882 Cisa Jobs - Page 6

As the IT Auditor at Navi, you will be responsible for overseeing Navis strategic Risk-based IT Audit Plan and managing the Group IT Audit Function in alignment with Navis Internal Audit Charter and industry standards set by ISACA, ISO, COBIT, IIA, and other relevant professional bodies. Your role will involve directing IT audit operations and strategies at the group level, auditing information systems, platforms, and operating procedures of Navi to ensure the effectiveness of the organizations risk management and internal controls. Your major responsibilities will include developing and implementing risk-based annual IT audit plans, evaluating IT infrastructure, identifying areas of risk or non-compliance, and ensuring proper resourcing for plan implementation. You will also be responsible for updating audit tools, informing senior management of significant risks, providing feedback on IT & data risks, maintaining relationships with key stakeholders, overseeing Internal Audits participation in business initiatives, and serving as a thought leader in IT risk management and internal control best practices. In addition, you will continuously inspect and assess various elements of the companys information systems, identify IT risk exposure, recommend remediation strategies, review security measures, coordinate with external auditors and regulators, track issues and actions management process, and provide early warning signals in IT areas for potential fraud scenarios. You will also be responsible for issuing clear and concise IT Audit reports, delivering MIS and reports to assist the Function Head, and making presentations to the audit committee and management independently. The ideal candidate for this role should possess IT audits related qualifications such as CISSP, CISA, CISM, GIAC, PPM, PMP, DISA, or equivalent, along with 7 or more years of experience in IT audits preferably with 2-3 years in a team management role. Strong knowledge of IT security and infrastructure, experience in agile product management environments, and 3 to 5 years of Fintech or NBFC industry experience are preferred qualifications for this role.,

As an Internal Auditor at Justdial Ltd in Bangalore, you will be responsible for projects in IT Advisory focusing on the assessment and evaluation of IT systems, along with the mitigation of IT-related business risks. Your role will involve IS audit, ITGC reviews, internal audit engagements, IT infrastructure review, and risk advisory, including supporting IT audit activities. Your responsibilities will include coordinating and managing statutory external audits for SOX (ITGC), providing management reports by collecting and analyzing audit information, conducting ISMS security awareness training programs within the organization, and supporting the Information Security Manager in managing and mitigating risk assessments. You will also be involved in implementing ISO 27001 controls across the organization, conducting risk assessments and gap analyses for ISO 27001/IT General Control, and performing internal audits for various business functions. Additionally, you will conduct data center audits as per ISO 27001 standards, develop and review information security policies and procedures, handle end-to-end ITGC statutory audit requirements, assist in the implementation of ISO 27001:2013 and managing the ISMS, and consult the organization on business continuity for critical functions. You will also be involved in implementing and consulting on PCI DSS SAQ A-EP certification. The ideal candidate for this role should have a bachelor's degree in engineering or BSc-IT, experience in performing IT audits of banking/financial sector applications, and knowledge of IT regulations, standards, and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ISO 27001). Technical knowledge of IT audit tools, experience in carrying out OS/DB/Network reviews, exposure to risk management and governance frameworks/systems, and proficiency in project management, communication, and presentation skills are essential. Being a team player with strong self-directed work habits, initiative, drive, creativity, maturity, self-assurance, and professionalism is crucial for success in this role. Preferred certifications include CISA, CISSP, ISO 27001 Lead Auditor/Implementer, and CISM. Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools is also required.,

Role & responsibilities Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either System audit, IT reviews, Technology Risk Assessments & Gap Assessments inline with circulars issued by SEBI/RBI/IRDAI. Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills. Preferred candidate profile

Role & RESPONSIBILTY Conduct threat modeling and risk assessments to evaluate potential security risks associated with the organization. Provide guidance on risk remediation strategies and the implementation of countermeasures to address identified security risks. Ensure GDPR & PCI-DSS compliance across all areas of the organization. Work with the development team to ensure compliance with SDLC lifecycle and secure coding practices. Lead encryption efforts and disable deprecated protocols to maintain data security while in transit or at rest. Incorporate NIST framework into the organization's security practices and stay up-to-date with the latest controls. Review penetration testing reports, static and dynamic application security testing results, SaaS platforms, Azure Defender reports, and third-party application integration risks to identify vulnerabilities and evaluate overall security posture. Provide expertise in security and network architecture and design. Create comprehensive data flow diagrams to identify potential threats and identify areas for improvement. Evaluate cloud security posture and provide recommendations to enhance overall security. Continuously identify potential flaws in the entire architecture and implement security controls and practices to prevent future breaches. REQUIREMENTS: Bachelor's degree in Computer Science, Information Technology, or related fields 8+ years of experience in information security or related fields Strong understanding of GDPR & PCI-DSS requirements Experience with threat modeling, risk assessment, and remediation Familiarity with secure application development principles and secure coding practices Experience with identity and access management (IAM) solutions and authentication protocols such as SAML, OAuth, and OpenID Connect Understanding of network security protocols such as TCP/IP, DNSSEC, SSL/TLS, IPSec, and firewalls Experience in encryption technologies and protocols for data security Knowledgeable in NIST framework controls Strong analytical and problem-solving skills Expertise in security architecture and network design Proficiency with creating detailed data flow diagrams Familiarity with cloud security trends and best practices Experience with DevOps and CI/CD pipelines and creating a DevSecOps culture Excellent communication and interpersonal skills Professional Certifications: CISSP, CCSP, CCSK, CEH

ROLE & RESPONSIBILTY: Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. Risk Consulting IT Advisory Cyber Security: Cyber Risk Assessments The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. 2020 KPMG, an Indian Registered Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International. REQUIREMENTS: Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments.•Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices.•Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. >>CRITERIA oEducation 60% above throughout academicsoOne 3 years (at least) regular course is must either Diploma or GraduationoCourse: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalentoCertification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA (At least one)oCCNA (Mandatory), CCNP or equivalent(optional).

