Required 10+ years of experience as a cybersecurity risk analyst or planning, managing, and implementing technical IT, product security or third-party risk projects/programs. Experience evaluating the security trustworthiness of the suppliers and products through assessments and audits. Experience with analysis and audits of cybersecurity and IT controls. Knowledge of industry cybersecurity frameworks such as NIST 800 series, OWASP, ISA/IEC 62443, SOC2, ISO27001, CIS Controls and related. Strong critical thinking skills with aptitude to assess and distill security control evidence from varied sources into actionable steps. Very strong experience working across a diverse stakeholder group to achieve a common goal. Must have excellent oral and written communication skills. Strong organizational and interpersonal skills are required. Should have demonstrated ability to manage conflicting priorities and work under minimum supervision to meet timelines. Four-year bachelor s degree in cybersecurity, computer science, engineering, or related technical area. Highly motivated, adaptable, and willing to learn new technologies. Preferred Experience with Operational Technologies (e. g. , Control Systems, Building Management etc. ). Cybersecurity certifications, e. g. , CISA, CRISC, CISSP, GSEC, Sec+, or related. Exposure to secure software development activities and cloud technologies. Demonstrated ability to effectively lead multiple initiatives and deliver results on schedule using agile methodologies and tools (e. g. Scrum/Kanban, Jira). JCI is an Equal Opportunity Employer and does not discriminate based on any protected categories.

Business Development will spearhead the efforts to establish and grow a network of business partners delivering cybersecurity training courses in Eastern and North-Eastern India Partnership Development, Building and Managing a Regional Team, Spreading Regional Awareness of Cybersecurity Certifications, Organising Webinars, Conferences, and Events, Strategic Market Engagement Ability to build and lead teams effectively in a dynamic and competitive environment. Strong event management and marketing acumen. Data-driven decision-making with excellent reporting and analysis capabilities. Readiness for extensive travel across Eastern and North-Eastern India. CISSP, CEH (Certified Ethical Hacker), and CISA, CompTIA Security+, strategic roadmap

Why Gainsight?. We are ranked #1 on Glassdoors 2023 Best Place to Work List. Heres why. At Gainsight, our mission is to be living proof you can win in business while being human-first. Our industry-leading platform helps companies of all sizes and industries build durable businesses. Gainsight offers a powerful set of customer success, product, and community engagement solutions that enable businesses to scale efficiently, create alignment, and have a holistic view of their customers"”all of which help increase product adoption, prevent churn, and grow renewals and expansions. Our software is used by hundreds of companies, including nearly 200 publicly traded organizations and industry leaders such as GE Digital, SAP Concur, and Box. We have offices in the US, UK, Netherlands, Israel, Japan, and India. Gainsight joined the Vista Equity Partners portfolio in 2020. In 2021, we won their Excellence in Engineering award in recognition of our product and engineering advancements. Gainsight has also been named one of the top 100 private cloud companies in the world by Forbes, one of the fastest-growing private companies in America by Inc. Magazine, and one of 20 Great Workplaces in Tech by Fortune Magazine. With diversity and inclusion at the forefront of our values, we promote a culture that celebrates diversity and inclusiveness regardless of, but not limited to, race, gender, sexual orientation, family status, religion, ethnicity, national origin, physical disability, veteran status, or age. Job Responsibilities. Maintain and execute the compliance programs of the company (ISMS, BCMS, SOC2, HIPPA etc). Spearhead and drive internal consolidated audit to fulfil all the certifications and attestations requirements. Completes audit work papers by documenting audit tests and findings appropriately. Must translate compliance requirements to our business processes and help deploy relevant controls to fulfil the regulatory needs. Liaise with stakeholders(Business, IT, HR, Legal, Development, Engineering, Security & Privacy etc) during audit readiness, execution and findings remediation. Must validate all the audit artefacts thoroughly and vet before presenting to external auditors. Partner with external auditors and drive the audit life cycle end to end smoothly and successfully with no or minimal leadership involvement. Collaborate with Governance team, to develop policies that adhere to the laws and regulations. Maintain and execute the compliance trainings and awareness program. Monitor the applicable laws, stay on top of the dynamic laws and regulations and propose plan of action to leadership. Qualification And Skills. Bachelor's degree or equivalent educational qualification. 8 to 12 years of relevant experience. Experience in audit and compliance areas. Strong knowledge and thorough understanding of ISO27001, ISO22301, SOC2, HIPPA etc. Knowledge of security frameworks like NIST CSF. Strong communication and interpersonal skills, with the ability to effectively communicate with all internal stakeholders. Ability to communicate with external auditors professionally and with no conflicts. Strong analytical and problem-solving skills. Experience working in a SaaS environment or with cloud-based technologies is preferred. Relevant certifications ISMS lead auditor/implementor is a must. Relevant certifications like CISA is a plus. Why Youll Love It Here. Your job shouldnt stand in the way of your happiness"”it should be a path to achieve it. At Gainsight, were passionate about achieving our goals"”at the office and everywhere"”and we work every day to create an environment that nurtures our best selves. Gainsters love working here for several reasons. Here are a few:. Our Core Values:We are guided by our values on our mission to be living proof you can win in business while being human-first. Learn more here. Our CEO:With a 99% approval rating on Glassdoor, Nick Mehta is one of the most beloved CEOs in Silicon Valley. Our Growth Opportunities:From mentoring to career development opportunities, were passionate about helping our Gainsters learn, grow and thrive. Our Teammate Resource Groups:A huge source of pride for Gainsight, these groups are on a mission to put our values into action and make Gainsight a great place to work for all. Our Wellness Priorities:Monthly Recharge Days that re-energize us. Our Parody Videos:No explanation needed. Just watch them here!. About The Role : Summary. By joining the Gainsight team, youll have a unique opportunity to make your mark at a truly human-first company and have loads of fun doing it. Come join us!. Show more Show less

Visa is seeking a Controls Monitoring & Testing Analyst within its Technology Risk Management program to review and assess Cybersecurity and Technology risks. The candidate will perform Risk Assessments, Design Effectiveness Assessments, and Operational Effectiveness Testing for key technology threat vectors such as security configuration management, firewall configuration, application, user access management, and availability & reliability. Responsibilities include managing stakeholder engagement plans, participating in process walkthroughs, tracking/reporting deliverables, and producing high-quality work papers for all lines of defense and risk stakeholders. Additionally, the candidate will interpret data from source systems to perform statistical sampling and aggregate assessment across various risk management levers, collaborate with technology partners, and distill information into management and executive-level reporting. Key Responsibilities: Technology & Cybersecurity Controls Testing: Perform independent technology and cybersecurity controls testing. Document testing results in detailed workpapers. Prepare management reports based on testing outcomes. Communicate findings with stakeholders. Automation for Continuous Monitoring: Develop automation for continuous controls monitoring/auditing for technology and cybersecurity. Monitor the results of automated controls, perform investigation and follow-ups as needed. Risk & Control Self-Assessment (RCSA): Execute RCSA Risk Business Partner (RBP) controls quality review and sample-based testing. Conduct Key Risk Indicator (KRI) testing. Training, Metrics Alignment & Reporting: Develop and track risk management training. Align metrics with reporting dashboards. Develop reporting and stakeholder communication. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager. Basic Qualification 3 years of relevant work experience and a Bachelors degree Preferred Qualification Bachelor s degree with 5 years of work experience in cyber, risk controls, or equivalent. Experience with technology and cyber processes and functions (e.g., Vulnerability, Availability & Reliability Risk, Cyber Defense, Third Party Technology Risk, Identity Access Management, Security Architecture, etc.). Experience auditing technology and cybersecurity processes, risks, and controls. Experience developing automation for continuous controls monitoring/auditing for both technology and cybersecurity. Ability to prioritize deliverables and projects efficiently and adapt to changing priorities quickly. Strong analytical and problem-solving skills. Effective communication skills, both formal and informal. Ability to facilitate group discussions and debates across geographic and functional lines. Experience in regulated industries and payment platforms preferred. CISA, CISM, CISSP certification preferred.

