882 Cisa Jobs - Page 5

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Core Responsibilities o Provide support in building IAM controls, standards & policies along with best practices to ensure compliance with information security directives and industry standards o Contribute into designing & integrating IAM solutions for web/mobile apps to strengthen security controls at enterprise scale o Collaborate with enterprise & application designers, developers, other information security teams, enterprise infrastructure and testing teams to deliver high quality solutions for remediating security threats o Identify Key control deficiencies and provide roadmap for closures o Define and document issues for escalation to engineers o Work closely with business to address their incidents and task requests Mandatory Skills Technical- Hands-on experience in implementing IAM controls, policies, standards across enterprise Experience in implementing SailPoint IdentityIQ 8.X including design, development, implementation and application support Customize, configure, and develop IAM solution integration Ability to understand the business requirements and implement them with minimal customizations to the product. Expert level experience in the application and user onboarding, using OOTB and custom connectors. Expert knowledge of User Access Review certifications (Targeted, Manager, Role, Application etc.) Ability to understand the business requirements for User Access review and implement them technically in the system to achieve the desired outcomes with minimal changes to the system. Experience in Roles and Entitlement used in IAM solution. Deep understanding of RBAC concepts and understanding of the SailPoint IdentityIQ Roles to ensure proper discovery and implementation. Good knowledge of web server and application server. Good understanding of LDAP concepts and working experience with the directories. Experience in using database client tools like MS SQL Management Studio, Toad, etc. Excellent development coding skills relevant to SailPoint IdentityIQ (java beanshell oracle jsf XML etc.). Behavioral- Excellent communication (both - verbal & written), collaboration and relationship-building skills. Demonstrated initiative, creativity & ability to influence Client focused mindset - exceed the expectations of our internal and external customers Strong interpersonal, communication, motivational, organizational and planning skill Qualification Eligibility BE / B. Tech / MCA from reputed institute 5+ years of relevant experience across Information Security, Software Engineering, and Software Development roles to handle IAM projects Proven engineering skills in delivering IAM solutions related capabilities and practices Preferred Certification CISSP ( Certified Information Systems Security Professional) and/or CISA( Certified Information Systems Auditor) designation and/or CEH( Certified Ethical Hacker)

Oversee staff auditors (both internal staff and external co-source resources). Perform and/or review targeted risk assessments to determine scope of audit projects. Perform process walk-throughs to facilitate the development of the audit scope and approach during the planning phase. Prepare corresponding engagement request lists and other key planning documents. Determine, perform and/or review data analytics for the relevant areas as available and identify outliners / key focus areas for testing of internal controls. Execute/conduct technology, regulatory, and operational audits, which includes the testing of internal controls and business-related processes. Specifically: Act as a key liaison with stakeholders, DXC management and external auditors throughout the audit process. Contribute to the design of the control testing approach and related audit program. Re-confirm/update process walkthroughs as needed. Identify, analyze, and interpret data using statistical techniques to recognize trends or patterns in complex data sets. Provide leadership to and supervision of other auditors participating in the project. Provide training of and feedback to less experienced auditors on the engagement. Monitor audit progress to ensure completion within allotted timeframes. Identify areas/processes for improvement and propose recommendations. Draft reports of audit findings and obtain management responses in accordance with the functions KPIs and procedures. Follow up on remediation efforts related to such findings. Document testing results in the reporting tool. Actively participate in special projects. Job Requirements: Bachelor s degree in a business-related field, preferably with a concentration in Information Technology, Accounting, or Finance Demonstrate high level of integrity and sound independent judgement. Strong analytical and organizational skills with the ability to collect, organize, analyze, and disseminate significant amount of information with attention to detail and accuracy Information Technology/Auditing background with 4-7 years of experience in internal controls, consulting, advisory, and professional services. Big-4 experience required. Ability to multi-task, work effectively in a team-oriented environment as well as independently. Excellent verbal and written communication skills Strong time management and presentation skills Advanced computer skills. Detailed knowledge of MS Office is a must. Open to travel, including international travel Preferred Qualifications: Relevant professional certification (CISA or CISSP) In-depth data analytics experience Technology industry experience Financial Audit experience Experience with data analytics and visualization software Additional language skills

