882 Cisa Jobs - Page 7

Not Applicable Specialism Risk Management Level Senior Associate & Summary . JOB DESCRIPTION ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Purpose of the Job /Role Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) Roles and Responsibilities Strong understanding of IT General Controls domains such as Change Management ,User Access Management, IT Operations, Back and Recovery Management etc Strong understanding of the thirdparty risk management Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc Understanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycle Interview client stakeholders and conducts walkthrough meetings and develop assessment artifacts Should understand complete assessment lifecycle from assessment scoping to project deliverables Great communication skills and the ability to break down and explain complex data security problems Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education Mandatory Skill Sets ITGC Preferred Skills Sets IT Risk Assessment Years of experience required 4 years Minimum Qualification BE/ BTech, Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CIA/CISA/CISM will be added advantage Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills ITGC Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more} No

About Atos Atos is a global leader in digital transformation with c. 78,000 employees and annual revenue of c. 10 billion. European number one in cybersecurity, cloud and high-performance computing, the Group provides tailored end-to-end solutions for all industries in 68 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea) and listed on Euronext Paris. The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space. Responsibilities: Design and implement data obfuscation strategies using Thales CipherTrust Tokenization, FPE, and Data Masking modules. Define and build reusable obfuscation templates and policies based on data classification, sensitivity, and business use cases. Apply obfuscation to PII, PCI, and other regulated data across databases, applications, files, APIs, and cloud services. Install, configure, and administer CipherTrust Manager, DSM, and related connectors. Develop and deploy integration patterns with enterprise systems (e.g., Oracle, SQL Server, Kafka, Snowflake, Salesforce, AWS, Azure). Automate policy deployment and secret rotation using APIs, CLI, or scripting tools (e.g., Ansible, Terraform, Python, Shell). Work with or integrate secondary data protection tools (e.g. DLP, IRM, MIP etc.) Design, deploy, and manage PKI systems, including root and subordinate certificate authorities (CAs). Manage digital certificate lifecycles for users, devices, and services. Ensure secure storage and access controls for encryption/decryption and signing keys. Enable cross-platform key management and policy consistency for hybrid and multi-cloud environments. Align obfuscation patterns with internal data protection standards, classification schemes, and regulatory frameworks (GDPR, CCPA, DORA, SEBI, etc.). Provide obfuscation logs and audit evidence to support security assessments, audits, and compliance reviews. Implement monitoring and alerting for obfuscation control failures, anomalies, or unauthorized access attempts. Create detailed technical documentation, SOPs, and configuration guides. Train internal engineering teams and application owners on how to securely integrate with obfuscation services. Collaborate with data governance, security architecture, and DevSecOps teams to drive secure-by-design initiatives. Knowledge, Skill, Experience Required: Required: 3 6 years of hands-on experience with Thales CipherTrust Data Security Platform (Tokenization, DSM, FPE, Masking). Strong knowledge of data protection concepts: tokenization (deterministic and random), pseudonymization, static/dynamic masking, and encryption . Experience integrating obfuscation solutions with databases (Oracle, SQL, PostgreSQL, etc.), enterprise apps, and data pipelines. Proficiency in scripting and automation tools: Python, Shell, REST APIs, Ansible, CI/CD pipelines. Familiarity with key management, HSM integration, and data access policies. Beneficial: Thales Certified Engineer / Architect CipherTrust CISSP, CISA, CDPSE, or CIPT will be a binus Cloud Security Certification (e.g., AWS Security Specialty, Azure SC-300) Personal Characteristics : Strong analytical and problem-solving mindset Ability to work independently in a fast-paced, global enterprise environment Excellent documentation and communication skills Comfortable collaborating with cross-functional teams (App Dev, Security, Compliance, Data Governance) Experience supporting enterprise data security transformations and data-centric protection strategies #LinkedIN

About Atos Atos is a global leader in digital transformation with c. 78,000 employees and annual revenue of c. 10 billion. European number one in cybersecurity, cloud and high-performance computing, the Group provides tailored end-to-end solutions for all industries in 68 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea) and listed on Euronext Paris. . Responsibilities: Design and implement data obfuscation strategies using Thales CipherTrust Tokenization, FPE, and Data Masking modules. Define and build reusable obfuscation templates and policies based on data classification, sensitivity, and business use cases. Apply obfuscation to PII, PCI, and other regulated data across databases, applications, files, APIs, and cloud services. Install, configure, and administer CipherTrust Manager, DSM, and related connectors. Develop and deploy integration patterns with enterprise systems (e.g., Oracle, SQL Server, Kafka, Snowflake, Salesforce, AWS, Azure). Automate policy deployment and secret rotation using APIs, CLI, or scripting tools (e.g., Ansible, Terraform, Python, Shell). Work with or integrate secondary data protection tools (e.g. DLP, IRM, MIP etc.) Design, deploy, and manage PKI systems, including root and subordinate certificate authorities (CAs). Manage digital certificate lifecycles for users, devices, and services. Ensure secure storage and access controls for encryption/decryption and signing keys. Enable cross-platform key management and policy consistency for hybrid and multi-cloud environments. Align obfuscation patterns with internal data protection standards, classification schemes, and regulatory frameworks (GDPR, CCPA, DORA, SEBI, etc.). Provide obfuscation logs and audit evidence to support security assessments, audits, and compliance reviews. Implement monitoring and alerting for obfuscation control failures, anomalies, or unauthorized access attempts. Create detailed technical documentation, SOPs, and configuration guides. Train internal engineering teams and application owners on how to securely integrate with obfuscation services. Collaborate with data governance, security architecture, and DevSecOps teams to drive secure-by-design initiatives. Knowledge, Skill, Experience Required: Required: 3 6 years of hands-on experience with Thales CipherTrust Data Security Platform (Tokenization, DSM, FPE, Masking). Strong knowledge of data protection concepts: tokenization (deterministic and random), pseudonymization, static/dynamic masking, and encryption . Experience integrating obfuscation solutions with databases (Oracle, SQL, PostgreSQL, etc.), enterprise apps, and data pipelines. Proficiency in scripting and automation tools: Python, Shell, REST APIs, Ansible, CI/CD pipelines. Familiarity with key management, HSM integration, and data access policies. Beneficial: Thales Certified Engineer / Architect CipherTrust CISSP, CISA, CDPSE, or CIPT will be a binus Cloud Security Certification (e.g., AWS Security Specialty, Azure SC-300) Personal Characteristics : Strong analytical and problem-solving mindset Ability to work independently in a fast-paced, global enterprise environment Excellent documentation and communication skills Comfortable collaborating with cross-functional teams (App Dev, Security, Compliance, Data Governance) Experience supporting enterprise data security transformations and data-centric protection strategies #LinkedIN