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Qualifications for Internal Candidates IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Join our Team About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Why join Ericsson What happens once you apply Primary country and city: India (IN) || Noida Req ID: 769907

About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Primary country and city: India (IN) || Noida Req ID: 769907

At Moss Adams, we champion authenticity. For us, that means fostering a culture of talented people who care about you, about our clients, and about our communities. Here, you ll work towards our mission of empowering others to embrace opportunity, growing as a leader along the way. Our firm s size, middle-market clients, customized career paths, and supportive culture make this a reality. Join a values-driven firm where you ll have fun while solving complex and interesting business challenges. The Financial Services group provides regulatory compliance, internal audit, information systems and related consulting services for financial institutions, including banks, credit unions and other types of financial services companies throughout the United States. The Financial Services Information Technology team provides technology assessments, strategic technology planning, system selection consulting, system penetration testing, disaster recover planning and process engineering. Individuals who thrive at Moss Adams exhibit the following success skills Collaboration, Critical Thinking, Emotional Intelligence, Executive Presence, Growth Mindset, Intellectual Curiosity, and Results Focus. Responsibilities: Perform and document testing on consulting, compliance and internal audit engagements focused on IT risk, strategy and governance within financial institutions Provide training and supervision for engagement Staff Identify findings and document opportunities for process improvement Research technical issues that arise during the engagement Assist Managers and/or Senior Managers in developing strategic solutions to meet client needs Work closely with Managers and/or Senior Managers on engagement planning, executing, and issuing a final report meeting client deadline Set the foundation for developing relationships with clients, including involvement in networking and business development activities Motivated to meet client deadlines and provide excellent client service Qualifications: Bachelor s degree required CISA CISM, CISSP preferred. If not certified, must meet educational requirements to obtain license upon hire in state of employment CPA, CIA, CRCM, CAMS, CFIRS, CFE, and/or CFF a plus Minimum of 3 years of experience in information systems, internal audit, regulatory compliance, consulting services Network engineering/administration experience with a security emphasis preferred Knowledge of IT control and/or services management standards such as CObIT, ITIL, ISO preferred. SOX IT audit experience preferred. Previous experience in banking or credit unions preferred Ability to work effectively as part of a team and independently Creative problem solving and research skills. Excellent verbal and written communications Strong analytical and report writing skills. Proficient with Microsoft Office (Word, Excel, PowerPoint, Outlook). Ability to handle multiple priorities, tasks, and simultaneous projects Moss Adams is an Equal Opportunity Employer as to all protected groups, including protected veterans and individuals with disabilities. Certain jurisdictions in the United States require employers to disclose the pay range in job postings. This is the typical range of pay for the position. Actual compensation may depend on factors such as qualifications, work experience, skills, and geographic location. This position may be eligible for an annual discretionary bonus. For more information about our benefit offerings and other total rewards, visit our careers page.

Vice President - Technology Risk Management II - Chief of Operations (COPS) Officer We re seeking a future team member for the role of Vice President - Technology Risk Management II to join our Technology Risk Management (2LOD) team. This role is located in Pune, MH Hybrid. In this role, you ll make an impact in the following ways: Drive consistent, robust, and repeatable independent technology & cybersecurity risk and control management processes with developed centralized process documentation, templates, tooling, dashboarding, reporting and related work products Enable high-quality and consistent delivery of key independent 2LOD risk and control management activities across the broader Technology Risk Management organization to support key stakeholder deliverable work products including risk committee reporting, audit trail submissions, regulatory engagement responses, and 1LOD and Internal Audit reporting transparency Implement appropriate checks and change management capabilities to ensure broader TRM teams are challenged to produce high-quality, risk-based analysis, challenges, issues, and work products to stand-up to audit and regulatory requirements Interface collaboratively with other TRM teams including Reporting, Frameworks, Process, Automation/AI, and Functional SME teams, to ensure process efficiencies are implemented and enhanced over time To be successful in this role, we re seeking the following: Bachelor s degree or the equivalent combination of education and experience is required 7+ years of experience required experience with technology or financial services industry is required Sound understanding of Industry wide Technology Controls, Issue Management and Risk Management Framework Expert attention to detail, organizational and executive communication skills and experience are required Relevant professional certifications are a plus (CRISC, CISA, ITIL, ISO27001, COBIT) Technical experience with SharePoint, Tableau, PowerBI, ServiceNow is a plus Consulting and engagement with senior leadership experience is a plus America s Most Innovative Companies, Fortune, 2024 World s Most Admired Companies, Fortune 2024 Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024 Best Places to Work for Disability Inclusion , Disability: IN 100% score, 2023-2024 Most Just Companies , Just Capital and CNBC, 2024 Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024 Bloomberg s Gender Equality Index (GEI), 2023