BASIC INFORMATION ON THE POSITION Position Name: Deputy Manager - ESGC PURPOSE OF THE ROLE To ensure Information Security Management System and Risk management framework including Business continuity are effectively planned & established in line with the business objectives. The job exists to ensure compliance to IS requirements, both from customer and organization. If this role did not exist, ensuring compliance to IS requirements is not possible. KEY RESPONSIBILITIES AND ACCOUNTABILITIES Compliance to client information security requirements as agreed in the MSA by ensuring that requirements are captured, documented, implemented and verified Ensure customer audits are cleared successfully without any critical non-conformances Propose cost effective solution and maintain compliance cost Contain Revenue Leakage by ensuring reduction in revenue leakages resulting from IS incidents and effective implementation of controls Ensure operational excellence through the following: 1. Develop and manage ISMS (Information Security Management System) framework including Business continuity and awareness 2. Identify and implement applicable industry practices (IT act and amendments, Data Privacy and Data Security framework etc) 3. Establish and implement measurement program to assess effectiveness of the framework/system 4. Ensure all internal / external audits are planned and successfully cleared. 5. Monitor and track all internal/external audit findings to closure. Highlight open findings and accepted risks Enable Innovation through Automation and New initiatives Ensure Effective People Management by keeping the team engaged and having diverse workforce, Creating accountability & ownership in the team, handling team members grievances and ensuring team attrition is within targets Ensure Capability Development in the team by upgrading competency (skills) in the team in line with the current industry practices and business objectives including both managerial and technical capability EDUCATION QUALIFICATION Degree: BE/M.tech or MBA Certifications: CISA/ CISM Certification - ISO27001 lead auditors certification MINIMUM EXPERIENCE REQUIRED Overall (in years): 10- 15 years Relevant (in years): 8-12 years DOMAIN/ FUNCTIONAL SKILLS Good understanding of various IS standards, framework such as ISO27001, PCIDSS, HIPAA, NIST, SOC/SSAE16 Standards & ISO27005, ISO 22301 Guidelines - Knowledge of risk management (ISO31000, ISO27005), business processes - Knowledge of IT Security, physical and environmental security and HR security controls - Knowledge of regulatory requirements

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

Job Description: Job Title: Corporate Bank (CB), Investment Bank (IB) and Operations (Ops) Technology Risk Function Location: Mumbai, India Corporate Title: VP Role Description The first line Tech Risk function for business divisions CB, IB and Ops at Deutsche Bank sits within the Divisional Control Office. CB and IB front-to-back have the largest footprint as a risk bearing function within the banking divisions, and you will be part of a dynamic team which is consistently in demand for providing insights, assessments and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business. Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture and has a functional responsibility for providing a central point of oversight over the Risk Control Assessments (RCA). This includes supporting the business by driving Risk Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM (2LOD) guidelines. RCA is a key component of the banks non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. As part of the team, you will join the Bank s journey and contribute towards our strategic goal of managing technology risk within appetite whilst enabling adoption of emerging and new technologies for business growth. This role will specifically perform RCAs as related to the IB business. Knowledge of IB products/operations is a big plus What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Collaborate with businesses and support them in conducting Risk Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business Coordinate with businesses/2LoD and assist in 2LoD challenges Prepare RCA reports and obtain business sign-offs Document risk mitigation decisions, if required, with consideration of risk appetite Deliver high quality Global Governance decks and reporting trends to support senior management Your skills and experience CISA/CRISC or relevant security qualifications with experience of Risk Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks Experience in SOX/ ISO27001 control framework Knowledge related to risk management (including conducting Risk Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks Proven people management skills with ability to lead activities independently Strong quantitative and analytical skills required to critically evaluate information for key risk assessments Strong project management skills and a proactive team partner Influencing, negotiation skills and stakeholder management expertise Strong verbal and written communication skills Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory. How we ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Jun 23, 2025 Location: Bengaluru Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Risk Advisory is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Learn more about Risk Advisory Practice Location and way of working Base location: Bangalore Professional is required to work from office Your work profile As a Consultant in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - As a part of our Cyber, you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Role Description ISMS or Third-Party Risk Assessments Lead engagement team in delivering client engagements Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements Should be able to work as independently on short term engagements Perform quality reviews of work performed by team members Desired qualifications 1+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

Responsibilities Date posted 07/21/2025 End Date 08/04/2025 City Noida State/Region Uttar Pradesh Country India Location Type Onsite Calling all innovators find your future at Fiserv. Job Title Specialist, Risk Assurance What does a successful Risk and Compliance Specialist do at Fiserv: Fiserv is seeking a skilled risk and compliance professional to join its Enterprise Risk and Controls team. This dynamic role spans multiple responsibilities, including Third Party Risk Assessments for vendors and support for PCI and SOC audits as part of the organizations Third-Party Audit initiatives. The position is ideal for professionals who are adaptable and eager to contribute across various risk programs within the department. The role primarily centers on contributing to the Third Party Risk Management (TPRM) function. It involves gaining a comprehensive understanding of security policies, standards, and related processes within the scope of the TPRM program. Leveraging strong assessment capabilities, you will ensure that vendor-related risks are effectively identified, evaluated, mitigated, and continuously monitored to uphold the highest standards of security and compliance. What you will do: Developing detailed understanding of security policies, standards, and associated processes as it pertains to third party risk management program. 5-8 years of experience in the domains such as risk and compliance, information security Driving collaboration between cross-functional stakeholders and facilitating strong partnership with Fiserv Business Units Capability of contributing to TRPM Risk transformation projects in alignment with organization strategy. Responsible for independently conducting third-party risk assessment in line with security standards, practices encompassing people, process and technology controls Proficient in reviewing documentation including but not limited to security policies, processes, SOPs, third party audit/assurance reports including SOC 2, PCI AOC/ROC/ROV/SAQ, ISAE, ISMS, penetration testing, vulnerability scanning reports to identify gaps/exceptions Responsible for monitoring, tracking risks through closure by collaborating with multiple constituents including internal and external stakeholders; ensuring auditable results are maintained throughout the engagement. Ensure accurate and timely review; responsible for well-written observations, and walking stakeholders through the process lifecycle as needed Lead and participate in regional and global TPRM governance forums and liaise with business stakeholders. Document and maintain the relevant documentation. Establish trust and credibility with key partners; develop and foster constructive professional relationships with multiple stakeholders including but not limited to executive and line management, risk officers, risk contacts and third-party contacts Work on vendor events, liaison with business stakeholders and follow-up with vendors Mentor and train Junior team members on Vendor Risk Assessment program. What you will need to have: Bachelor s Or Master s degree from an accredited university is preferred, equivalent work experience will be considered. 5- 8 years of experience in IT Risk and Compliance Management or Information Security domain Good interpersonal, written/verbal communication, and organizational skills Ability to handle internal and external discussions/interactions issues in a professional, assertive, and proactive manner Ability to work effectively within a matrixed organization Strong organizational and time management skills with Global stakeholder management Strong MS office skills (Microsoft Excel, Word, PowerPoint, and SharePoint) Exposure to GRC ( Governance, Risk and Compliance tools) What would be great to have: Financial services experience, including working in highly regulated environments Knowledge of IT audit, ISO 27001, ITIL, Vendor Risk Management process Ability to interact across all levels of management Attention to detail with a commitment to high-quality standards A successful track record for delivering results in a timely manner Industry Certifications: CISA, CRISC, CTPRA, ISO 27001 LA/LI or equivalent etc.) Thank you for considering employment with Fiserv. Please: Apply using your legal name Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable). Our commitment to Diversity and Inclusion: Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. Note to agencies: Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions. Warning about fake job posts: Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address. Share this Job Email LinkedIn X Facebook