About Atos Atos is a global leader in digital transformation with c. 78,000 employees and annual revenue of c. 10 billion. European number one in cybersecurity, cloud and high-performance computing, the Group provides tailored end-to-end solutions for all industries in 68 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea) and listed on Euronext Paris. The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space. Responsibilities: Design and implement data obfuscation strategies using Thales CipherTrust Tokenization, FPE, and Data Masking modules. Define and build reusable obfuscation templates and policies based on data classification, sensitivity, and business use cases. Apply obfuscation to PII, PCI, and other regulated data across databases, applications, files, APIs, and cloud services. Install, configure, and administer CipherTrust Manager, DSM, and related connectors. Develop and deploy integration patterns with enterprise systems (e.g., Oracle, SQL Server, Kafka, Snowflake, Salesforce, AWS, Azure). Automate policy deployment and secret rotation using APIs, CLI, or scripting tools (e.g., Ansible, Terraform, Python, Shell). Work with or integrate secondary data protection tools (e.g. DLP, IRM, MIP etc.) Design, deploy, and manage PKI systems, including root and subordinate certificate authorities (CAs). Manage digital certificate lifecycles for users, devices, and services. Ensure secure storage and access controls for encryption/decryption and signing keys. Enable cross-platform key management and policy consistency for hybrid and multi-cloud environments. Align obfuscation patterns with internal data protection standards, classification schemes, and regulatory frameworks (GDPR, CCPA, DORA, SEBI, etc.). Provide obfuscation logs and audit evidence to support security assessments, audits, and compliance reviews. Implement monitoring and alerting for obfuscation control failures, anomalies, or unauthorized access attempts. Create detailed technical documentation, SOPs, and configuration guides. Train internal engineering teams and application owners on how to securely integrate with obfuscation services. Collaborate with data governance, security architecture, and DevSecOps teams to drive secure-by-design initiatives. Knowledge, Skill, Experience Required: Required: 3 6 years of hands-on experience with Thales CipherTrust Data Security Platform (Tokenization, DSM, FPE, Masking). Strong knowledge of data protection concepts: tokenization (deterministic and random), pseudonymization, static/dynamic masking, and encryption . Experience integrating obfuscation solutions with databases (Oracle, SQL, PostgreSQL, etc.), enterprise apps, and data pipelines. Proficiency in scripting and automation tools: Python, Shell, REST APIs, Ansible, CI/CD pipelines. Familiarity with key management, HSM integration, and data access policies. Beneficial: Thales Certified Engineer / Architect CipherTrust CISSP, CISA, CDPSE, or CIPT will be a binus Cloud Security Certification (e.g., AWS Security Specialty, Azure SC-300) Personal Characteristics : Strong analytical and problem-solving mindset Ability to work independently in a fast-paced, global enterprise environment Excellent documentation and communication skills Comfortable collaborating with cross-functional teams (App Dev, Security, Compliance, Data Governance) Experience supporting enterprise data security transformations and data-centric protection strategies #LinkedIN

We are currently seeking an experienced professional to join our team in the role of Vice President - Chief Control Office ( CCO) Risk Analysis Business: GCOO- Group Chief Operating Officer organisation Principal responsibilities Drive a Business Partnering approach to ensure a close understanding of individual business requirements and provide customised strategies that align to overall Group objectives and actively support individual and business specific needs on an end-to-end basis. Understand and support the implementation of GCOO BR&R and CCO strategy. Deliver clear, concise messages based on good evidence and informed judgement that support risk and control related decision making. Drive improvements to information metrics and processes to strengthen risk management and internal control. The role is subject to the normal requirements within HSBC in respect of adherence to internal control requirements and given the nature of the role, plays a key role in driving these. Standard expectations include: Maintains HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators. The role holder will also adhere to and be able to demonstrate adherence to internal controls. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by the timely implementation of internal and external audit points, including issues raised by external regulators. Engage with stakeholders across GCOO, and where appropriate, Group Businesses, Group Infrastructure teams and entities to ensure their Risk Management Framework service needs are met. Demonstrate knowledge on all aspects of Risk Management Framework and be actively sought by businesses, infrastructure teams, and risk experts. Building trusted advisor relationships with internal stakeholders and partnering with 2nd and 3rd Lines of Defence. Being resilient in the face of, sometimes acute, pressure to redact findings and recommendations by focusing on the facts of deep dive / thematic outcomes. Fulfil responsibilities and meet core delivery targets as set by CCO. Contribute to the overall CCO Strategy to drive increased value to the businesses and other stakeholders. Support the vision and maintain the alignment to HSBC s vision, values and goals. Requirements Expertise in risk and control environment, very strong understanding of risk and control frameworks, risk management, including understanding of industry best practices and how to implement & maintain an effective control environment. Strong analytical and written presentation skills with ability to work under pressure with high accuracy and focus. Experience in the development of Executive / Board forum papers / materials, and analysis of qualitative and quantitative data to identify and present key themes and trends. Have in-depth understanding and experience in Governance and Risk and Controls Professional certification related to Audit and/or IT Audit (e.g., CIA, CISA, etc.) Proficiency in MS Office / Office 365 suite. Ability to develop trusted adviser status with key GCOO stakeholders through SME expertise; ability to understand desired Business outcomes across the matrix and ability to translate into well-articulated requirements. Track record of delivering key tasks / projects to cater to varied business needs. Prior experience of working in a matrixed organization. Knowledge and understanding of the HSBC Group organization is desirable. Fluent English in written and verbal communication skills, analytical, problem-solving, organizational, lateral thinking, and interpersonal skills. Exercise sound decision making and related judgments; they must operate with a degree of autonomy, flexing their approach to the objectives, needs and requirements of the testing team. Ensure compliance with HSBC policy and procedures, together with early identification and effective resolution or escalation of Business or Infrastructure control issues as they arise. You ll achieve more at HSBC