Job Summary: We are seeking an experienced Identity and Access Management (IAM) Engineer with a strong focus on authentication and authorization to join our team. This role will be responsible for the design, implementation, and ongoing maintenance of IAM solutions, particularly in the areas of authentication protocols (OAuth 2.0, OpenID Connect, SAML 2.0), integration with Identity Providers (Keycloak, ForgeRock, Ping), and supporting LDAP-based directory services. The ideal candidate will have hands-on experience with Java development to support customizations and enhancements of IAM systems, a deep understanding of IAM best practices, and a proactive approach to ensuring the security and scalability of our access management systems. This role offers the opportunity to work closely with cross-functional teams to deliver secure and efficient IAM solutions across on-prem and cloud environments. Key Responsibilities: Core Role: Design, implement, and maintain information security tools and services in the Identity and Access Management (IAM) domain, with a primary focus on authentication and authorization solutions. IAM Products: Support and manage enterprise-level IAM systems and services, such as Keycloak , ForgeRock , Ping , and other Identity Providers (IdPs). Demonstrate expertise in configuring, troubleshooting, and enhancing these systems to meet security and access management requirements. Authentication Standards: Ensure the adoption and implementation of authentication standards (e.g., OAuth 2.0 , OpenID Connect (OIDC) , SAML 2.0 ). Translate organizational requirements into appropriate authentication and authorization frameworks. LDAP Knowledge: Apply a solid understanding of LDAP concepts, integration with enterprise directories, and their role in IAM systems. Troubleshoot, optimize, and maintain LDAP-based access management environments. System Design & Deployment: Collaborate with the engineering and security teams to design, deploy, and operate secure authentication solutions across the organization. Develop and document IAM-related policies, processes, and procedures in line with best practices. Security Monitoring & Incident Response: Assist the Information Security team with monitoring security systems, analyzing logs, identifying vulnerabilities, and addressing escalated security incidents. Support incident response efforts related to IAM solutions. Cross-team Collaboration: Partner with other teams to design and implement secure solutions for various enterprise applications and infrastructure components. Cloud IAM Integration: Assist in integrating IAM solutions with cloud technologies and platforms (e.g., AWS, Azure, GCP). Ensure secure identity and access management in hybrid or cloud-native environments. Continuous Learning & Development: Stay up to date with the latest technological advancements in IAM, security standards, and cybersecurity best practices. Participate in continuing education related to identity access management and information security. Security Best Practices: Contribute to secure coding initiatives by developing secure enhancements and using security best practices to mitigate vulnerabilities. Ensure compliance with security standards in all IAM-related activities. Cybersecurity Tools & Threat Management: Analyze the output of industry-standard cybersecurity tools (e.g., vulnerability scanners, SIEM systems) to identify threats and reduce risk exposure. Develop strategies to address IAM-related security weaknesses. Incident Management: Assist in the implementation of proactive IAM measures and contribute to security breach response procedures. Aid in the management of incidents by diagnosing, troubleshooting, and remediating IAM security issues. Custom Enhancements & Documentation: Assist in custom development using Java or other relevant programming languages for enhancements in IAM systems. Contribute to technical documentation in a software development environment, ensuring compliance with IAM best practices. Vendor & Product Support: Collaborate with vendors and product teams for troubleshooting, maintenance, and the enhancement of IAM products and services. Ensure proper documentation and knowledge sharing within the team. Required Qualifications: Bachelor s degree in computer science, Cybersecurity, Engineering, or a related field (or equivalent work experience). At least 2 years of experience in technology system support, software development, or a related field, with at least 1 year of experience in information security applications and systems, specifically IAM. Strong working knowledge of Identity and Access Management concepts, including authentication and authorization mechanisms. Hands-on experience with IAM products such as Keycloak , ForgeRock , or Ping (Keycloak is a preferred focus). Ability to configure, troubleshoot, and manage these systems in enterprise environments. Solid understanding of LDAP , including its role in directory services and user authentication management. Knowledge of authentication protocols like OAuth 2.0 , OpenID Connect (OIDC) , and SAML 2.0 , and the ability to implement these protocols in IAM environments. Experience with API security and integration using JSON , REST , and web services . Java development experience for customizations and enhancements of IAM systems, including writing secure, maintainable code to support authentication and authorization workflows. Knowledge of IAM solutions in Cloud environments (AWS, Azure, or GCP) and how IAM integrates within those platforms. Excellent written and verbal communication skills, with the ability to document technical processes and contribute to knowledge sharing. Preferred Qualifications: Master s degree in computer science, Cybersecurity, Business Administration, or a related field. Experience with development life cycles (SDLC) and working on projects involving IAM system implementations. Relevant certifications such as CISSP , CISM , CEH , CISA , OSCP , CompTIA Security+ or equivalent IAM/security certifications. Hands-on experience analyzing cybersecurity tools (e.g., vulnerability scanners, SIEM tools) and identifying remediation actions to reduce risk. Advanced understanding of information security practices , policies, and standards related to IAM. Experience with ITIL or other IT service management frameworks. Experience with multi-cloud IAM deployments or hybrid environments, ensuring security and access management are consistent across on-prem and cloud infrastructures.

