You Lead the Way. We ve Got Your Back. At American Express, you ll be recognized for your contributions, leadership, and impact every colleague has the opportunity to share in the company s success. Together, we ll win as a team, striving to uphold our company values and powerful backing promise to provide the world s best customer experience every day. And we ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong. Join Team Amex and lets lead the way together. About the Internal Audit Group at American Express: Our Internal Audit Group (IAG) is a worldwide function with 300+ team members and offices across nine countries within American Express. We are committed to growing our audit staff significantly. Our mission is to protect and enhance organizational value by providing independent, objective, risk-based assurance, advisory services and to influence the way the company manages risk. Our assurance and risk professionals have diverse backgrounds including internal controls, consumer compliance, technology, operational risk, financial accounting, data analytics, and banking operations. Our audit teams align to key risk areas and business units to ensure IAG can provide comprehensive and risk-based audit coverage. In addition, IAG has a Professional Practices group responsible for managing audit operations, quality, and standards; regulatory relations; reporting; training and professional development; and key internal capabilities and technologies. American Express IAG has reinvented our audit process and is leading the financial services industry with our Data-Driven Continuous Auditing, and Auditor of the Future initiatives. Each uniquely support our Winning Aspiration to be a world class internal audit function that: Provides data-driven and technology-enabled assurance Delivers timely risk insights that are business-aware and forward-looking Supports our colleagues with experiences that prepare them to be enterprise leaders About the Role: Our Internal Audit Group is seeking an eager Senior Auditor Technology Audit to help advance and grow our audit coverage across our IT general controls (ITGC) portfolio. In this role, the ideal candidate will focus on technology processes and technology risk management. This opportunity may include supporting Enterprise Projects, Third-Party Risk audit entities, as needed. Additionally, this role will work immediately alongside colleagues that provide coverage over IT Applications, Cybersecurity and Resiliency. Key Responsibilities include: Effective and efficient execution of audit procedures through planning, fieldwork and reporting stages in conformance with professional and department standards, assigned schedule and within budgeted hours. Work within an audit team in diverse geographic locations including co-sourced team-members throughout the audit lifecycle of planning Engage in continuous learning through department training and self-study on audit methodology, technology processes & controls, stakeholder communication and effective workpaper documentation. Contribute to the development of audit analytics that use data to tell the business story, evaluate results and work with audit and business colleagues to synthesize and document findings. Participate in and support planning and capture of meetings with management to represent audit objectives, scope, and results, clearly articulating the potential impact of control gaps capturing clarity and accuracy. Execute simultaneous global audit projects within the technology, projects or third-party risk domains including support of integrated audits that consider financial, operational and compliance. Minimum Qualifications Bachelor s or equivalent degree in technology, information systems or related field Big 4 audit/consulting experience 3+ years of experience in technology audit, IT risk management, cybersecurity or related fields including the audit life cycle and professional auditing practices Strong verbal and written communication skills that demonstrate an understanding of risks and controls with actionable feedback to audit managers and team leads. Effectively works within a team and across teams utilizing project management skills, employing creative thinking, a focus on quality, and the ability to work on competing priorities Familiarity with technology frameworks e. g. NIST and experience testing technology control domains Drive results with an ability to embrace complex scenarios with curiosity and confidence using process, risk/control knowledge and experience with IA standards, regulatory and financial industry guidance and best practices relevant to business, technology and data implications Strong sense of integrity and the ability and willingness to challenge and be challenged. Preferred Qualifications Experience in a regulated financial services environment Technology or other audit credentials e. g. Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) Certified Information Systems Auditor (CISA) Experience testing interface inputs, reports, application security, business continuity or third parties Understanding of data analytic tools, data visualization, key risk indicators (KRIs), key performance indicators (KPIs), and scorecards / dashboards Benefits include: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities

Job Title: Information Security Analyst - Security Certifications REPORTING TO : Manager, Information Security REPORTING LOCATION : Katowice, Poland WORKING LOCATION : India ROLE & OBJECTIVES : Role would focus on the attestations and certifications for relevant Eurofins functions as well as in providing guidance & supporting customer questionnaires. Support External Audits (SOC 2 - Type1/Type 2 , ISO 27001, and other IT Audits based on NIST Cybersecurity) for relevant functions/region wise. Define/review test of procedures/controls basis on the organization defined policies & procedures for relevant certifications. Execute the tests of the defined controls (ITGC - IT General Controls, Technical controls, Physical Controls, etc) as part of TOD (Test of Design) and TOE (Test of effectiveness). Manage reporting phase of the testing and ensure clarity of the reported findings. Explain details of findings to the Management stakeholders. Follow up on the reported findings for its remediation. Monitor the compliance via available GRC tools / dashboards and ensure gaps are mitigated by collaborating with other stakeholders. Well versed with ITIL Standardized Process to monitor the Service Now requests. QUALIFICATIONS AND EXPERIENCE REQUIRED: Minimum of 3 -9 years of professional experience in the field of Governance, Risk and Compliance or IT Audits. Required Knowledge of technical security concepts related to IT General Controls (ITGC Controls) - Identity & Access Management, Physical Security, Incident Management, Business Continuity & Disaster recovery, Change Management, Logging & Monitoring Data Management, Asset Management and Risk Management etc. Knowledge in any of these two framework/standard SOC 2- Type1/Type2, ITIL/ITSM, ISO/IEC 27001, NIST Cyber Security. Additional Knowledge in regulations like GDPR or SWIFT Attestation. Excellent Fluency in English (Verbal and Written). Appreciated Any security related certifications like: ISO27001, CISA, CISSP is an added advantage. Experience with a MNC company and/ or Big 4 accounting firm experience is an added advantage.

Overview Keysight is on the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our ~15,000 employees create world-class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn more about what we do. Our powerful, award-winning culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry-first solutions. Diversity, equity inclusion are integral parts of our culture and drivers of innovation at Keysight. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers. Tax Technology Team, being the hiring organization, is an integral part of Global Tax organization of Keysight Technologies, which is focused on providing the support, product and project management services specifically related with Transaction/Income/Property Taxes to consult, develop and deliver solutions that meet our internal customers business needs. TTT is primarily engaged in Plan of Record (POR) process management and solution investment benchmarking recommendations; and overall project management comprising business requirements analysis, functional solution design, partnering with IT and other business partner teams for solution development, testing and solutions deployment specifically related with Transaction/Income/Property Taxes Responsibilities Key Knowledge Skill Requirement: Relevant work experience, preferably in financial/tax compliance reporting, auditing or tax operation support Fair to expert skills on Oracle ERP needed with primary focus End to end Oracle R12 processes for P2P, Q2C, Intercompany AGIS with related linkages, GL knowledge will be advantageous. Working knowledge of SQL Will be an advantage to have working knowledge of Oracle Fusion Q2C process. Understanding on the Tax software products like Sabrix, OneSource etc. Experience in Project management using Agile methodology. Working knowledge of BI tools like Incorta, MSTR,etc. Knowledge of OneStream Tool will be an advantage. Ability to Lead and develop innovative solutions, while being part of high potential knowledge experts through focused self-drive and motivation Contribute and Deliver to the organization in leading/managing the delivery of programs and projects Ability to work and communicate across different levels geographies Expert knowledge of accounting principles and a strong self-starter Be a team player, having positive attitude Ability to understand the customer orientation and sense of urgency to all deliverables Ability to gain alignment on the solution approach, across multiple teams Inclination to learn the problem solving/troubleshooting and analytical skills Measures of Success Contribute to Increase customer satisfaction - Able to provide Customer consulting by identifying and recommending the innovation/improvement ideas for solutions Contribute to Increase speed to opportunity to build/increase TTT capability, capacity flexibility, Progress per plan on individual development plan Support the team for meeting the Zero compliance issues for Tax process and application design, signoff by SOX lead and Zero audit issues Complete the assigned work on time, in scope and within resource plan, without a need of day to day direction/supervision Qualifications Qualification: CA/ICWA/CFA/CISA/MBA (Finance) or Bachelor / Master s degree equivalent / B.Tech. or M. Tech. Work Experience: 5 - 8 years post qualification experience in the relevant field for working within support organization /on projects / processes Careers Privacy Statement ***Keysight is an Equal Opportunity Employer.**Key Knowledge Skill Requirement: Relevant work experience, preferably in financial/tax compliance reporting, auditing or tax operation support Fair to expert skills on Oracle ERP needed with primary focus End to end Oracle R12 processes for P2P, Q2C, Intercompany AGIS with related linkages, GL knowledge will be advantageous. Working knowledge of SQL Will be an advantage to have working knowledge of Oracle Fusion Q2C process. Understanding on the Tax software products like Sabrix, OneSource etc. Experience in Project management using Agile methodology. Working knowledge of BI tools like Incorta, MSTR,etc. Knowledge of OneStream Tool will be an advantage. Ability to Lead and develop innovative solutions, while being part of high potential knowledge experts through focused self-drive and motivation Contribute and Deliver to the organization in leading/managing the delivery of programs and projects Ability to work and communicate across different levels geographies Expert knowledge of accounting principles and a strong self-starter Be a team player, having positive attitude Ability to understand the customer orientation and sense of urgency to all deliverables Ability to gain alignment on the solution approach, across multiple teams Inclination to learn the problem solving/troubleshooting and analytical skills Measures of Success Contribute to Increase customer satisfaction - Able to provide Customer consulting by identifying and recommending the innovation/improvement ideas for solutions Contribute to Increase speed to opportunity to build/increase TTT capability, capacity flexibility, Progress per plan on individual development plan Support the team for meeting the Zero compliance issues for Tax process and application design, signoff by SOX lead and Zero audit issues Complete the assigned work on time, in scope and within resource plan, without a need of day to day direction/supervision