The Chief Data and Analytics Office (CDAO) is responsible for building enterprise-scale, cutting-edge platforms for Data Management & Analytics and AI/ML Operations that are used firm-wide by the JPMC workforce for Artificial Intelligence (including generative AI)/Machine Learning (AI/ML) development and Data Management. As an Data Governance Product Delivery Manager-Vice President within our organization, you will take the lead in understanding, formulating and executing well designed, user friendly, product feature that apply Data governance frameworks, policies, and procedures. Your role is crucial in ensuring the ethical and compliant application of Data Management technologies across the firm. You will be instrumental in integrating Data Management technology into the companys structure, adhering to sustainable best practices in compliance with JPMC technology, operational risk, and relevant regulations. Collaborating with cross-functional teams such as Firmwide CDO, data scientists, engineers, design, legal, compliance, and business units, you will spearhead Data governance initiatives and ensure they align with regulatory requirements and industry best practices. Additionally, you will manage the delivery of risk and control issues, action plans, control processes, and preparations for audits and regulatory examinations. Job Responsibilities Present product/program updates, risk management and governance findings, and recommendations to senior leaders and stakeholders, ensuring transparency and accountability. Design and implement comprehensive products that implement Data governance frameworks, policies, and procedures to ensure the ethical and responsible use of AI & Data management technologies across the organization. Ensure compliance with relevant AI & Data regulations, standards, and guidelines, including GDPR, CCPA, and emerging regulations. Identify, assess, and mitigate risks associated with Data Management technologies, including data quality, data protection & privacy, bias, transparency, and accountability. Collaborate with cross-functional stakeholders such as Firmwide CDO, data scientists, designers, engineers, legal, compliance, and business units to integrate Data governance practices into the data development lifecycle, and also deliver firm wide control standards and procedures including adherence to controls in technology and cyber risk domains (application security, vulnerability management and data management ) Establish monitoring and reporting mechanisms to track compliance with AI governance policies and identify areas for improvement. Keep abreast of industry trends, regulatory changes, and emerging risks related to AI & Data governance to proactively address potential threats. Required qualifications, capabilities and skills 6+ years of experience in product management, technology governance, risk management, or compliance within regulated industries such as financial services. Bachelor s degree in Computer Science, Information Technology, Business Administration, or a related field. Strong understanding of AI/ML and data governance, MLOps, and technology governance/risk/compliance principles. Proven experience in business analysis and driving operational change/system development with ability to identify critical requirements by understanding complex and interdependent processes. Familiar with industry standards, frameworks, and regulations related to AI & Data governance. Strong critical thinking and problem-solving skills, with the ability to identify and mitigate risks effectively. Excellent presentation and communication skills, with the ability to convey complex information to senior leaders and stakeholders. Proven ability to collaborate effectively across cross-functional teams and build strong working relationships. Preferred qualifications, capabilities and skills Experience with public cloud platforms (e. g. , AWS, GCP, Azure) is a plus. Advanced certifications in AI governance, data governance, or related fields. Relevant certifications such as CISSP, CISA, CRISC, or certifications in AI governance and MLOps are highly desirable. The Chief Data and Analytics Office (CDAO) is responsible for building enterprise-scale, cutting-edge platforms for Data Management & Analytics and AI/ML Operations that are used firm-wide by the JPMC workforce for Artificial Intelligence (including generative AI)/Machine Learning (AI/ML) development and Data Management. As an Data Governance Product Delivery Manager-Vice President within our organization, you will take the lead in understanding, formulating and executing well designed, user friendly, product feature that apply Data governance frameworks, policies, and procedures. Your role is crucial in ensuring the ethical and compliant application of Data Management technologies across the firm. You will be instrumental in integrating Data Management technology into the companys structure, adhering to sustainable best practices in compliance with JPMC technology, operational risk, and relevant regulations. Collaborating with cross-functional teams such as Firmwide CDO, data scientists, engineers, design, legal, compliance, and business units, you will spearhead Data governance initiatives and ensure they align with regulatory requirements and industry best practices. Additionally, you will manage the delivery of risk and control issues, action plans, control processes, and preparations for audits and regulatory examinations. Job Responsibilities Present product/program updates, risk management and governance findings, and recommendations to senior leaders and stakeholders, ensuring transparency and accountability. Design and implement comprehensive products that implement Data governance frameworks, policies, and procedures to ensure the ethical and responsible use of AI & Data management technologies across the organization. Ensure compliance with relevant AI & Data regulations, standards, and guidelines, including GDPR, CCPA, and emerging regulations. Identify, assess, and mitigate risks associated with Data Management technologies, including data quality, data protection & privacy, bias, transparency, and accountability. Collaborate with cross-functional stakeholders such as Firmwide CDO, data scientists, designers, engineers, legal, compliance, and business units to integrate Data governance practices into the data development lifecycle, and also deliver firm wide control standards and procedures including adherence to controls in technology and cyber risk domains (application security, vulnerability management and data management ) Establish monitoring and reporting mechanisms to track compliance with AI governance policies and identify areas for improvement. Keep abreast of industry trends, regulatory changes, and emerging risks related to AI & Data governance to proactively address potential threats. Required qualifications, capabilities and skills 6+ years of experience in product management, technology governance, risk management, or compliance within regulated industries such as financial services. Bachelor s degree in Computer Science, Information Technology, Business Administration, or a related field. Strong understanding of AI/ML and data governance, MLOps, and technology governance/risk/compliance principles. Proven experience in business analysis and driving operational change/system development with ability to identify critical requirements by understanding complex and interdependent processes. Familiar with industry standards, frameworks, and regulations related to AI & Data governance. Strong critical thinking and problem-solving skills, with the ability to identify and mitigate risks effectively. Excellent presentation and communication skills, with the ability to convey complex information to senior leaders and stakeholders. Proven ability to collaborate effectively across cross-functional teams and build strong working relationships. Preferred qualifications, capabilities and skills Experience with public cloud platforms (e. g. , AWS, GCP, Azure) is a plus. Advanced certifications in AI governance, data governance, or related fields. Relevant certifications such as CISSP, CISA, CRISC, or certifications in AI governance and MLOps are highly desirable.

