879 Cisa Jobs - Page 4

JOB DESCRIPTION Calling all originals: At Levi Strauss & Co., you can be yourself and be part of something bigger. We re a company of people who like to forge our own path and leave the world better than we found it. Who believe that what makes us different makes us stronger. So add your voice. Make an impact. Find your fit and your future. Job Summary: Levi Strauss & Company seeks a talented individual for the Global Audit and SOX compliance team. You will support the IT Global Audit and SOX Compliance (GASC) team in completing internal audits and assessing risk management, internal control processes, and program compliance. You will partner with business and IT members and process owners to ensure accurate financial and management reporting, and compliance with laws and company policies. Based in India, the Assistant Manager Global IT Audit & SOX Compliance will safeguard company assets, ensure compliance with standards, and enhance operational excellence. You will offer the chance to advise management on the identification and potential treatment of IT risks, provide assurance over critical controls, and improve IT governance using advanced data analytics and Generative AI techniques. You will excel in making an impact and growing their career with a globally recognized. Key Responsibilities: Manage a diverse portfolio of concurrent global IT audit projects from planning through to comprehensive reporting, ensuring delivery and adherence to internal audit methodologies and international standards, such as those promulgated by the Institute of Internal Auditors (IIA), Information Systems Audit and Control Association (ISACA), among others. Develop comprehensive risk-based audit programs designed to evaluate the effectiveness of IT general controls (ITGCs), application controls, and IT security measures across a wide array of systems and platforms necessary to the retail technology ecosystem. Execute in-depth IT controls reviews, encompassing assessments with established frameworks such as COBIT, NIST, and ISO 27001. Pioneer and implement advanced data analytics and Generative AI-driven audit techniques to enhance audit efficiency, broaden coverage, and create deeper insights; this includes designing and implementing repeatable automated control assessments to support monitoring efforts. The application of GenAI will focus on augmenting audit processes, reflecting the current practical applications of this technology in the audit field. Perform audits of System Development Life Cycle (SDLC) processes, including projects managed under AGILE methodologies, to ensure that appropriate controls are embedded throughout the development, implementation, and change management lifecycle. Engage with a diverse range of digital stakeholders, including IT leadership, business process owners, and external auditors. This involves communicating audit findings, providing robust and actionable recommendations, and facilitating the agreement and tracking of remediation plans through modern collaboration tools and platforms. Provide expert consultation to executive management on emerging IT risks, identified control deficiencies, and evolving compliance requirements, translating complex technical issues into clear, understandable business implications to support informed decision-making. Contribute to the continuous improvement of the IT audit function by identifying opportunities for process enhancements, developing innovative audit procedures, and staying abreast of evolving technologies, cyber threats, and regulatory landscapes pertinent to the global retail industry, including GDPR and PCI DSS. Required Qualifications & Certifications: A bachelors degree in information technology, Computer Science, Business Administration (with an IT focus), or a closely related field from an accredited institution. 5+ years of progressive and relevant experience in IT internal audit, IT risk management, or a comparable technology assurance function . Experience in the retail, e-commerce, or a similarly dynamic global industry. Must hold the Certified Information Systems Auditor ( CISA ) professional certification or other equivalent certification from ISACA ( CRISC, CISM, etc. ) Additional regarded professional certifications include Certified Information Systems Security Professional ( CISSP ) or Certification in Risk Management Assurance ( CRMA ). Demonstrable experience in leading audit engagements and/or providing mentorship and guidance to junior team members. Proven hands-on experience in designing, executing, and interpreting the results of data analytics procedures within an audit context. Desired Skills & Experience: Technical/Hard Skills: Proficiency in using IT audit and GRC software (e.g., Workiva, AuditBoard, Highbond, etc.) to manage audit workflows and documentation. Strong hands-on experience with data analytics tools and languages such as SQL, Python, Power BI, Tableau, or Alteryx for audit testing, data visualization, and insight generation. Practical experience or an understanding of leveraging Generative AI tools and techniques within an audit or GRC context, for tasks such as data analysis, anomaly detection, or report drafting assistance. This reflects an understanding of applying emerging technologies to enhance audit effectiveness. In-depth knowledge of, and experience applying, IT control frameworks and standards as detailed in the table below. Familiarity with data privacy regulations (e.g., GDPR) and their specific implications for IT controls and data handling within a global retail environment. Experience with auditing cloud environments (e.g., AWS, Azure, GCP) and a solid understanding of cloud security principles and risks. Understanding of AGILE project management methodologies and experience in auditing AGILE development environments and practices. Knowledge of core IT infrastructure components (servers, networks, databases), fundamental application security (secure code development practices and software supply chain, and code repository and deployment tools), cybersecurity concepts, including vulnerability management, incident response, and Data Loss Prevention (DLP). Communication and Leadership Skills: Possess exceptional critical thinking, analytical ability, strong communication skills and stakeholder management capabilities. Cultivate and maintain robust interpersonal relationships, with a demonstrated capacity to build rapport and collaborate effectively with a wide array of stakeholders across different organizational levels, functions, and cultures within a global enterprise. This role is based in Bengaluru, India office, offering a dynamic, fast-paced, and truly global retail working environment. You will play an important role in a collaborative, diverse, and forward-looking global IT Internal Audit team, reporting to the Senior Manager Global Audit & SOX Compliance. We offer opportunities for professional growth and development, exposure to a wide range of cutting-edge technologies and complex business processes across our international operations. You will have the chance to contribute to a company that values innovation, integrity, and continuous learning. Occasional domestic and international travel may engage with stakeholders and conduct audit activities at various operational sites, providing firsthand experience of our global business. The candidate should have no known issues with obtaining travel visas. Benefits We put a lot of thought into our programs to provide you with a benefits package that matters. Whether it is for medical care, taking time off, improving your health or planning for retirement, weve got you covered. Heres a small snapshot: Complimentary preventive health check-up for you & your spouse OPD coverage Best in class leave plan including paternity & family care leaves Counselling sessions to prioritize mental well-being Exclusive discount vouchers on Levi s products We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. LOCATION India, Bangalore - Office FULL TIME/PART TIME Full time Current LS&Co Employees, apply via your Workday account.