The Area: Morningstar is a leading global provider of independent investment insights. Our core competencies are data, research, and design, and we employ each of these to create products that clearly convey complex investment information. Our mission is to empower investor success and everything we do at Morningstar is in the service of the investor. Reporting to the Audit Committee of the Board of Directors, the purpose of the Global Audit and Assurance (GAA) function is to strengthen Morningstar s ability to create, protect, and sustain value by providing the Company with organizationally independent, risk-based, and objective assurance and consulting services to evaluate and improve Morningstar s governance, risk management, and control processes. The Role: Morningstar is looking for a Manager of GAA to play a critical role in the Mumbai Internal Global Audit Assurance function. This dynamic position offers an exciting opportunity to administratively lead a focused team of experienced auditors and to also execute a variety of projects, including risk assessments, audit engagements, advisory reviews, and special projects aimed at enhancing risk management, control, and governance. The role reports to the Global Audit Assurance Director and will be a key member of the functional leadership team. This is a full-time position and is based in Morningstar s Mumbai office. The manager may be required to travel to a number of domestic and international locations in support of our annual internal audit plan. Responsibilities Develop, schedule, and execute the risk-based audit plan that addresses the relevant and evolving business risks facing the company. Prepare and/or review the audit planning documents, audit programs, and supporting work papers. Prepare and/or review audit reports ensuring that all significant risk and internal control weaknesses are identified and that effective recommendations to address deficiencies are provided. Monitor the status of management corrective action plans and follow up as appropriate. Assist in managing the department s Quality Assurance and Improvement Program and external quality review. Provide guidance to management on internal control, governance, risk, and compliance activities. Promote high levels of ethical awareness and conduct and assist in the performance of investigations when appropriate. Implement data analytics and automation initiatives within internal audit activities to enhance efficiencies and increase audit effectiveness. Administratively manage a professional audit team with sufficient knowledge, skills, expertise, and professional certification to meet the audit requirements. Contribute to the continuous improvement of the overall IA methodology to ensure adherence to best practices. Ensure the professional development of the team through coaching and internal and external training. Assist in preparing reports to the audit committee. Coordinate with the Company s external audit firm co-source partners and cultivate external relationships. Partner with the SOX program to ensure key controls are tested in alignment with the audit plan. Perform other related duties as assigned. Requirements A bachelor s degree or equivalent in Accounting or Finance is required. A master s degree is a plus. CIA and/or CPA required; CISA and CFE considered a plus. Minimum of 8 years of progressive industry or public accounting experience (preferably with the Big 4 or national CPA firm and/or similar experience in corporate Internal Audit). Exceptional knowledge of internal audit standards, procedures, and techniques. Experience in executing and managing operational, financial, compliance, and IT audits and advisory engagements related to Risk Management, Governance, and controls. Strong understanding of COSO and GAAP. Strong experience performing data analytics and driving automation to realize efficiencies (preferably using tools such as Alteryx, Tableau, Power BI, UI Path, Automation Anywhere). Experience with electronic work paper tools (TeamMate, Workiva etc.) desired. Ability to effectively execute and manage several projects in multiple locations and manage time and the team effectively. Effective oral and written communication skills and the ability to write clear and concise audit reports. Proven ability to build and foster high-performance teams; build relationships with team members, business leaders, and global business functions. Flexibility/ adaptability to work a non-standard schedule as needed to accommodate various time zones where some process owners are located. Willingness to travel to domestic and international offices. Morningstar is an equal opportunity employer. Morningstar s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We ve found that we re at our best when we re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you ll have tools and resources to engage meaningfully with your global colleagues. R08_DBRSLtdCanada DBRS Limited - Canada Legal Entity

Job Description Job Title: Information Security Analyst - Security Certifications REPORTING TO : Manager, Information Security REPORTING LOCATION : Katowice, Poland WORKING LOCATION : India ROLE OBJECTIVES : Role would focus on the attestations and certifications for relevant Eurofins functions as well as in providing guidance supporting customer questionnaires. Support External Audits (SOC 2 - Type1/Type 2 , ISO 27001, and other IT Audits based on NIST Cybersecurity) for relevant functions/region wise. Define/review test of procedures/controls basis on the organization defined policies procedures for relevant certifications. Execute the tests of the defined controls (ITGC - IT General Controls, Technical controls, Physical Controls, etc) as part of TOD (Test of Design) and TOE (Test of effectiveness). Manage reporting phase of the testing and ensure clarity of the reported findings. Explain details of findings to the Management stakeholders. Follow up on the reported findings for its remediation. Monitor the compliance via available GRC tools / dashboards and ensure gaps are mitigated by collaborating with other stakeholders. Well versed with ITIL Standardized Process to monitor the Service Now requests. QUALIFICATIONS AND EXPERIENCE REQUIRED: Minimum of 3 -9 years of professional experience in the field of Governance, Risk and Compliance or IT Audits. Required Knowledge of technical security concepts related to IT General Controls (ITGC Controls) - Identity Access Management, Physical Security, Incident Management, Business Continuity Disaster recovery, Change Management, Logging Monitoring Data Management, Asset Management and Risk Management etc. Knowledge in any of these two framework/standard SOC 2- Type1/Type2, ITIL/ITSM, ISO/IEC 27001,NIST Cyber Security. Additional Knowledge in regulations like GDPR or SWIFT Attestation. Excellent Fluency in English (Verbal and Written). Appreciated Any security related certifications like: ISO27001, CISA, CISSP is an added advantage. Experience with a MNC company and/ or Big 4 accounting firm experience is an added advantage.