Job Summary: We are seeking an experienced Identity and Access Management (IAM) Engineer with a strong focus on authentication and authorization to join our team. This role will be responsible for the design, implementation, and ongoing maintenance of IAM solutions, particularly in the areas of authentication protocols (OAuth 2.0, OpenID Connect, SAML 2.0), integration with Identity Providers (Keycloak, ForgeRock, Ping), and supporting LDAP-based directory services. The ideal candidate will have hands-on experience with Java development to support customizations and enhancements of IAM systems, a deep understanding of IAM best practices, and a proactive approach to ensuring the security and scalability of our access management systems. This role offers the opportunity to work closely with cross-functional teams to deliver secure and efficient IAM solutions across on-prem and cloud environments. Key Responsibilities: Core Role: Design, implement, and maintain information security tools and services in the Identity and Access Management (IAM) domain, with a primary focus on authentication and authorization solutions. IAM Products: Support and manage enterprise-level IAM systems and services, such as Keycloak , ForgeRock , Ping , and other Identity Providers (IdPs). Demonstrate expertise in configuring, troubleshooting, and enhancing these systems to meet security and access management requirements. Authentication Standards: Ensure the adoption and implementation of authentication standards (e.g., OAuth 2.0 , OpenID Connect (OIDC) , SAML 2.0 ). Translate organizational requirements into appropriate authentication and authorization frameworks. LDAP Knowledge: Apply a solid understanding of LDAP concepts, integration with enterprise directories, and their role in IAM systems. Troubleshoot, optimize, and maintain LDAP-based access management environments. System Design & Deployment: Collaborate with the engineering and security teams to design, deploy, and operate secure authentication solutions across the organization. Develop and document IAM-related policies, processes, and procedures in line with best practices. Security Monitoring & Incident Response: Assist the Information Security team with monitoring security systems, analyzing logs, identifying vulnerabilities, and addressing escalated security incidents. Support incident response efforts related to IAM solutions. Cross-team Collaboration: Partner with other teams to design and implement secure solutions for various enterprise applications and infrastructure components. Cloud IAM Integration: Assist in integrating IAM solutions with cloud technologies and platforms (e.g., AWS, Azure, GCP). Ensure secure identity and access management in hybrid or cloud-native environments. Continuous Learning & Development: Stay up to date with the latest technological advancements in IAM, security standards, and cybersecurity best practices. Participate in continuing education related to identity access management and information security. Security Best Practices: Contribute to secure coding initiatives by developing secure enhancements and using security best practices to mitigate vulnerabilities. Ensure compliance with security standards in all IAM-related activities. Cybersecurity Tools & Threat Management: Analyze the output of industry-standard cybersecurity tools (e.g., vulnerability scanners, SIEM systems) to identify threats and reduce risk exposure. Develop strategies to address IAM-related security weaknesses. Incident Management: Assist in the implementation of proactive IAM measures and contribute to security breach response procedures. Aid in the management of incidents by diagnosing, troubleshooting, and remediating IAM security issues. Custom Enhancements & Documentation: Assist in custom development using Java or other relevant programming languages for enhancements in IAM systems. Contribute to technical documentation in a software development environment, ensuring compliance with IAM best practices. Vendor & Product Support: Collaborate with vendors and product teams for troubleshooting, maintenance, and the enhancement of IAM products and services. Ensure proper documentation and knowledge sharing within the team. Required Qualifications: Bachelor s degree in computer science, Cybersecurity, Engineering, or a related field (or equivalent work experience). At least 2 years of experience in technology system support, software development, or a related field, with at least 1 year of experience in information security applications and systems, specifically IAM. Strong working knowledge of Identity and Access Management concepts, including authentication and authorization mechanisms. Hands-on experience with IAM products such as Keycloak , ForgeRock , or Ping (Keycloak is a preferred focus). Ability to configure, troubleshoot, and manage these systems in enterprise environments. Solid understanding of LDAP , including its role in directory services and user authentication management. Knowledge of authentication protocols like OAuth 2.0 , OpenID Connect (OIDC) , and SAML 2.0 , and the ability to implement these protocols in IAM environments. Experience with API security and integration using JSON , REST , and web services . Java development experience for customizations and enhancements of IAM systems, including writing secure, maintainable code to support authentication and authorization workflows. Knowledge of IAM solutions in Cloud environments (AWS, Azure, or GCP) and how IAM integrates within those platforms. Excellent written and verbal communication skills, with the ability to document technical processes and contribute to knowledge sharing. Preferred Qualifications: Master s degree in computer science, Cybersecurity, Business Administration, or a related field. Experience with development life cycles (SDLC) and working on projects involving IAM system implementations. Relevant certifications such as CISSP , CISM , CEH , CISA , OSCP , CompTIA Security+ or equivalent IAM/security certifications. Hands-on experience analyzing cybersecurity tools (e.g., vulnerability scanners, SIEM tools) and identifying remediation actions to reduce risk. Advanced understanding of information security practices , policies, and standards related to IAM. Experience with ITIL or other IT service management frameworks. Experience with multi-cloud IAM deployments or hybrid environments, ensuring security and access management are consistent across on-prem and cloud infrastructures.

Position Required: Principal Officer at GIFT City, Gandhinagar Qualification: Chartered Accountant / MBA (Finance) / Company Secretary / Post-Graduate degree (minimum two years in duration) in finance, law, accountancy, business management, commerce, economics, capital markets, banking, insurance, or actuarial science from a recognised university or institution. Experience: Minimum 5 years relevant experience in Private Equity Venture Capital, Alternative Investment Fund Industry. Key Skills: Extensive understanding of Fund IFSC branch office administration and management, investments in real estate, fund raising from overseas investors, compliances, coordination with trustee, custodians, bankers, regulators, good communication skills are essential. Annual Cost to Company: Best in the Industry. The same shall be decided depending on qualifications experience. Job Description expected is as follows: 1. Investment decisions, risk management keep pace with Gift City requirements and compliances to the regulations therein, implement them in fund and manager entities. 2. Fund/Manager entity administration and management. 3. Liaison with the overseas investors. 4. Due diligence of the investor on boarding, compliance with their KYC. 5. Oversee communications to all limited partners participating in the AIF. 6. Coordinate with trustees, custodians, bankers, regulators for all approvals and transactions. 7. Fund structure understanding and design to make it best benchmarked. 8. Maintain proper documentation for all activities undertaken at Gift City. 9. Prepare and send monthly MIS, keep accounting books and records. 10. Represent the Fund/Manager entity with regulators and investors. Interested candidates may send their application in the prescribed form to hamc@lichflamc.com

The Proposal & Customer Assessment Team is part of the broader commercial solutions. An enabling function to assist with due diligence questionnaires, risk assessments, audits, and other customer inquiries. Our goal is to enable new revenue generation via RFX & deliver superior customer satisfaction by providing high-quality proposals & relevant information during pre/post-sales. We serve a vast array of clients across geographies and are committed to the client-first mindset. Responsibilities and Impact: This position within the Proposal & Assessment Team is integral to supporting Market Intelligence commercial teams in responding to the growing volume of client audits and inquiries. The person will collaborate closely with product, risk, compliance, legal, and functional teams, to ensure client requirements are met effectively. Responding/Managing client audits and risk assessments from end to end, maintaining awareness of internal controls and audit trends to uphold the efficacy of the audit process. Serving as the primary point of contact for our top customers, assisting them in meeting their vendor management requirements. Cultivating partnerships and closely collaborating with corporate and divisional groups to seek information and influence approaches and outcomes. Developing familiarity with Market Intelligences audit processes and the companys cyber security policies, standards, processes, and controls. Tracking assessment and audit outcomes, management responses to address findings, and follow-up activities, and producing reports for executives and management. Undertaking additional tasks and responsibilities as directed by the team manager, while continuously enhancing the overall process to align with evolving industry standards. What W e re L ooking F or : Bachelors degree in a related field, or equivalent professional experience in Third-Party Risk Management (TPRM) , Audit, and Risk. 6-7+ years of relevant experience in conducting audits or responding to audits, within a SaaS-related business environment. Demonstrated understanding of client-initiated audits and organizational controls. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record of building strong relationships resulting in successful outcomes. Ability to collaborate effectively with a global team spanning multiple time zones. Competencies : Exceptional communication and interpersonal skills, adept at engaging and influencing stakeholders across all levels. Demonstrated flexibility and negotiation prowess to achieve optimal outcomes. Proficient in efficiently managing multiple concurrent projects, with a keen ability to adapt as priorities evolve. Exhibits creativity and perseverance in devising solutions. Possesses strong analytical and problem-solving capabilities, proficient in assessing complex information and formulating actionable strategies. Fosters robust working relationships with internal colleagues, facilitating collaboration and synergy within teams.

Roles and Responsibilities: This individual s primary day to day responsibilities are mentioned below (but are not limited to these): Perform information security risk assessment processes for new and existing Northern Trust s third parties business partners. Demonstrate some proven knowledge on some of the following domains: Information Security Governance and Risk Management Access Control Vulnerability and Penetration Network Security Application Security Cryptography Security Architecture and Design Operations Security Business Continuity and Disaster Recovery Planning Legal, Regulations, Investigations and Compliance Physical and Environmental Security Cloud Security Perform assessment of IT controls operation, identifying, gaps, risks and areas for improvement. Report writing skills. Knowledge on regulations related to banking and compliance Should be well versed with contract language, analysis and negotiation process. Responsible for reviewing master services contracts of the third parties to identify information technology and security related clauses. Responsible for working with procurement teams to formulate/renew the contracts as per the information security team guidelines. Responsible for documenting, and reporting to management, all findings from risk assessment processes. Collaborate with internal stakeholders & functional teams to ensure that all identified risks within each third party are assigned to business owners and tracked for timely closure. Able to interact in a professional manner and develop relationships with individuals and teams at any level in Northern Trust. Foster a positive and collaborative environment. Demonstrate ability to work well in both an individual contributor and team capacity. Rapidly and effectively adapt to a highly dynamic and fast-paced work environment. Skills Preferred: Excellent written and verbal communication skills. Able to converse and develop business relationships with individuals and teams at any level within Northern Trust. Knowledge of IT Security Domains / Frameworks (e.g., NIST, ISO27001). Knowledge of Compliance regulations. Understanding of IT Audit process. In-depth understanding of information security, risk assessments, security risk management principles. Principle understanding of Technology controls relating to Application and system vulnerabilities, Advanced experience with MS Office, SharePoint, and Reporting tools Ability to develop visual representations of processes and risks to support executive updates. Experience: Bachelor s degree in computer science or a related discipline and at least ten or more years of experience in the field of Technology Security or an equivalent combination of education and work experience. Relevant certification (e.g. CISA, CRISC, CISM, CISSP) is a plus