Compliance Lead Job | GRC & Audit Expert Grazitti By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan Description Job Description We re hiring a skilled Compliance Lead to join our Information Security Group (ISG) at Grazitti Interactive. In this high-impact role, you ll spearhead Governance, Risk, and Compliance (GRC) initiatives, drive external audit processes, develop compliance frameworks, and ensure organizational alignment with key regulatory standards. If you have a solid background in risk management, policy development, and IT audit readiness with a deep understanding of frameworks like ISO27001, COBIT, and NIST this is your opportunity to lead and create tangible impact. Skills Key Skills 8+ years in GRC, compliance, or IT risk management. Bachelor s degree in a relevant field; CISA, CISSP, or CISM preferred. Hands-on experience with ISO27001/2, ISO31000, NIST, COBIT, COSO, ITIL. Knowledge of GDPR, HIPAA, CCPA, ITGC, and SOX compliance. Strong understanding of internal controls and security policies. Experience in external/internal audits and incident response planning. Excellent communication and stakeholder management skills. Process-oriented with strong documentation and analytical capabilities. Responsibilities Roles and Responsibilities Design and execute enterprise-wide GRC strategies. Ensure compliance with GDPR, HIPAA, ISO, and other global standards. Lead documentation efforts for SOX controls and ITGCs. Collaborate with legal teams to interpret regulations. Act as the primary contact for external auditors. Lead planning, documentation, and closure of compliance audits. Conduct in-depth risk assessments and advise mitigation strategies. Maintain up-to-date risk registers and track remediation actions. Draft and implement information security policies. Establish and enforce internal controls for IT and SaaS environments. Apply COSO, COBIT, and ITIL best practices for governance. Review control effectiveness through regular audits. Design incident response plans and lead resolution efforts. Build awareness programs and train teams on compliance best practices. Drive a culture of compliance and operational integrity. Communicate risk and compliance posture to executive leadership. Document and maintain audit trails for transparency. Position: Compliance Lead Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

TempHtmlFile Job Title : Analyst Function : Governance, Risk and Compliance Services (GRCS) Location : MUMBAI OVERVIEW KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 156 countries and have 152,000 people working in member firms around the world. KPMG in India, a professional services firm, is the Indian member firm of KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets and competition. KPMG in India provide services to over 4,500 international and national clients, in India. KPMG has offices across India in Delhi, Chandigarh, Ahmedabad, Mumbai, Pune, Chennai, Bangalore, Kochi, Hyderabad and Kolkata. The Indian firm has access to more than 7,000 Indian and expatriate professionals, many of whom are internationally trained. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Consulting, Management Consulting and Transactions & Restructuring services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. With increasing regulatory requirements, the need for greater transparency in operations, and disclosure norms, stakeholders require assurance beyond the traditional critique of numbers. Hence assurance is being increasingly required on industry issues, business risks and key business processes. The Governance, Risk & Compliance Services practice assists companies and public sector bodies to mitigate risk, improve performance and create value. We assist our clients to effectively manage business and process risks by providing a full spectrum of corporate governance, risk management, and Compliance Services. These services are tailored to meet client s individual needs, and provide effective support to management in meeting the challenges and opportunities presented by todays complex business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMGs experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: Risk Based Internal Audit Enterprise Risk Management Risk Assessment Model Business Process Development Sarbanes Oxley 404 Assistance Compliance Assistance Contracts and regulations Corporate Governance Advisory Review and Assessment Revenue Assurance Control Self Assessment Continuous Auditing / Continuous Monitoring Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities Analysts are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Consistently deliver quality client services Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes Demonstrate basic accounting and process related knowledge. Demonstrate ability to assimilate to new knowledge Remain current on new developments in advisory services capabilities and industry knowledge The job would require travel to client locations within India and abroad THE INDIVIDUAL Have basic understanding of process consulting/ internal audit/ risk consulting Strong analytical and problem solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage Strong written and verbal communication skills Ability to work well in teams Basic understanding of IT systems, Knowledge of MS office ( MS Excel, PowerPoint, Word etc) Have the ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours Be willing to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethic Qualification Graduates (BE/B.Tech, BCom, BMS, BBM or similar degree) with 0 - 2 years of related audit, business or sector experience Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage SELECTION PROCESS Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only People BENEFITS Continuous learning program Driving a culture of recognition through ENCORE our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health checkup (Manager & above, and for staff above the age of 30) Les Concierge desk Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential KPMG Advisory Services is for you! .