Within Societe Generale Global Solution Center (SGGSC), you will join Global Cybersec Capability Centre (G3C) team based out of Bengaluru, working in Cyber sec team as a infosec specialist to contribute in the information security and risk management practice. As a Cybersecurity senior analyst, you will be part of the G3C Infosec services within the G3C team (Global Cybersecurity Capability Centre). Based in Bangalore, you will manage infosec operations and responsibilities across regions and collaborate closely with security and IT teams across the organization to coordinate cybersecurity operations, governance activities, manage compliance efforts, and support audit readiness. You will play a vital role in presenting evidence, identifying risks, and implementing security controls in line with organizational and regulatory expectations. The candidate will be working in a high-pressure environment, it calls for assertiveness and flexibility to ensure deadlines are met based on agreements / defined milestones The main responsibilities are: Collaborate with internal stakeholders including CIO, CTO, and CISO teams, Centers of Expertise, and various tribes to manage security governance activities. Engage with HR, Risk, Internal Control, and Audit functions to coordinate cybersecurity reporting, evidence collection, and issue resolution. Conduct independent research and assessments to identify weaknesses and recommend remediation strategies in secure environments. Drive compliance initiatives and ensure readiness for internal and external audits. Support the development, implementation, and tracking of cybersecurity governance programs and documentation. Profile required Bachelors degree in Computer Science, Mathematics, or a related field (Masters degree preferred) Minimum 5 years of work experience in IT and Cybersecurity Strong knowledge of Information security, risk management, and monitoring frameworks Experience conducting independent research and identifying technical security gaps Relevant certifications such as CISSP, CISA, ISO 27001 Lead Auditor, CompTIA Security+, etc. Intermediate-level proficiency in Microsoft Excel Strong English proficiency (spoken, written, and read) Behavioral Competencies: Excellent organizational and cross-functional coordination skills Team player with strong initiative and the ability to work independently Effective analytical and decision-making abilities Proactive communication and stakeholder management skills Strong adaptability, openness to feedback, and willingness to continuously learn Results-driven with strong planning and execution discipline Negotiation skills are an added advantage

Hiring a Senior Cybersecurity GRC Consultant, you will play a pivotal role in helping organizations manage and improve their Governance, Risk, and Compliance (GRC) frameworks. You will be responsible for setting up and leading assessments, implementing strategies, and advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements. 8+ Years of Experience in cybersecurity, risk management, and governance, with a proven track record of leading GRC initiatives. Educational Background: Bachelors or Masters degree in Information Technology, Cybersecurity, Computer Science, Business Administration, or a related field. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or similar. Must have experience in customer facing projects (onsite / offsite); Should be able to lead the junior team members. In-depth Knowledge of Cybersecurity Frameworks: Expertise in implementing and advising on security frameworks such as Unified Cybersecurity Framework, NIST/RBI/IRDAI/SEBI Cybersecurity Frameworks, ISO 27001/2, CIS Controls etc. Project Management: Proven ability to manage and lead multiple GRC projects simultaneously, with strong organizational and time-management skills. Client-Focused: Demonstrated ability to build and maintain relationships with clients, providing expert advice and ensuring customer satisfaction. Cloud Security: Knowledge of cloud environments (AWS, Azure, Google Cloud) and their associated risks and compliance requirements. Penetration Testing & Vulnerability Management: Familiarity with vulnerability assessment, penetration testing, and ethical hacking practices. Incident Management: Experience in developing or improving incident response plans, business continuity plans, and disaster recovery strategies.

What You Will Do : Investigate ISMS events including system failures, equipment failures, and more. Youll play a key role in identifying and resolving issues to maintain our high standards of security. Review ISMS policies and procedures and coordinate with various departments to ensure compliance and efficiency. Attend daily IT helpdesk tickets, offering your expertise to solve every day technical challenges. Coordinate Information Security Task Force meetings and collaborate with key stakeholders to drive our security initiatives forward. Work closely with our external audit firm to ensure we meet all regulatory requirements. Conduct induction and on-demand security awareness training. Assist with ISO 27001 objective evaluation and risk management processes, contributing to our ongoing certification efforts. Support India and global ISO 27001 internal audits and follow up on remediations, ensuring we address any findings promptly. Monitor operational controls for various projects, ensuring they meet our security standards. Prepare various documentation supporting ISO 27001 implementation, providing a clear and thorough record of our processes. What You Will Need : A bachelor s or master s degree in engineering or a related field. 3-5 years of experience in information security . Proven experience in managing audits, showcasing your ability to oversee and execute comprehensive audit processes. A strong understanding of cybersecurity frameworks and standards, including ISO 27001 etc. Expertise in incident detection and response. Proficiency in risk management and assessment. The ability to analyze complex technical problems and deliver effective solutions. Excellent communication and stakeholder management skills, enabling you to work effectively with diverse teams. What Would Be Nice To Have : Certifications such as CISA are preferred