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Primary -> Technology | Sentinel SIEM Tool Design SME | Level 3 Support | 3 - Experienced Primary -> Technology | Securonix SIEM Tools Expert | Level 3 Support | 3 - Experienced Secondary -> Technology | ArcSight SIEM Tools Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Cybersecurity General Administrator | Level 2 Support | 2 - Knowledgeable Tertiary -> Technology | Network Traffic Analysis Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | CISSP/CISM/CISA/CRISC/GIAC SOC/GIAC Certified Enterprise Defender (GCED)/Certified Ethical Hacker (CEH)/SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling Delivery Skills required are: - Technical Expertise: - *Expert knowledge of threat detection techniques and tools. *Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. *Conducting in-depth digital forensics investigations. *Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - *Deep understanding of log analysis techniques and tools. *Identifying patterns and anomalies in large datasets. *Integrating threat intelligence into monitoring and response processes. *Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - *Working closely with other IT and security teams to ensure comprehensive security coverage. *Leading the coordination of response efforts during major incidents. *Ensuring effective communication and collaboration among all stakeholders. *Coordinating with external partners and vendors for specialized support. Continuous Improvement: - *Continuously evaluating and improving security processes and procedures. *Implementing lessons learned from incidents to enhance the overall security posture. *Contributing to the development and updating of security policies and procedures. Leadership and Mentoring: - *Leading and mentoring junior analysts and team members. *Providing training and development opportunities to enhance team skills. *Sharing expertise and best practices with the team. *Conducting training sessions and workshops to upskill team members.

Business Unit Supported: Watkins Wellness Website Link: www.watkinsmfg.com Position: Internal Controls Analyst (Internal Audit) Location: India (Permanent Remote) Job Type: Permanent Experience Required: 5+ years of experience with SOX controls and U.S. GAAP in audit, compliance, or risk management with big 4 (PwC (PricewaterhouseCoopers), Deloitte, EY (Ernst Young), or KPMG) or other large, U.S. public accounting/audit firm. Skill Assessment: You may be required to complete a skill assessment task prior to interview. Shift: Standard shift during initial training 09:30 pm - 06:30 am IST/ post training period over 05:00 pm - 02:00 am IST (min. 3.5 hrs. overlap with PST) Work Hours: Total 9 hrs (8:30 hrs working+ 30 min break) CTC: As per market standards Notice Period: (Immediate joiner preferred) candidate serving notice and left with 30 working days notice period preferred. Must Have Broadband Availability: Minimum 30 MBPS (national service provider JIO/TATA/Airtel Hathway etc.) Important: You must have access to a quiet home office environment with above mentioned broadband availability and working space to accommodate two monitors +1 laptop (necessary equipment will be provided). Job Summary Summary: In this role, you will work full time with the Internal Controls team at Watkins Wellness (a subsidiary of Masco) as an Internal Controls Analyst. You will have unique exposure to all parts of our business and have an opportunity to bring value to the organization by improving our ability to work Better, Faster, and Easier. This role entails more than just control testing; you will learn the big picture of our business operations at Watkins Wellness, specifically how we produce and sell our industry-leading Hot Spring Spas, Caldera Spas, Endless Pools , FreeFlow Spas , and Fantasy Spas products. Alongside the Internal Controls Manager, you will primarily be responsible for supporting the performance of periodic internal audits and monitoring activities of internal controls over financial reporting. Reports To: Internal Controls Manager at Watkins Wellness Primary Responsibilities Testing and evaluating design and operating effectiveness of internal SOX controls by performing audit procedures in accordance with audit objectives and documenting findings. Developing conclusions based on objective evidence and formulating recommendations to address identified control weaknesses. Recommending improvements to various internal controls, policies, and procedures, then following up on recommendations to perform process improvements. Ensuring compliance with the company s ICFR (Internal Controls over Financial Reporting) framework. Assisting with maintaining the Internal Controls Assessment Program including review of narrative documentation and annual risk assessment/audit planning. Completing a variety of recurring responsibilities that support the internal controls environment. Working with others throughout our organization on special projects. Communicating with the CFO, Director/Controller, Business Unit Managers, Mascos Internal Audit Department (MIAD), and external audit firm, PricewaterhouseCoopers (PwC). Providing support and consultation to process owners to improve controls and mitigate risks. Solving difficult and often complex problems and taking a broad perspective to identify solutions. Managing multiple priorities effectively to meet deadlines. Key Skills Required Excellent English communication skills, both verbal and written. Ability to present audit findings and recommendations in a manner that will be understood and accepted by all levels within the organization, including the ability to present information to a group of co-workers, supervisors, managers, or higher-level executives. Proficient with Microsoft applications and computer skills, MS Office suite, specifically Word, Excel, PowerPoint, and Outlook. Ability to independently work on assigned projects, optimally time-manage completion dates, contribute to the team, and make sound auditor discernment with a high standard of ethics under moderate to minimal level of direct supervision. Able to work Pacific Standard Time (PST) Zone (UTC-8). Must have a strong desire to learn and a constant growth mind-set and a positive attitude. Must Have Technical Skills 5+ years of experience in audit, compliance, or risk management. Experience with SOX controls and U.S. GAAP is required. Experience with big 4 (PwC (PricewaterhouseCoopers), Deloitte, EY (Ernst Young), and KPMG) or other large, public accounting/audit firm is strongly preferred.