Job Overview: We are seeking a highly experienced and certified Compliance & Information Security Manager to lead and oversee our organizations compliance, quality assurance, and cybersecurity initiatives. The ideal candidate will possess a robust background in ISO standards, IT and Security Operations, and internal/external audit coordination across service industries. Key Responsibilities: Lead the implementation, maintenance, and audit of ISO standards, including ISO 27001, ISO 9001, AS9100D, GDPR, DPDP Ensure compliance with SOC 2, HIPAA , and other applicable regulatory frameworks. Collaborate with cross-functional teams to design, review, and implement information security policies and risk mitigation strategies . Manage and prepare for internal and external audits; represent the organization during surveillance and certification audits. Develop and deliver employee training programs related to information security, regulatory compliance, and quality assurance. Identify and address security risks in networks, systems, and applications , and recommend corrective controls. Update and maintain documentation related to compliance and audit standards. Required Qualifications: Bachelors degree in engineering/technology (preferably Computer Science or related discipline). CISA, CISO, CISM, CISSP Certified (any) Desirable Lead Auditor certifications for ISO 9001:2015, ISO 27001:2022 and AS9100D. Strong exposure to GDPR, HIPAA and SOC 2 frameworks. Proficiency in conducting internal, supplier, and customer audits . Experience with tools such as Microsoft Office Suite. Demonstrated ability to lead cross-functional teams, manage compliance projects, and drive process improvement.