Overview: Cvent is a leading meetings, events, and hospitality technology provider with more than 4,800 employees and ~22,000 customers worldwide, including 53% of the Fortune 500. Founded in 1999, Cvent delivers a comprehensive event marketing and management platform for marketers and event professionals and offers software solutions to hotels, special event venues and destinations to help them grow their group/MICE and corporate travel business. Our technology brings millions of people together at events around the world. In short, we re transforming the meetings and events industry through innovative technology that powers human connection. The DNA of Cvent is our people, and our culture has an emphasis on fostering intrapreneurship - a system that encourages Cventers to think and act like individual entrepreneurs and empowers them to take action, embrace risk, and make decisions as if they had founded the company themselves. At Cvent, we value the diverse perspectives that each individual brings. Whether working with a team of colleagues or with clients, we ensure that we foster a culture that celebrates differences and builds on shared connections. In This Role, You Will: Perform and manage IT internal audit, security risk assessment, and IT governance, risk, and compliance projects across Cvent s global business and IT operations. The candidate s responsibilities will include performing IT general controls / IT application controls testing (60-70%) and supporting security compliance audits (30-40%). Past experience in IT audit with a working knowledge of Sarbanes-Oxley, COSO framework, and relevant security compliance frameworks is preferred. Duties will include, but may not be limited to: Lead IT testing efforts for the company s global internal controls compliance programs, including planning, testing, and evaluating IT general controls and IT application controls. Coordinate and perform walkthrough discussions with business owners to document an understanding of control/process designs. Ensure the preparation of detailed and well-organized audit workpapers, documenting testing procedures, findings, and recommendations. Investigate and address complex issues and control deficiencies, collaborating with leaders from across the organization to develop effective solutions. Support security risk assessments, security compliance audits (e.g., PCI DSS, SSAE 18/SOC 1/SOC 2, ISO 27001:2013), and external audits. Assist with maintenance of compliance documentation consisting of policies, standard operating procedures, guidelines, flowcharts, and process narratives. Heres What You Need: 3-6 years of demonstrated experience in IT auditing, security risk management, or governance risk, and compliance. Working knowledge of Sarbanes-Oxley, COSO, and relevant industry security standards (e.g., ISO 27001:2013, PCI DSS, and SOC 1 / SOC 2). Ability to learn quickly with a willingness to take ownership for new projects in a dynamic, fast-changing, entrepreneurial environment. Ability to collaborate across teams, regions, and cultures. This role will work collaboratively and cross-functionally with the Internal Controls, Information Security, and Internal Audit teams (based in India and the United States) to manage the company s global and rapidly evolving internal controls and compliance programs. Good interpersonal communication skills with the confidence to engage and collaborate with internal stakeholders, senior management, and external auditors to achieve positive compliance outcomes. Excellent presentation and written communications skills and a team-focused attitude. Proficiency with productivity and collaboration tools, such as AuditBoard, Microsoft Office, Slack, Box, and Zoom. Knowledge of Oracle EBS, AWS, and common enterprise SaaS solutions (e.g., Salesforce, Coupa, Workday) is a plus. Possess or actively seeking relevant certifications, such as CA, CIA, CISSP, CISA, CISM, or CRISC.

Responsibilities: Audit of processes and controls set up within those processes as a part of regulatory requirements Analysis of financial statements / reports for its accuracy and accounting effects Research, reconcile, and update financial transactions as per business need Take lead in troubleshooting and resolving day to day issues Assist and supervise team activities and keep track of day-to-day deliverables Learn, implement & apply the accounting standards / US GAAP / SAP guidelines to ensure compliance with disclosures in financial statements Experience in IT / System / Automated control Audits by understanding the system functionality ITGC & Financial Audit Completion of testing of IT controls in support of managements internal SOX control testing requirements Any other finance / Accounting work as per the business need Qualification: B.Com mandatory

About The Role : Drives the development and/or compliance of enterprise and business group information security and privacy policies to protect Intel's information assets, intellectual property, and privacy data. Documents security procedures, maintains the cyber risk registry and reports on continual improvement efforts. Participates in the planning and conducts security and privacy risk assessments to examine and verify security capabilities, behaviors, and controls for authentication, authorization, integrity, availability, assurance, audit, and disposal of Intel's information assets including determining exposure and compliance levels. Contributes to security and privacy risk assessments which identify threats, consequences, and vulnerabilities to business unit key assets, products, and services. Ensures adequate security processes and solutions are in place to mitigate or remediate identified risks sufficiently to meet business objectives, contractual, and/or regulatory requirements. Drives incident response activities ensuring security incidents are properly contained, eradicated, and recovered. Participates in internal security privacy assessments and compliance reviews, conducts risk analysis of business processes and technology solutions to evaluate whether they comply with internal security, privacy policies and standards as well as regulatory/industry requirements and best practices. Works with security teams to perform tests and uncover network vulnerabilities. Supports the assessment of all security and privacy risks across the enterprise including but not limited to, security operations, vulnerability lifecycle management, identity and access management, cryptography, forensics, regulatory compliance, governance risk and controls, internal counterespionage, threat detection and mitigation, system compliance, physical security analysis and security management. Qualifications Job Qualifications: You must possess the below minimum qualifications to be initially considered for this position: Bachelor's degree in Information Technology, Computer Science, Accounting, Finance, or a related field. Minimum of 5-10 years of experience in IT audit, IT compliance, or a related field, with at least 3 years in a SOx manager role. In-depth knowledge of SOX requirements and IT control frameworks (e.g., COBIT, COSO). Proven experience with IT general controls (ITGCs), application controls, and automated controls. Excellent communication, analytical, and problem-solving abilities. Ability to work effectively with cross-functional teams and manage multiple priorities. Professional certifications such as CISA, CISSP, or CPA is highly preferred. Inside this Business Group Intel's Information Technology Group (IT) designs, deploys and supports the information technology architecture and hardware/software applications for Intel. This includes the LAN, WAN, telephony, data centers, client PCs, backup and restore, and enterprise applications. IT is also responsible for e-Commerce development, data hosting and delivery of Web content and services.

Job Title - Security Assessor + Analyst/Sr Analyst + CISO(Corporate Function) Management Level :11/10- Analyst/Sr Analyst Location:Bangalore Must have skills:ISO27001, Conducted security assessment Good to have skills:other security standard such as NIST, COBIT etc. Job Summary : Resource will be responsible for conducting (Third-party audits)supplier security assessments. These assessments will verify the effective implementation of security controls in suppliers organization Roles & Responsibilities: Work directly with supplier contacts and business supplier management team to schedule and conduct the security assessment. Monitor the supplier on supplier risk management tools to analysis the risk and share action plan with supplier team for closure. Perform the assessment using customized work plan to address key risks of the Accenture suppliers (vendors) (Customized ISO27001 Controls) Identify assessment findings and recommend remediation Draft assessment report and submit for manager signoff Track and confirm closure of observations/findings Assessors will be part of a globally distributed team, and assess Accenture suppliers Professional & Technical Skills: Security+, CISA, CISSP or CISM certifications (optional) ISO 27001 Lead Auditor/Implementor (optional) Good technical writing skills Good communication skills Experience of managing Interaction with team management or senior management would be plus. Ability to think out of the box. Ability to be flexible and work creatively and analytically in a problem-solving environment Strong interpersonal, organizational and analytical skills Additional Information: Qualifications Experience:+2 years Educational Qualification:Graduation (10+2+3/4) / Bachelors Degree

