882 Cisa Jobs - Page 3

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security #Eviden

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security Let s grow together.

Ready to be pushed beyond what you think you re capable of? At Coinbase, our mission is to increase economic freedom in the world. It s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform and with it, the future global financial system. To achieve our mission, we re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company s hardest problems. Our work culture is intense and isn t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Team/ Role Paragraph: The Internal Audit Function at Coinbase works to enhance and protect organizational value by providing independent, risk-based, objective assurance and advisory services designed to add value and improve the Companys operations. The Internal Audit Function helps Coinbase accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, compliance, risk management, and control processes. The Coinbase Internal Audit function is looking for a highly Internal Audit Findings Senior to help set up a Findings Validation Function. This role is based in India (Remote) and will be reporting to an Internal Audit Manager. The individual will be responsible for learning and supporting all aspects of the Finding validation process, including validation, testing and reporting. What you ll be doing (ie. job duties): To be completed by all business teams except Eng. Meticulously assessing managements corrective actions to ensure they are sufficient, implemented promptly, and are sustainable. This includes findings from internal audits, external exams, and regulatory bodies. Proactively engaging with auditees and business stakeholders to efficiently acquire necessary evidence for testing and validation. Partnering with cross-functional teams and global internal audit colleagues across the US, APAC and EMEA to facilitate and align remediation efforts. Producing comprehensive reports on the status of findings remediation for various legal entities Serve as a value-add and advisory function to business partners by identifying ways to address audit findings or opportunities for enhancements with the goal of mitigating risk and improving technology, security, and operational performance without compromising 3rd Line of Defense independence and objectivity. Assist with responses to regulatory inquiries as they relate to internal audit matters. Communicate with and educate process owners effectively, including non-finance individuals, on the importance of controls, an effective control environment, and the role of Internal Auditor Findings. Remain current and increase knowledge of regulatory requirements that impact the organization, as well as in the areas of internal control, technology, security, business, company products and company information. Championing new ideas and innovative solutions to enhance the efficiency and effectiveness of the findings validation process and overall internal infrastructure. What we look for in you (ie. job requirements): To be completed by all business teams except Eng. Professional Internal Audit / IT Audit qualification (e.g., CA, CIA, CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice 6+ years of experience in Internal Audit, Risk Management, Compliance or Management Consulting Excellent understanding of an internal control environment Working knowledge of laws, regulations, risk management practices for the financial services industry Relevant industry experience and/or public accounting experience preferred Solid analytical and problem solving skills, with high standards for quality, accuracy and attention to detail Excellent written and verbal communication skills Demonstrated proficiency in leveraging Google Suite, GRC Tools and AI tools. Nice to haves: Experience working in a fast paced organization Experience with Regulatory Finding/Issue Validation Entrepreneurial attitude and experience with, or the ability to adapt to, a rapidly growing start-up with associated complexities and ambiguities Experience working with/in an out-sourced or co-sourced internal audit function Ability to work across functions and time zones Understanding of crypto, payments and/or financial services industry and experience in auditing information systems and controls Professional Internal Audit / IT Audit qualification (e.g., CA, CIA, CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice ID: P71685 #LI-Remote Pay Transparency Notice: The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision). Pay Range: 2,755,300 2,755,300 INR Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbases roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here) . Global Data Privacy Notice for Job Candidates and Applicants Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here . By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. AI Disclosure For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment . To request a reasonable accommodation due to disability, please contact accommodations@coinbase.com .

TempHtmlFile Job Title : Analyst Function : Governance, Risk and Compliance Services (GRCS) Location : Pune OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes Oxley 404 Assistance Compliance Assistance Contracts and regulations Corporate Governance Advisory Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Analysts are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Consistently deliver quality client services Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes Demonstrate basic accounting and process related knowledge. Demonstrate ability to assimilate to new knowledge Remain current on new developments in advisory services capabilities and industry knowledge The job would require travel to client locations within India and abroad THE INDIVIDUAL Have basic understanding of process consulting/ internal audit/ risk consulting Strong analytical and problem solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage Strong written and verbal communication skills Ability to work well in teams Basic understanding of IT systems, Knowledge of MS office ( MS Excel, PowerPoint, Word etc) Have the ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours Be willing to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic Qualification Graduates (BE/B.Tech, BCom, BMS, BBM or similar degree) with 1 - 2 years of related audit, business or sector experience Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desk Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential KPMG Advisory Services is for you! .