F5 is seeking a highly experienced and results-driven Technical Program Manager (TPM) to lead and manage critical programs focused on software security- This is a senior level role that will drive initiatives that enhance F5 s security posture by implementing best practices for vulnerability management, security scanners, CVE tracking, Security Software Development Life Cycle (SDLC), and more- The ideal candidate will have a deep understanding of security programs, a strong technical background in software development, and a proven track record of successfully delivering cross-functional initiatives in complex environments- As a trusted leader, you will collaborate closely with engineering, security, product, and operations teams to ensure F5 s products and processes meet the highest security standards while enabling business objectives- Key Responsibilities: Program Management: Strategically plan and deliver programs and initiatives across key security and vulnerability management areas, including implementation of security tools (scanners, CI/CD integrations), tracking and addressing vulnerabilities (e-g-, CVEs), and enforcing best practices throughout the software development lifecycle- Own program roadmaps, timelines, deliverables, and reporting, ensuring execution aligns with business goals, security requirements, and resource capacity- Drive key metrics and outcomes for security, tracking improvements in vulnerability remediation, compliance, and overall risk reduction- Security SDLC and Vulnerability Management: Partner with engineering and security teams to integrate Security SDLC (Secure Software Development Lifecycle) best practices into the development process, ensuring security is considered and implemented at every stage- Manage programs for vulnerability detection, assessment, and remediation to ensure timely resolution of security risks identified across F5 products and environments- Develop and implement governance processes for tracking and addressing externally reported vulnerabilities, such as Common Vulnerabilities and Exposures (CVEs) , ensuring effective prioritization and swift resolution- Cross-Functional Collaboration: Build strong relationships with software engineering, product management, cybersecurity, IT, and operations teams to foster alignment across security-related goals and projects- Act as the central point of coordination for security initiatives, driving progress and ensuring accountability across stakeholders- Facilitate efficient communication between technical and non-technical teams to ensure clarity around priorities, goals, and timelines- Risk and Compliance Management: Drive alignment on security requirements, risk tolerance, and compliance needs, partnering with internal and external security auditors where required- Ensure teams are meeting corporate and industry security standards, including regulatory and policy compliance, while achieving development velocity- Proactively identify and manage security risks through effective mitigation planning and ongoing tracking- Process Improvement and Tooling: Evaluate current security program practices, tools, and workflows, identifying gaps and opportunities for improvement in efficiency and effectiveness- Lead the implementation of automated tools for static and dynamic code analysis, dependency scanning, and configuration management to identify and address vulnerabilities earlier in the development process- Metrics and Reporting: Define, track, and report on KPIs and success metrics for security efforts, including vulnerability remediation rates, defect density reduction, and SLAs for incident response- Provide clear and actionable updates to executive leadership and key stakeholders on the status of security programs, progress, risks, and outcomes- Qualifications: Education: Bachelor s degree in Computer Science, Software Engineering, Cybersecurity, or a related technical discipline (Master s preferred)- Experience: 8+ years of experience in program management, with at least 3 years focused on security programs, vulnerability management, or security operations (senior level); 10+ years for principal level- Proven experience implementing Security SDLC processes and collaborating with software teams to deliver secure, production-grade solutions- Solid understanding of security domains, particularly vulnerability scanning tools (e-g-, Tenable Nessus, Snyk, Qualys), CVE tracking, dependency management, and secure coding practices- Technical Expertise: In-depth knowledge of software development methodologies, including Agile and DevSecOps principles- Familiarity with CI/CD pipelines, source code repositories, and tools for static/dynamic application security testing (e-g-, SonarQube, Checkmarx, Veracode)- Understanding of vulnerability databases (e-g-, NVD), common exploitation techniques, and secure design principles- Basic understanding of threat modeling and risk assessment techniques (stronger expertise is a plus)- Leadership and Collaboration: Experience working in highly cross-functional, multi-team environments, with the ability to motivate, guide, and align diverse stakeholders- Exceptional interpersonal, written, and verbal communication skills, with the ability to convey complex security requirements and issues to non-technical audiences, executives, and engineering teams alike- Demonstrated ability to influence without authority and lead by example- Problem Solving and Decision Making: Ability to analyze complex problems, evaluate trade-offs, and make sound decisions in a fast-paced environment- Strong risk management skills, with the ability to balance security needs with engineering velocity and business priorities- Preferred Qualifications: Project management certification (e-g-, PMP, PgMP, or PMI-ACP) or security-related certifications (e-g-, CISSP, CISM, or CISA)- Experience with cloud security and platform-oriented vulnerability management tools like Bugzilla or similar- Familiarity with emerging cybersecurity trends and zero-day vulnerability exploitation techniques- Knowledge of networking and application delivery technologies (F5 experience is a plus!)

We re seeking a future team member for the role of Vice President IT Audit to join our SOX Team- This role is located in Chennai, TN, HYBRID- In this role, you ll make an impact in the following ways: Demonstrate sound knowledge of IT general controls and application controls with a thorough understanding of SOX- Ensure IT general controls and application controls over financial reporting are sound and effective to ensure compliance with SOX- Contributes to the execution of the SOX IT plan in the assessment of key IT controls for in-scope information systems for testing, documentation and reporting to Senior Management- Manage multiple deliverables across various time sensitive deadlines while executing the completion of the test of design and test of operating effectiveness over the internal controls with limited oversight- Support the senior colleagues with tracking the status of control deficiencies; reviews remediation by process owners and documents findings for/to SOX management- Supports in the collaboration with business & technology stakeholders to identify ways to improve testing efficiency and issue reporting communications- Actively contributes to the achievement of the IT SOX team goal- To be successful in this role, we re seeking the following: Bachelors Degree or the equivalent combination of education and experience is required- Minimum of 3-6 years of experience in IT risk/controls, Internal IT Audit, Public Accounting IT audit or a combination of- Financial Services industry experience is highly preferred- Certified Information Systems Auditor (CISA) or an equivalent IT certification is highly preferred but not required- Experience with GRC software (AuditBoard) and/or data analytic tools (PowerBI, Alteryx) is preferred-