Visa is seeking a Controls Monitoring & Testing Analyst within its Technology Risk Management program to review and assess Cybersecurity and Technology risks. The candidate will perform Risk Assessments, Design Effectiveness Assessments, and Operational Effectiveness Testing for key technology threat vectors such as security configuration management, firewall configuration, application, user access management, and availability & reliability. Responsibilities include managing stakeholder engagement plans, participating in process walkthroughs, tracking/reporting deliverables, and producing high-quality work papers for all lines of defense and risk stakeholders. Additionally, the candidate will interpret data from source systems to perform statistical sampling and aggregate assessment across various risk management levers, collaborate with technology partners, and distill information into management and executive-level reporting. Key Responsibilities: Technology & Cybersecurity Controls Testing: Perform independent technology and cybersecurity controls testing. Document testing results in detailed workpapers. Prepare management reports based on testing outcomes. Communicate findings with stakeholders. Automation for Continuous Monitoring: Develop automation for continuous controls monitoring/auditing for technology and cybersecurity. Monitor the results of automated controls, perform investigation and follow-ups as needed. Risk & Control Self-Assessment (RCSA): Execute RCSA Risk Business Partner (RBP) controls quality review and sample-based testing. Conduct Key Risk Indicator (KRI) testing. Training, Metrics Alignment & Reporting: Develop and track risk management training. Align metrics with reporting dashboards. Develop reporting and stakeholder communication. Basic Qualifications -3 years of relevant work experience and a Bachelors degree Preferred Qualification -Bachelor s degree with 5 years of work experience in cyber, risk controls, or equivalent. -Experience with technology

Job Description: Imagine your future at 3M At 3M, inspiration happens daily. Here, science is how the magic happens. Except it is not magic, it is the right science, applied in the right way by the people of 3M. Here, your ideas help shape everyday lives around the globe. Here, you matter. You inspire. Challenge. Create. Thrive. Here, you go. Apply now and discover inspired opportunities! Collaborate with Innovative 3Mers Around the World Choosing where to start and grow your career has a major impact on your professional and personal life, so it s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a diversity of people, global locations, technologies, and products, 3M is a place where you can collaborate with other curious, creative 3Mers. The Impact You Will Make in this Role As a Global SOX Sr. Specialist, you will have the opportunity to tap into your curiosity and collaborate with some of the most innovative and diverse people around the world. Here, you will make an impact by: Participating and execut ing a risk-focused Global SOX Program based on the company s risk assessment Execut ing E2E business process walkthroughs to get a full understanding of the process, document strong narratives and appropriate flowcharts Assessing the control design aiming an appropriate risk coverage of processes Performing an ongoing evaluation of the company s control framework looking for accurate and up-to-date test attributes Evaluat ing the effectiveness of the SOX controls in accordance with the defined annual global SOX calendar Identifying process and control design and operational deficiencies , and effectively communicating them to SOX Leadership and business stakeholders Assist ing with remediation plan agreements between business stakeholders and SOX leadership Supporting remediation plan reviews to validate that open deficiencies were properly addressed by addressing the agreed action plan Ensuring timely completion of work according to the established annual SOX calendar Flexibility to support other SOX teams on required deliverables Your Skills and Expertise To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications: Bachelor s Degree (BA/BS) or higher (completed and verified prior to start) in Finance, Accounting or a related field 2+ years of SOX compliance experience in a multinational environment or in a Public Accounting Firm Intermediate knowledge of US GAAP, COSO Framework, PCAOB Auditing Standards , risk and controls standards Being curious for constantly asking questions to get the best insights to provide the best solutions Experience managing work with tight deadlines and working in a fast-paced environment Excellent verbal and written communication skills, with proficiency in delivering effective presentations Detail-oriented with analytical and critical thinking Problem-solving skills Risk-oriented mindset Microsoft proficiency Additional qualifications that could help you succeed even further in this role include: CPA, CA, CMA, CIA and/or CISA Big 4 integrated audit experience Working knowledge of SAP, RSA Archer Platform, Workiva, Kyriba and other ERP systems Ability to engage at all levels of the organization A flexible team player who enthusiastically pursues solutions to challenging situations Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement.