Headquartered in Livonia, Michigan, Masco Corporation is a global leader in the design, manufacture and distribution of branded home improvement and building products. Our portfolio of industry-leading brands includes Behr paint; Delta and Hansgrohe faucets, bath and shower fixtures; Liberty branded decorative and functional hardware; and HotSpring spas. We leverage our powerful brands across product categories, sales channels and geographies to create value for our customers and shareholders. For more information about Masco Corporation, please visit: www.masco.com MHPI (Masco Home Products India) | LinkedIn Position Details Business Unit Supported: Watkins Wellness Website Link: www.watkinsmfg.com Position: Internal Controls Analyst IT (Internal Audit) Location: India (Permanent Remote) Job Type: Permanent Experience Required: 5+ years of experience with IT SOX controls in audit, compliance, and/or risk management experience with big 4 (PwC (PricewaterhouseCoopers), Deloitte, EY (Ernst Young), or KPMG) or other large, U.S. public accounting/audit firm, ideally with a focus in IT auditing. Skill Assessment: You may be required to complete a skill assessment task prior to interview. Shift: Standard shift during initial training 09:30 pm - 06:30 am IST/ post training period over 05:00 pm - 02:00 am IST (min. 3.5 hrs. overlap with PST) Work Hours: Total 9 hrs (8:30 hrs working+ 30 min break) CTC: As per market standards Notice Period: (Immediate joiner preferred) candidate serving notice and left with 30 working days notice period preferred. Must Have Broadband Availability: Minimum 30 MBPS (national service provider JIO/TATA/Airtel Hathway etc.) Important: You must have access to a quiet home office environment with above mentioned broadband availability and working space to accommodate two monitors +1 laptop (necessary equipment will be provided). Job Summary Summary: In this role, you will work full time with the Internal Controls team at Watkins Wellness (a subsidiary of Masco) as an Internal Controls Analyst IT. You will have unique exposure to all parts of our business and have an opportunity to bring value to the organization by improving our ability to work Better, Faster, and Easier. This role entails more than just control testing; you will learn the big picture of our business operations at Watkins Wellness, specifically how we produce and sell our industry-leading Hot Spring Spas, Caldera Spas, Endless Pools , FreeFlow Spas , and Fantasy Spas products. Alongside the Internal Controls Manager, you will primarily be responsible for supporting the performance of periodic internal audits and monitoring activities of internal controls over financial reporting, with a focus on IT related risks and controls. Reports To: Internal Controls Manager at Watkins Wellness Primary Responsibilities Evaluating design and operating effectiveness of IT internal SOX controls by performing audit procedures in accordance with audit objectives and audit programs. Auditing information technology (IT) infrastructure, data flows/processes, and operating procedures in accordance with established standards for efficiency, accuracy, security, and risk mitigation Developing conclusions based on objective evidence and formulating recommendations to address identified control weaknesses. Assisting with maintaining the Internal Controls Assessment Program including review of narrative documentation and annual risk assessment/audit planning. Act as a resource to the Internal Controls team on IT related controls, including system configuration controls, ITGC s, and Critical Reports. Provide support and consultation to process owners to improve IT controls and mitigate risks. Work with Internal Controls Manager to improve efficiency and effectiveness of IT audit testing procedures, processes, and attributes. Solving difficult and often complex problems and taking a broad perspective to identify solutions. Interpreting regulations as they pertain to information systems, platforms, and IT operating processes, practices, and procedures. Managing multiple priorities effectively to meet deadlines. Key Skills Required Excellent English communication skills, both verbal and written. Ability to present audit findings and recommendations in a manner that will be understood and accepted by all levels within the organization, including the ability to present information to a group of co-workers, supervisors, managers, or higher-level executives. Proficient with Microsoft applications and computer skills, MS Office suite, specifically Word, Excel, PowerPoint, and Outlook. Ability to independently work on assigned projects, optimally time-manage completion dates, contribute to the team, and make sound auditor discernment with a high standard of ethics under moderate to minimal level of direct supervision. Able to work Pacific Standard Time (PST) Zone (UTC-8). Must have a strong desire to learn and a constant growth mind-set and a positive attitude. Must Have Technical Skills 5+ years of experience in audit, compliance, and/or risk management, ideally with a focus in IT auditing. Experience with IT SOX controls (ITGCs) is required. Experience with Big 4 (Deloitte, PwC (PricewaterhouseCoopers), EY (Ernst Young), and KPMG), or other large, public accounting/audit firm. Preferred Skills Auditing experience in the manufacturing industry a plus. CISA, CIA, CPA, CISSP, or other audit, risk management, or technology certifications considered a plus. Experience with Oracle or similar integrated ERP system is preferred. Education Must have a bachelors degree in Audit, Accounting, Finance, Information Technology, Information Systems, Cybersecurity, or comparable education.

Vice President - Technology Risk Management I - Chief of Operations (COPS) Officer We re seeking a future team member for the role of Vice President - Technology Risk Management I to join our Technology Risk Management (2LOD) team. This role is located in Pune, MH Hybrid. In this role, you ll make an impact in the following ways: Drive consistent, robust, and repeatable independent technology cybersecurity risk and control management processes with developed centralized process documentation, templates, tooling, dashboarding, reporting and related work products Enable high-quality and consistent delivery of key independent 2LOD risk and control management activities across the broader Technology Risk Management organization to support key stakeholder deliverable work products including risk committee reporting, audit trail submissions, regulatory engagement responses, and 1LOD and Internal Audit reporting transparency Implement appropriate checks and change management capabilities to ensure broader TRM teams are challenged to produce high-quality, risk-based analysis, challenges, issues, and work products to stand-up to audit and regulatory requirements Interface collaboratively with other TRM teams including Reporting, Frameworks, Process, Automation/AI, and Functional SME teams, to ensure process efficiencies are implemented and enhanced over time To be successful in this role, we re seeking the following: Bachelor s degree or the equivalent combination of education and experience is required 7+ years of experience required experience with technology or financial services industry is required Sound understanding of Industry wide Technology Controls, Issue Management and Risk Management Framework Expert attention to detail, organizational and executive communication skills and experience are required Relevant professional certifications are a plus (CRISC, CISA, ITIL, ISO27001, COBIT) Technical experience with SharePoint, Tableau, PowerBI, ServiceNow is a plus Consulting and engagement with senior leadership experience is a plus America s Most Innovative Companies, Fortune, 2024 World s Most Admired Companies, Fortune 2024 Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024 Best Places to Work for Disability Inclusion , Disability: IN 100% score, 2023-2024 Most Just Companies , Just Capital and CNBC, 2024 Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024 Bloomberg s Gender Equality Index (GEI), 2023