Jul 3, 2025 Location: Mumbai Designation: Analyst Entity: Deloitte Touche Tohmatsu India LLP Audit & Assurance - Assurance Analyst - Internal audit What impact will you make Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential. The Team Discover the various Internal Audit services, we offer to help organizations look below the surface to achieve superior performance through a full range of outsourcing, co-sourcing, and advisory services including with respect to technology and data analytics . We enhance the overall value delivered by IA functions through strengthening quality, flexibility, efficiency, and value. Additionally, Deloitte helps clients extend their IA oversight to gain greater understanding of key enterprise risks such as evolving IT systems, applications, and other technologies. Work you ll do As Analyst in our Internal Audit team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Key Job Responsibilities As a part of our team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Ability to effectively perform the technical components of risk assessments to provide an accurate view of the client s current risk state Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the client s business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Ability to enhance quality and efficiency of recommended conduct risk solutions by applying relevant frameworks, conducting research, and performing analyses Ability to conduct internal audits by leveraging approved processes and methodologies Ability to set the stage for a successful assessment of client s internal audit processes and controls by collecting and organizing data Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Ability to form a core Extended Enterprise Risk Management (EERM) skillset through proactively conducting research, and participating in internal and external initiatives Audit & Assurance - Assurance Analyst - Internal audit Ability to enhance quality of EERM solutions by effectively applying relevant frameworks, conducting research, and performing analyses Ability to enhance effectiveness of the client s ORM system analysis Ability to leverage industry leading tools and frameworks to increase effectiveness of ORM solutions Ability to form a core technology and data risk skillset through proactively conducting research, and participating to internal and external initiatives Ability to leverage industry leading frameworks, methods, and tools to increase effectiveness of technology and data risk solutions Qualifications BBM / BBA / B. Com/Btech Must have one of the certifications - CFE, CPA, CIA, CISA Experience in Advanced Analytics and ERP is preferred Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. In addition to living our purpose, Analyst across our organization: Builds own understanding of our purpose and values; explores opportunities for impact Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent Understands expectations and demonstrates personal accountability for keeping performance on track Actively focuses on developing effective communication and relationship-building skills Understands how their daily work contributes to the priorities of the team and the business How you ll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Centre. Audit & Assurance - Assurance Analyst - Internal audit Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our purpose Deloitte is led by a purpose: To make an impact that matters . Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloittes impact on the world Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Director, Technology Risk Management Mission First, People Always As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day. By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission. Overview The Corporate Security Regulatory Risk team is looking for a Director, Technology Risk Management, to drive Information Security Management System for Regulated markets mandating ISMS implementation and ensuring compliance on security aspects related to the evolving regulatory and statutory obligations with a focus on India region. The ideal candidate should be passionate about information security, cybersecurity, intellectually curious and analytical with strong exposure to business and regulatory environment. In this highly visible role, you will: Establish and maintain a global ISMS strategy and framework for meeting market specific regulatory obligations for ISMS implementation. Partner with 1st line Tech Risk and Regulatory Execution teams to drive Risk Assessments, oversee implementation of Risk Treatment plans, manage Cyber Risk Assessments of new products. Establish governance and management reporting on compliance to ISMS components for the specific market implementation. Serve as the primary point of contact regarding ISMS matters, reporting to leadership and risk committees on ISMS implementation and related security risks, drive ISMS awareness across the organization. Actively engage with cross functional teams within 1st LOD, Technology, Risk, Regulatory Counsels, Business teams etc. to drive compliance to security requirements from regulatory and statutory obligations. Manage and oversee security aspects of regulatory audits and assessments including readiness and remediation, responding to regulatory notifications and related actions for regulatory compliance. All About You The ideal candidate for this position should have: Knowledge of information and cyber security domains and controls, understanding of secure system design and defense-in-depth strategies, governance and risk management framework and practices. Strong understanding of ISO/IEC 27001, 27002, and related security standards, with experience leading ISMS implementation and certifications. Experience managing compliance programs, audit readiness, handling security audits, conducting assessments. Proven ability to lead cross-functional teams and manage complex projects, senior stakeholder management, regulatory enquiries Strategic thinking, executive communication and strong analytical and problem-solving abilities Preferred security certification e.g. CISSP, CISM, CISA, CRISC or equivalent. ISO/IEC 27001 Lead Implementer or Lead Auditor. Be seen as a trusted advisor with understanding of business processes and able to provide security consultation and advisory on regulatory matters. NICE Framework References National Initiative for Cybersecurity Education (NICE) competency proficiency levels of advanced to expert in the following areas: Client Relationship Management Risk Management Interpersonal Skills Information Systems/Network Security Information Assurance Project Management Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard s guidelines.

Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. . Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.

Jul 11, 2025 Location: Coimbatore Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you re always ready to act ahead. Learn more about Technology & Transformation Practice Your work profile As a practitioner in our Cyber Team, you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - SOX,Cloud,Data Management IT/IS controls Testing and Assurance Design and execute controls testing strategies to evaluate the design adequacy and operating effectiveness of controls. Testing Approach Review and Process Documentation Develop methods to monitor and measure risk, compliance, and assurance efforts. Create test plan, test scripts etc. to support the delivery of controls assurance objectives. Prepare detailed testing documentation, workpapers and reports to highlight findings and recommendations. Collaborate with various departments for control walkthroughs, sampling, evidence collection etc. Maintain up-to-date knowledge of industry standards and best practices related to controls testing. Review existing Risk control testing approach and methodology used by client to identify areas for improvement based on IT risk & control frameworks and industry good practices. Develop templates to facilitate the control testing and the documentation and reporting of the control testing outputs in line with the refined control testing approach and methodology Liaise with designated stakeholders to identify the prioritised set of controls and document repeatable test scripts for testing design effectiveness ( DE ) and operational effectives ( OE ) of prioritised IT and IS controls. Knowledge/ Experience in GRC tools such as Service now, archer etc. Knowledge/ Experience on cyber compliance regulations - RBI, SEBI, Cert-in. Industry knowledge would be a added advantage Desired qualifications Cyber experience in Risk Controls ranging from 1 year to 7yrs is mandatory. Levels being hired for: Analyst, Senior Analyst, Consultant, AM, DM B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification Strong communication skills (written & verbal) Location and way of working Base location: Coimbatore/Chennai/Kochi This profile involves frequent travelling to client locations. Your role as a practitioner We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, practitioners across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