Not Applicable Specialism Technology Strategy Management Level Senior Associate & Summary At PwC, our people in infrastructure focus on designing and implementing robust, secure IT systems that support business operations. They enable the smooth functioning of networks, servers, and data centres to optimise performance and minimise downtime. In infrastructure engineering at PwC, you will focus on designing and implementing robust and scalable technology infrastructure solutions for clients. Your work will involve network architecture, server management, and cloud computing experience. & Summary PwC s Hybrid Cloud & Technical Resilience capability helps clients transform their business with innovative technology solutions. It enables organizations to optimize applications and services across various cloud solutions (e.g., public, private, edge, etc.) , achieving greater value through innovation while enhancing customer and employee experiences. As a Senior Associate, youll join a team solving complex business issues, focusing on hybrid cloud solutions and IT system resilience from strategy to execution. This role requires technical knowledge and strong client engagement skills. PwC Professional responsibilities at this level include but are not limited to Foster a collaborative environment where people and technology excel together. Contribute to open discussions with teams, clients, and stakeholders to build trust. Understand basic infrastructure technologies and be eager to learn more. Adhere to the firms code of ethics and business conduct. Job Requirements and Preferences Basic Qualifications Minimum Degree Required Bachelor s degree in Information Technology , Computer Science, Risk Management, or a related field. Minimum Years of Experience Will Reflect 4 years [Aligned to all requisitions] 23 years of relevant experience designing and delivering public, private, hybrid, or multicloud solutions and migrating applications and services to these hosting environments with a focus on modernization , disaster recovery and resilience . Preferred Qualifications Certification(s) Preferred Certification(s) from a leading cloud service provider (AWS, Azure, GCP) Certification(s) from a leading onpremises infrastructure provider (VMware, Nutanix Microsoft, RedHat, NetApp, EMC, Cisco, Arista) Certified Business Continuity Professional (CBCP) ITIL Certification Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) AWS or Azure certifications related to resilience or infrastructure Preferred Knowledge/Skills Demonstrates thought leaderlevel abilities with, and/or a proven record of success directing efforts in the following areas Demonstrates experience with public, private, hybrid, and multicloud Infrastructure ( Network, Server, Storage, and Database) discovery, design, build, and migration ; AWS, Azure, GCP certification ; Experience with private and public, private, and/or hybrid cloud architectures with migration and infrastructure/application migration modernization experience ; Experience in IT resilience, disaster recovery, or technical risk consulting, preferably in a professional services environment ; Collaborate with clients to identify critical business functions and their dependencies on IT system ; Experience with developing IT resilience strategies tailored to clientspecific environments and challenges ; Lead workshops and training sessions to educate client teams on resilience best practices. Develop and refine B usiness C ontinuity P lans (BCPs) that integrate technology resilience considerations ; Recommend and configure tools and processes to enhance client resilience capabilities, including backup and recovery solutions ; Excellent communication and presentation skills, with the ability to translate technical details into business value for clients ; and, Strong organizational and project management skills in a fastpaced environment Demonstrates abilities and/or success in the following areas Architectural and / or engineering exposure to Windows, Linux, UNIX, VMware ESXi , HyperV, XenServer , Oracle DB, SQL Server, IIS Server, SAN, NAS, and other onpremises hosting technologies ; Workload migration and automation toolsets ( CloudEndure , Azure, Turbonomics , Python, TerraForm , etc.) ; Strong knowledge of IT infrastructure (e.g., cloud systems, networks, and cybersecurity) ; Experience with resilience tools, such as disaster recovery as a service ( DRaaS ), backup platforms, or monitoring solutions ; and, Familiar with risk management frameworks (e.g., ISO 22301, ISO 27001, NIST, ITIL). Travel Requirements 50% Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required Degrees/Field of Study preferred Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Architectural Engineering, Cloud Virtualization, Communication, Continuous Deployment, Continuous Integration/Continuous Delivery (CI/CD), Creativity, Data Infrastructure, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Hardware Troubleshooting, Inclusion, Infrastructure Architecture, Infrastructure Management, Infrastructure Monitoring, Infrastructure Optimization, Infrastructure Services, Infrastructure Support, Intellectual Curiosity, IT Infrastructure {+ 18 more} Available for Work Visa Sponsorship? No Government Clearance Required? Yes

Not Applicable Specialism Technology Strategy Management Level Senior Manager & Summary Summary A career in our Advisory Acceleration Center is the natural extension of PwC s leading global delivery capabilities. The team consists of highly skilled resources that can assist in the areas of helping clients transform their business by adopting technology using bespoke strategy, operating model, processes and planning. You ll be at the forefront of helping organizations around the globe adopt innovative technology solutions that optimize business processes or enable scalable technology. Our team helps organizations transform their IT infrastructure, modernize applications and data management to help shape the future of business. An essential and strategic part of Advisorys multisourced, multigeography Global Delivery Model, the Acceleration Centers are a dynamic, rapidly growing component of our business. The teams out of these Centers have achieved remarkable results in process quality and delivery capability, resulting in a loyal customer base and a reputation for excellence. . & Summary PwC s Hybrid Cloud & Technical Resilience capability helps clients transform their business with innovative technology solutions. It enables organizations to optimize applications and services across various cloud solutions (e.g., public, private, edge, etc.), achieving greater value through innovation while enhancing customer and employee experiences. As a Senior Manager, you will shape client strategies for highly available and resilient hybrid and multicloud solutions to optimize application and services hosting . You will lead complex projects, advise executives, and mentor teams to deliver resilient solutions. This role requires technical expertise , strategic vision, and strong client relationship management, establishing PwC as a trusted IT resilience partner. PwC Professional skills and responsibilities for this level include but are not limited to Serve as a trusted advisor to client executives, providing strategic guidance on IT resilience, D isaster R ecovery (DR), and B usiness C ontinuity (BC). Lead the design and delivery of comprehensive hybrid and multicloud and resilience programs that align with clients business objectives and risk appetites. Drive innovation by identifying and integrating emerging technologies and practices into client solutions. Deal effectively with ambiguous and unstructured problems and situations. Initiate open and candid coaching conversations at all levels. Contribute technical knowledge in select areas of specialization ( e.g. networking, hybrid cloud, enterprise resilience, etc . ) Contribute to an environment where people and technology thrive together to accomplish more than they could apart. Navigate the complexities of crossborder and/or diverse teams and engagements. Uphold the firms code of ethics and business conduct. Job Requirements and Preferences Basic Qualifications Minimum Degree Required Bachelors degree Minimum Years of Experience 810 years of relevant experience designing and delivering public, private, hybrid, or multicloud solutions and migrating applications and services to these hosting environments with a focus on modernization. Preferred Qualifications Certification(s) Preferred Certification(s) from a leading cloud service provider (AWS, Azure, GCP) , focus on security and resilience preferred Certification(s) from a leading onpremises infrastructure provider (VMware, Microsoft, RedHat, NetApp, EMC, Cisco (CCNP/CCIE), Arista, Palo Alto, F5, etc.) Certified Business Continuity Professional (CBCP) Certified Information Systems Security Professional (CISSP) ITIL Certification Certified Information Systems Auditor (CISA) Preferred Knowledge and Skills Demonstrates abilities and/or success in the following areas Excellent articulation, communication and strong interpersonal skills. Experience in participating in transformation initiatives for mid to large scale organizations AWS, Azure, or GCP certification. Experience with private, and/or hybrid cloud architectures with infrastructure/application migration modernization experience. Demonstrates abilities and/or success in the following areas Deep expertise in IT infrastructure, cloud platforms, cybersecurity, and resilience technologies. Advanced knowledge of DR and BC planning, including tools and solutions such as DRaaS , backup systems, and monitoring platforms. Expertlevel experience with enterprise networking technologies, tools & processes, including routing & switching, L47 traffic management ( e.g. load balancing), global server loadbalancing, firewalls, data center fabric, campus networks, as well as networking routing protocols such as MPLS, OSPF, BGP, BGPEVPN, etc. Expert experience with installation, configuration, troubleshooting, and supporting of cloud and onpremises infrastructure solutions hands on keyboard experience. Experience in documenting and explaining network and infrastructure topologies. Experience with network segmentation and knowledge of network segmentation leading practices. Handson experience with firewall platform migrations and insertions within enterprise data centers and cloud landing zones. Expert knowledge of application transport and infrastructure protocols (DNS, DHCP, IPAM, SSL/TLS, NTP, FTP, HTTP/S, SMTP, LDAP/S, and Microsoft AD). Understanding and implementation of network traffic analysis for troubleshooting. Prior experience in working with technical teams and/or transformation programs related to networking technologies. Familiarity with the latest technology trends in the network domain including Cloud, SDN, NFV and open networking ( e.g. AWS, Azure, GCP, Fabric control and transport protocols, etc.). Exposure to or experience with programming/scripting languages or tools used to automate network infrastructures ( e.g. Python, Ansible, Terraform, etc.). Ability to create critical collaterals for client workshops and customer interactive sessions. Architectural and / or engineering exposure to Windows, Linux, UNIX, VMware ESXi , HyperV, XenServer , Oracle DB, SQL Server, IIS Server, SAN, NAS, and other onpremises hosting technologies. Workload migration and automation toolsets ( CloudEndure , Azure, Turbonomics , Python, TerraForm , etc.). Network management and analysis toolsets (SolarWinds, NetScout, NetBrain , Splunk, Gigamon, Dynatrace, Datadog). Advise clients on compliance with relevant regulatory and industry standards, such as ISO 22301, NIST, and ITIL. Demonstrates thought leaderlevel abilities with, and/or a proven record of success directing efforts in the following areas Oversee multiple highprofile client engagements, ensuring quality delivery, stakeholder satisfaction, and value realization. Develop and maintain seniorlevel client relationships, building trust and fostering longterm partnerships. Provide thought leadership during client discussions, influencing key decisions on resilience strategy and implementation. Lead and mentor crossfunctional teams, fostering a culture of collaboration, innovation, and excellence. Develop and deliver training programs to enhance internal and client teams expertise in resilience and continuity. Provide coaching to managers and consultants, helping them achieve their professional growth goals. Travel Requirements 50% Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required Degrees/Field of Study preferred Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Architectural Engineering, Cloud Virtualization, Coaching and Feedback, Communication, Continuous Deployment, Continuous Integration/Continuous Delivery (CI/CD), Creativity, Data Infrastructure, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Hardware Troubleshooting, Inclusion, Influence, Infrastructure Architecture, Infrastructure Management, Infrastructure Monitoring, Infrastructure Optimization, Infrastructure Services, Infrastructure Support {+ 26 more} Available for Work Visa Sponsorship? No Government Clearance Required? Yes