Why Join Us? To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win. We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees passion for travel and ensure a rewarding career journey. We re building a more open world. Join us. Introduction to Our Team The Senior Technical Internal Auditor would be reporting to the Technical Audit Senior Manager, the Senior IT Auditor performs the tactical end-to-end execution of technical risk management, compliance, assurance and audit projects, including discovery, scoping, planning, fieldwork, development/design of recommendations, report writing, tracking of audit issues, and verification of management action items, under the guidance/direction of managers. In this role you will: Acquire and demonstrates a solid understanding of how the department operates and fits into the larger organization Acquire a solid understanding of the various functions/organizations within the broader enterprise Demonstrate solid awareness of the policies, practices, trends and information that impact the organization and its customers Demonstrate solid understanding of the financial, operational, and technical impact of decisions/solutions on the organization and its customers Keep relevant stakeholders informed of key progress toward or significant changes to task timing that impacts the project schedule Assist team members in the creation of routine technical communication materials (e.g., policies & procedures, guidelines, presentations, messages) Apply a solid understanding of electronic workpapers and/or GRC and Audit Management systems Apply a solid understanding of IIA framework Apply a solid understanding IT controls frameworks Applies a solid understanding of technical and operational risk and compliance frameworks and industry best practices (e.g., ISO, COSO, COBIT, NIST, etc.) Plan and execute audit and consultancy projects, including but not limited to audit planning, facilitation of process interviews, identification of risks, internal controls testing, identification of issues, and communication of audit/consultancy results to Company management; Demonstrate understanding of key business process risks and controls, and perform evaluation of design and effectiveness of controls; Perform advisory work for key processes or projects being implemented consisting of evaluating gaps and risk and providing guidance prior to implementation; Participate in enterprise-wide risk assessment interviews with key partners; Demonstrate strong project management skills and the ability to multi-task on quality work deliverables; and Build and maintain strong positive relationships with Expedia personnel as a representative of the Corporate Audit Team Applies a solid understanding of regulatory and technical compliance Applies a solid understanding of at least several of these areas (IT General Controls, Cybersecurity, Hybrid and Cloud operations, Data governance and management, Data privacy compliance, or System Development Life Cycle) to execute technical audits or other risk and compliance-related initiatives in order to identify, assess, and explain risks, report findings, and develop and communicate recommendations Applies practical data analysis methods and procedures including the collection, analysis and developing of insights of data Applies solid understanding of risks and controls to develop audit planning documents, including Risk and Control Matrices (RCM), process and data flow diagrams, and executive-level planning memos Prepares relevant audit workpapers and reports for senior management on the results of operational and technical audits or other risk-based assessments Leverages proper techniques and solid knowledge to interpret basic audit analyses and reports Experience and qualifications: 3-5 years of relevant experience in technical risk/assurance consulting and/or internal audit Bachelors degree in related technical field or equivalent related professional experience Big 4 public accounting experience preferred, but not required CIA, CISA, OSCP, CCSK, CISM, CISSP, CDPSE, IAPP, CRISC or similar certification desired Operational, technology or security business processes and best practices; Excellent written and verbal communication skills with previous experience in writing internal audit reports Understanding, developing, interpreting process models, flowcharts, narratives; Solid understanding of IT General Controls (Logical Access, Change Management, IT Operations, Program Development/SDLC), including design and operation of controls Cybersecurity concepts, risks and controls/practices (e.g., identity access management, vulnerability management, security governance, software development, auditing and logging, micro segmentation, secure access services, PKI) and security frameworks such as NIST, ISO 27000 Cloud operations (e.g., Cloud architecture, infrastructure, networks, secure compute workloads, resiliency, data encryption, account and key management, identity access management, software development in the cloud) Data governance (e.g., frameworks, policies, third-party data risks, and data security and protection) Data privacy compliance including GDPR, CCPA and other regulations Big Data (e.g. data analysis and visualization tools, data engineering modeling, scripting language such as SQL or Python) Accommodation requests If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request . We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others. Expedia Groups family of brands includes: Brand Expedia , Hotels.com , Expedia Partner Solutions, Vrbo , trivago , Orbitz , Travelocity , Hotwire , Wotif , ebookers , CheapTickets , Expedia Group Media Solutions, Expedia Local Expert , CarRentals.com , and Expedia Cruises . 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50 Employment opportunities and job offers at Expedia Group will always come from Expedia Group s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs . Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.

You re at the right place if you wish to make a difference and see the impact. Work with us to unleash your true potential while being yourself. Associate Governance Risk & Compliance Responsibilities Perform information security audits and consulting as per the regulatory requirement and security standards Develop and participate in implementation of client initiatives focused on the reduction of technology risk, governance and compliance to policies and external regulatory compliance Developing IT security policies, procedures and guidelines controls to manage risks. Knowledge of vulnerability management. A good understanding of IT data centre operations and a variety of technology platforms Qualifications 1-3 years experience in Compliance, Security, or related industry; Ideally should have a CISSP, CISA or CISM qualification; Knowledge and understanding of HIPAA, GDPR, PCI DSS, SOC 2, ISO27001 and ISO 22301 is preferred.