: Experience range: 5- 12 years Cyber Security Expert Primary Mandate You will consult and support the Life Science Sector Cyber Security team operations across the entire Life Science organization / locations to protect the confidentiality, integrity, and availability of the IT assets, software-based products, applications and web sites. Your main task is ensuring that cyber security policies, standards, controls, and regulatory requirements are properly understood, planned and implemented. Scope Implement and maintain technical and non-technical cyber security controls of the IT assets, software-based products, applications and web sites Technical controls include baseline security configuration for operating systems (e. g. , OS hardening), network segmentation, DMZ systems hardening, identity and access management (IAM), etc. Non-technical controls include working with corporate teams to embed controls in technology Procurement and working with the business application owners to ensure security process are properly applied throughout the entire application management life cycle. Participate in application-, infrastructure-, and business projects to provide security-planning advice. Together with the IT Solution Architects plan, deliver and document security architecture for various security solutions and projects. Participate in a Cyber Security Incidence Response Team (CSIRT) to cover information security incidents on a sector wide level. Development of cybersecurity awareness and training curriculum. Ensure security training and awareness programs are defined and executed. Contribute to internal projects in response to external compliance requirements, such as NIS2. Qualifications Extensive industry experience, technical knowledge and proven information security competency through professional designation / certifications, such as CISSP, IISP, CRISC, CCSP, CISA or CISM. Ability to analyze security issues, manage conflicting priorities, and recommend a course of action with both technical and business perspective. Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus across organizational lines. Ability to collaborate with diverse team consisting of developers, architects, project managers, etc. Experience with security risk management frameworks based on industry standard (e. g. , ISO27005, NIS2, BSI) and regulations (e. g. , GDPR). Proven ability to manage and collaborate on large/complex projects. Strong documentation skills. Fluent in English.

>> Job DesCRIPTION Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Deliver complex Infrastructure programmes with multiple business and technical risks that will impact the success of key business priorities Create and track a plan to deliver programme goals, including the technical implementation plan, ensuring colleagues and stakeholders are kept up-to-date Manage risks and Issues on the programme demonstrating tactics to resolve or mitigate Understand trade-offs in hardware and infrastructure delivery using experience and influencing skills to drive consensus with the Engineering and Product teams to obtain the best value and deliver brilliant technical solutions Able to foresee potential risks and issues, establish a process, facilitate discussion and manage escalations Able to understand a technical architecture to be able to foresee the impact on dependencies, delivery timelines and implementation plans Have good knowledge of engineering best practices and practical infrastructure implementations to appreciate delivery challenges Collaborate with the Product and Engineering teams to define annual budgetary requirements Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 5+ years of hands-on experience in Project/Program Management. Understand the key principles of ITSM and How this drive effective change into BAU Have experience of building credible relationships and influencing senior management Strong Project, Stakeholder & Programme management skills Good reporting skills for programs and financial forecasting Adept communication & influencing skills and adoptability to changes - Expert delivery experience with the following tools: - Jira - Confluence - Miro - Microsoft Project - MS Excel Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Strong communication and stakeholder & conflict management skills. Strong analytical and problem-solving skills, with the ability to think critically and strategically. >> SELECTION PROCESS Candidates should expect 2-3 rounds of personal or telephonic interviews to assess fitment and communication skills. >> CRITERIA Education 60% above throughout academics One 3 years (at least) regular course is must either Diploma or Graduation Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent Minimum 3 years of hands-on experience in conducting cyber risk assessments. Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA / PCI DSS (At least one) CCNA / CCNP or equivalent (optional) Relevant certifications in OT security (GICSP, ISA/IEC-62443 or equivalent)

Work closely with business stakeholders to gather, analyze, and document functional and non-functional requirements. Define and document business processes, workflows, and system functionalities. Translate business needs into detailed requirements, user stories, and functional specifications. Collaborate with cross-functional teams, including product managers, developers, testers, and business users, to ensure smooth project execution. Participate in requirement walkthroughs, solution design discussions, and system testing activities. Assist in user acceptance testing (UAT) and support business users in validating system functionalities. Conduct impact analysis, gap analysis, and feasibility studies for business process improvements. Support system implementation, change management, and post-go-live activities. Ensure compliance with industry standards, best practices, and regulatory requirements. Display strong knowledge of Information Security as this is an SME role for reviewing Risk Assessments as per IS policy and ISO 27001 Review IS controls and assess ability and applicability for the applications / infrastructure Manage scope of deliverables and expectations and ensure clear and concise communication to onshore team members and other stakeholders Build strong relationships with various stakeholders, including but not limited to: ITAO / ITAO Delegates, ISO / TISO / Risk Managers in order to complete Assessments and Remediation management Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions Work with multiple, distributed teams (across different locations) Provide process improvement inputs to various stakeholders involved Report and escalate potential risks to the management to help avoid / minimize the impact Develop key operational procedures and policies where necessary and ensure adherence to all such defined policies Focus on utilizing the capacity in an efficient and effective manner. Monthly tracker to be maintained Represent the process and provide inputs for the Monthly and Quarterly dashboards with performance and with any challenges faced or suggestions to improve the quality Your skills and experience Experience: 12+ years of experience as a Business Analyst in a functional role, preferably in GRC. Education: Bachelor's/Masters degree in Business Administration, Computer Science, Information Systems, or a related field. Strong expertise in business process mapping, requirement elicitation, and functional documentation. Hands-on experience in working with Agile (Scrum/Kanban) and Waterfall methodologies. Proficiency in tools such as JIRA, Confluence, MS Visio, BPMN, or similar BA tools. Experience in creating BRD (Business Requirement Document), FSD (Functional Specification Document), and user stories. Ability to perform data analysis and reporting using SQL, Excel, or BI tools if applicable. Strong stakeholder management, communication, and analytical skills. Experience working with cross-functional and geographically distributed teams. Technology Skills: Proven capabilities / competencies in mitigating the Information Security / Application Governance / IT Control etc. Strong understanding of service delivery and relationship management Project management, analytical and problem solving skills Effective communication and strong interpersonal skills Professional certifications is an added advantage CISA, CISM, CRISC etc. Team player, highly motivated, practical problem solver Experience in global teams across different time zones and within a matrix environment Ability to monitor, track and clearly communicate progress, escalate issues when appropriate