Job Description: The Information Security GRC Specialist will be responsible for leading and managing the Governance, Risk, and Compliance (GRC) function within the organization. This role ensures adherence to regulatory requirements, conducts control testing, and implements security risk management practices in alignment with global standards. The ideal candidate should have a deep understanding of security frameworks, compliance requirements, and risk assessment methodologies. Key Responsibilities: 1) Regulatory Compliance and Coordination with Regulators Lead the development and implementation of system-wide risk management frameworks to identify and monitor information security risks. Understand regulatory and business requirements and ensure information security compliance in alignment with RBI, UIDAI, CERT-IN, DPSC, IRDAI, and other global regulations. Act as the primary liaison with regulatory bodies, ensuring timely compliance with cybersecurity mandates and regulatory filings. 2) Control Testing (ITGC) and Global Standards (NIST, ISO 27001) Conduct technical risk assessments for applications, IT general controls (ITGC), and cloud environments. Perform compliance assessments aligned with international security standards such as NIST, ISO 27001, and CIS controls. Validate the effectiveness of security controls and ensure continuous improvement in security postures. 3) Security KPIs and KRI’s Identify and define Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for measuring the effectiveness of information security initiatives. Develop security metrics to track compliance, risk mitigation, and operational security efficiency. 4) Understanding of Security Technologies Strong knowledge of security tools and technologies such as Firewalls, IDS/IPS, DDoS protection, SIEM, DLP, and vulnerability management solutions. Ability to interpret security logs, alerts, and incident data to enhance security operations. 5) Project Management Skills Lead and manage complex security projects, ensuring timely implementation and compliance with regulatory mandates. Collaborate with cross-functional teams and senior management to align security initiatives with business objectives. 6) Soft Skills Strong communication skills to articulate security risks and solutions effectively. Ability to engage with stakeholders, auditors, and regulators confidently.

We are seeking a detail-oriented and highly skilled Application ( App ) [cyber]Security Consultant to join our team. The ideal candidate will be responsible for planning an AppSec program followed by working in a team to conduct AppSec assessment on each app in scope. Key Responsibilities: Work with the client to determine and catalog App Inventory by reviewing CMDB (Configuration Management Database) as we'll as another mechanism (eg, client interviews, etc). Review the large app inventory, determine types of security assessment to administer, formulate prioritization criteria, and decide the sequence of individual assessments based on the priority. Conduct a Gap Analysis to assess the maturity of the current AppSec program, if one exists: o Secure coding standards o AppSec best practices during the application design and development process to ensure security is integrated from the start. o AppSec Training programs for developers to enhance their understanding of secure coding principles and overall AppSec Program. Package the results of analysis (above and more) to deliver an AppSec Assessment Program roadmap. Identify a pilot or proof of concept phase and execute the same by working with the DII and client teams. The work will involve the normal AppSec Assessment activities. Below: o Conduct thorough application security assessments, including penetration testing, vulnerability scanning, and code reviews. o Identify and analyze application vulnerabilities, propose remediation strategies, and assist development teams in implementing solutions. o Collaborate with cross-functional teams to establish secure software development lifecycle (SDLC) processes. o Generate detailed security assessment reports with actionable recommendations for stakeholders. Stay updated on the latest security trends, tools, and vulnerabilities to proactively address emerging threats. Qualifications: Bachelor s degree in computer science, cybersecurity, or a related field (or equivalent experience). 5 years of experience in application security, penetration testing, or similar roles. Strong understanding of application security concepts, frameworks (eg, OWASP), and protocols. Knowledge of one or many of the following themes in AppSec: o CISA - Secure by Design Standard, o OWASP Secure SDLC, o Static and Dynamic SCA, o NIST SP 800-218, o API Security, o SBOM Analysis, o DevOps Readiness, o Software Security Audits, etc Prefer: Proficient in programming languages such as Java, Python, C#, or others relevant to application development. Prefer: Any cybersecurity certifications like CEH, CISSP, GWAPT, or equivalent. Excellent analytical, problem-solving, and communication skills.

The Role : GRC Lead Key Responsibilities : Develop and refine IT governance frameworks, policies, and procedures in line with industry best practices and regulatory mandates Conduct periodic reviews and updates of IT governance documents to ensure ongoing compliance with changing regulations and standards Identify, evaluate, and manage IT risks, including cybersecurity threats, data privacy issues, and operational risks Perform comprehensive risk assessments and create risk mitigation plans to address identified vulnerabilities Continuously monitor and report on the effectiveness of risk management activities and controls Conduct assurance activities including security assessments and issues management Collaborate with IT teams to improve security compliance, manage risk and the effectiveness of the IT control environment Work closely with internal and external auditors to facilitate audit activities and manage IT remediation workstreams Communicate effectively with internal and external stakeholders, including regulators, auditors, and clients, regarding GRC-related matters Work closely with business teams to address Clients GRC related concerns / findings / questionnaires Required Qualification, Skills and Experience : Bachelors degree in Information Technology, Computer Science, Finance, Accounting, or a related field Minimum of 5 years of experience in IT governance, risk management, compliance, information security or audit Minimum of 1 year of experience working with third-party risk management questionnaires In-depth knowledge of ISO standard 27001 Professional certifications such as CISA, CRISC, CISSP are a plus Strong analytical and problem-solving skills, with the ability to identify and mitigate risks effectively Excellent communication and interpersonal skills, with the ability to work collaboratively with cross-functional teams Proven ability to manage multiple projects and priorities Proficiency in GRC and audit tools and software is a plus About ION : We re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world. Over 2,000 of the world s leading corporations, including 50% of the Fortune 500 and 30% of the world s central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk. Over 800 of the world s leading banks and broker-dealers use our electronic trading platforms to operate the world s financial market infrastructure. ION is a rapidly expanding and dynamic group with13,000 employees and offices in more than 40 cities around the globe. Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision. Learn more at iongroup.com

We are looking for a highly experienced Cyber Security GRC professional who is passionate about implementing and operating enterprise-level information security and risk management frameworks within the organization. You will join a dynamic and fast-paced environment and work with cross-functional teams to design, build and roll out products that deliver the company s vision and strategy. Experience 8+ Years Pune Alright, so youre sold. But who are we Diversity and humility are not just big words hung up on the walls. At CredAble, we put people at the heart of everything we do and our core values are the driving force behind our success. CredAble is an NBFC technology-powered supply chain funding solutions company Leveraging our trade finance expertise, technology platform, and access to 3rd party capital, we arrange funding programs for enterprise supply chains and do direct lending to SMEs. Led by a team of industry experts, CredAble is at the forefront of powering tech-enabled working capital financing. Programs are anchored around enterprise clients, where we provide funding linked to transactions with suppliers (payables) and distributors (receivables). We are series B funded startup with Axis Bank limited as a strategic investor. You will be responsible for: Partner with CISO to run a global, enterprise-wide cybersecurity risk and compliance strategy aligned with organizational priorities, business objectives, regulatory requirements, and evolving risks. Lead and grow a team of cybersecurity professionals, managing risk, compliance, assessments, reporting, metrics, policy, awareness, and third-party risk management. Oversee risk and threat-based information security programs ensuring confidentiality, integrity, availability, and privacy. Manage enterprise-wide compliance, risk assessment, reporting, cybersecurity policies, third-party risk management, and security training programs. Conduct information security audits, respond to external questionnaires, RFPs and collaborate with control entities (Audit Partners, Enterprise Risk Management, Legal Compliance, regulators, and financial institutions). Work with the Cloud Security Operations team on incident management, security architecture, vulnerability management, threat intelligence, advisory, and identity and access management. Assess security controls, identify improvement opportunities, and communicate recommendations. Perform risk assessments against third parties to ensure proper compliance against regulatory requirements. Manage annual ISO 27001 internal audits, remediation tracking, evidence collection, and risk identification. Lead the creation of Information Security Policies, technical standards and procedures for secure technology configuration and implementation. Manage the company-wide information security awareness program to foster a security mindset across leadership, employees, contractors, and third parties. Stay updated on security changes impacting regulatory, privacy, and industry best practices. You will be reporting to: Chief Information and Security Officer. What will you bring to the table 8 or more years of knowledge and understanding of information security management frameworks and various regulatory requirements such as DPDPA, GDPR, and information security and compliance standards including ISO 27001, SOC 2 etc. Strong knowledge of security frameworks including NIST CSF, controls, and audit techniques. Strong ability to identify needs, take initiative, and prioritize work efforts, balancing operational tasks with longer-term strategic security efforts. Strong technical background with a consistent record of delivering results, validated leadership, communication as well as critical thinking skills, creative and flexible problem solver. Strong interpersonal skills and the ability to interact strategically and confidently with internal partners to develop ideas, find opportunities, and influence outcomes. Certifications: CISSP, CISA, CISM. The educational qualification you ll need: Bachelor s or Master s degree in Computer Science , Engineering, or a related field. Besides making the best move of your career, what s in it for you Working in a highly entrepreneurial setup with a visionary team passionate to help scale new heights of business success. Exposure to exploring limitless possibilities and ideas no matter how impossible they may seem today. CredAble thrives on transparency and a culture to nurture growth. Being part of CredAble enables you to push beyond the ordinary.

We are seeking an experienced Senior SOC L3 Analyst with deep expertise in Microsoft Sentinel SIEM to lead security monitoring, threat detection, and incident response. This role involves handling advanced cyber threats, fine-tuning SIEM capabilities, mentoring SOC teams, and driving security automation. Key Responsibilities: Advanced Threat Detection Incident Response: - Act as the final escalation point for critical security incidents. - Perform deep forensic analysis, malware analysis, and threat hunting across hybrid environments. - Investigate Advanced Persistent Threats (APT), zero-day exploits, and insider threats. - Develop and optimize custom KQL queries, detection rules, and Sentinel analytics for precise threat detection. - Lead post-incident forensics, root cause analysis (RCA), and corrective action plans. - Automate and streamline incident response using SOAR playbooks. SIEM Administration Optimization: - Configure, optimize, and fine-tune Microsoft Sentinel SIEM for maximum visibility and efficiency. - Design and implement custom detection rules, log parsers, and alerting mechanisms. - Integrate Azure Defender, Microsoft Defender, and third-party threat intelligence feeds into Sentinel. - Enhance log collection, correlation, and anomaly detection using AI/ML-based techniques. Threat Hunting Threat Intelligence: - Conduct proactive threat hunting using behavioral analytics and KQL-based queries. - Leverage MITRE ATTCK, Cyber Kill Chain, and Diamond Model frameworks for adversary tracking. - Implement Threat Intelligence Platforms (TIPs) and integrate with SIEM/SOAR solutions. - Identify and mitigate emerging threats, including fileless attacks, privilege escalation, and supply chain attacks. Compliance Security Governance: - Ensure compliance with industry standards (ISO 27001, NIST, PCI-DSS, GDPR, SOC2). - Develop and maintain SIEM reporting dashboards for executive and compliance reporting. - Assist in audit preparation, risk assessments, and security posture improvement plans. Leadership Mentoring: - Guide and mentor SOC L1 L2 analysts in advanced security investigation techniques. - Develop incident response playbooks, runbooks, and SOPs for the SOC team. - Conduct cybersecurity training, tabletop exercises, and red/blue team drills. - Collaborate with CISOs, IT, DevOps, and risk teams to enhance overall security posture. Required Skills Qualifications: 7+ years of hands-on experience in SOC operations, incident response, and threat hunting. Expertise in Microsoft Sentinel SIEM (rule creation, automation, integration). Strong knowledge of EDR, IDS/IPS, firewalls, network security, and cloud security (Azure, AWS, GCP). Proficiency in Kusto Query Language (KQL), PowerShell, Python for security automation. Deep understanding of MITRE ATTCK, Cyber Kill Chain, TTP-based threat modeling. Experience in threat intelligence, malware reverse engineering, and forensic investigations. Hands-on experience with SOAR platforms and security automation workflows. Certifications preferred: SC-200, CISSP, CISM, CISA, GIAC (GCFA, GCIH, GCIA), CEH, OSCP. Requirements > Hands-on experience in SOC operations, incident response, and threat hunting. Expertise in Microsoft. >Expertise in Microsoft Sentinel SIEM (rule creation, automation, integration). >Strong knowledge of EDR, IDS/IPS, firewalls, network security, and cloud security (Azure, AWS, GCP). >Proficiency in Kusto Query Language (KQL), PowerShell, Python for security automation. >Deep understanding of MITRE ATTCK, Cyber Kill Chain, TTP-based threat modeling. >Experience in threat intelligence, malware reverse engineering, and forensic investigations. >Hands-on experience with SOAR platforms and security automation workflows.

Welcome to the era of Velsera! Seven Bridges, Pierian UgenTec have combined to become Velsera. Velsera is the precision engine company. We empower researchers, scientists, and clinicians to drive precision RD, expand access to, and more effectively leverage analytics at the point of care. We unify technology-enabled solutions and scientific expertise to enable a continuous flow of knowledge across the global healthcare ecosystem. This interweaves diverse biomedical communities, allowing them to build upon each other s success and accelerate medical breakthroughs that positively impact human health. With our headquarters in Boston, MA, we are growing and expanding our team which located in 14 different countries! What will you do Governance and Policy Development - Develop, implement, and maintain governance policies, SOPs, and related documentation. - Ensure all policies align with industry standards (e.g., FedRAMP, NIST SP 800-53, ISO 27001 family, and HIPAA). - Monitor policy effectiveness and recommend updates based on organizational changes or regulatory updates. Risk Management - Conduct risk assessments to identify vulnerabilities, threats, and compliance gaps. - Collaborate with cross-functional teams to design and implement remediation strategies. - Maintain risk registers and monitor mitigation efforts. Compliance Oversight - Support the organization in achieving and maintaining FedRAMP certification. - Manage periodic audits, security assessments, and readiness activities for compliance frameworks. - Track and report on compliance metrics, audit findings, and resolution status. Training and Awareness - Develop and deliver training programs to enhance employee understanding of compliance policies and procedures. - Act as a point of contact for compliance-related queries within the organization. Incident Response and Reporting - Support incident response processes to ensure effective investigation and reporting of compliance-related incidents. - Collaborate with stakeholders to implement corrective actions and prevent recurrence. Vendor and Third-Party Risk Management - Assess third-party vendors for compliance with organizational policies and standards. - Ensure contracts include appropriate compliance requirements. What do you bring to the table Education Experience - Bachelors degree in Information Technology, Cybersecurity, Risk Management, or related field (Master s preferred). - 3+ years of experience in governance, risk, and compliance roles, with specific experience in FedRAMP compliance. Knowledge Skills - Strong understanding of FedRAMP, NIST SP 800-53, ISO 27001, and other relevant frameworks. - Experience in drafting policies, procedures, and SOPs. - Familiarity with GRC tools and platforms (e.g., Archer, ServiceNow GRC). - Excellent communication and documentation skills. - Analytical mindset with attention to detail. Certifications (Preferred) - Certified Information Systems Security Professional (CISSP) - Certified Information Systems Auditor (CISA) - Certified Information Security Manager (CISM) - ISO 27001 Lead or Internal auditor Our Core Values People first. We create collaborative and supportive environments by operating with respect and flexibility to promote mental, emotional and physical health. We practice empathy by treating others the way they want to be treated and assuming positive intent. We are proud of our inclusive diverse team and humble ourselves to learn about and build our connection with each other. Patient focused. We act with swift determination without sacrificing our expectations of quality . We are driven by providing exceptional solutions for our customers to positively impact patient lives. Considering what is at stake, we challenge ourselves to develop the best solution, not just the easy one. Integrity. We hold ourselves accountable and strive for transparent communication to build trust amongst ourselves and our customers. We take ownership of our results as we know what we do matters and collectively we will change the healthcare industry. We are thoughtful and intentional with every customer interaction understanding the overall impact on human health. Curious. We ask questions and actively listen in order to learn and continuously improve . We embrace change and the opportunities it presents to make each other better. We strive to be on the cutting edge of science and technology innovation by encouraging creativity. Impactful. We take our social responsibility with the seriousness it deserves and hold ourselves to a high standard. We improve our sustainability by encouraging discussion and taking action as it relates to our natural, social and economic resource footprint. We are devoted to our humanitarian mission and look for new ways to make the world a better place. Velsera is an Equal Opportunity Employer: Velsera is proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, colour, gender, religion, marital status, domestic partner status, age, national origin or ancestry.