Overview The TPRM Assistant Manager will manage the day-to-day operations of TPRM Service, guiding Business Owners, key stakeholders, and risk leads through the due diligence and appropriate controls, tracking appropriate risk remediation and monitoring activity as well as performance managing the process and service. You will be accountable for the operational delivery of the TPRM Service, identify process gaps, manage escalation, and continuous improvements. Accountabilities also include oversight of day-to-day operations with various internal and external service providers and stakeholders. Working Hours : India, Bangalore 2 PM 11 PM IST. Key Responsibilities: Support and manage the TPRM Service team to resolve queries, questions and ensure the quality, efficiency, and timeliness of TPRM process. Support and manage the working relationship with the various internal and external stakeholders of the TPRM process to ensuring risks, issues are identified, managed in line with our internal governance and monitoring process. Be the point of contact for all the TPRM Service, stakeholder feedback and escalations as well as managing engagement meeting, monthly forums and connects with risk leads (i.e., drop-in sessions for business owner) Being the gatekeeper of the TPRM Service and ensure process is delivering in line with the agreed framework. Support TPRM GPO (Global Process owner) in managing and reporting on KPIs and SLAs to key stakeholders in Procurement, Global Ethics and Compliance and Legal Ownership of updating and make sure TPRM process documentation including Standard Operating Procedures (SOPs), process maps, training material and Service Governance documentation are updated and current. Provide training on the TPRM processes and tools to specific stakeholder (eg risk SME, business owners and others) Lead and support TPRM GPO (Global Process owner) in identifying continuous improvement and manage the TPRM process and stakeholder feedback, Survey scores and service providers to ensure they are best in class. Be an SME of TPRM process, risk domains and support the TPRM GPO and transformation lead. Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Total work experience of 4- 7 Years Experience working in complex, demanding global corporate environment. Experience working in TPRM, vendor management, procurement, risk management, quality, or related field (Broad understanding of TPRM activities). Experience of working and supporting the regulated environments or good working knowledge manufacturing quality. Bachelor s related field (Business, Supply Chain, Procurement, Risk Management [or any Bachelors, combined with relevant experience] Demonstrate excellent written and verbal communication skills. Preference for experience in: TPRM, Procurement category management and risk, compliance, or audit. Support and run project execution. Working in a matrix environment. Quality Management Systems or managing quality for manufacturing. TPRM, Procurement, Audit or related certifications (e.g., CPSM, CPIM, PMP, CIPS, CISA, ISO27001) useful but not essential

About Lowe s Lowe s is a FORTUNE 100 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe s supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need. For more information, visit Lowes.com. About Lowe s India Lowe s India, the Global Capability Center of Lowe s Companies Inc., is a hub for driving our technology, business, analytics, and shared services strategy. Based in Bengaluru with over 4,500 associates, it powers innovations across omnichannel retail, AI/ML, enterprise architecture, supply chain, and customer experience. From supporting and launching homegrown solutions to fostering innovation through its Catalyze platform, Lowe s India plays a pivotal role in transforming home improvement retail while upholding strong commitment to social impact and sustainability. For more information, visit Lowes India About the Team Internal Audit is an independent assurance/advisory function reporting functionally to the audit committee of the Board and administratively to the Finance function(CFO). IA is responsible for planning, executing, and reporting operational, compliance, financial, and technology audits. Job Summary: The IT Staff Auditor will work closely with the Senior Auditor to assist in audits that evaluate the effectiveness of internal controls established to manage the Company s most significant risks. The IT Staff Auditor will assist in the planning and execution of audit engagements by conducting interviews and walkthroughs with process owners; assist in the development and execution of audit test steps associated with related controls; and prepare workpapers to document the audit work performed to support conclusions reached. The IT Staff Auditor will also aid the Senior Auditor in the interpretation of test results and will assist in developing oral/written communication of audit results to the client. Additionally, the IT Staff Auditor will actively participate in departmental non-project activities. Roles & Responsibilities: Project evaluation and data integrity: Performs preliminary survey work and documents processes to identify significant risks and their related controls Assists the team in developing and executing test steps designed to evaluate the effectiveness of relevant internal cross-functional internal controls (i.e., store, financial, IT, etc.) Ensures work performed is accurately documented in accordance with the Internal Audit workpaper standards Assists the Senior Auditor in the identification and documentation of weakness in control design and effectiveness based on analysis performed. Assists the Senior Auditor with the summarization of audit findings Project Management: Assists the Senior Auditor in coordinating with the client and management to ensure project milestone timelines are met Applies basic knowledge of IT, Operations, Finance, and Analysis to ensure efficiency throughout the audit engagement. Utilizes internal resources to assist when audit topics require intermediate to advanced knowledge Continuously develops knowledge of audit tools and techniques to ensure quality audit work Completes assigned audit plan within the established deadlines following Lowe s Audit Methodology Project Communication: Assists Senior Auditor in ensuring significant findings, root causes, risk exposures, and management action plans are concise and documented in a timely manner Communicates audit exceptions and other items of concern in a timely manner to the audit team and clients Develops client relationships professionally through consistent dialogue and open communications throughout the audit process Proactively collaborates and promotes knowledge share within the Internal Audit team Business Influence: Meets or exceeds customers expectations, looks for ways to improve their experience while creating a seamless experience by understanding how the Staff Auditor role, team goals, and daily activities fit into the company vision Drives for results by consistently achieving goals and pushing to complete tasks by their deadlines Collaboration with others: Works cross-functionally to manage and organize work processes and ensure the most efficient workflow Supports a collaborative environment by working in a team of peers to solve problems and shares information with peers, manager, and customers as appropriate Self Development: Organizes resources and information in an efficient manner to handle competing demands and accomplish what needs to be done Years of Experience: 1 to 3.5 years post qualification experience Education Qualification & Certifications (optional) Required Minimum Qualifications : Bachelor s degree in engineering/IT or Accounting / Finance- Experience in internal/external audit, CISA certification/CIA (optional) Skill Set Required Primary Skills (must have) Qualified Accountant/MBA/Engineer Auditing experience Report writing and written communication Secondary Skills (desired) Project management Negotiation