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Tertiary -> Technology | Cybersecurity Principles, Best Practices and Threat Landscape | Level 4 Support | 4 - Advanced Primary -> Technology | Project Management Skills | Level 5 Support | 5 - Expert Primary -> Technology | Risk Management | Level 5 Support | 5 - Expert Secondary -> Technology | Leadership skills to guide and motivate Cybersecurity Teams | Level 5 Support | 5 - Expert Secondary -> Technology | Incident Response Coordination | Level 5 Support | 5 - Expert Certification : Technology | ITIL F/CompTIA Project+/Certified ScrumMaster/CISSP/CISA/AWS Certified Solutions Architect/Microsoft Certified: Azure Administrator Associate/Project Management Professional/Certified Kubernetes Administrator/CRISC Delivery Skills required are: - Project and Program Management: - *Overseeing large-scale and complex technology projects and programs. *Allocating resources effectively, including personnel, budget, and technology infrastructure. *Conducting comprehensive risk assessments specific to technology operations. *Developing and implementing risk mitigation strategies to minimize disruptions and ensure continuity. Communication and Stakeholder Engagement: - *Communicating complex technical concepts and strategies to stakeholders at all levels of the organization. *Tailoring communication approaches to meet the needs of diverse audiences, both technical and non-technical. *Building and maintaining relationships with key stakeholders to ensure their support and alignment with technology operations initiatives. Strategic Leadership and Management: - *Developing and implementing long-term technology strategies aligned with organizational goals and industry trends. *Aligning technology initiatives with business objectives and ensuring they support overall organizational strategy. *Leading organizational change initiatives related to technology transformations, upgrades, and process improvements. Continuous Improvement and Innovation: - *Driving innovation initiatives within technology operations to enhance efficiency, effectiveness, and competitiveness. *Identifying opportunities to streamline processes, automate tasks, and improve operational efficiencies within technology operations. *Promoting a culture of innovation and knowledge sharing across technology teams. Team Leadership and Development: - *Building and leading high-performing technology operations teams. *Cultivating a culture of collaboration, innovation, and continuous improvement. *Setting strategic performance goals and objectives for technology operations teams. *Resolving conflicts and addressing challenges within technology teams and with stakeholders.

Transforming the Future of Enterprise Planning At o9, our mission is to be the Most Value-Creating Platform for enterprises by transforming decision-making through our AI-first approach By integrating siloed planning capabilities and capturing millions even billions in value leakage, we help businesses plan smarter and faster This not only enhances operational efficiency but also reduces waste, leading to better outcomes for both businesses and the planet Global leaders like Google, PepsiCo, Walmart, T-Mobile, AB InBev, and Starbucks trust o9 to optimize their supply chains Role Overview: We are seeking a skilled and detail-oriented Security Engineer II Compliance to help manage and maintain our global compliance framework You will play a key role in implementing and sustaining information security and data privacy programs across the organization, with a strong focus on ISO 27001 and GDPR compliance Key Responsibilities: Own and manage compliance initiatives for ISO 27001 and GDPR frameworks (must-have) Contribute to alignment with additional frameworks like SOC 2 and NIST (preferred) Maintain and update compliance documentation: Risk assessments Statement of Applicability (SoA) Control implementation records Conduct and document Data Protection Impact Assessments (DPIAs) Support internal and external audits , including evidence collection and stakeholder coordination Identify gaps in compliance and work with relevant teams to close them effectively Draft, review, and update security and privacy policies, procedures, and internal standards Promote principles such as privacy by design , data classification , and data retention Collaborate with cross-functional teams to ensure a strong compliance culture across the organization Required Skills & Experience: 3 6 years of hands-on experience with ISO 27001 and GDPR compliance programs Familiarity with SOC 2 and NIST frameworks is a plus Strong knowledge of data protection concepts and security control implementation Experience managing audits and regulatory assessments Excellent skills in documentation, organization, and communication Ability to work independently and manage multiple priorities in a dynamic environment Preferred Certifications: ISO 27001 Lead Implementer / Auditor CIPP/E (Certified Information Privacy Professional/Europe) CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) Why Join o9 Solutions in Bangalore Be part of a fast-growing global company making a real impact Collaborate with smart, driven, and passionate people Competitive compensation and benefits A culture that values innovation, transparency, and ownership More about us At o9, transparency and open communication are at the core of our culture Collaboration thrives across all levels hierarchy, distance, or function never limit innovation or teamwork Beyond work, we encourage volunteering opportunities, social impact initiatives, and diverse cultural celebrations With a $37 billion valuation and a global presence across Dallas, Amsterdam, Barcelona, Madrid, London, Paris, Tokyo, Seoul, and Munich, o9 is among the fastest-growing technology companies in the world Through our aim10x vision, we are committed to AI-powered management, driving 10x improvements in enterprise decision-making Our Enterprise Knowledge Graph enables businesses to anticipate risks, adapt to market shifts, and gain real-time visibility By automating millions of decisions and reducing manual interventions by up to 90%, we empower enterprises to drive profitable growth, reduce inefficiencies, and create lasting value o9 is an equal-opportunity employer that values diversity and inclusion We welcome applicants from all backgrounds, ensuring a fair and unbiased hiring process Join us as we continue our growth journey!