Jun 23, 2025 Location: Chennai Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Job Listing Detail What impact will you make? Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you ll find unrivaled opportunities to succeed and realize your full potential. The Team Discover the various Internal Audit services, we offer to help organizations look below the surface to achieve superior performance through a full range of outsourcing, co-sourcing, and advisory services including with respect to technology and data analytics. We enhance the overall value delivered by IA functions through strengthening quality, flexibility, efficiency, and value. Additionally, Deloitte helps clients extend their IA oversight to gain greater understanding of key enterprise risks such as evolving IT systems, applications, and other technologies. Work you ll do As Deputy Manager in our Internal Audit team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Key Job Responsibilities Ability to effectively perform the technical components of risk assessments to provide an accurate view of the client s current risk state Ability to perform end-to-end business process analyses and design Ability to gather, synthesize, and analyze data using appropriate tools and technologies Ability to assess and design internal controls by applying an understanding of internal control design frameworks and regulatory requirements Ability to understand the client s business, interpret sector trends, and learn leading practices Ability to effectively interact with colleagues and clients of varying backgrounds to effectively serve clients Ability to enhance quality and efficiency of recommended conduct risk solutions by applying relevant frameworks, conducting research, and performing analyses Ability to conduct internal audits by leveraging approved processes and methodologies Ability to set the stage for a successful assessment of client s internal audit processes and controls by collecting and organizing data Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Ability to form a core technology and data risk skillset through proactively conducting research, and participating to internal and external initiatives Ability to leverage industry leading frameworks, methods, and tools to increase effectiveness of technology and data risk solutions Skillset required Must have 3 4 years experience post qualification experience in Internal Audit Decision making with engagement management and seek to understand the broader impact of current decisions Lead engagement planning. economics, and billing Generate innovative ideas and challenge the status quo Participate in proposal development efforts Assist in pre-sales activities Manage relationships with clients with the intention to exceed client expectations Well versed with Internal Audit requirement Managed end-to-end engagements for support on Internal Audit from planning to conclusion. Managed engagements with a team size of 4-5 members Experience in preparation of Business Development presentations, proposals Must be open to travel Qualifications CA / MBA Tier 2 in related fields BBM / BBA / B. Com Must have one of the certifications - CFE, CPA, CIA, CISA Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. In addition to living our purpose, Deputy Manager across our organization: Builds own understanding of our purpose and values; explores opportunities for impact Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent Understands expectations and demonstrates personal accountability for keeping performance on track Actively focuses on developing effective communication and relationship-building skills Understands how their daily work contributes to the priorities of the team and the business How you ll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Centre. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our purpose Deloitte is led by a purpose: To make an impact that matters . Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloittes impact on the world

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities : Working knowledge in one or more security and privacy domains such as: Governance, Risk and Compliance - Information Security and Compliance management, Cryptography Governance, Risk Management. Experience in leveraging industry standards and frameworks such as PCI-DSS, ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc. Demonstrates in-depth knowledge of security and risk management processes. Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc. Desired qualifications IT education or related fields PCI-DSS, ISO 27001 LA, CISA, PRINCE 2, ITIL v3, MCSE, MCPIT- EA or equivalent certification preferred CISSP, GSEC, GCIH, CEH, LPT, CCSK certifications would be preferred Location and way of working Base location: Pune This profile involves frequent/occasional travelling to client locations Your role as Senior Analyst We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

Location: Bengaluru Designation: Deputy Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 4-7 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Jul 15, 2025 Location: Bengaluru Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 2 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Jul 16, 2025 Location: Bengaluru Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 8+ years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Role Purpose : As GRC (Governance, Risk, and Compliance) Manager is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. This role involves ensuring that all risk and compliance activities are performed effectively by various control functions. The GRC Manager also serves as an internal consultant, providing guidance to operating functions and business lines on risk-related matters. Additionally, they are tasked with identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to ensure the organization's overall security and compliance posture. Responsibilities: Ensure strong governance on risk and compliance performed by various control functions. Manage risk assessment, remediation, and monitoring of information and technology process risks. Serve as an internal risk consultant to operating functions and business lines. Identify, assess, quantify, report, communicate, mitigate, and monitor process risks. Support the implementation of information security policies. Discuss risk closure, mitigation, and acceptance with stakeholders. Ensure periodic entitlement reviews are completed, and risks are managed to an acceptable level. Collaborate with control functions to track and mitigate identified risks. Work with technology leaders to identify control gaps. Act as a subject matter expert for risk and controls related to operations. Maintain strong working relationships with stakeholders. Review and refine policies and processes based on industry best practices. Track identified risks and ensured their closure within defined timelines. Prepare and maintain risk heat maps and risk registers. Required Skills: Excellent executive-level communication skills. Strong working relationships with team members and the ability to motivate them. Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits. Solid understanding of Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, NIST Control, etc. Understanding of Security incident response aspects is desirable. Good analytical, problem-solving, and interpersonal skills. B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience. Industry-recognized certification in information security such as CISSP, CISM, CISA, etc.

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Conduct Cyber Risk reviews for the organizational clients in a swift and thorough manner Assist in understanding common cyber threats and vulnerabilities Assist in understanding common cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations Assist in understanding Business continuity and disaster recovery planning methodologies Assist in understanding risk management methodologies and procedures Understand Underwriting Insights for Risk Report Creation Assist to prepare a risk report based on organizational internal cyber resilience network, which can become the primary basis of underwriting the cyber risk. Assist in understanding qualitative and quantitative methods for analyzing, interpreting, and synthesizing raw data into intelligence for deriving insights for liability underwriting Roles and Responsibilities 2

We are looking for cyber Security for Aurangabad location. Experience with security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, and encryption technologies Strong skills in system design and architecture.