Position Summary: We are looking for a highly skilled Information Protection Associate Advisor to join our team, focusing on automation engineering initiatives to drive efficiency and reducing manual effort across the organization. In this role, you will work directly interact with application or product teams and cross-functional teams to identify automation opportunities, design and deliver scalable, resilient, and secure solutions that optimize our internal processes and support Cigna overarching security goals. This individual will contribute to major technology initiatives aimed at revolutionizing health services and the ability to influence security tools integrations within the healthcare delivery system working from HIH. Experience Required: 8+ years of experience in cybersecurity. Proven project management skills, with experience leading complex cybersecurity projects. Strong understanding of cybersecuritybest practices. Excellent analytical, problem-solving, and decision-making skills. Strong English written and verbal communication and interpersonal skills. Proven ability to work effectively with cross-functional teams and stakeholders across multiple time zones and countries. Job Description & Responsibilities: Intake Processing: Analyze and identify business inputs for assessment engagement. Review workflows for existing assessments and new assessments. Review business workflow within Intake system to define triaging, prioritization and tracking of intake requests. Establish SLAs for engagement requests, assessment completion, include various workflow status to track the progress of the intakes. (eg. open, cancelled, In progress, On hold, complete) Work closely with other CIP teams like Product Security (AppSec), Security Architecture and other assessment teams to ensure tasks are completed within SLA. Work with app teams to gather and document feedback for enhancements. Fluent with ServiceNow reporting and metrics to track coverage and volume analysis for leadership visibility. Support the analysis and identification of business inputs for assessment engagement. Create workflow logic for existing assessments and new assessments. Review technical feasibility within Intake system to define triaging, prioritization and tracking of intake requests. Work closely with project teams to provide guidance and assist with the Intake submission. Create and maintain user guides, FAQs, confluence pages for the CIP Intake tool for Cigna Projects teams to use. Security Remediation Management: Analyze and understand the volume of current non-production security findings and their sources.Strengthen the oversight of security fixes in non-prod environment Establish SLAs for remediation and exception management to ensure compliance with industry standards. Define end to end workflow for identification/assessment, remediation, monitor, validation, and resolution. Create reports and dashboards for CIP and Application leadership to understand the security posture of the org. Work closely with application business units and CIP assessment teams to ensure clear handoffs and timely remediation of security vulnerabilities. Monitor and track remediation rate in non-prod and its impact on prod remediation rate. The idea is to have all the non-prod security vulnerabilities to flow into a centralized risk platform. Review and compare the various platforms and help with building and integrating the findings into that platform/tool. Document requirements, workflows, and prototypes to build the system integrations. Automate workflow within the tool for tracking progress and reporting for visibility and metrics. Education and Training Required: Bachelor degree in computer science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as CISSP, CISM, CISA, or equivalent are nice to have. The tools/technical skills: Advanced ExcelSkills (Pivot tables and other reporting skills) Advanced Word documentation Analytics/Power BI Visio/Mural - preferably Mural as that is what we use. Jira ServiceNow Confluence SharePoint SQL Server Microsoft project or other project tracking

Role : IT Audit Associate (Tech Assurance / Risk Advisory) Location : Bengaluru, Mumbai, or Gurgaon (resources centre region) Compensation : 10LPA (aligned to fresher benchmark) Key Duties : Conduct ITGC and ITAC testing for SOX / financial audit or internal audit engagements in financial services. Document workflows, process flows, and populate Risk & Control Matrices. Support SOC, ISAE 3402, IS audits and infrastructure reviews. Assist with reporting and liaise regularly with client teams and engagement leaders. Qualifications : Chartered Accountant (qualified within 3 attempts) ~6 months relevant IT audit or risk experience Basic knowledge of SQL/programming and audit frameworks (COBIT, COSO, PCAOB) Exposure or willingness to learn data analytics tools (Power BI, Qlik, ACL) Strong communication, teamwork, and compliance mindset. Certifications like CISA/CISM are encouraged.