Why Join Us To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win. We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees passion for travel and ensure a rewarding career journey. We re building a more open world. Join us. Introduction to Our Team The Senior Internal Auditor would be reporting to the Operational Audit Senior Manager, and would perform the tactical end-to-end execution of financial and operational risk management, compliance, assurance and audit projects, including discovery, scoping, planning, fieldwork, development/design of recommendations, report writing, tracking of audit issues, and verification of management action items, under the guidance/direction of managers. In this role you will: Acquire and demonstrates a solid understanding of how the department operates and fits into the larger organization Acquire a solid understanding of the various functions/organizations within the broader enterprise Demonstrate solid awareness of the policies, practices, trends and information that impact the organization and its customers Demonstrate solid understanding of the financial, operational, and technical impact of decisions/solutions on the organization and its customers Keep relevant stakeholders informed of key progress toward or significant changes to task timing that impacts the project schedule Assist team members in the creation of routine technical communication materials (e.g., policies & procedures, guidelines, presentations, messages) Apply a solid understanding of electronic workpapers and/or GRC and Audit Management systems Apply a solid understanding of IIA framework Plan and execute audit and consultancy projects, including but not limited to audit planning, facilitation of process interviews, identification of risks, internal controls testing, identification of issues, and communication of audit/consultancy results to Company management; Demonstrate understanding of key business process risks and controls, and perform evaluation of design and effectiveness of controls; Perform advisory work for key processes or projects being implemented consisting of evaluating gaps and risk and providing guidance prior to implementation; Participate in enterprise-wide risk assessment interviews with key partners; Demonstrate strong project management skills and the ability to multi-task on quality work deliverables; and Build and maintain strong positive relationships with Expedia personnel as a representative of the Corporate Audit Team Apply a solid understanding of operational, regulatory and technical compliance Apply practical data analysis methods and procedures including the collection, analysis and developing of insights of data Apply solid understanding of risks and controls to develop audit planning documents, including Risk and Control Matrices (RCM), process and data flow diagrams, and executive-level planning memos Prepare relevant audit workpapers and reports for senior management on the results of financial and operational audits or other risk-based assessments Leverage proper techniques and solid knowledge to interpret basic audit analyses and reports. Experience and Qualifications: 3-5 years of relevant experience in financial, regulatory or operational risk/assurance consulting or internal audit Bachelors degree in related field or equivalent related professional experience Big 4 public accounting experience preferred, but not required CPA/CA, CIA, CISA, CISM, CISSP, CFE, CMA, RICS APC, CCIM or similar certification desired Excellent written and verbal communication skills with previous experience in writing internal audit reports Understanding, developing, interpreting process models, flowcharts, narratives; Operational business processes and best practices; Accounting and finance concepts, processes and standards; Data governance (e.g., frameworks, policies, third-party data risks, and data security and protection) Data privacy compliance including GDPR, CCPA and other regulations Big Data (e.g. data analysis and visualization tools, data engineering modeling, scripting language such as SQL or Python) Accommodation requests If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request . We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others. Expedia Groups family of brands includes: Brand Expedia , Hotels.com , Expedia Partner Solutions, Vrbo , trivago , Orbitz , Travelocity , Hotwire , Wotif , ebookers , CheapTickets , Expedia Group Media Solutions, Expedia Local Expert , CarRentals.com , and Expedia Cruises . 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. . Never provide sensitive, personal information to someone unless you re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs . Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" Director, Cyber Security. What Youll Contribute 3+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.

Eviden, part of the Atos Group, with an annual revenue of circa 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security #Eviden Let s grow together.

Jun 20, 2025 Location: Bengaluru Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 2 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru

Job Title: Deputy Manager IS Audit Department: Information Systems Audit Location: Mumbai/Hyderabad Interview Date Reference: Candidate qualifications & certifications must be valid as of 30.06.2025 Basic Qualifications (As on 30.06.2025): Educational Qualification: B.E. / B.Tech. in Computer Science / Software Engineering / IT / Electronics or equivalent discipline Minimum 50% aggregate marks Degree must be from a Govt. of India recognized university / institution / board or one approved by a government regulatory body. Professional Certifications: Mandatory: CISA (Certified Information Systems Auditor) from ISACA, USA (Must be valid on the date of interview) Desirable: CEH (Certified Ethical Hacker) from EC-Council, USA Experience (Post-Education) (As on 30.06.2025): Essential: Minimum 4 years of work experience in BFSI / IT / Information Security Consultancy Out of which, 2 years must be in IS Audit / Cyber Security Audit / Information Security Consultancy Note: Training / Teaching experience will not be considered All claimed experience should be supported by employer-issued certificates Desired Technical Skills: Proficiency in Vulnerability Assessment & Penetration Testing (VAPT) tools such as: Nessus, Retina, SAINT, Kali Linux Key Responsibilities: Conduct Information Systems (IS), Cyber Security, and IS Concurrent Audits. Perform IT Outsourced Activities Audit in line with organizational and regulatory standards. Evaluate compliance with internal IS / IT / Cyber Security Policies, RBI & regulatory guidelines, and international best practices. Identify system vulnerabilities and support mitigation actions to enhance the Bank’s security posture. Execute Compliance, Migration, and Special audits as directed. Draft and maintain detailed audit synopsis reports and value statements as per policy and audit guidelines. Liaise with various auditee departments for evidence-based compliance and timely closure of audit observations. Regularly upgrade knowledge and share insights with the IS Audit team to build team capability. Key Result Areas (KRA): Timely and efficient conduct of all assigned Information System Audits. Ensuring prompt follow-ups for compliance reporting. Achieving timely audit report closure in line with internal timelines. Submitting accurate and regular audit status reports to senior management. Contributing to knowledge-sharing, mentoring, and skill development within the IS Audit team. Periodically reviewing and updating audit frameworks and checklists to reflect current regulatory and cyber trends

Job Title: Deputy Manager IS Audit Job Type: Permanent on the payrolls of the company. Department: Information Systems Audit Location: Mumbai/Hyderabad Interview Date Reference: Candidate qualifications & certifications must be valid as of 30.06.2025 Basic Qualifications (As on 30.06.2025): Educational Qualification: B.E. / B.Tech. in Computer Science / Software Engineering / IT / Electronics or equivalent discipline Minimum 50% aggregate marks Degree must be from a Govt. of India recognized university / institution / board or one approved by a government regulatory body. Professional Certifications: Mandatory: CISA (Certified Information Systems Auditor) from ISACA, USA (Must be valid on the date of interview) Desirable: CEH (Certified Ethical Hacker) from EC-Council, USA Experience (Post-Education) (As on 30.06.2025): Essential: Minimum 4 years of work experience in BFSI / IT / Information Security Consultancy Out of which, 2 years must be in IS Audit / Cyber Security Audit / Information Security Consultancy Note: Training / Teaching experience will not be considered All claimed experience should be supported by employer-issued certificates Desired Technical Skills: Proficiency in Vulnerability Assessment & Penetration Testing (VAPT) tools such as: Nessus, Retina, SAINT, Kali Linux Key Responsibilities: Conduct Information Systems (IS), Cyber Security, and IS Concurrent Audits. Perform IT Outsourced Activities Audit in line with organizational and regulatory standards. Evaluate compliance with internal IS / IT / Cyber Security Policies, RBI & regulatory guidelines, and international best practices. Identify system vulnerabilities and support mitigation actions to enhance the Banks security posture. Execute Compliance, Migration, and Special audits as directed. Draft and maintain detailed audit synopsis reports and value statements as per policy and audit guidelines. Liaise with various auditee departments for evidence-based compliance and timely closure of audit observations. Regularly upgrade knowledge and share insights with the IS Audit team to build team capability. Key Result Areas (KRA): Timely and efficient conduct of all assigned Information System Audits. Ensuring prompt follow-ups for compliance reporting. Achieving timely audit report closure in line with internal timelines. Submitting accurate and regular audit status reports to senior management. Contributing to knowledge-sharing, mentoring, and skill development within the IS Audit team. Periodically reviewing and updating audit frameworks and checklists to reflect current regulatory and cyber trends