In this role, you will: Lead complex initiatives designed to mitigate business-specific current and emerging risks with broad impact Engage in proactive Business Risk identification and assessment of existing and emerging Risk , recommend improvements by providing expertise in the control design to effectively mitigate risks, including means of measurement. Ensure the effective development, maintenance, implementation, and ongoing enhancement of the business control environment through execution of the Risk and Control Self-Assessment (RCSA) program. Engage in the development and implementation of new Business controls , root cause analysis of gaps and assist with the development of corrective action plans to address any control weaknesses or gaps and identifies opportunities for enhancements Gather and analyzes data to understand and diagnose issues ; Assesses and designs appropriate metrics to inform and monitor the health of the operational risk environment. Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area Support the Business with implementation of Control programs by providing consultative guidance. Ensure that business control issues are proactively identified and addressed appropriately, escalating where necessary. Supports a strong risk management culture through the implementation of key risk management programs into the standard operating framework of the business. Responsibilities : TCOPM Program Governance : Facilitate and coordinate the Internal Control (ICP) and Risk and Control Self Assessment (RCSA) policy and controls data quality hygiene monitoring, governance for technology teams, ensuring the timely identification and remediation of gaps. Subject Matter Expertise : Serve as a subject matter expert on ICP policy, RCSA methodologies, frameworks, and best practices.Provide guidance and support to technology teams in understanding and remediating policy or data hygiene quality gaps. Process Engineering & Tooling: Quickly develop efficient and structured workflow and communication protocols for immature processes and significant opportunities for efficiencies. Risk Identification and Assessment : Collaborate with technology teams to identify and assist with alignment of controls to the risk portfolio with agreement from Risk Assessible Unit (RAU) Owners and other key stakeholders. Stakeholder Engagement : Collaborate with various stakeholders, including technology teams, risk management functions, internal audit, and compliance, to facilitate effective communication and alignment throughout the TCOPM governance process. Training and Awareness : Develop and deliver training programs and workshops to enhance technology teams understanding of the process, risk management concepts and control frameworks, ICP, RCSA policy requirements or controls data hygiene quality standards. Reporting and Documentation : Prepare comprehensive reports and documentation summarizing TCOPM process, key decisions, findings, gap remediation, etc. Present findings and recommendations to senior management and relevant committees via expert verbal and/or written communications. Essential Qualifications: Minimum of 15 years of experience in technology risk and control management, leading and collaborating with a complex group of stakeholders Strong knowledge and experience in risk control self-assessment methodologies, risk frameworks, and technology risk management practices. Excellent facilitation and coordination skills, with the ability to engage and guide cross-functional teams effectively. In-depth understanding of technology infrastructure, systems, and emerging technology trends. Strong analytical and problem-solving abilities, with keen attention to detail. Effective communication and stakeholder management skills, with the ability to build relationships and influence at all levels of the organization. Demonstrated knowledge of Technology and Security risk framework COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards Professional certifications such as CISA, CISSP, CRISC, or equivalent are highly desirable. Bachelor's degree in Computer Science, Information Systems, or a related field. Advanced degree preferred.

As a Staff member in our team, your primary responsibility will be to perform and document testing on consulting, compliance, and internal audit engagements within financial institutions, specifically focusing on IT risk, strategy, and governance. Additionally, you will provide training and supervision to other Staff members involved in the engagements. Your role will involve identifying findings and documenting opportunities for process improvement, as well as researching technical issues that may arise during the engagement. You will collaborate with Managers and Senior Managers to develop strategic solutions that meet client needs and assist in engagement planning, execution, and final report issuance within client deadlines. Furthermore, you will play a crucial role in laying the groundwork for building strong relationships with clients, which includes participation in networking and business development activities. Your dedication to meeting client deadlines and delivering exceptional client service will be key to your success in this role. To be considered for this position, you must hold a Bachelor's degree. While certifications such as CISA, CISM, or CISSP are preferred, candidates who are not certified must meet educational requirements to obtain a license upon hire in their state of employment. Additional certifications such as CPA, CIA, CRCM, CAMS, CFIRS, CFE, and/or CFF are advantageous. Ideally, you should have a minimum of 3 years of experience in information systems, internal audit, regulatory compliance, or consulting services. Experience in network engineering/administration with a security focus is desirable. Knowledge of IT control and service management standards like CObIT, ITIL, and ISO is preferred, along with SOX IT audit experience. Previous experience in banking or credit unions would be a plus. We are looking for individuals who can work effectively both as part of a team and independently, demonstrating creative problem-solving skills and strong research capabilities. Excellent verbal and written communication skills, along with proficient use of Microsoft Office tools, are essential. The ability to manage multiple priorities, tasks, and projects simultaneously is also crucial for success in this role.,