Overview: This role is responsible for executing complex audit assignments and investigations at direction of Internal Audit management, providing valuable insights into Gartner s risk management, control, and governance processes. This role will work closely with Gartner Internal Audit team managers globally . This role will be based in Gurgaon, India and report to the Manager, Audit & Controls. Key responsibilities: Support team management to scope and execute comprehensive audits of financial, operational, and compliance areas, ensuring adherence to and timely completion of the annual audit plan. Identify, assess, and document risks and controls within business processes, providing recommendations for improvement. Engage with company stakeholders to test and assess company processes and internal controls. Prepare and present clear, concise audit reports to senior management, highlighting key findings and actionable recommendations. Collaborate with cross-functional teams globally to drive process improvements and enhance risk management practices. Stay abreast of industry best practices, emerging risks, and regulatory changes, incorporating them into audit strategies. Key qualifications: 4-7 years of experience in internal audit, external audit, or a related field. Experience in a Big Four or large accounting firm is advantageous. Experience in scoping and executing internal audit work programs is required. Strong understanding of internal control frameworks, risk management, and governance principles is required. Proficiency in data analytics tools such as ACL, IDEA, or similar platforms, with the ability to apply advanced techniques is advantageous. Expertise in ERP systems (e.g., SAP, Oracle) and IT control frameworks (e.g., COBIT, ITIL) is advantageous. Proven ability to manage multiple priorities, meet deadlines, and deliver high-quality work. Other requirements: Bachelor s degree in Accounting, Finance, Business Administration, or a related field. A Master s degree or professional certification (e.g., CIA, CISA, CA, CPA, CFE, etc.) is highly preferred. Excellent analytical, problem-solving, and communication skills, with the ability to influence and engage stakeholders at all levels. Experience with data visualization tools (e.g., Tableau, Power BI) is advantageous. Knowledge of regulatory requirements and industry standards relevant to the company s sector. #LI-MS7 Who are we? What makes Gartner a great place to work? What do we offer? Ready to grow your career with Gartner? Join us. The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to seek to advance the principles of equal employment opportunity. . Job Requisition ID:97687 Gartner Applicant Privacy Link: https: / / jobs.gartner.com / applicant-privacy-policy For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.

br> Employment Type: Full Time, Permanent Work mode: Onsite Job description GRC Program Management: Develop, implement, and manage the overall IT GRC program. Define and enhance policies, procedures, and standards related to information security and compliance. Risk Management: Identify, assess, and prioritize IT risks. Work closely with stakeholders to develop risk mitigation strategies and ensure their effective implementation. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards. Conduct regular compliance assessments and audits. Policy Development: Develop and maintain information security policies, ensuring alignment with organizational objectives and industry standards. Training and Awareness: Conduct training sessions and awareness programs on GRC best practices. Collaborate with stakeholders to ensure a comprehensive understanding of compliance requirements. Incident Response and Investigation: Lead and participate in incident response activities. Conduct investigations into security incidents and breaches. Continuous Improvement: Drive continuous improvement initiatives in the GRC program. Stay informed about emerging trends, threats, and regulatory changes affecting the GRC landscape. Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. Advanced certifications such as CISA, CISSP, or CRISC are highly desirable. 7+ years of hands-on experience in IT Governance, Risk Management, and Compliance. Proven experience in implementing and managing GRC frameworks, such as NIST, ISO 27001, or COBIT. Strong understanding of regulatory requirements (e.g., GDPR, HIPAA, SOX) and industry standards. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Demonstrated ability to lead and drive change in a complex and dynamic environment.

Senior Security Engineer, XFlow XFlow is building cross-border payments infrastructure that provides businesses access to global markets, starting with those in India and subsequently other parts of South South East Asia. We are enabling users to accept and payout money globally in a simple , reliable , compliant , transparent and financially compelling manner . Building payments infrastructure is hard , and elegantly solving for cross-border payments infrastructure for businesses even more so. The complexity stems from the different changing regulatory requirements of the many countries that we will operate in, building payment guarantees in existing rails (or for that matter, creating a new payment rail altogether) and capturing value in a way where we are net additive to our users. This complexity excites and motivates us because we know that when we get it right, businesses around the world and their customers will be better off for it. Finally, and we cannot stress this enough, culture eats everything else for breakfast. We aim to be an engineering driven company that believes finance problems are rooted in code and strongly prefer individuals who share a similar belief. You will: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Perform vulnerability testing, risk analysis and security assessments for every software and system change Continuously monitoring for changing cyber threats, Identify and communicate current and emerging cyber security threats to relevant stakeholders. Perform assurance services to assess IT security controls across various platforms (Linux, Unix, Mac, Windows), compliance needs (example ISO-27001, SOC2, GDPR) and regulations (example SOX, PCI DSS). Secure endpoints or entry points of end-user devices such as desktops, laptops, and mobile devices from being exploited by malicious actors and campaigns. Develop, test and modify custom security testing scripts for vulnerability testing. Identify and define system security requirements Research, recommend and document security architecture, prepare and document standard operating procedures and protocols Develop technical solutions and adopt security tools to help mitigate security vulnerabilities and automate repeatable tasks Ensure that the company knows as much as possible, as quickly as possible about security incidents Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement Analyze security incident reports and implement mitigation plan Guide product development with security first mindset practices and meet security assurance and compliance needs. Own and adopt robust security tools and techniques, understand security trade-offs in the face of threats, attacks or vulnerabilities. Work with stakeholders and other business units to ensure the appropriate security assurance requirements are established in our security policies, enforced, and communicated. You have: 6-8 years proven work experience as a Security Engineer Hands-on experience of AWS (or GCP or equivalent) cloud operating model and relevant security practices. Deep understanding of networks, database and operating system security Proficient with Windows, Unix, and Linux Operating Systems environment. Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication and authorization systems, log management, content filtering, etc. Deep understanding of network elements such as switches, routers, firewalls, IPS/IDS and the related rulesets, ACLs. Additional knowledge on configurations specific to AWS Network ACLs, Security Groups etc and their equivalent in GCP etc. Automation Scripting in Bash Python Thorough understanding of the latest security principles, techniques, and protocols Strong problem solving skills BE/BS or MS or MTech degree in Computer Science or related security field Security Certifications would be treated as a plus. Examples include: CISSP, CISA, CRISC, OSCP. Contact: If you think you re the person we re looking for, please write to [email protected] XFlow is building cross-border payments infrastructure that provides businesses access to global markets, starting with those in India and subsequently other parts of South & South East Asia. We a...