ECMS Requirement Format Number of Openings 1 ECMS ID in sourcing stage Demand 406461Y25 / ECMS ID 534093 Assignment Duration 12 Months Total Yrs. of Experience 12+ Relevant Yrs. of experience 5+ Detailed JD (Roles and Responsibilities) Senior Engineer Customer IAM Work on the end-to-end Customer IAM vision and strategy in alignment with the firms strategic technical direction, the Technology Services Strategy, and the Organisation Cyber Information Security Strategy and overall Identity & Access Management Lead engineering in CIAM. Managing the technical design, overseeing senior engineers and vendor consultants and coordinating engineering delivery in a POD in CIAM Contribute to the CIAM technical vision and strategy and support the development of architecture and engineering skills within the team Mandatory skills You must have hands on experience with a few Enterprise IAM Products from vendors such as Ping Identity, ForgeRock, IBM, Okta, Transmit Security, RSA, biometrics, identity proofing, ideally in Customer IAM scenarios Working knowledge with Internet Facing Applications (Application Firewalls, DMZ, proxies) and solid understanding of Security Architecture and enterprise architecture practices, strategies, processes and methodologies, bringing a passion for strategy, architecture and software engineering excellence Confident, assertive, and effective communicator with strong influencing skills and able to prepare high quality presentation materials and deliver professional presentations to senior level audience Ability to drive architecture good practice and encouraging creative or forward-thinking in matrix organisation with strong interpersonal skills that enable you to quickly gain trust and build up efficient relationships to collaborate with internal partners on global & regional initiatives Experience working in the financial industry (or regulated industry) in a similar role is an advantage Security certification is an advantage: CISSP, CISA, CSSLP, TOGAF Knowledge and experience working with Agile practices and practical experience with DevOps and SRE would be beneficial Desired/ Secondary skills Domain FS Max Vendor Rate in Per Day (Currency in relevance to work location) 17000 INR / day Work Location given in ECMS ID Pune WFO/WFH/Hybrid WFO WFO BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO NO

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

IT Audits - Application, IT Infrastructure, Information Security including Cyber Security, IT Vendor Audits, identifying critical issues (with respect to technology risks/ process/ compliance / revenue leakage) Audit - IT & IS for a BANK in Thane Required Candidate profile IT Audits, Security, Vendor Audits, regulatory IS Validations and ACE/ACB board notes preparation Perks and benefits Qualifications: B Tech/MCA/BE 2-6yrs

The role will be responsible for working with IT teams across Nomura Group to ensure we have a Cloud Governance Process that incorporates responsibilities including the design, implementation, and ongoing compliance of the Nomura Public Cloud Policy. The CBO Lead will help: Determine the objectives for the process along with Nomura s GCGC. Design and implement the Cloud Governance framework. Establish and maintain the Governance structure, roles and processes for cloud services using industry best practices. Provide leadership and guidance to IT teams on aspects of compliance within Nomura Group. Monitor and evaluate the performance and conformance of cloud services and capabilities producing metrics to confirm adherence. Identify and manage the risks and issues related to cloud adoption and usage. Communicate and collaborate with stakeholders from business, IT, corporate functions across Nomura Group, as well as external partners and vendors on cloud governance matters. Skills and qualifications: A bachelor s degree in computer science, information systems, or a related field, or equivalent work experience. A strong knowledge and experience in IT Governance frameworks, principles and practices, as well as the related policies standards and guidelines. A good knowledge and experience in cloud computing concepts, technologies, platforms and regulatory requirements. A strong leadership and management skills, with the ability to lead motivate teams, manage projects and resolve conflicts. A strong communication and interpersonal skills, with the ability to communicate effectively with technical and non-technical audience, as well as influence and negotiate with stakeholders. A certification in cloud computing, such as AWS, Azure, or Google Cloud is desirable A certification in IT Governance such as CGEIT, CISA or RISC is desirable.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Risk consultant, you'll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for Senior Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Participating in IT Risk and Assurance engagements. - Working effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. - Helping prepare reports and schedules that will be delivered to clients and other parties. - Developing and maintaining productive working relationships with client personnel. - Managing reporting on assurance findings and ensuring control owners take remediation action as required. - Identifying, leading, and managing the continuous improvement of Internal Controls through the implementation of continuous control monitoring and automation. - Reviewing evidence of compliance for adherence to standards. - Understanding key domains of compliance controls, including change management, access to system, network and data, computer operations, and system development. - Staying current with and promoting awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. - Understanding Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Conducting performance reviews and contributing to performance feedback for staff. - Adhering to the Code of Conduct which sets the standards of behavior, actions, and decisions expected from EY's people. Skills and attributes for success include: - Experience in application controls and Information security experience. - Understanding of risk management systems and processes. - Ability to build relationships with key stakeholders across different levels of seniority. - Strong written and verbal communication skills. To qualify for the role, you must have: - Preferably a bachelor's degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA. - Minimum of 1-2 years of experience in internal controls and Internal Audit. - Enterprise risk services with a specific focus on IT and related industry standards. - IT Risk Assurance framework. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Preferred security skills related to a broad range of operating systems, databases, or security tools such as UNIX, Linux, Windows 2000 and NT, firewalls, and IDS systems. - Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM. - Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT. - Experience of security testing methods and techniques including network, operating, and application system configuration review. - Application controls and security experience: sensitive access and SOD testing, controls testing. - Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. - Preferred Certifications: CISA. What we look for: We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