Job Area: Finance & Accounting Group, Finance & Accounting Group > Internal Audit General Summary: Auditor, IT Internal Audit- Hyderabad Qualcomm is a company of inventors that unlocked 5G - ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. This is a unique opportunity to join Qualcomms finance and accounting organization based in Hyderabad in the Corporate Internal Audit & Advisory Services (IA & AS) team. The department focuses on assisting the Audit Committee and management teams in the improvement of processes that manage risks related to achieving Qualcomms business objectives. Using Qualcomms risk-based audit methodology, the IT auditor will assist in the execution of internal audits. Specifically, the responsibilities include: Providing U.S. based time zone coverage as needed (up to 50% of time) Supporting the creation of initial planning memos and process flowcharts Identifying and assessing initial risks and control activities Designing audit procedures to evaluate control effectiveness Performing audit testing, identifying deviations from expected control activities, and effectively communicating observations to the audit team Leveraging data analytics throughout the audit process where feasible Staying abreast of changes in the business and industry to assess impacts to the companys risk profile Contributing to the development of new concepts, techniques, and making continuous process improvements for the overall IA team All Qualcomm employees are expected to actively support diversity on their teams, and in the Company. One to three years of relevant experience in internal auditing, external auditing, or SOX compliance within a global public company (preferably in the high-tech industry), Big 4/mid-tier accounting firm or other fast-paced corporate setting Strong understanding of IT general controls, cybersecurity frameworks (e.g. NIST, COBIT), and ERP systems Fluent English; multi-lingual capability is a plus Successful candidate will possess the following characteristics: As feasible, ability to travel (infrequently) to Qualcomms domestic and international locations (e.g., U.S., Europe) Semiconductor business experience or familiarity Strong communication (oral and written) and presentation skills Fast learner with strong interpersonal, organization, analytical, critical thinking, and problem-solving skills Ability to work in a flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Comfortable with ambiguity Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously and multi-task to meet deadlines with high-quality deliverables Controls, risk assessment, risks, internal audit, IT Bachelor's degree in Accounting, Finance, Computer Science, cyber security, or related field. CPA, CA, CIA, CISA, CFE, or other credentials, a plus. Minimum Qualifications: Bachelor's degree. 1+ year of Finance, Accounting, or related work experience. *Completed advanced degree in a relevant field may be substituted for up to one year (Masters = one year) of work experience. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Technology GRC Analyst (2LOD) Pune, India Are you looking to take your Technology Governance, Risk & Compliance (GRC) skills to a whole new levelHow about unleashing your skills in a hugely successful business that is committed to moving money for the betterAre you interested in joining a globally diverse organization where our unique contributions are recognized and celebrated, allowing each of us to thriveThen it s time to join the Western Union as a Technology GRC Analyst for our Global Technology GRC, 2nd Line Defense team. Western Union powers your pursuit. In this unique global role, you will be part of our Technology GRC team responsible for assessing effectiveness of IT Internal controls against COBIT, supporting RCSA processes and risk management, and reporting of Technology compliance and identifying areas for improvement. Role Responsibilities You will be in a support role to the Tech GRC Manager and Tech GRC Director. Also assist in the definition, design, and execution of internal Technology assessments of controls, processes, policies, and risks. Instigate and manage initiatives to drive improvement to the Technology control environment including effective design of critical and key controls assesses against COBIT. Working with the Senior Assessor, you will prepare and communicate findings and recommendations with Technology leadership and policy/control owners. Ensure the appropriate policies, control, standard and procedures are regularly updated, reviewed, and approved. Work with control owners to monitor key control effectiveness, Key control indicators. Make sure all the control findings or issues gets closed prior to agreed date. Working with the Senior Assessor, you will be responsible for evaluating the efficiency and effectiveness of our internal IT controls and report on these findings to senior management with your recommendations. Evaluate Design and Operating effectiveness our internal Critical and Key controls and frameworks. You will work closely with senior members of the Technology team to evaluate operational risk. Role Requirements Degree IT, Computer Science, Information Security or similar field. At least 3 years of experience in IT Risk/IT Control Management/IT Audit/TPRM/IT Control Testing and assessment area. Experience in testing IT general controls (ITGC), application controls, and cybersecurity controls. Ability to assess control design and operational effectiveness. Ability to interpret audit findings and support remediation efforts. Proficiency in data analysis, control gap identification, and risk reporting. Strong understanding of IT infrastructure, networks, databases, application, and cloud environments. Experience in working with 1LOD teams/Internal Audit/External Auditors. Ability to communicate risk issues clearly to technical and non-technical stakeholders Familiarity with framework and Standards like CRISC / CISM / CISA / ITIL / COBIT / ISO27001 any one of them (certification a plus). Strong analytical skills with a strong focus on operational risk. You ll be a team player that can successfully complete tasks independently and build/maintain strong relationships with stakeholders. Team player with high attention to detail. Fast learning and high self-motivation. English is required in both written and verbal. Effective Communication and stakeholder management skills. We make financial services accessible to humans everywhere. Join us for what s next. Just as we help our global customers prosper, we support our employees in achieving their professional aspirations. You ll have plenty of opportunities to learn new skills and build a career, as well as receive a great compensation package. If you re ready to help drive the future of financial services, it s time for Western Union. Learn more about our purpose and people at https: / / careers.westernunion.com / . Benefits You will also have access to short-term incentives, multiple health insurance options, accident and life insurance, and access to best-in-class development platforms, to name a few ( https: / / careers.westernunion.com / global-benefits/ ). Please see the location-specific benefits below and note that your Recruiter may share additional role-specific benefits during your interview process or in an offer of employment. Your India specific benefits include: Employees Provident Fund [EPF] Gratuity Payment Public holidays Annual Leave, Sick leave, Compensatory leave, and Maternity / Paternity leave Annual Health Check up Hospitalization Insurance Coverage (Mediclaim) Group Life Insurance, Group Personal Accident Insurance Coverage, Business Travel Insurance Cab Facility Relocation Benefit Western Union values in-person collaboration, learning, and ideation whenever possible. We believe this creates value through common ways of working and supports the execution of enterprise objectives which will ultimately help us achieve our strategic goals. By connecting face-to-face, we are better able to learn from our peers, problem-solve together, and innovate. Our Hybrid Work Model categorizes each role into one of three categories. Western Union has determined the category of this role to be Hybrid. This is defined as a flexible working arrangement that enables employees to divide their time between working from home and working from an office location. The expectation is to work from the office a minimum of three days a week. #LI-MT #LI-Hybrid Estimated Job Posting End Date: 07-23-2025 This application window is a good-faith estimate of the time that this posting will remain open. This posting will be promptly updated if the deadline is extended or the role is filled.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on small to medium complexity deals. Lead or work as Lead Solution Architect on small to medium complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approvers. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solution. Work on building the cost model for the solution. Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done.Roles & Responsibilities:Frequently interacts with senior client leadership.Develop statement of workPerforms Peer ReviewsAssists in performing QAHas led solution development for multiple deal typesWork with delivery leads for the approval of solution/effortsBring out technical differentiators and value in the solutionAble to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 3 years in leading solution development in a reputed organizationDeep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessaryShould be a good presenterShould have leadership qualitiesShould keep himself/herself up to date on various SA Cost models and processes, work independently to develop costing and pricingGood communication and collaboration skills Prior experience in leading solution development will be an advantageExperience in leading delivery and solution planning of large, complex dealsComfortable in using relevant tools and estimatorsComfortable working in extended working hoursCISSP, CISM, CISA Cloud Security knowledge and certification AWS, AzureSolution Architect Core TrainingSolution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have a minimum of 8 years of experience This position is based at our Pune office. Qualification 15 years full time education