About the Role: Vice President - Information Security will be responsible for leading and driving the organizations information security strategy, policies, and operations. will play a critical role in protecting the company from cybersecurity threats, fraud, and data breaches while fostering trust with customers and partners. VP will oversee all aspects of information security, including risk management, compliance, governance, and incident response. Responsibilities: Develop and implement a comprehensive information security strategy aligned with the organizations business objectives. Provide strategic direction on security initiatives to protect the confidentiality, integrity, and availability of the organization s information assets. Establish and maintain an enterprise-wide information security risk management framework. Conduct regular risk assessments to identify vulnerabilities, threats, and potential impacts on the business. Develop and oversee the implementation of incident response plans to manage and mitigate security breaches effectively. Lead the organizations response to cyber incidents, ensuring swift resolution and minimal disruption. Oversee the Security Operations Center (SOC) to monitor, detect, and respond to threats in real-time. Manage the deployment and maintenance of security tools and technologies, such as firewalls, SIEM, endpoint protection, and DLP systems. Ensure secure architecture and design for on-premises and cloud-based IT systems. Assess and manage the security posture of third-party vendors and service providers. Desired Candidate Profile: Minimum 15 years of experience in information security, with a proven track record of managing enterprise-wide security programs.Should have 3-5 years of experience with either blockchain / Fintech, Payments or digital asset management sectors. Must have experience of working regulated firms. Experience in designing and implementing security measures in both on-premise and cloud-based environments (e.g., AWS, Azure, Google Cloud). Strong understanding of regulatory frameworks and compliance requirements such as GDPR, HIPAA, PCI DSS, or SOX. Holding security certifications such as CISSP, CISM, CISA Preferred. In-depth knowledge of cybersecurity frameworks, threat intelligence, risk management, and security technologies. About Liminal: Liminal is a compliant and insured digital asset custody and wallet infrastructure provider. Launched in April 2021, Liminal Custody is a CCSS Level 3, SOC Type 2, and ISO 27001 27701 certified organization. Based in Singapore, Liminal has operations spread across APAC, MENA, and Europe, along with offices in Singapore,Taiwan , India, and UAE. The company has received an FSP license from FSRA in ADGM and initial approval from VARA. Liminal takes pride in supporting businesses with its qualified and insured custody (self and institutional) that enables stress-free safekeeping of digital assets for institutions. It also provides a cutting-edge wallet infrastructure platform that is secure, compliant, and automated and comes with a plug-and-play architecture for faster onboarding of developers, business partners, and government agencies. Our website - https://www.liminalcustody.com/

About Us: Invimatic is committed to delivering high-quality services while ensuring the security and privacy of our clients and their customers data. We are looking for a strategic and experienced Information Security Officer to lead our information security initiatives and drive SOC 2 compliance across the organization. Job Summary: The Chief Information Security Officer (CISO) will be responsible for developing, implementing, and managing a comprehensive information security program that ensures the Security, confidentiality, integrity, privacy and availability of our customers data. The CISO will play a critical role in guiding the organization through the SOC 2 compliance process, ensuring that all necessary controls are established and maintained to meet SOC 2 standards. Key Responsibilities: Strategy Development: Develop and implement an information security strategy aligned with the company s goals and objectives. Establish a road-map for achieving SOC 2 compliance and continually assess compliance against SOC 2 criteria. Policy and Procedure Creation: Create and enforce information security policies, procedures, and standards to ensure compliance with SOC 2 requirements. Ensure the policies are regularly updated and communicated to all employees. Risk Management: Identify, assess, and mitigate information security risks related to company operations and data management. Conduct regular risk assessments and audits to evaluate the effectiveness of security controls. Team Leadership: Lead the information security team, fostering a culture of security awareness and compliance throughout the organization. Provide guidance and mentorship to team members in implementing security best practices. Stakeholder Collaboration: Work closely with executive leadership, IT, legal, and compliance teams to ensure alignment on security initiatives and SOC 2 compliance efforts. Serve as the primary point of contact for internal and external stakeholders regarding security and compliance matters. Training and Awareness: Develop and implement a security training and awareness program for all employees to promote a culture of security. Incident Response and Management: Oversee the incident response plan and ensure timely and effective responses to security incidents. Lead post-incident analysis to identify areas for improvement and prevent future occurrences. Continuous Improvement: Stay informed about industry trends, threats, and regulatory changes that may impact information security and compliance. Continuously evaluate and improve the organization s information security posture and compliance with SOC 2 standards. Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field; Master s degree preferred. Minimum of 6-10 years of experience in information security, with a focus on compliance (SOC 2 preferred). Proven experience in implementing and managing security frameworks and compliance programs. Strong understanding of SOC 2 requirements and best practices. Relevant certifications such as CISM, CISSP, or CISA are highly desirable. Excellent leadership, communication, and interpersonal skills.

Required Skills Technology | Cybersecurity Principles, Best Practices and Threat Landscape | Level 4 Support Technology | Project Management Skills | Level 5 Support Technology | Risk Management | Level 5 Support Technology | Leadership skills to guide and motivate Cybersecurity Teams | Level 5 Support Technology | Incident Response Coordination | Level 5 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | ITIL F/CompTIA Project+/Certified ScrumMaster/CISSP/CISA/AWS Certified Solutions Architect/Microsoft Certified: Azure Administrator Associate/Project Management Professional/Certified Kubernetes Administrator/CRISC Delivery Skills required are: - Project and Program Management: - *Overseeing large-scale and complex technology projects and programs. *Allocating resources effectively, including personnel, budget, and technology infrastructure. *Conducting comprehensive risk assessments specific to technology operations. *Developing and implementing risk mitigation strategies to minimize disruptions and ensure continuity. Communication and Stakeholder Engagement: - *Communicating complex technical concepts and strategies to stakeholders at all levels of the organization. *Tailoring communication approaches to meet the needs of diverse audiences, both technical and non-technical. *Building and maintaining relationships with key stakeholders to ensure their support and alignment with technology operations initiatives. Strategic Leadership and Management: - *Developing and implementing long-term technology strategies aligned with organizational goals and industry trends. *Aligning technology initiatives with business objectives and ensuring they support overall organizational strategy. *Leading organizational change initiatives related to technology transformations, upgrades, and process improvements. Continuous Improvement and Innovation: - *Driving innovation initiatives within technology operations to enhance efficiency, effectiveness, and competitiveness. *Identifying opportunities to streamline processes, automate tasks, and improve operational efficiencies within technology operations. *Promoting a culture of innovation and knowledge sharing across technology teams. Team Leadership and Development: - *Building and leading high-performing technology operations teams. *Cultivating a culture of collaboration, innovation, and continuous improvement. *Setting strategic performance goals and objectives for technology operations teams. *Resolving conflicts and addressing challenges within technology teams and with stakeholders.

The person will be responsible for risk-based audit activities across several different business areas within Crisil. As an Associate Director in Crisil Internal Audit team the person will be responsible for leading internal audit process reviews in collaboration with an internal audit service provider, implementing and executing enterprise risk management (ERM) framework defined, leading risk-related projects, and performing technology audits. The role requires strong stakeholder management, risk assessment expertise, and the ability to provide insights on process enhancements. The ideal candidate for this role must be an experienced financial services professional with strong internal control and auditing skills, experience in ERM engagements with a strong level of comfort with data and technology. Partner with the internal audit service provider to plan and execute the internal audit program. Lead and execute internal audit process reviews, ensuring compliance with regulatory and organizational standards. Conduct technology audits (40-50% focus), including cybersecurity, data privacy, and emerging technology risk assessments. Develop and execute risk-based audit plans, ensuring the identification of key control gaps and associated risks. Oversee Enterprise Risk Management (ERM) governance, including risk identification, assessment, and mitigation strategies. Lead and manage risk-related projects, ensuring timely delivery and alignment with business objectives. Engage with senior stakeholders, providing risk insights and recommendations to enhance internal controls and risk management processes. Monitor regulatory developments and emerging risks, advising leadership on potential impacts. Support process improvements and automation initiatives to enhance audit efficiency and risk assessment frameworks. What We re Looking For: Strong understanding of internal audit methodologies, risk-based auditing, and industry best practices. Experience in conducting technology audits, including cybersecurity, cloud governance, data analytics, and IT risk management. Strong analytical, problem-solving, and critical-thinking skills with the ability to assess complex business processes. Excellent communication skills (both verbal and written) to engage with senior stakeholders and present audit findings effectively. Ability to work independently, manage multiple assignments, and collaborate with cross-functional teams. Proficiency in risk assessment frameworks (e.g., COSO, NIST, ISO 27001) and regulatory requirements. Basic Qualifications: Minimum 10-11 years of experience in financial services internal audit or related roles (operational risk, credit risk, compliance risk). Experience with integrated audits, electronic work papers and standard productivity tools. Strong academic and professional credentials including an undergraduate degree Professional certifications preferred (CA, CAMS, CRMA, CISA, CISM, CISSP etc.).