If you're seeking a career that will empower you to distinguish yourself, consider joining HSBC to unlock your full potential. Whether you aspire to ascend to the pinnacle of success or embark on a thrilling new path, HSBC offers a platform replete with opportunities, support, and rewards that will propel you towards greater heights. HSBC stands as one of the world's largest banking and financial services organizations, operating in 64 countries and territories globally. Our mission is to position ourselves where growth thrives, empowering businesses to flourish, economies to prosper, and individuals to achieve their aspirations and dreams. Currently, we are in search of a seasoned professional to become part of our team in the capacity of DBS Senior Control Tester. In this pivotal role, your responsibilities will include: - Conducting meticulous preparation, steering, and engaging in the execution of a diverse array of Technology control testing activities - Ensuring prompt delivery of control testing with a commitment to transparency and accuracy in the fulfillment of testing objectives - Exercising sound judgment in identifying and disclosing control testing findings by pinpointing key risks and issues - Infusing quality into control testing deliverables and upholding compliance with the CCO Control Testing Methodology - Offering expertise and counsel on control testing throughout CCO, while applying critical judgment and decision-making skills in the identification and disclosure of control testing findings by highlighting key risks and issues - Nurturing relationships with key stakeholders, staying abreast of significant business, regulatory, and industry developments, as well as any modifications to procedures and practices - Assisting in the preparation of testing reports to update key stakeholders on the testing outcomes and review work - Monitoring and pursuing actions identified as a result of testing and review work, escalating when necessary - Adhering to and demonstrating compliance with all pertinent internal and external rules, regulations, and procedures that govern the business operations in which the jobholder is engaged, particularly Internal Controls and any associated policies and procedures Requirements: To excel in this role, candidates should meet the following criteria: - At least 3-5 years of pertinent experience in IT controls testing within the Financial Service industry or process assessment experience - Proficiency in ITGC, SOX, NON-SOX, Internal Control, Automated Control Testing (BACs) - Preferred qualifications include IT Risk certifications (CRISC, CISM, CISA, CISSP, or equivalent) - Demonstrated expertise in Technology control testing, risk management, internal control, or internal audit, preferably within a financial/banking services operations environment - Proven ability as a self-starter and effective collaborator Your journey to success is amplified when you become a part of HSBC. HSBC is dedicated to nurturing a culture where each employee is esteemed, respected, and their opinions hold significance. We pride ourselves on providing a workplace that fosters continuous professional growth, flexible work arrangements, and avenues for advancement within an inclusive and diverse setting. Personal data shared with the Bank regarding employment applications will be handled in accordance with our Privacy Statement, accessible on our website. Issued by HSBC Software Development India,

Role Senior Manager / Manager Guide and manage teams to conduct comprehensive internal and operational audits, ensuring adherence to established audit methodologies and standards. Identify potential risks within client organizations and develop strategies to mitigate these risks effectively. Analyze client operations to uncover opportunities for cost reduction and provide actionable recommendations. Conduct thorough reviews of business processes and internal controls to ensure compliance, efficiency, and effectiveness. Act as the primary point of contact for clients, ensuring clear and effective communication, and building strong, trust-based relationships. Excel in managing team resources, including task allocation, performance monitoring, and mentoring team members to achieve audit objectives. Prepare detailed audit reports and presentations, clearly communicating findings, recommendations, and action plans to clients. Drive continuous improvement initiatives within the audit function, fostering a culture of innovation and excellence. Desired Candidate Profile Chartered Accountant (CA) with 5-10yrs of relevant post-qualification experience. Certified Information Systems Auditor (CISA) mandatory Extensive experience in internal and operational audit assignments. Strong leadership and team management skills. Excellent presentation and communication skills. Willingness to travel within India and abroad. Ability to manage at least 4-6 clients simultaneously.