What you ll do: As Audit Supervisor, you will lead financial and operational audits using the risk-based methodology through enterprise risk management, global processes, centralized and site-based audits to evaluate the effectiveness and efficiency of internal controls, business processes, and procedures at Eaton operations. You will ensure compliance with finance policies and internal control standards and act as a business partner. In this role you will be part of a diverse local audit teamintegrated into our global Internal Audit team. You will work closely with SOX and Finance Compliance team, operations, and regional leaders Responsibilities Lead end to end finance and operational audits under the supervision of the audit manager, in accordance with the risk-based audit methodology. Lead the planning for the audits assigned and effectively identify the scope of work while communicating with the site/ process management and setting audit expectations. Evaluate the design and operating effectiveness of internal controls and business processes. Prepare audit reports and recommendations identifying the accurate root cause for the leaders Lead the opening and closing meetings for the audits with the assigned stakeholders. Prepare clear, concise, neat, accurate work papers timely in AuditBoard and critically review planning and fieldwork for the audit team, providing valuable on the job coaching/training and written performance evaluations. Follow up on the progress of the management action plans and review them post-implementation. Actively participate in the initiatives of the department and support all new areas of development. Serve as team member and participates in special projects, on an as needed basis. Assist in development and execution of data analytics to contribute to the digitization initiatives and enhance continuous monitoring capabilities across Eaton. Coordinate the stautory SOX control reviews under the supervision of the Audit Manager. Collaborate with the other Eaton functional teams (eg:- HR, Law, Ethics) to investigation any reported or suspected activities. Travel up to 40%. Qualifications: Chartered Accountant or Bachelor s degree in accounting with additional certifications Extensive working experience in Internal Audits and internal control domain Advanced degree (MBA or Masters in Accountancy) desired. CPA, ACCA, CIA, CMA, CFE CISA or other equivalent certification is a plus. Total 4-7 years experience excluding the internship. (Three plus years of progressive audit or process/internal control experience and +/- two years experience in a supervisory role preferred Skills: Experience in overseeing or supervising Audit engagements, guide team members allocate tasks and review of the work done Experience in using data analytic tools (PowerBI, Power Automate) preferred Knowledge of robotic process/ AI tools and automations is an advantage Knowledge of ERP systems (SAP/Oracle) is an advantage Strong communication skills and proficiency in English is important Critical thinking, solution focused, proactive and quality driven attitude. Cultural awareness and professionalism in multicultural/ multilingual environment Flexibility and ability to travel for Audit engagements is required

Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job Summary As a Vice President within the Testing CoE team, you will be responsible in risk identification, control evaluation, and security governancein advising on complex situations and enhancing the firm s risk posture. Job responsibilities Lead and manage control evaluations and end-to-end substantive testing activities, including planning, fieldwork and reporting. Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the Commercial and Investment Banking (CIB). Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 8+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, helpful capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications preferred. A background in auditing and the ability to understand of internal controls is beneficial. Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint. Knowledge of data analytical tools such as Tableau, Altryx or Pythyon Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job Summary As a Vice President within the Testing CoE team, you will be responsible in risk identification, control evaluation, and security governancein advising on complex situations and enhancing the firm s risk posture. Job responsibilities Lead and manage control evaluations and end-to-end substantive testing activities, including planning, fieldwork and reporting. Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the Commercial and Investment Banking (CIB). Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 8+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, helpful capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications preferred. A background in auditing and the ability to understand of internal controls is beneficial. Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint. Knowledge of data analytical tools such as Tableau, Altryx or Pythyon

As a Customer Success Implementation Architect at AppViewX, you will play a crucial role in driving customer onboarding, solutioning, and ongoing adoption and usage of our products. You will lead the implementation of AppViewX solutions for automating customer IT network infrastructure and Public Key Infrastructure, combining deep technical knowledge with an understanding of customer business objectives and challenges to help them maximize the value of our products. Your responsibilities will include: - Collaborating with Customer Success Managers and Customer Success Design Architects to implement AppViewX technology for new customers, addressing their objectives and success criteria with technical attention to ensure a quick Go-live. - Implementing additional AppViewX technology to solve specific business challenges for new customers, acting as a trusted technical advisor to assist customers in navigating technical challenges throughout the implementation process. - Identifying new use cases as part of the account growth and renewal strategy. - Providing feedback to improve the customer experience, speed time-to-value, and create greater benefits for customers. - Contributing to Customer Business Reviews highlighting potential areas of improvements. - Partnering closely with cross-functional team members to translate business needs and product requirements into new solutions. - Working with Product and Engineering teams to prioritize product enhancements and long-term roadmap based on customer and industry priorities. Requirements: - Minimum 5 years of experience in a technical implementation role. - Minimum 3 years of experience in customer-facing technical roles for a SaaS company with enterprise software products. - Domain knowledge on PKI, DNS, Active Directory, ADCS, CRL, OCSP, and associated cryptographic standards. - Experience with Certificate Life Cycle management/operations and PKI implementation processes. - Hands-on experience with Kubernetes, Linux/Windows server management, Apache, IIS, and application expertise. - CISSP/CISM/CISA certification is preferred. - Excellent organization, troubleshooting, problem-solving, deployment, and multitasking skills with the ability to learn new technology quickly. - Experience working with F500 organizations. - Exceptional communication skills, both oral and written, coupled with excellent listening skills.,