Role Description Infrastructure Chief Operating Office (COO) is responsible for the effective operation of the infrastructure functions, driving operational efficiency whilst supporting the effective delivery of infrastructure services in line with business objectives and control requirements. It also includes oversight of Infrastructure Divisional Control Office (DCO) and Trade Settlement and Confirmations Operations (TSCO). Infrastructure Divisional Control Office (IDCO) as part of Infrastructure COO, provides services to multiple functions in infrastructure. The IDCO function is a dedicated risk, control, and regulatory oversight function, with prime responsibility for managing and proactively mitigating risk across the full breadth of the Technology and Infrastructure organization. Function also provides a consolidated view and central coordination of (non-financial) risks, as well as effective, efficient, and consistent standards and policies. (Technology Data & Innovation) TDI Control Testing & Assurance ( TDI CT&A) team part of IDCO identifies, tracks and reports control testing & assurance activities, conducts independent controls testing (design and operating effectiveness) on different risk types in line with the Control Testing Standards. The team also focuses on regulatory and risk-based assurance requirements. This role is within TDI Control Testing & Assurance team. Your key responsibilities Perform Control Testing in line with defined Control Testing methodology/minimum standard. Identify control deficiencies (findings), risks related to elements of controls, participate in findings agreement with stakeholders, escalate potential issues and exception items noted during the testing to senior management for discussion and further investigation, if deemed necessary Prepare Control Testing workpapers for senior management detailing testing results, document findings with highest quality Track Control Testing identified findings, perform required follow-up on open findings Consider regulatory and internal firm policy requirements as well as established best practices for control assurance. Support controls assurance activities Support in monitoring Control testing teams adherence to Control Testing methodology/minimum standards Track testing related effort/budget Plan Vs. Actuals throughout the testing lifecycle Build and maintain solid working relationships with key stakeholders such as within the DCO, IDCO, TSCO, GTI, Embedded Risk Teams (ERT), Risk managers and other Testing Teams including Divisions/sub-divisions, 2 LoD and Group Audit (GA) Your skills and experience University degree preferably in Computer Science, Mathematics, Engineering or a related subject or equivalent qualification in the areas of information security. Professional/industry recognized qualifications e.g., CISA, CISSP, CISM, CRISC are beneficial. Experience in Cloud Security audit/testing, GCP (Google Cloud Platforms) or Professional/industry recognized qualifications e.g., CCSP, CCSK will be an advantage. Knowledge of auditing IT application controls, e.g., from IT audits or IT risk management. Understanding of the relationship between IT risk and underlying business process risk. Knowledge of regulations governing financial institutions is beneficial. Strong written and verbal communication skills and the ability to communicate effectively in conflict situations. Strong organizational skills and attention to detail. Ability to work under pressure, multi-task and prioritize workload. Strong analytical skills and structured thought process with the ability to clearly articulate control deficiencies and related risk Flexible, proactive, and innovative mind set with strong organizational skills to take ownership and responsibility for agreed targets and to meet them within budget to enable a timely and efficient completion of projects. This is an IC (individual contributor) role.

Your key responsibilities Participate, lead and execute the IT Risk and Assurance engagements Develop and maintain productive working relationships with client and onshore stakeholders Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress Help prepare reports and schedules that will be delivered to clients and other parties Develop and maintain productive working relationships with client personnel Build strong internal relationships within Ernst & Young Services and with other services across the organization Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Skills and attributes for success Work effectively as a team player - collaborate and share responsibility, coach, and support team members to succeed To qualify for the role, you must have B.E/B.Tech (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc., Chartered Accountant and/or MBA with Finance/IT with at least 10+ years of experience 1-3 years of professional experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC1, SOC2, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits Expertise in pre and post implementation reviews and auditing configuration of major ERPs like SAP, Oracle, JDE, WorkDay, Netsuite, Navision etc. Expertise in performing infrastructure reviews pertaining to OS, DB and Active Directory such as Windows, UNIX, SQL, Mainframe, Oracle etc. Assist with the development of policies, procedures and standards that meet existing and newly developed policy and regulatory requirements Assist with facilitating IT security/risk training curriculum. Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Must have end-client facing experience Ideally, you'll also have CISA, CISM, CRISC, ISO27001, Cloud and Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI Familiarity with a typical IT systems development life cycle