7 years’ experience in IT SOX/ITGC, SOC1/SOC2, ITACs, and Information Security Audits Knowledge of IT infrastructure, preparation of Risk & Control Matrix Audit Knowledge of Emerging Technology-Cloud infrastructure, Regulatory compliance requirements Required Candidate profile IT SOX/ITGC, SOC1/ SOC2 and Information Security Audits. Certifications: CISA, CISM, ISO 27001 LA/ LI, CCSK, Certification son Data Privac

Design, Implement and maintain GRC framework and policies. Conduct risk assessments. Coordinate internal and external audits. Conduct root cause analysis and recommend corrective actions.

>> Job DesCRIPTION Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Deliver complex Infrastructure programmes with multiple business and technical risks that will impact the success of key business priorities Create and track a plan to deliver programme goals, including the technical implementation plan, ensuring colleagues and stakeholders are kept up-to-date Manage risks and Issues on the programme demonstrating tactics to resolve or mitigate Understand trade-offs in hardware and infrastructure delivery using experience and influencing skills to drive consensus with the Engineering and Product teams to obtain the best value and deliver brilliant technical solutions Able to foresee potential risks and issues, establish a process, facilitate discussion and manage escalations Able to understand a technical architecture to be able to foresee the impact on dependencies, delivery timelines and implementation plans Have good knowledge of engineering best practices and practical infrastructure implementations to appreciate delivery challenges Collaborate with the Product and Engineering teams to define annual budgetary requirements Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 5+ years of hands-on experience in Project/Program Management. Understand the key principles of ITSM and How this drive effective change into BAU Have experience of building credible relationships and influencing senior management Strong Project, Stakeholder & Programme management skills Good reporting skills for programs and financial forecasting Adept communication & influencing skills and adoptability to changes - Expert delivery experience with the following tools: - Jira - Confluence - Miro - Microsoft Project - MS Excel Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Strong communication and stakeholder & conflict management skills. Strong analytical and problem-solving skills, with the ability to think critically and strategically. >> SELECTION PROCESS Candidates should expect 2-3 rounds of personal or telephonic interviews to assess fitment and communication skills. >> CRITERIA Education 60% above throughout academics One 3 years (at least) regular course is must either Diploma or Graduation Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent Minimum 3 years of hands-on experience in conducting cyber risk assessments. Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA / PCI DSS (At least one) CCNA / CCNP or equivalent (optional) Relevant certifications in OT security (GICSP, ISA/IEC-62443 or equivalent)

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Description Job Title: Information Security Lead / Lead Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 5 7 years Employment Type: Full-time Key Responsibilities: Lead and manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 5 7 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).

Description Job Title: Information Security Analyst/ Analyst Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 2 4 years Employment Type: Full-time Key Responsibilities: Manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 2 4 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Core Responsibilities o Provide support in building IAM controls, standards & policies along with best practices to ensure compliance with information security directives and industry standards o Contribute into designing & integrating IAM solutions for web/mobile apps to strengthen security controls at enterprise scale o Collaborate with enterprise & application designers, developers, other information security teams, enterprise infrastructure and testing teams to deliver high quality solutions for remediating security threats o Identify Key control deficiencies and provide roadmap for closures o Define and document issues for escalation to engineers o Work closely with business to address their incidents and task requests Mandatory Skills Technical- Hands-on experience in implementing IAM controls, policies, standards across enterprise Experience in implementing SailPoint IdentityIQ 8.X including design, development, implementation and application support Customize, configure, and develop IAM solution integration Ability to understand the business requirements and implement them with minimal customizations to the product. Expert level experience in the application and user onboarding, using OOTB and custom connectors. Expert knowledge of User Access Review certifications (Targeted, Manager, Role, Application etc.) Ability to understand the business requirements for User Access review and implement them technically in the system to achieve the desired outcomes with minimal changes to the system. Experience in Roles and Entitlement used in IAM solution. Deep understanding of RBAC concepts and understanding of the SailPoint IdentityIQ Roles to ensure proper discovery and implementation. Good knowledge of web server and application server. Good understanding of LDAP concepts and working experience with the directories. Experience in using database client tools like MS SQL Management Studio, Toad, etc. Excellent development coding skills relevant to SailPoint IdentityIQ (java beanshell oracle jsf XML etc.). Behavioral- Excellent communication (both - verbal & written), collaboration and relationship-building skills. Demonstrated initiative, creativity & ability to influence Client focused mindset - exceed the expectations of our internal and external customers Strong interpersonal, communication, motivational, organizational and planning skill Qualification Eligibility BE / B. Tech / MCA from reputed institute 5+ years of relevant experience across Information Security, Software Engineering, and Software Development roles to handle IAM projects Proven engineering skills in delivering IAM solutions related capabilities and practices Preferred Certification CISSP ( Certified Information Systems Security Professional) and/or CISA( Certified Information Systems Auditor) designation and/or CEH( Certified Ethical Hacker)