JD for DLP : Data Leakage Prevention Assistant Manager / Manager: Design and enforce Data Leakage Prevention (DLP) policies across email, endpoints, cloud, and network environments. Configure, monitor, and fine-tune Zscaler DLP to prevent unauthorized data transfers. Investigate, analyze, and respond to DLP alerts while ensuring timely remediation of policy violations. Conduct security awareness programs on data protection best practices. Continuously assess and improve DLP rules to reduce false positives and enhance effectiveness. Generate and present periodic reports on DLP incidents, violations, and risk trends to senior management Share KRI reports for inclusion in dashboards, KRI tracking, RCSA reports, and other governance activities Experience : Minimum 2 years of experience in configuring, managing & monitoring DLP solutions preferably Zscaler. Expertise in DLP rule creation, policy tuning & incident handling across email, endpoint, cloud & network environment. Proven ability to investigate & remediate data leakage incidents

Conduct questionnaire-based assessments to evaluate vendors' cybersecurity practices. Perform on-site assessments of critical vendors as necessary. Analyze assessment results and provide detailed risk reports to stakeholders. Collaborate with internal teams to remediate identified risks. Prepare and report on key metrics to measure the effectiveness of the TPRM program. Develop dashboards and reports to communicate TPRM performance to senior management. Review variations to the standard cyber clause in contracts and facilitate necessary negotiations and approvals in collaboration with legal, procurement and risk teams. Stay current with industry trends, regulations, and best practices in cybersecurity and third-party risk management. Mentor and guide junior cyber risk analysts in their professional development. Provide training and support to team members on TPRM methodologies, tools, and best practices. Foster a culture of continuous learning and improvement within the team. Assist in developing and refining assessment processes and methodologies. Contribute to the creation of training materials and internal knowledge bases. Work closely with the TPRM Lead in Australia to align assessment processes and risk management strategies.

ROLE SUMMARY: The Associate Director of Technology Risk Advisory (TRA) will lead and oversee the development and growth of a high-performing Technology Risk Advisory practice. The role involves strategic planning, team building, client engagement, and service delivery while ensuring excellence in Cybersecurity, Governance, Risk, and Compliance (GRC), Technology Operations (TechOps), Security Operations (SecOps), and Global Privacy Regulations. This leader will focus on delivering client-centric solutions and building a robust practice. JOB DESCRIPTION : Practice Management : Operations : Develop a strategic roadmap to build and scale the Technology Risk Advisory practice. Design service offerings in Cybersecurity GRC, TechOps, SecOps, and Privacy Advisory. Establish robust frameworks, methodologies, and tools for delivering advisory services. Develop and implement cybersecurity frameworks based on ISO 27001, NIST CSF, COBIT, and other standards. Guide security operations, including SIEM, threat intelligence, and incident response. Offer advisory on technology operations, including IT infrastructure optimization and Dev SecOps integration. Ensure compliance with global privacy regulations (GDPR, CCPA, HIPAA, etc.). Design privacy programs, data protection mechanisms, and compliance monitoring systems. Maintain a strong understanding of emerging regulations and their impact on clients. Sign off on client cybersecurity strategies, encompassing threat management, incident response planning, business continuity, and disaster recovery. Ensure the effective execution of multiple projects simultaneously, adhering to project timelines, scope, and budget requirements. Profitability/Revenue Management : Increase topline revenue for the Practice as per predefined goals, while maintaining the practice gross margin. Budget management & optimization. Take responsibility for the IT Governance, Risk Management and Compliance budget. Business Relationship Management for IT Governance and Risk - this role will be a critical interface between the Firm's Leadership and the TRA team and will be required to present to the Leadership and the Executive teams periodically. Identify, prioritize, define and refine the Information Security strategy through the evaluation of new approaches and solutions in collaboration with the Managing Committee. Sales & Marketing Support : Drive growth through business development, partnerships, and client acquisition strategies. Identify market trends and position the practice as a thought leader in the industry. Develop marketing strategies, including whitepapers, webinars, and industry events. Support the Sales teams for deal closures Create visibility for the practice on various platforms and among a larger network Provide technical support to the sales & marketing team on practice service verticals Support the business development process, including proposal development, client pitches, and contribution to marketing efforts. Development of the Practice and promotion of the the Firm's brand name via articles in publications, regular update management for clients, speaker at seminars, etc. People Management: Ensure that personal and team objectives and strategy are aligned to departmental and organizational goals, and actively tracked and reported on across the year. Build and manage a team including recruitment, appraisals, developing training material, providing training to team members, and technically guiding the teams in completing their assigned deliverables Review of efficient and effective planning, selection and team management of all resources throughout the year including temporary resource redeployment within team/with other departments, Build and mentor a high-performing team with a blend of technical and advisory expertise. Retention of existing employees and measurable attrition management Address issues at emotional/infrastructural level at work being faced by teams, take responsibility for team building and career development of the team. Identify training needs of teams and assist in skill building wherever required. Ensure strategic resource planning, coupled to long term forecasting via the Annual Business Plan and 3/5 year plans, and in collaboration with HR. Succession planning for all critical roles within the team. Client Management & Quality Client Management: Act as a trusted advisor to clients, providing expert insights into technology risk management. Develop solutions aligned with client needs, industry standards, and regulatory requirements. Drive impactful outcomes, engage with senior client stakeholders, including CXOs and board members. Serve as the primary point of contact for key clients, managing expectations, building long-term relationships, and understanding their evolving technology risk needs. Provide thought leadership and expert guidance to clients on industry trends, regulatory developments, and emerging cybersecurity threats. Be part of critical client presentations and discussions to communicate project outcomes, cybersecurity vulnerabilities, and remediation strategies in a clear and actionable manner. Proactively identify opportunities to expand service offerings and assist clients in achieving their cybersecurity objectives. Manage current and developing new relationships and alliances. Quality: Maintain quality across all projects and seek active feedback on the same from all internal/external stakeholders. DESIRED CANDIDATE PROFILE: To be tailor-fit for the above skillsets, you need to have the following, Qualifications: Bachelors/masters degree in computer science, Information Security, or a related field. Professional certifications (CISSP, CISM, CRISC, CISA, or equivalent). Advanced certifications in privacy (CIPM, CIPT, or equivalent) preferred. Experience : 12-14 years of experience in Cybersecurity GRC, TechOps, and SecOps, with at least 5 years in a leadership role. Proven track record of building and scaling advisory practices, preferably in a global context. Intermediate knowledge of global privacy regulations and related compliance requirements. Experience in performing/overseeing IT audits, control assessments, and developing cybersecurity strategies and risk management frameworks. Knowledge of ethical hacking techniques, threat modelling, and exploitation of security vulnerabilities. Prior business development, sales, client management and practice management experience. Experience of handling a large client portfolio with a strong professional network/presence. Strong experience in leading large teams and managing complex client engagements. Skills : Advanced expertise in Cybersecurity frameworks, risk management, and operational security. Deep understanding of regulatory environments and privacy laws globally. Excellent leadership, communication, and stakeholder management skills. Strong business acumen, with the ability to identify and capitalize on market opportunities. In-depth knowledge of IT Governance, Risk, and Compliance (ITGRC) frameworks such as ISO 27001, NIST, COBIT, PCI DSS, and GDPR.