We are seeking an experienced Cybersecurity Project Manager to oversee and lead projects aimed at enhancing organizations cybersecurity posture. The ideal candidate will have a strong background in cybersecurity principles, project management, and leadership. This role requires a detailoriented individual with excellent communication skills and a proactive approach to managing cybersecurity projects with clients across sectors. Client Engagement Serve as the primary point of contact for clients, understanding their unique cybersecurity needs and objectives, and tailoring project plans to meet those goals. Project Execution Oversee and execute cybersecurity projects for various clients, ensuring timely delivery within the agreed scope and budget. Advisory and Strategy Development Advise clients on best practices and collaborate to develop cybersecurity strategies that align with their business objectives and industry standards. Stakeholder Communication Facilitate clear and effective communication with client stakeholders, providing regular updates on project progress, challenges, and outcomes. Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Technical Areas for project management The projects will cover wide variety of Cybersecurity projects including Strategy development, policies and procedures, risk assessments, ITGC, VAPT, Cloud security, third party assessments, etc. Business Development Lead/ contribute in the business development activities including opportunity identification, proposal writing, and client discussions/presentations. Specific experience in one or more of the following areas are essential Security strategy assess, design and implement security strategy, governance frameworks over processes, controls, organisation and infrastructure to management of cyber security Security transformation programmes review and management of security solution implementations and / or remediation programmes to address risks Breach and incident management review the implementation of breach and major incident management practices Security policies and procedures Create and review of security policies, procedures, standards and controls in line with regulation and/or industry standards. Resilience review the implementation of programmes to improve IT Disaster Recovery, Business Continuity Security architecture creating secure architecture designs for solutions, reviewing the security architecture of the network Cloud Security Review secure architecture / configuration / Process implemented on cloud. Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc IT General Controls domains such as Change Management ,User Access Management, IT Operations, Back and Recovery Management etc

About the Role: We are looking for an ICS/OT Cybersecurity Engineer with 6 years of experience in auditing ICS/OT environments and conducting risk and vulnerability assessments. The role involves assisting in the review and development of Industrial Cybersecurity programs, security policies, and plans while providing guidance to enhance clients existing OT security programs. Requirements: Strong understanding of cybersecurity frameworks for ICS/OT environments such as ISA-99/IEC 62443, NIST SP 800-82, CIS etc. Solid understanding of OT network communication protocols for example Ethernet/IP, CIP, Modbus, OPC and industrial networking topologies for example ring, star etc. Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architectures and communication technologies. Understanding of MITRE ATTCKS for ICS or NERC CIP frameworks. Interpretation of general cybersecurity frameworks such as ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53. Working knowledge of industrial control systems for example DCS, PLCs, SCADA etc. Industry experience in Food and Beverage, Chemical, Pharma, Semiconductor, Water and Wastewater, Refining, Pulp and Paper, Oil/Gas Pipeline, Power Generation, Electrical Transmission and Distribution, Material Handling or Packaging. Must have Networking certifications for example CCNA, CCNP, JNCIP-ENT, etc. Relevant Cybersecurity certification for example CEH, CISA, CISM, CCSP, etc. Certified professional engineer. #LI-BG1 #LI-NH1

Join us for a role in " BIA" at Barclays, where youll spearhead the evolution of our digital landscape, driving innovation and excellence. Youll harness cutting-edge technology to revolutionize our digital offerings, ensuring unapparelled customer experiences. To be successful as a BIA AVP - Technology - BUK Functions - BX India, you should have experience with, Strong practical knowledge of risk and control in technology including processes for managing and maintaining Information Technology (i.e. ITIL processes, identity and access management). Practical experience of development and execution of testing strategies to assess control environments as part of an internal or external audit role/function, or as part of a risk management function. Proficient in oral and written communication skills. Some other highly valued skills may include, Financial services industry knowledge. Practical experience of data analytics techniques (e.g. SQL Query and Python). Knowledge about new and emerging financial products and services. Risk and control experience in the financial services sector. Relevant professional qualifications (e.g. CISA, CISM, CISSP, other relevant technical qualification(s), graduate degree). Practical understanding of relevant regulatory environment. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. Location - Pune. Purpose of the role To support the development of audits aligned to the bank s standards and objectives by working collaboratively with colleagues, providing accurate information and recommendations, and complying with policies and procedures. Accountabilities Audit development and delivery support, including financial statements, accounting practices, operational processes, IT systems and risk management. Identification of operational risks to support the delivery of the Barclays Internal Audit (BIA) Audit Plan through risk assessments. Assessment of internal control effectiveness and their capability to identify and mitigate risk aligned to regulatory requirements. Communication of key findings and recommendations to stakeholders, including the Audit Owner, senior managers and directors. Identification of regulatory news and industry trends/developments to provide timely insight and recommendations for best practice. Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/ business divisions. Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes. Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues. Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda. Take ownership for managing risk and strengthening controls in relation to the work done. Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy. Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc).to solve problems creatively and effectively. Communicate complex information. Complex information could include sensitive information or information that is difficult to communicate because of its content or its audience. Influence or convince stakeholders to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave.