About Northern Trust: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. We are proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve our sophisticated clients using leading technology and exceptional service. Company and Department Summary: Founded in Chicago in 1889, Northern Trust is one of the world's leading financial institutions specializing in providing asset servicing solutions to institutional clients. Our delivery of products and services is supported through a network of offices in more than 20 countries globally. We believe that our most valuable asset is our engaged, empowered, and diverse workforce. As a global institution, we are committed to building upon this diverse talent by encouraging innovative thinking and personal courage in an inclusive environment. Audit Services provides financial services professionals with the opportunity to work on challenging industry issues, applying knowledge, insights, and objectivity to protect and strengthen Northern Trust's legacy. Role Overview: The Asset Servicing International (ASI) Team within Audit Services is responsible for providing assurance focused on Northern Trust's core banking and asset servicing operations, as well as evaluating and advising on the implementation of new and emerging Technology and Data Analytics. Team members have the unique opportunity to develop views towards enterprise risks across global processes and key technologies, drive thought leadership in assessing fraud risks and controls, and create data analytics strategies to increase assurance effectiveness. It is encouraged for team members to build authentic relationships, think creatively, challenge the status quo, seek emerging trends, develop an insightful point-of-view, and hold themselves accountable in a flexible and delivery-driven culture. The Audit Manager is responsible for leading audit projects across ASI, providing oversight to the audit team, and communicating results of the engagement to senior management. The Audit Manager offers technical expertise and training to auditors within the engagement audit team, working closely with Senior Audit Managers to confirm the scope of the audit and devise an appropriate testing approach for the engagement. Major Duties: - Leads a minimum of two audits simultaneously - Conducts and documents more complex and high-risk audits throughout the Corporation - Demonstrates professional skepticism and comfort with questioning processes to facilitate improvements - Finalizes planning documents and assists in Audit Plan evolution by challenging scoping - Functions in various roles on audit assignments, such as leading audits, staffing audits, and providing oversight functions - Applies analytical skills to review information, perform assessments, and evaluate controls - Leads a team in executing audits and works closely with Senior Audit Managers on planning, scoping, and execution strategy - Reviews work papers of audit team members to ensure departmental standards are met - Communicates audit status to business unit and Audit Services management - Completes findings and recommendations for status updates, memos, and audit reports - Coordinates with other audit teams to ensure evaluations of related areas occur timely The successful candidate will benefit from having: - 8 to 12 years of internal audit experience in the financial services industry preferred - Comprehensive knowledge of internal audit processes and strong work paper documentation skills - Proficiency in Microsoft Office applications; experience with audit work paper applications preferred - Professional certifications (e.g., CPA, CISA, CIA, ACA, ACCA) and/or an MBA preferred - General knowledge of operations, functions, and objectives of interfacing areas - Proven ability to work independently and in a team environment - Strong organizational and time management skills - Flexibility and adaptability to change Experience Required: - A College or University degree and/or auditing experience in a financial institution or similar public accounting experience Working with Us: As a Northern Trust partner, you will be part of a flexible and collaborative work culture in an organization committed to exploring new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company dedicated to assisting the communities we serve. Build your career with us and apply today to be part of a workplace with a greater purpose. Reasonable Accommodation: Northern Trust is committed to providing reasonable accommodations to individuals with disabilities. If you need an accommodation during the employment process, please contact our HR Service Center. We are excited about the role and the opportunity to work with you. We value an inclusive workplace and understand that flexibility means different things to different people. Apply today and share your flexible working requirements with us for a greater achievement together.,

As a Director of Audit Operations within the Business Area of Audit in the BIA (Barclays Internal Audit) department, your primary responsibility is to oversee and ensure the successful delivery of Attestation Audits and RAUP Audits. You will be accountable for the end-to-end audit process, ensuring compliance with Regulatory requirements and Audit Methodology. Additionally, you will play a crucial role in developing audits that align with the Bank's standards and objectives by collaborating with colleagues, providing accurate information, and adhering to policies and procedures. In this role, you will lead collaborative assignments, guide team members through structured tasks, and identify the need for specialized expertise to complete assignments. As a People Leader, you will demonstrate leadership behaviors such as Listening, Energizing, Aligning, and Developing others. You will train, guide, and coach less experienced specialists, providing strategic advice to key stakeholders and senior management. Your responsibilities will also include stakeholder management, leading discussions with Auditees, building relationships, and developing a network of contacts across the organization. You will be expected to engage and motivate team members, provide constructive feedback, and contribute to talent development and recruitment processes. To excel in this role, you should possess a minimum of 20+ years of experience in Risk-Based Auditing in Retail and/or Wholesale Banking, strong interpersonal and leadership skills, and a track record of managing teams across regions. Professional qualifications such as CIA, MIIA, ACCA, ACA, or CISA are required. Additionally, experience in data analysis, strategic initiatives, and department-wide leadership is desirable. As a Director of Audit Operations, you will play a critical role in supporting the development of audits aligned with the Bank's standards, driving strategic initiatives, and fostering a culture of excellence and continuous improvement within the BIA department. Your expertise, leadership, and strategic vision will be essential in ensuring the success of audit assignments and contributing to the overall goals of the organization.,

Minimum 5+ years of experience in Information security and preferably in Banking and Financial services sector In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent. Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM. Strong knowledge and subject matter expertise in multiple areas within Information Security. Hands on skill and expertise in performing risk / threat assessments/risk consulting. Excellent written, oral communication and reporting skills. Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems. Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide. Time management and organizational skills Ability and desire to learn new skills quickly Performs other related duties as assigned.