Risk Consulting - Protect Tech - Senior Manager The opportunity your next adventure awaits. Are you a tech-savvy professional with a risk mindset who is passionate about building a better working world through the power of people, technology, and innovation? We have an incredible opportunity for you to join our dynamic Protech Tech team and make a real impact in the rapidly evolving world we live in. Within Risk Consulting, you will focus in the areas of areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, IT and Digital Transformations (including ERP and Cloud transformations), while enabling technology to better manage risk. As a member of our team, you will have the chance to work with industry leaders and help transform businesses by tackling the most complex challenges with our clients. This is client-facing role in a rapidly growing practice, where you ll build client relationships with key stakeholders, including management executives for some of the most globally recognized brands. It makes this the perfect place to gain a deeper understanding of complex businesses transactions, all the while recommending solutions to some of the most pressing business challenges and process inefficiencies. You will also team up with our global professionals in multidisciplinary engagements, helping major global clients transform and sustain business performance. You will be leveraging emerging technologies like AI, ML, to build and enhance new solutions and actively work in building multiple tools and assets for efficient and effective client delivery. By plugging into our market-leading global network, youll gain the experience you need to become an exceptional IT Risk Advisor Your Key Roles and Market Leadership and client management Executive-level skills in client relationship management and the hold conversations with senior executives. Partnering with onshore teams to understand client s business & related industry issues / trends for global clients. Contribute to new solution development basis the industry trends and client s problem statement. Conduct knowledge sharing discussions & contribute to EY thought leadership. Supports in responding to RFPs Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Identify opportunities for cross-selling to current clients/introduce colleagues from other service lines. Assist Partners/Directors in driving the account management agenda by focusing on high impact opportunities. Create innovative insights for clients, adapts methods & practices to fit operational team needs & contributes to thought leadership documents. Represent the firm in various industry conferences and associations - network with individuals, contribute to key discussion items and explore business opportunities. Delivery and Team management Understanding our clients overall technology strategy to effectively manage risk while transforming their business. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Lead large engagements in the areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, IT and Digital Transformations (including ERP and Cloud transformations) Actively contribute to improving operational efficiency on projects & internal initiatives by leveraging on lessons learned from other projects. Monitor engagement economics & ensure timely billing of invoices & actively follow-up on collections by managers/seniors. Manage a team of Managers and Seniors (across locations) to manage delivery of engagements for multiple processes across clients and conduct comprehensive risk assessments to identify and prioritize potential IT risks against technology strategies, business applications and platforms, and digital transformations. Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the clients business. Demonstrate subject matter & industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices). Stay up to date with emerging industry trends and technologies, suggest innovative solutions to engagement teams and provide recommendations to clients on potential risks and opportunities. Operational Excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Manage engagement budgets and ensure compliance with engagement plans and internal quality & risk management procedures. People related Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Understand EY and its service lines. Actively encourage team members to contribute ideas. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives. Drive campus recruitment initiatives To qualify for the role, you must have Chartered accountant (CA) or Masters degree in Management, Information Systems/ Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline Passion for technology and an ardent desire to work in risk management. Minimum 10 years of a Big 4 or professional firm or professional industry experience in risks & controls, with more than 6 years of experience in IT Risk Management, IT Regulatory Compliance, IT Audit, IT Transformation Risk Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments - IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) Cognitive problem solving capabilities, quick decision making skills and ability to handle complex situations with a calm demeanor Exceptional interpersonal, written, and verbal communication skills Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines. Globally mobile and flexible to travel to onsite locations Team player with strong interpersonal skills Ability to think differently and innovate Ideally, you ll also have Responsible for the performance and appraisal of direct reports, including training and developing necessary skill sets to enable them to grow in their careers. Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers.

Role Summary The Internal Audit Department is responsible for overseeing the company s internal audit program. This position is for an experienced internal audit team member who enjoys hands-on involvement in planning and executing internal audits. Job Requirements Education - CA, MBA, CPA Other qualifications as a plus - CIA, CISA, CFE etc. Relevant Experience 6 to 11 years internal audit experience. SOX experience is a plus Audit firm work experience preferred Experience in the residential real estate, residential credit, and corporate credit industry is a plus Exposure to the US Real Estate industry and US legal requirements is a plus Job Requirement Roles & Responsibilities Execute Apply appropriate audit methodology to conduct audit engagements in order to identify key risks and controls Select and apply the appropriate tools and techniques for data gathering, analysis, and reporting requirements Obtain reliable, relevant, and sufficient information and data from various process owners for critical evaluation Use insights from data collected to identify key risks and develop audit observations and recommendations Develop, implement and monitor internal audit testing plans to ensure delivery in accordance with agreed timelines Identify opportunities for process improvement Report Prepare and review audit reports incorporating observations, the root cause of issues, impact on the organization, recommendations, and non-conformance areas for relevant stakeholders to review Analyze, document, test, and follow up on issues and reporting data Prepare and maintain audit work papers and document audit evidence in accordance with documentation requirements Follow Up Follow up with the respective process owners for closure of non-conformance areas as per Internal Audit observations and timelines Stakeholder Management Collaborate with stakeholders to understand business, processes and obtain required data Communicate audit results and recommendations to key business stakeholders Provide regular updates to stakeholders on the status of the internal audit engagement as required Governance & Compliance Provide status update reports on audit exceptions Update knowledge on compliance requirements related to specific project areas and add value to the company Operate within the organizations frameworks for governance, risk, and control Key Result Areas Identify risks and improve internal controls Timely and effective management of assigned Internal Audits Recommend and implement changes to strengthen audit processes and internal controls Timely completion of all Internal Audits with high-quality deliverables

Job Description CAFRAL is looking for a highly proficient & competent person to work as Senior Program Director in its Learning Wing/Vertical. The person should have good conceptual understanding and broad - based practical experience and knowledge of banking & finance. He/she will ideate and design CAFRAL s learning programs and organize their effective delivery for senior executives from the financial sector. He/she will also look after the budgeting and marketing of the learning programs. He /she will also be required to design and execute web based learning programs. Qualification(s) Post Graduate from a reputed university/Institute OR MBA (finance) from a reputed university/Institute OR Rank holder in CA Additional professional qualifications in banking, finance, technology etc. such as CFA/FRM/CAIIB/CISA will be an added advantage. Work Experience Essential Minimum 20 years experience in Financial Sector in senior positions preferably as General Manager and above or equivalent from banking and other financial sector entities. Domain knowledge in one or more areas such as financial regulation, financial sector supervision, internal inspection & audit, corporate lending, retail lending, risk management, financial markets & treasury operations, asset liability management, balance sheet management, digital banking & data analytics. Desirable Experience in teaching banking & finance related areas Experience in capacity building activities/projects Experience of participation in overseas Trainings and Conferences, etc. in topics relating to banking, finance, financial regulation, financial sector supervision and governance, etc. Other requirements Proven overall leadership competencies. Excellent written and oral communication skills Creativity and out of the box thinking Ability to network with professional bodies, financial sector organizations, multilateral institutions, central banks and other agencies in India & abroad.

Job Purpose Perform LHS-RHS activity with respective stakeholders including COEs, Business Compliance and horizontal support functions. Closely work with CDI and CMT teams within compliance. Validate and confirm closure of LHS-RHS response in compliance system. Duties and Responsibilities Major Activities carried out by the role 1.Major Activity 1 Perform LHS-RHS activity closed for all required circulars and guidelines issued by regulators. Create and execute annual LHS-RHS activity plan for all master circulars and guidelines. Work closely Businesses, COEs, Horizontal support functions for closure of LHS-RHS activity and become compliant for all guidelines issued by various regulators. 2.Major Activity 2 Engage and work closely with Businesses, COEs, Horizontal support functions to become compliant on all LHS points for various guidelines issued by regulators. Engage and work closely with sub functions within compliance unit (eg. CMT, CDI, advisory team etc) 3.Major Activity 3 Publishing reports on ICF activities Track and moderate closure of No items with respective stakeholders Key Decisions / Dimensions Prioritization of work and tasks as per situations and requirements -Co-ordination with stakeholders and submitting on various tool requirement. Major Challenges Complexity due to 99 PPG and compliance requirement -Maintaining timeline of LHS-RHS for multiple guidelines by multiple regulators (Majorly RBI along with IRDA, NPCI and UDAI. -Initial challenges with Compliance tool, as it is new and yet to be completely developed and maintained. -Very high expectation from the role. -New and big team Required Qualifications and Experience a)Qualifications CA / CS with 4-5 years experience in banking industry Additional certifications in banking and Compliance like CIA / CISA / CAIIB are preferred Strong domain knowledge of RBI requirements related to retail assets, liabilities, payments, etc in BFSI sector is required b)Work Experience 4 to 5 years of experience in Banking and finance industry in Compliance / operations / audit functions. Expertise in understanding of regulatory requirements specifically from RBI. Strong domain knowledge of RBI requirements related to retail assets, payments, etc in BFSI sector is required Relevant experience in content creation c)Skills Keywords Excellent communication skills and presentability Demonstrate leadership, negotiation, communication and audit/ compliance management skills in order to handle CDI team activities and engage with Senior Management Develop rapport with Business teams for adding value through compliance recommendations. Bring new knowledge on board and keep updated with rapidly changing business environment. Constantly challenge status quo for bringing value addition