Job Summary We are seeking a detail-oriented and compliance-savvy professional to join our growing security and governance team. In this role, you will be primarily responsible for managing and responding to customer-initiated vendor risk assessments , security questionnaires, and compliance inquiries. This position will serve as a subject matter expert on our organizations security, privacy, and compliance posture, ensuring timely, accurate, and complete responses to customer risk management requests Key Responsibilities Customer Security Assessments Respond to incoming vendor security questionnaires, risk assessments, and due diligence requests from customers and prospects. Coordinate across internal teams (e.g., IT, DevOps, Product, Legal) to gather accurate information and documentation. Maintain and update standard response documentation such as SIG, CAIQ, VSA, and other common assessment formats. Security & Compliance Documentation Management Maintain a library of up-to-date compliance documents, certifications, and standard responses (e.g., SOC 2, ISO 27001, GDPR data maps). Assist with streamlining the response process by building knowledge bases and improving automation where possible. Cross-functional Collaboration Partner with Legal, Sales, Security, and Product to support customer RFPs and security discussions. Participate in security and compliance reviews during customer onboarding or procurement cycles. Policy and Process Development Contribute to the creation and revision of internal policies, procedures, and control narratives as needed to support security posture transparency. Identify opportunities for process improvement in the vendor response lifecycle. Qualifications Required: 3+ years of experience in compliance, customer assurance, GRC, or security operations. Direct experience responding to customer security questionnaires and vendor risk assessments. Solid knowledge of security and privacy frameworks such as SOC 2, ISO 27001, NIST CSF, GDPR, and/or HIPAA. Strong communication and technical writing skills with the ability to translate complex concepts for diverse audiences. Familiarity with tools like OneTrust, Whistic, SecurityScorecard, Drata, Vanta, or similar. Preferred: Industry certifications such as CISA, CCSK, CIPM, or similar. Experience supporting enterprise customers and working closely with Sales or Customer Success teams. Background in SaaS, cloud-native environments, or cybersecurity. Why Join Us? Make a direct impact on customer trust and enterprise security posture Collaborate in a supportive, high-performing team environment Enjoy competitive compensation, certification support, and growth opportunities Show less

Hiring a Senior Cybersecurity GRC Consultant, you will play a pivotal role in helping organizations manage and improve their Governance, Risk, and Compliance (GRC) frameworks. You will be responsible for setting up and leading assessments, implementing strategies, and advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements. 8+ Years of Experience in cybersecurity, risk management, and governance, with a proven track record of leading GRC initiatives. Educational Background: Bachelors or Masters degree in Information Technology, Cybersecurity, Computer Science, Business Administration, or a related field. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or similar. Must have experience in customer facing projects (onsite / offsite); Should be able to lead the junior team members. In-depth Knowledge of Cybersecurity Frameworks: Expertise in implementing and advising on security frameworks such as Unified Cybersecurity Framework, NIST/RBI/IRDAI/SEBI Cybersecurity Frameworks, ISO 27001/2, CIS Controls etc. Project Management: Proven ability to manage and lead multiple GRC projects simultaneously, with strong organizational and time-management skills. Client-Focused: Demonstrated ability to build and maintain relationships with clients, providing expert advice and ensuring customer satisfaction. Cloud Security: Knowledge of cloud environments (AWS, Azure, Google Cloud) and their associated risks and compliance requirements. Penetration Testing & Vulnerability Management: Familiarity with vulnerability assessment, penetration testing, and ethical hacking practices. Incident Management: Experience in developing or improving incident response plans, business continuity plans, and disaster recovery strategies.

0px> Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5. 00 billion in fiscal 2024. For more information, visit www. amdocs. com In one sentence Secures enterprise information by developing, implementing, and enforcing security controls, safeguards, policies, and procedures What will your job look like Develop, implement, and administer security policies and plans for Amdocs as well as carry out information security activities in accordance with the established policies and guidelines Build and assess security policies for the OS, network, and database. This will require analyzing and evaluating security vulnerabilities, and managing security systems such as anti-virus, firewalls, patch management, intrusion detection, and encryption Recommend fixes, security patches, and any other measures required in the event of a security breach. Assist in coordinating contingency plan tests on a periodic basis Coordinate security orientation and security awareness programs. You will build standard operating procedures for security tools and processes per industry best practices Be responsible for carrying out penetration testing and vulnerability assessments to align with client security needs across countries You will design, implement, and report on security system and end-user activity audits; monitor server, application, and network traffic for unusual or suspicious activity; interpret activity and make recommendations for resolution You will be responsible for coordinating, assessing & addressing customer security needs All you need is. . . Bachelor degree in engineering or equivalent CISA/CISM preferable CISSP/CEH preferable ISO27001 certified Experience with operating systems (Windows, Linux, and Unix) and network Knowledge and hands-on experience with TCP/IP and other network protocols. Knowledge of firewall architecture and design, network architecture, and monitoring and reporting solutions to proactively identify issues and mitigate risk Knowledge of information security concepts and methodologies Knowledge of compliances (PCI DSS, SoX, DPA, and so on) and IS standards (ISO 27001, BS25999, ISO 20000, OWASP, and so on) Knowledge of risk management methodologies and approach Knowledge of Secure SDLC methodology Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave

Job Role- Internal Audit - Process & IT Work days - 5 days Experience - Minimum 8-10 years of relevant insurance / financial services experience including IT operations/ audit. Recognized accounting/auditing/information system certifications (e.g. CA, CISA, CIA, CISSP) Traveling - Primarily based out of Mumbai Head Office. Occasional travel as per requirement. Job Overview Concerned individuals will be responsible for Planning and execution of internal audits in accordance with the laid down process. Providing support to the Head-internal audit for other internal audit related activities including Board presentations and liaising with senior management. Responsibility- Executing internal audits (process-based as well as IT) in accordance with the approved audit plan including o Compliance with the internal audit methodology o Using data analytics for a stratified sample o Working closely with management and recommending appropriate risk and control initiatives including best practice Display independence in execution of audit and management of various stakeholders Ensure upkeep with applicable rules and regulations Ensure upkeep with Companys policies and procedures Using CAATs and other tools to extracts and analyze data for trends and patterns, and designs review mechanism to identify potential irregularities and increase coverage and efficiencies for audit projects Liaise/manage external firms deployed which provide support to the Internal Audit department Follow up with process owners/ stakeholders on the progress for remediation initiatives, and validate adequacy of the remediation actions Support the Head of Audit with reporting to Board and/or Audit Committee Liaise with Regional Office including group auditors on audit progress, remediation status and other audit initiative Provide support to additional projects and to identify and pursue on-going process improvements. Support continuous improvement of internal audit practices and tools.

Company: Leading Health Insurance. Role: Internal Audit - Process & IT. Location: Jogeshwari, Mumbai. Experience - Minimum 8-10 years of relevant insurance / financial services experience including IT operations/ audit. Recognized accounting/auditing/information system certifications (e.g. CA, CISA, CIA, CISSP) Job Overview Concerned individuals will be responsible for Planning and execution of internal audits in accordance with the laid down process. Providing support to the Head-internal audit for other internal audit related activities including Board presentations and liaising with senior management. Responsibility- Executing internal audits (process-based as well as IT) in accordance with the approved audit plan. Compliance with the internal audit methodology. Using data analytics for a stratified sample. Working closely with management and recommending appropriate risk and control initiatives including best practice. Display independence in execution of audit and management of various stakeholders. Ensure upkeep with applicable rules and regulations. Ensure upkeep with Companys policies and procedures. Liaise/manage external firms deployed which provide support to the Internal Audit department. Follow up with process owners/ stakeholders on the progress for remediation initiatives, and validate adequacy of the remediation actions. Liaise with Regional Office including group auditors on audit progress, remediation status and other audit initiative. Provide support to additional projects and to identify and pursue on-going process improvements. Support continuous improvement of internal audit practices and tools. Interested candidates can share their resumes at bhumika@rightmatch.co.in / +918788674591

As a SOC Architect at Sennovate, located in Coimbatore, you will be a part of an Information Security managed Security Service provider specializing in Identity and Access Management (IAM) and Security Operations Center (SOC) powered by AI. Your role will involve leading the SOC Team with a strong focus on research and development in the Security domain. If you align with Sennovate's culture, which emphasizes accountability, respect, continuous learning, personal ownership, rejecting average standards, showing gratitude, and valuing time and simplicity, then you are the right fit for this role. Your responsibilities will include providing technical leadership in designing, implementing, and maintaining SOC systems. You will be expected to embrace thought leadership, provide mentorship to team members, and develop strategies to enhance security protocols, incident response, and threat detection capabilities. Additionally, you will drive improvements in SOC processes, workflows, and toolsets, while also leading the R&D team in exploring innovative security solutions. The ideal candidate will hold a Bachelor's degree in Computer Science, Information Technology, or a related field, with 6-10 years of extensive experience in SOC operations, security architecture, and design. Hands-on experience with security tools across various platforms, strong knowledge of Linux and Windows OS, and an understanding of security architectures are required. Additionally, the candidate should have excellent communication and presentation skills, demonstrated expertise in leading R&D initiatives, and relevant certifications such as CISSP, CISM, or CISA would be advantageous. Strong leadership, communication, and problem-solving skills are also essential for this role.,

As a member of BDG & CO LLP, we are seeking individuals to join our team in the role of IT Audit for the BFSI sector. The ideal candidate should be CISA qualified and possess a strong understanding of IT Audit principles and practices. Key Responsibilities: - Conduct IT Audit activities for clients in the BFSI sector - Evaluate the effectiveness of IT controls and processes - Identify areas of improvement and provide recommendations for enhancing IT security and compliance Qualifications: - Must be CISA qualified - Prior experience in IT Audit within the BFSI sector is preferred - Strong knowledge of IT systems, processes, and controls This is a full-time, permanent position with benefits including health insurance and provident fund. The work location for this role is in person, and the expected start date is 23/07/2025. If you are a CISA qualified professional looking to further your career in IT Audit within the BFSI sector, we encourage you to apply for this exciting opportunity at BDG & CO LLP.,

Jul 23, 2025 Location: Mumbai Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Cyber is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Your work profile As a Manager in our Cyber Strategy & Transformation Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Our services help our clients tackle the many security challenges they face daily and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to managing security risks. Desired qualifications Oversee assessments of cybersecurity risk management frameworks, evaluating the effectiveness of security controls aligned with standards such as NIST, ISO 27001, ITIL, COBIT, CIS, and regulatory requirements (RBI, NPCI, SEBI, PCI-DSS, IRDAI, and others,) depending on the industry. In-depth knowledge in IT audits of systems, applications, databases, networks and other cybersecurity tools (DLP, SIEM, VPN, XDR, PIM, etc) Strong knowledge of cloud infrastructure (SAAS/PAAS/IAAS), cloud service providers (AWS, Azure, GCP) and frameworks such as CSA Cloud Controls Matrix (CCM), Well-Architecture Review (WAR). Lead IT Audit activities such as plan, manage, and execute risk-based audit reviews, focusing on areas such as cybersecurity, IT general controls (ITGC), Compliance Audits, application controls, and IT infrastructure. Proven experience in Control Testing & Evaluation on IT governance, cybersecurity best practices, IT risk management strategies, cybersecurity risk assessments and advising on remediation, documentations (RCM, Workpapers, Audit Reporting). Provide advisory services to senior management on emerging technologies, cybersecurity threats, IT governance, and regulatory changes, as well as insights on best practices for IT and cybersecurity risk management. Strong team leadership experience to manage, mentor, and develop a team of IT auditors, ensuring the team remains current on emerging IT and cybersecurity risks and audit methodologies. Strong communication skills, with the ability to convey complex IT audit and cybersecurity concepts to non-technical stakeholders. 9+ years of experience in IT Audit, Cybersecurity, or Risk Management, with at least 2 years in a leadership or management role. Certifications CISSP, CISA, CCSP, GICSP or equivalent (technology-based certification) Location and way of working Base location: Mumbai This profile involves frequent travelling to client locations. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose,Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation. Committed to creating purpose - Creating a sense of vision and purpose. Agile - Achieving high-quality results through collaboration and Team unity. Skilled at building diverse capability - Developing diverse capabilities for the future. Persuasive / Influencing - Persuading and influencing stakeholders. Collaborating - Partnering to build new solutions. Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization. Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities. Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems. Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https: / / www2.deloitte.com / in / en / careers /

Overview We are seeking an experienced First Line Risk Senior Associate with 2+ years of experience to join our IT Risk Team. The qualified individual will join a highly detail-oriented team responsible for providing strategic support in the Information Risk/Technology Risk area to the first line Risk Functions in the design, implementation and maintenance of the first line Risk programs and related policies & procedures. The First Line Risk Manager will have an active role in the development and implementation of enhancements to the overall first line IT Risk Programs, documenting risk and control self-assessments, conducting control tests, updating and tracking issues and providing management reporting to senior management and various committees/forums. Key Accountabilities and Main Responsibilities Strategic Focus Development of First Line Risk Frameworks - Contributing to the design and enhancement of risk procedures aligned with enterprise standards. Participation in Strategic Projects - Engaging in cross-functional initiatives like system implementations and regulatory efforts. Compliance with Risk Governance Standards - Ensuring alignment with CUSO Risk Framework and promoting a strong risk culture. Operational Management Support RCSA Program Execution - Planning and executing Risk and Control Self-Assessments. Issue Monitoring and Remediation Coordination - Tracking and resolving open issues across risk domains. Policy and Procedure Management - Maintaining and updating risk-related documentation. Control Testing Execution - Performing and documenting control tests. Documentation & Reporting - Preparing reports and dashboards for transparency. Continuous Improvement - Recommending enhancements to controls and methodologies. Project Management Skills - Tracking progress and directing team efforts. People Leadership Stakeholder Engagement - Collaborating with internal teams and communicating findings. Fostering team cohesion and performance. Strong presentation and communication skills - Communicating effectively across levels. Demonstrates leadership in team settings. Governance & Risk Compliance & Standards Alignment - Ensuring adherence to internal and external standards. Experience in Operational Risk Management especially in Information/Technology Risk. Familiarity with industry frameworks - NIST, FFIEC, COBIT, ISO27002, OWASP. Preferred certifications - CISSP, CRISC, CISA, CISM. Issue Identification & Escalation - Identifying and escalating control deficiencies. *The above list of key accountabilities is not an exhaustive list and may change from time-to-time based on business needs. Experience & Personal Attributes Qualifications: Educational and Professional Qualifications: Chartered Accountant / Master s degree in Business Administration, Commerce, Finance with minimum of 2 years of experience in in Operational Risk Management in Information/Technology Risk and operations / accounting within the financial services industry Experience in the Second Line of Defense (SLoD) is desirable. Strong understanding of risk assessment methodologies and experience in Financial Services, preferably in the Fund Services environment. Proven ability to demonstrate detailed knowledge of various operational risk types and understanding of internal control principles to support successful execution of risk programs Project management skills and ability to track project progress and direct/redirect team efforts Personal Attributes: Strong and analytical and problem-solving skills and ability to lead a medium-sized team Support senior leadership in adoption and execution of accounting review standards and best practices. Ability to analyse, resolve and document problems and resolutions. Ability to work as part of a cross-cultural team. Strong organization and time management skills Continuous improvement focus, with the ability to identify risks, cost efficiencies, and operational improvements. Strong presentation and communication skills with ability to communicate clearly and effectively at all levels. Self-driven and motivated with a focus on operational efficiency and continuous improvement. Benefits: Competitive salary and performance-based bonuses. Comprehensive health and wellness benefits. Opportunities for professional development and career advancement. Collaborative and inclusive work environment. Flexible working arrangements and work-life balance initiatives. Access to cutting-edge technology and tools. Employee recognition programs and team-building activities.

Overview We are seeking an experienced First Line Risk Team Leader with 4+ years of experience to join our IT Risk Team. The qualified individual will join a highly detail-oriented team responsible for providing strategic support in the Information Risk/Technology Risk area to the first line Risk Functions in the design, implementation and maintenance of the first line Risk programs and related policies & procedures. The First Line Risk Manager will have an active role in the development and implementation of enhancements to the overall first line IT Risk Programs, documenting risk and control self-assessments, conducting control tests, updating and tracking issues and providing management reporting to senior management and various committees/forums. Key Accountabilities and Main Responsibilities Strategic Focus Development of First Line Risk Frameworks - Contributing to the design and enhancement of risk procedures aligned with enterprise standards. Participation in Strategic Projects - Engaging in cross-functional initiatives like system implementations and regulatory efforts. Compliance with Risk Governance Standards - Ensuring alignment with CUSO Risk Framework and promoting a strong risk culture. Operational Management Support RCSA Program Execution - Planning and executing Risk and Control Self-Assessments. Issue Monitoring and Remediation Coordination - Tracking and resolving open issues across risk domains. Policy and Procedure Management - Maintaining and updating risk-related documentation. Control Testing Execution - Performing and documenting control tests. Documentation & Reporting - Preparing reports and dashboards for transparency. Continuous Improvement - Recommending enhancements to controls and methodologies. Project Management Skills - Tracking progress and directing team efforts. People Leadership Stakeholder Engagement - Collaborating with internal teams and communicating findings. Fostering team cohesion and performance. Strong presentation and communication skills - Communicating effectively across levels. Demonstrates leadership in team settings. Governance & Risk Compliance & Standards Alignment - Ensuring adherence to internal and external standards. Experience in Operational Risk Management especially in Information/Technology Risk. Familiarity with industry frameworks - NIST, FFIEC, COBIT, ISO27002, OWASP. Preferred certifications - CISSP, CRISC, CISA, CISM. Issue Identification & Escalation - Identifying and escalating control deficiencies. *The above list of key accountabilities is not an exhaustive list and may change from time-to-time based on business needs. Experience & Personal Attributes Qualifications: Educational and Professional Qualifications: Chartered Accountant / Master s degree in Business Administration, Commerce, Finance with minimum of 4 years of experience in in Operational Risk Management in Information/Technology Risk and operations / accounting within the financial services industry Experience in the Second Line of Defense (SLoD) is desirable. Strong understanding of risk assessment methodologies and experience in Financial Services, preferably in the Fund Services environment. Proven ability to demonstrate detailed knowledge of various operational risk types and understanding of internal control principles to support successful execution of risk programs Project management skills and ability to track project progress and direct/redirect team efforts Personal Attributes: Strong and analytical and problem-solving skills and ability to lead a medium-sized team Support senior leadership in adoption and execution of accounting review standards and best practices. Ability to analyse, resolve and document problems and resolutions. Ability to work as part of a cross-cultural team. Strong organization and time management skills Continuous improvement focus, with the ability to identify risks, cost efficiencies, and operational improvements. Strong presentation and communication skills with ability to communicate clearly and effectively at all levels. Self-driven and motivated with a focus on operational efficiency and continuous improvement. Benefits: Competitive salary and performance-based bonuses. Comprehensive health and wellness benefits. Opportunities for professional development and career advancement. Collaborative and inclusive work environment. Flexible working arrangements and work-life balance initiatives. Access to cutting-edge technology and tools. Employee recognition programs and team-building activities.

Description Job Title: Information Security Analyst/ Analyst Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 2 4 years Employment Type: Full-time Key Responsibilities: Manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 2 4 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).