By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan Compliance Analyst II Description Job Description We are looking for a detail-oriented and proactive Compliance Analyst II to join our Information Security Group at Grazitti Interactive. In this role, you will contribute to the ongoing success of our compliance programs by executing audits, conducting risk assessments, and ensuring adherence to global regulatory standards. You will collaborate with cross-functional teams to align operations with frameworks such as ISO 27001, ISO 27701, and NIST. If you have a strong understanding of governance, risk, and compliance, and enjoy making an impact through policy, process, and stakeholder engagement, this role is for you. Skills Key Skills 2 3 years of experience in compliance, risk management, or a related function. Working knowledge of ISO 27001, ISO 27701, and NIST frameworks. Strong analytical thinking and problem-solving capabilities. Excellent written and verbal communication skills. Proficiency in documentation and record-keeping. Ability to work independently and collaboratively across departments. Familiarity with GDPR, CCPA, HIPAA, and ITGC regulations. Advanced certifications such as CCEP, CISA, or ISO 27001 Lead Auditor. Experience drafting or maintaining compliance documentation and audit reports. Hands-on exposure to risk management tools or GRC platforms. Proficiency in MS Office (Excel, Word, PowerPoint). Ability to support junior team members and lead smaller compliance initiatives. Responsibilities Roles and Responsibilities Execute internal audits, compliance reviews, and risk assessments with minimal supervision. Support the creation, implementation, and continuous improvement of compliance policies and procedures. Monitor and analyze regulatory updates and ensure policy alignment. Maintain accurate documentation for all audits and compliance activities. Collaborate with cross-functional teams to embed compliance best practices across departments. Assist in developing compliance awareness programs and training materials. Provide regular updates to stakeholders on GRC initiatives, audit progress, and compliance posture. Position: Compliance Analyst II Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

Link Group Internal Audit has team members in various locations, including Australia, Ireland, and the UK. This role is based in Mumbai and supports our global Internal Audit approach. The role of Senior Internal Auditor is to provide support to the global Internal Audit Team so that we can deliver independent assurance across the group. Key stakeholders include local management, senior management, executives and members of the Board Audit Committee At times the Senior Internal Audit Manager will need to complete standalone audits following the Link Internal Audit methodology as outlined in the Internal Audit Manual. At other times the Senior Internal Auditor will need to participate in global audits with work conducted across multiple jurisdictions. The Senior Internal Auditor will need to work with the Internal Audit teams in other locations to support these activities. Key Accountabilities and Main Responsibilities Support the Internal Audit Team to contribute to the development of an annual IA plan that covers the whole group. Follow the IA methodology and from time to time contribute to the maintenance and improvement of the framework and methodology. Build the profile of the team in the organisation and develop strong relationships with key stakeholders (particularly stakeholders in India). Work with the Audit Teams in other locations to support Internal Audit s goals of global coverage and independence. This will require the Senior Internal Auditor to act independently of local management. Complete or contribute to IA fieldwork and reporting as required (noting some reviews may be stand alone and some reviews may be global or cover multiple jurisdictions). Provide constructive recommendations focused on internal control as well as value add recommendations to help the business achieve its objectives. Prepare clear, concise and timely audit reports (including times where the Senior Auditor is contributing to audit reports that cover multiple jurisdictions). Support the oversight of co-source IA activity in India, where applicable. In conjunction with the Head of Internal Audit, initiate new audits by engaging management, drafting audit Terms of Reference (Scope) and seeking executive/management approval to commence each review. Maintain effective relationships with management including agreement of audit terms of reference, clearance of audit reports (including appropriate management actions) and offering management on-going support and guidance where appropriate. Assist in coordinating and executing the Internal Audit follow up of overdue actions. Assist the Head of Internal Audit with the preparation of audit reporting for risk committees, the executive and the Group Audit Committee Experience & Personal Attributes Five plus years of relevant experience in an Internal Audit environment including IT technology audit within a professional services firm or a financial services context. Experience working for a multinational would be would be desirable but is not essential. As this would be the first (only) in-house technology related audit role in Link the applicant would need to have sufficient experience to contribute to our Internal Audit Plan for technology as well as to lead and execute technology related audits (noting that some specialised audits would still be completed by third parties). Strong written and verbal communication skills Strong stakeholder management experience and ability to interact with stakeholders at all levels. Understanding of technology internal controls and a desire to deliver quality audit outcomes Ability to work independently as well as ability to work with other team members in other locations as required Understanding that this role involves the completion of audit testing/fieldwork with no or limited assistance from junior staff. The candidate may be required to work under the direction of staff from other jurisdictions to fulfill audit objectives. Prepared to undertake a level of domestic travel (Likely less than 20 days per year) Prepared to support end to end audit processes including planning, execution, follow up of outstanding audit items and reporting to management and the Board. Tertiary qualifications relevant to information technology (e.g. CISA etc)