The Senior IT Auditor will play a key role in ensuring CAD delivers on its mission and efficiently meets its objective. We are seeking a highly motivated and credible IT auditor to join our team who you will lead and participate in the execution of technology audits which will include, but not limited to, coordinated, IT, cybersecurity, application security, software development, data center, cloud and network security audits, ensuring compliance with regulations and policies, and identifying areas of risk within the organization. Who are you You are an expert - The successful candidate is able to apply broad technical knowledge and sound business judgment to implement IT audits and advisory projects of the technical environments at the Company, its subsidiaries and affiliates, by uncovering and exploiting any risks/vulnerabilities present across the scope of the Company s operations. Implement the assigned IT audit areas and specific elements of the risk-based audit plan in alignment to CAD s audit methodology and the Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing. Summarize technical findings in concise and actionable recommendations for senior leadership, demonstrating excellent written and verbal communication skills. Perform activities that include planning and developing audit work programs, performing audit test procedures, identifying recommendations for continuous improvement, communicating results, and following up on issues reported. Prepare audit reports and work papers to ensure adequate documentation exists to support the completed audit and conclusions. Perform data analytics by demonstrating sophisticated data analytics tools. Possess a good understanding of the controls on the SAP platform (including system configurations, business process controls, SODs and system security). Stay ahead of the latest cyber security trends, regulatory requirements and audit standard processes and apply them while conducting audits. Conduct special projects to provide additional value services. You are curious - Have an inquisitive mind with an appetite for discovery. You are a continuous learner and like to keep yourself updated on the latest technical, cyber and data security, and emerging technology risks and trends, in order to apply the knowledge and insights gained while conducting the audits. You are a collaborator - Establish and maintain constructive relationships with audit engagement teams, supporting the audits in risk assessment, substantive procedures, and tests of efficiency, to provide actionable recommendations to the company s management. Build positive relationships to see opportunities for future movements and growth within the company. You are an innovator- You are a problem solver, with analytic thinking and ability to apply root cause analysis. You ll need to think strategically and leverage technology to deliver actionable insights and have a willingness to experiment and try new sophisticated digital tools and techniques. What you ll need (Required) Bachelor s degree in information technology, Computer Science, Engineering, or a related field. Minimum 5 years of relevant IT Auditing, Cyber Security or relevant fields required. Professional certifications are strongly preferred (i.e. CISA, CISSP, CISM, CCAK). Knowledge of the International Professional Practices Framework (IPPF), COBIT, NIST CSF 2.0, CIS and NIS 2 Directive. Technical Knowledge of : Databases, Network technologies - Firewall, IPS, WAF, Proxy, DLP, SOC operations, Application Security, Cyber Security, Cloud Security etc. Superb communication, interpersonal and analytical skills are required. Experience with auditing sophisticated tech including RPA, AI, ML etc. Good understanding of IT infrastructure components (including cloud platforms), cybersecurity frameworks and Operational Technology. Experience within Operational Technology (OT) Security, Process Control Network, SCADA. Proven experience in assessing risks and processes in sophisticated IT environments, including digitalization initiatives. Solid grasp of IT infrastructure components (including cloud platforms), cybersecurity frameworks and Operational Technology. Willingness and ability to travel, regionally and internationally, as needed, up to 30-40% of the time. What you ll need (Preferred): SAP Security knowledge. Experience with analytics and visualization tools (e.g. Domo, Google Data Studio etc.) is highly desirable. Experience working with cloud environments (e.g., AWS, Azure, GCP), containerization technologies (e.g., Docker, Kubernetes). Knowledge of cybersecurity principles and practices.

As a part of RSM s growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Qualification and Minimum Entry Requirements B. Tech/MCA/MBA with 2 - 4 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI. ) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUPs, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U. S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Centers LOB s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus. com/careers/india. html . Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus. com .

Roles an Responsibilities : We are seeking a highly experienced Senior SOX Compliance Consultant to lead rigorous audits, establish robust processes, and ensure compliance with Sarbanes-Oxley (SOX) guidelines for a prominent energy and utilities client based in Texas. This role is critical in safeguarding the organizations financial integrity and operational excellence while enabling agility and minimizing business delays. The ideal candidate will have the expertise, diligence, and authority to uphold the highest standards of compliance and security. Audit Leadership: o Conduct stringent SOX audits, ensuring adherence to regulatory requirements and organizational policies. o Identify potential compliance risks and gaps, and provide actionable recommendations for mitigation. Process Development: o Collaborate with stakeholders to define, implement, and monitor processes as per SOX guidelines. o Balance compliance requirements with operational efficiency to prevent delays in business operations. Stakeholder Management: o Act as a trusted advisor to leadership and business units, communicating compliance expectations and findings effectively. o Resolve conflicts by taking a firm but constructive stance to uphold SOX standards. Cybersecurity & Confidentiality: o Maintain strict confidentiality for sensitive information and uphold rigorous cybersecurity measures. o Collaborate with IT teams to ensure that technological controls align with SOX compliance. Technical Insight: o Leverage a technical background to bridge gaps between compliance requirements and IT implementations. o Stay updated on emerging technologies, including AI, to enhance audit and compliance processes. Required Qualifications Bachelors degree in Accounting, Finance, Information Systems, or related field; professional certifications like CPA, CISA, or CIA are a plus. 8+ years of experience in SOX compliance, internal audit, or related fields, preferably in energy or utilities. Proven track record of conducting and managing end-to-end SOX audits. Strong understanding of cybersecurity frameworks and data protection best practices. Technical background with knowledge of programming, AI, or IT systems is highly advantageous. Exceptional communication, negotiation, and stakeholder management skills. Key Competencies Extreme diligence and attention to detail in compliance and security. Ability to take tough stands when needed while fostering an agile and business-friendly environment. Strong analytical and problem-solving skills. High level of integrity, confidentiality, and accountability.

The Sr Security Engineer will be responsible for designing, implementing, and maintaining advanced security measures across our infrastructure, applications, and cloud environments. They will lead efforts to identify, assess, and mitigate security risks, as well as ensure compliance with industry standards and best practices. HYBRID - This role will be based out of The Leela Office located on the 4th Floor, Airport Road, Kodihalli, Bangalore- 560008. Our expectation at this time, is that you would work from our office on Tuesdays, Wednesdays, Thursdays with flexibility to work from home on Mondays and Fridays. The Sr Security Engineer will collaborate with cross-functional teams, including development, IT, and operations, to integrate security across the entire software development lifecycle. They will drive security initiatives, lead vulnerability assessments, manage security incidents, and provide mentorship to junior engineers. Their expertise in cloud security, application security, and identity and access management (IAM) will be crucial to safeguarding our organization s critical assets. This is a position requiring a deep understanding of modern security technologies, as well as the ability to drive security programs and provide guidance on complex technical challenges. Essential Duties: Designing and implementing comprehensive security architectures Developing and maintaining security standards, policies, and procedures Conducting risk assessments and providing recommendations for mitigation Cloud, Endpoint, and Application Security: Design, implement, and manage security solutions across AWS, Azure, and GCP. Utilize security capabilities such as AWS Inspector, WAF, GuardDuty, IAM, Azure Security Center, and Azure AD. Implement and manage Microsoft Defender for Cloud and Endpoint Detection and Response (EDR) tools. Conduct regular security assessments and audits. Develop and maintain security policies, procedures, and documentation. Application Security: Lead application security initiatives, including penetration testing using Burp Suite. Develop and enforce security policies and procedures. Perform code reviews and security assessments. Secure cloud-based applications and infrastructure using AWS. Stay current with application security trends and threats. Identity and Access Management (IAM): Lead the design, implementation, and management of IAM solutions. Develop and enforce IAM policies, standards, and procedures. Collaborate with cross-functional teams to integrate IAM solutions. Conduct regular security assessments and audits to identify IAM-related risks. Provide technical leadership and mentorship to IAM team members. Security Operations Center (SOC): Lead SOC operations, including tool management (Splunk, Microsoft Sentinel, Kusto, LogRhythm). Develop and enforce SOC policies, standards, and procedures. Oversee incident response processes. Manage security incidents and tickets. Conduct regular security assessments and audits. Common Responsibilities: Collaborate with cross-functional teams to integrate security best practices, including external vendors and partners, senior management and executive leadership, and industry peers. Monitor and respond to security incidents and alerts. Develop and implement security strategies to address emerging threats. Design and implement secure architectures for new technologies and services. Utilize Infrastructure as Code (IaC) tools. Apply AI coding techniques to enhance security measures. Provide technical leadership and mentorship to junior engineers, providing career development guidance. Lead project teams and participate in strategic-planning and decision-making for security initiatives. Minimum Qualifications Must Have: Bachelor s degree in computer science, Information Technology, or a related field. Equivalent work experience in a similar position may be substituted for educational requirements. Minimum 5 years of experience in security engineering (cloud, endpoint, application, IAM, or SOC). Extensive experience with AWS and Azure security capabilities. Proficiency in security tools (Burp Suite, Microsoft Defender, EDR, IAM solutions, SOC tools). Relevant certification (CISSP, AWS Certified Security Specialty, OSCP, CEH, AZ-500). Good to Have: Master s degree in a related field. Experience in a leadership role. Knowledge of cloud security, DevSecOps practices, and tools. Proficiency in .NET, C#, Java, Okta, OneLogin, SailPoint, SIEM, SOAR, UBA, and Threat Intelligence. Additional certifications (CCSP, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, CISM, CISA). Skills: Cloud security frameworks and best practices. OWASP Top 10 and secure coding practices. IAM principles. SOC principles, practices, and frameworks. Leadership and mentorship skills. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. ABOUT NOTIFIED Notified is committed to creating a more connected world by providing you with the tools you need to amplify your story. Together, our platform and our people elevate public relations, investor relations, and marketing for over 10,000 global customers. We believe everyone has a story to tell and we re passionate about helping people and brands amplify their stories across the globe. We are proud to be the number one provider of enterprise webcasting and investor relations content distribution, as well as a global leader in press release distribution. Our clients have used Notified to monitor over 2 billion social media conversations and every year we run more than 100,000 events! Our products are built so storytellers can do their best work. But we re not just a platform personalized, caring service is how we operate. We add a personal touch to everything we do. We strive to deliver wisdom and insight by helping our clients reach global and targeted audiences, measure outcomes, and fulfill their commitments. CULTURE AND BENEFITS At Notified, we aim to help our employees and their families maintain a healthy work/life balance and build a financially secure future. Self-development and learning are key with all our global employees having access to our internal learning and development university DevelopU for career and skills enhancement. EXAMPLE OFFERINGS: International work environment - we have offices in 17 countries Opportunities for innovation and creativity Hybrid work schedule (office/home) Comprehensive health insurance with localized options Extensive learning opportunities via our in-house virtual university with >8,000 online courses, videos, business books and certification preps Location-specific social outings and company events with amazing colleagues, such as laser tag, board game night, and company-wide trivia night At Notified we dont just accept difference - we celebrate it, support it, and build success upon it. We are proud to be an equal opportunities employer and no part of this advertisement is intended to discriminate on any grounds. #LI-LM1 #LI-Hybrid

RTH-Y Threshold band 7B only This is duplicate of CSA id "U2X6XQ" Please check for Duplicate Total exp: 6+ yrs, Rel exp: 5 + yrs Mandatory skills: CISA, ISO 27001 lead implementation, CRSIC, CISM, Archer, T secuirty risk management, Risk management, threat vulnerability remediation Bachelors Degree in Computer Science, Information Systems, Business Administration, or other related field preferred Possesses prior work experience on CAPs, Remediation Assurance, Servicing Applications with exposure to various technical environments and business segments, and some experience working with Compliance, auditors and regulators In-depth experience with desktop software, office automation tools, Archer Strong Leadership and innovative skills Strong Validation skills as a key catalyst in working as an Action Plan Owner Strong Documentation and Project scheduling skills Ability to work on multiple CAPs as both Action Plan Owner and Project Manager and ensuring timely milestone closure Outstanding communication skills and ability to work with large number of stakeholders across Technology, Business and other CAP remediation teams Results-driven with a track record of delivering projects / initiatives against aggressive timelines across a complex and matrixed environment Comfortable in working independently as part of a geographically dispersed team, with a proven decision making ability as an Action Plan Owner An innovator, looking at newapproaches, testing them and not being afraid to "fail fast A strong understanding of core company processes and platforms Cultural sensitivity working across different markets with different customs of approach Key Responsibilities: Accountable for the resolution Technology and Business caused OREs and CAPs Coordinating across App Owners, TRBL, Bank, Compliance, Remediation Assurance, and other teams, and ensure timely closure of all milestones with the required evidence uploaded toArcher Working with various application owners, SRE and Capabilities team to implement enhanced Controls as part of working on CAPs Identify and implement process improvement opportunities and perform cost benefit analysis Participates in the development of plans and strategies for information security, service continuity and other risk processes and programs Supports the implementation of processes and methods for auditing and addressing non-compliance to information security standards and methodologies; facilitate migration of non-compliant environments to compliant environments Supports partners to achieve targeted levels of information security, project oversight and controls Builds relationships with diverse groups, and leads meetings to gather and document data and information in order to measure and improve the effectiveness of information security activities performed within the company Supports the development of information security metrics and criteria Direct maintenance of internal documentation library, ensuring that process and other documentation is regularly updated to reflect the latest operational processes and requirements Provide technical or analytical guidance as needed for issue management, project assessments, and reporting Leads the evaluation of products and/or procedures to improve productivity and effectiveness Leads or prepares materials (reports, presentations, spreadsheets, etc) to enable informed decision-making; guidethe verification of completeness, accuracy and relevance of data gathered Assists in the development, implementation, and governance of processes and initiatives to ensure compliance, cost optimization, and efficiency Provides day-to-day operational management over functional processes and project delivery Act as a mentor to Analysts and those passionate about developing their information security or other domain knowledge Make difficult and timely decisions regarding simple and complex business problems, Accountable for ensuring security

Divisional Risk and Control Analyst TDI Controls Testing & Assurance, AS Role Description Infrastructure Chief Operating Office (COO) is responsible for the effective operation of the infrastructure functions, driving operational efficiency whilst supporting the effective delivery of infrastructure services in line with business objectives and control requirements. It also includes oversight of Infrastructure Divisional Control Office (DCO) and Trade Settlement and Confirmations Operations (TSCO). Infrastructure Divisional Control Office (IDCO) as part of Infrastructure COO, provides services to multiple functions in infrastructure. The IDCO function is a dedicated risk, control, and regulatory oversight function, with prime responsibility for managing and proactively mitigating risk across the full breadth of the Technology and Infrastructure organization. Function also provides a consolidated view and central coordination of (non-financial) risks, as well as effective, efficient, and consistent standards and policies. (Technology Data & Innovation) TDI Control Testing & Assurance team part of IDCO identifies, tracks and reports control testing & assurance activities, conducts independent controls testing (design and operating effectiveness) on different risk types in line with the Control Testing Standards. The team also focuses on regulatory and risk-based assurance requirements. This role is within TDI Control Testing & Assurance team. Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Flexible working arrangements Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Perform Control Testing in line with Control Testing methodology/minimum standard Identify control deficiencies (findings), risks related to elements of controls, participate in findings agreement with stakeholders, escalate potential issues and exception items noted during the testing to senior management for discussion and further investigation, if deemed necessary Prepare Control Testing workpapers for senior management detailing testing results, document findings with highest quality Track Control Testing identified findings, perform required follow-up on open findings Consider regulatory and internal firm policy requirements as well as established best practices for control assurance. Support controls assurance activities Support in monitoring Control testing teams adherence to Control Testing methodology/minimum standards Support, contribute in managing Control Testing vendor resources, where applicable Track testing related effort/budget Plan Vs. Actuals throughout the testing lifecycle Build and maintain solid working relationships with key stakeholders such as within the DCO, IDCO, TSCO, GTI and other Testing Teams including Divisions/sub-divisions, 2 LoD and Group Audit (GA) Your skills and experience University degree preferably in Computer Science, Mathematics, Engineering or a related subject or equivalent qualification in the areas of information security. Professional/industry recognized qualifications e.g., CISA, CISSP, CISM, CRISC are beneficial. Experience in Cloud Security audit/testing, GCP (Google Cloud Platforms) or Professional/industry recognized qualifications e.g., CCSP, CCSK will be an advantage Good knowledge of auditing IT application controls, e.g., from IT audits or IT risk management. Understanding of the relationship between IT risk and underlying business process risk. Knowledge of regulations governing financial institutions is beneficial. Strong written and verbal communication skills and the ability to communicate effectively in conflict situations. Strong organizational skills and attention to detail. Ability to work under pressure, multi-task and prioritize workload. Strong analytical skills and structured thought process with the ability to clearly articulate control deficiencies and related risk Flexible, proactive, and innovative mind set with strong organizational skills to take ownership and responsibility for agreed targets and to meet them within budget to enable a timely and efficient completion of projects. This is an IC (individual contributor) role.