Job description At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk Senior As an IT risk professional, you'll contribute technically to risk assurance client engagements and internal projects. An important part of your role will be to perform IT audits, document good quality assessment reports and issue opinions. You'll anticipate and identify risks within engagements and share any issues with the audit stakeholders. You'll also identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. In line with EY's commitment to quality, as an influential member of the team - you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We're looking for experienced staffs with 1 to 3 years of hands-on experience in IT Risk/Audit, Assurance and Advisory to join our Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities Participate, lead and execute the IT Risk and Assurance engagements Develop and maintain productive working relationships with client and onshore stakeholders Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress Help prepare reports and schedules that will be delivered to clients and other parties Develop and maintain productive working relationships with client personnel Build strong internal relationships within Ernst & Young Services and with other services across the organization Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Skills and attributes for success Work effectively as a team player - collaborate and share responsibility, coach, and support team members to succeed To qualify for the role, you must have B.E/B.Tech (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc., Chartered Accountant and/or MBA with Finance/IT with at least 1-3 years of experience 1-3 years of professional experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC1, SOC2, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits Expertise in pre and post implementation reviews and auditing configuration of major ERPs like SAP, Oracle, JDE, WorkDay, Netsuite, Navision etc. Expertise in performing infrastructure reviews pertaining to OS, DB and Active Directory such as Windows, UNIX, SQL, Mainframe, Oracle etc. Assist with the development of policies, procedures and standards that meet existing and newly developed policy and regulatory requirements Assist with facilitating IT security/risk training curriculum. Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Must have end-client facing experience Ideally, you'll also have CISA, CISM, CRISC, ISO27001, Cloud and Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI Familiarity with a typical IT systems development life cycle

As a Cloud Ops professional at Tally, you will be part of a team dedicated to delivering top-notch connected services in public clouds for Tally's customers. Your mission will be to ensure unmatched reliability, strong security, and optimal cost efficiency. You will have the opportunity to design, implement, and operationalize solutions using cutting-edge cloud native technologies to provide a seamless experience for our customers. Your responsibilities will include overseeing Risk Management & Governance for Tally's suite of cloud-based connected services, implementing secure access at every level, and ensuring compliance with regulatory requirements. You will focus on Cloud Security Oversight, primarily in the AWS environment, while also considering multi-cloud environments. Your role will involve managing regulatory and compliance issues and providing governance and reporting on cloud operations. To excel in this role, you should bring experience in risk management, governance, or compliance roles within fintech, banking, or cloud-centric organizations, particularly in product or fully hosted service-based settings. You should have expertise in AWS security tools, architectures, and best practices, along with a deep understanding of Indian financial sector regulations such as RBI, SEBI, and the IT Act. Possessing relevant certifications like CISSP, CISM, AWS Certified Security Specialty, CRISC, or CISA would be advantageous. You will be expected to demonstrate a thorough understanding of cloud-native security principles, AWS best practices, risk frameworks (NIST, ISO, COBIT), and regulatory mandates. Your role will involve bridging business requirements with technical security implementations, requiring strong communication, stakeholder management, analytical thinking, and a proactive problem-solving approach. Join us at Tally, where we value honesty, integrity, a people-first culture, excellence, and impactful innovation. Be a part of our journey to simplify the lives of millions of small and medium businesses globally through technology and innovation.,

As a Senior Auditor, Technology at LegalZoom, you will be an impactful member of the internal audit team, assisting in achieving the department's mission and objectives. Your role will involve evaluating technology risks in a dynamic environment, assessing the design and effectiveness of internal controls over financial reporting, and ensuring compliance with operational and regulatory requirements. You will document audit procedures and results following departmental standards and execute within agreed timelines. Additionally, you will provide advisory support to stakeholders on internal control considerations, collaborate with external auditors when necessary, and focus on continuous improvement of the audit department. Your commitment to integrity and ethics, coupled with a passion for the internal audit profession and LegalZoom's mission, are essential. Ideally, you hold a Bachelor's degree in computer science, information systems, or accounting, along with 3+ years of experience in IT internal audit and Sarbanes-Oxley compliance, particularly in the technology sector. Previous experience in a Big 4 accounting firm and internal audit at a public company would be advantageous. A professional certification such as CISA, CIA, CRISC, or CISSP is preferred. Strong communication skills, self-management abilities, and the capacity to work on multiple projects across different locations are crucial for this role. Familiarity with technologies like Oracle Cloud, AWS, Salesforce, Azure, and others is beneficial, along with reliable internet service for remote work. Join LegalZoom in making a difference and contributing to the future of accessible legal advice for all. LegalZoom is committed to diversity, equality, and inclusion, offering equal employment opportunities to all employees and applicants without discrimination based on any protected characteristic.,

You will be responsible for conducting third-party/supplier security risk assessments, interpreting security assurance reports including SOC2 and pen test reports, and reviewing security requirements in contracts. Additionally, you will need to understand outsourced solutions and associated information classification, assess supplier security controls based on ISO27001/2 standards, and identify and document security risks. You will be expected to suggest recommendations to address identified security risks, potentially perform information classification such as AIC assessment, and hold security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. If you have at least 4 years of experience in Information Security, possess the necessary certifications, and can work in Mumbai (Andheri East) with a notice period of immediate to 30 days, we encourage you to share your updated resume to manasa.chilla@visionyle.com.,