Who youll be working with: WPP Enterprise Technology are proud technology solutions partner for WPP Corporate Functions. Our collaboration is instrumental in coordinating and assuring end-to-end change delivery, managing the IT technology lifecycle, and maintaining a robust innovation pipeline. The CRC discipline within WPP ET plays a crucial role in this partnership. We are responsible for providing advisory and support to the corporate business cluster on critical areas such as Technology Audits, Technology Risks, Control Assurance, and Technology Compliance. Our objective is to ensure that all central functions at WPP HQ operate in a safe, secure, and compliant manner. The CRC function in the Corporate Business Cluster drives compliant IT operations for WPP HQ teams, managing Legal, regulatory, and contractual obligations. As a Risk & Compliance Manager, you will play a critical role in developing and implementing a world-class technology risk and compliance program to support WPP HQ Finance Functions. You will collaborate with the WPP Chief Cyber, Risk and Compliance Officer (CCRCO), WPP CISO, Director of Cyber, Risk and Compliance, and WPP HQ Finance department heads to set the CRC functions vision and strategy, and manage escalations for technology operational risks, compliance, audit, BCP, and DR assessments. As an SME, you will lead and develop a highly effective risk and compliance function, strengthening defences and promoting a proactive, collaborative approach. You will operate in a highly complex environment with multiple risk categories, including IT operations, information security, legal, regulatory, financial and commercial with broad impacts spanning both the Corporate Cluster and the WPP Group. What youll be doing: Work closely with and assist CRC department head in developing a risk and compliance strategy for the corporate cluster that is aligned to WPP ET and CRC strategies. Establish technology risk & compliance community across the range of WPP HQ functions to drive the implementation and standardisation of agreed security governance, risk & compliance approach. Drive the Cluster s CRC strategy and approach, by closely working with Corporate CRC Director CRC Discipline Lead and other ET stakeholders. Drive BC/DR planning to the appropriate level across the Cluster and ensure BC/DR plans are updated and reviewed annually. Conduct and support Technology Risk Assessments e.g., quarterly risk landscaping - owning and driving Cluster-specific risk mitigation actions. Respond to tracking and reporting from Internal, External or Client Audit findings within the Corporate Cluster. Conduct CRC Cluster self-certification and self-monitoring of IT controls, and maintain an active liaising channel with the IT Ops function at WPP group level. Support CRC Cluster-wide input into the WPP IT Asset Register and CMDB owned by IT Ops teams. Be CRC point of contact for relevant business stakeholder escalations relating to Technology risk and compliance. Lead and oversee resolution of the most complex, critical, and impactful risk & compliance issues. Work across the CRC Cluster teams like Operational Security, Technology Operations, and Strategy and Architecture to design controls, deliver management information (KRIs) and risk mitigation plans. Drive engagement, comms and adoption for all risk, compliance and security tasks to ensure the rationale for task is understood, the mandate is embedded, and colleagues and partners are trained and can perform effectively and efficiently. Design and deliver a range of educational activities and material to embed a strong SOX Compliant culture, mindset and behaviours across the Cluster. Build strong relationships with the external stakeholders (customer, suppliers, other major bodies) as well as build a network of peers to bring innovation and insights on industry best practice, standards, frameworks, and processes to deliver a future-fit capability. Ensure that the Corporate Function remains compliant with national legislative, regulatory, contractual and WPP technology governance obligations. Support Cluster teams and functions during client pitch for winning new work by providing a compelling narrative to our prospective clients around the strength of our risk, compliance and security proposition. What youll need: A minimum of 5 to 7 years of strong and deep background in managing SOX ITGC audits in complex global organisations. Key certifications (e.g. CISA, CRISC, CISSP, CISM, Azure & Dynamic 365) desirable but not essential Degree or equivalent (i.e. BSc, BEng, MSc) desirable but not essential Comprehensive knowledge of information security risk standards, frameworks and best practices (i.e., COBIT, SOX ITGC, ISO27K1, NIST, CIS, SOC, Cyber Essentials, GDPR) Ability to provide leadership on complex and unfamiliar situations, often involving risk and emotion Expert communicator with a track record of operating, partnering with and influencing up to and including exec-level stakeholders Able to lead highly complex programmes across multiple units and geographies with high-pressure deliverable Risk and Compliance subject-matter-expert with in-depth knowledge of technology governance in the cloud and on-prem IT technologies Good understanding of managing internal and external audits (i.e., SOC:1-2, SOX) and assurance activities, including testing the design and operational effectiveness of security controls Ability to operate and lead in a fast-paced organizational transformation and able to navigate and champion change across organisational / geographical complexity A genuine desire to lead, develop, coach and mentor junior team members Who you are: Youre open : We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working. Youre optimistic : We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected. Youre extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day. What well give you: Passionate, inspired people We aim to create a culture in which people can do extraordinary work. Scale and opportunity We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry. Challenging and stimulating work Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?

Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of KPMG's experienced, objective, and industry-grounded viewpoints. Following are some of our key service offerings: - Risk Based Internal Audit - Enterprise Risk Management - Risk Assessment - Model Business Process Development - Sarbanes Oxley 404 Assistance - Compliance Assistance Contracts and regulations - Corporate Governance Advisory Review and Assessment - Revenue Assurance - Control Self Assessment - Continuous Auditing / Continuous Monitoring - Apart from the above service offerings, we also assist client organizations around various aspects viz. Accounting Manuals, Capital Projects Audits, Project focused Control Assessment, setting up IA function, etc. Role & Responsibilities - Executives are typically project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS - Executives may lead a small team of analysts/trainees on engagements. - Consistently deliver quality client services and take charge of the project area assigned to him/her. - Monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes. - Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge. - Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge. - The job would require travel to client locations within India and abroad. THE INDIVIDUAL - Have experience in process consulting/ internal audit/ risk consulting. - Possess strong domain knowledge, understanding of business processes and possible risks in operations of various Sectors. - Ability to perform and interpret process gap analysis. - Understanding of control rationalization, optimization, effectiveness, and efficiency - Strong analytical and problem-solving skills. Possess strong data analytics skills and knowledge of advanced data analytical tools will be an advantage. - Strong written and verbal communication skills (presentation skills) - Ability to work well in teams. - Basic understanding of IT systems, Knowledge of MS office (MS Excel, PowerPoint, Word etc) - Have the ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours. - Willingness to travel within India or abroad for continuous long periods of time. - Demonstrate integrity, values, principles, and work ethic. Qualification - Qualified CAs/ MBAs with 0-2 years OR Graduates with 2 - 4 years of relevant experience in risk consulting/ operations or compliance function role (Understanding of internal audit, business processes, sector understanding). - Certifications like Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) would be an added advantage. SELECTION PROCESS - Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills.