We are looking for Cyber security expert for Ahmedabad location but for 1 year you have to work in aurangabad Location. Candidate must have Certification in CISSP, CISM, CISO, CISA. If you are interested you can DROP your cv on 7009326576.

The Team The OSTTRA Technology teamis composed of Capital Markets Technology professionals, who build,supportand protect the applications that operate our network. The technology landscapeincludeshigh-performance, high-volume applications as well as compute intensive applications,leveragingcontemporary microservices, cloud-based architectures. The Impact: Together, we build, support, protect and manage high-performance, resilient platforms that process more than 100 million messages a day. Our services are vital to automated trade processing around the globe, managing peak volumes and working with our customers and regulators to ensure the efficient settlement of trades and effective operation of global capital markets. Whats in it for you: We are seeking a highly motivated and experienced Information Security person to join our growing security team. In this role, you will be responsible for managing and optimizing our Data Loss Prevention (DLP) solutions, ensuring compliance with relevant security standards i.e. ISO 27001, NIST and implementing and maintaining robust Identity and Access Management (IAM) and Privileged Access Management (PAM). You will play a crucial role in protecting our sensitive data and ensuring the security posture of our organization. This is an excellent opportunity to be part of a team based out of Gurgaon and to work with colleagues across multiple regions globally. Responsibilities Data Loss Prevention (DLP) Management: Implement, Manage, and optimize DLP tools policies to prevent data leaks and ensure data protection. Develop and maintain DLP policies and procedures. Regularly update and fine-tune DLP rules to adapt to evolving data protection needs. Monitor and analyse DLP alerts and incidents and perform incident response. Provide training and guidance to users on DLP best practices. Implement real-time monitoring and logging for data movement and access patterns. Generate detailed reports on data loss attempts, policy breaches, and user behavior anomalies. Evaluate and recommend improvements to existing DLP solutions. Develop playbooks for quick response to DLP-related threats and incidents. Perform regular data flow assessments to identify unprotected data paths Identity and Access Management (IAM) and Privileged Access Management (PAM): Manage requirements around IAM and PAM security, including user provisioning, access control, and privileged access management. Develop and enforce IAM and PAM policies and procedures. Conduct regular access reviews and audits. Generate compliance reports for internal and external audits (e.g., SOX, GDPR, PCI-DSS). Troubleshoot IAM and PAM issues together with the respective Infrastructure teams. Integrate IAM/PAM systems with other security and business applications. Regularly evaluate IAM/PAM solutions to keep pace with emerging threats and technologies. Information Security Compliance: Ensure compliance with relevant security standards and regulations, including ISO 27001, NIST Standard Conduct internal security audits and assessments. Develop and maintain security documentation and procedures. Assist with external security audits and assessments. Stay up to date on the latest security threats and vulnerabilities. Other Duties: Provide security consulting and support to other teams. Knowledge on Application Pen testing would be an added advantage Evaluate and recommend new security technologies and solutions. Participate in security awareness training and initiatives. Understanding on Technology & Security Risk Management and Vendor Risk Management Framework What Were Looking For Qualifications 7 to 8 years experience working in IT Security & GRC in multiple capacities. Bachelors in IT, Computer Science, Cyber Security, or equivalent experience required. Proven experience with DLP tools and technologies (e.g., Symantec DLP, Forcepoint DLP, Microsoft Information Protection, Zscaler etc.) and certification on these tools would be added advantage Strong understanding of IAM and PAM concepts, tools and technologies and certification on these tools would be added advantage In-depth knowledge of ISO 27001 and other relevant security standards and regulations. Certification like ISO 27001, CISA, CRISC, CISM etc. would be an added advantage. Competencies: The ability to multitask, act under pressure and quickly identify and deal with priority matters under tight deadlines. Attention to detail is essential. The ability to handle multiple inquiries at any one time, often under considerable deadline pressure. The ability to work both independently and as part of a team. Desired Skills: Excellent written and spoken English. Detail oriented with excellent research, analytical and critical thinking skills. Strong documentation, oral and written communications, and interpersonal skills.

Knowledge of operating systems, system administration, and application security. Proficiency in security tools and technologies Experience with incident response methodologies. Strong knowledge of IT security protocols, data privacy standards Required Candidate profile Certified Information Systems Security Professional (CISSP) Vulnerability Scanner/Nessus, CrowdStrike, Cisco Meraki, Forcepoint One. Experience with cloud security and network security.

Location: Noida Domain & Role : Risk & Compliance- Senior Manager Role Description Task and Responsibilities Minimum of 10-13 years of experience in Information Risk Management/Information Security or auditing. Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT) Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level Partner with awareness and training elements to develop and ensure rollout of programs to increase the level of awareness of compliance with policy and process Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities. Ability to provide effective management of junior employees. Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security Coordinates with other DCO and Delivery Compliance representatives to build out world class compliance program components to include processes, procedures, and technologies. Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program Demonstrates ability to work in virtual team with help of tools and technologies Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills Must have systematic and pragmatic approach to problem solving Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues and staff Have a good technical awareness and the aptitude to remain up to date with information security and IT developments Ability to communicate Risk to non IT business owners and support function such as delivery, HR, Admin, Legal, Contracting and others Ability to communicate risk at all levels of management up to and including C-Level executives. Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred. Primary Skill : The position is a member of Risk & Compliance org within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements. The DCO will act as the engagement level risk advisor and manager and will be the primary liaison for risk related items between the engagement and the larger R&C organization. The DCO will interface with client, business delivery team and support function such as IT, HR, Admin, Legal, etc. in execution of job responsibilities. The position typically reports into a Delivery Compliance Partner or Delivery Compliance Manager Secondary Skill : Required Experience and Educational Qualification : 6-10 years of Recruitment experience Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT) Other relevant skills: Strong communication skills Ability to provide effective management of junior employees Demonstrates good inter-personal skills, high standards of professional behavior in dealings with business customers, colleagues and staff

Dear Applicants, Greetings from Teamware Solutions! Position: Business Auditor Experience: 3 - 6 Years Location: Mumbai (Apply if you are in western line) Notice Period: Immediate Joiners only Interested candidates can apply to the given Email ID: greeshma.t@twsol.com Job Description:- Understanding of the audit principles, tools, processes especially around issue validation/closure verification process which primarily includes the following. Conduct comprehensive validation of remediation efforts including enhanced/new controls and/or corrective actions completed by the Management. Understanding the risks and root cause associated to the issues and testing of the design and/or operating effectiveness of the controls in a timely manner. Document the work performed to clearly articulate the results/conclusion of testing or validation activities in line with guidelines/methodology. Ability to understand and adopt new audit tools and techniques (e.g., data analytics) and participate in learning and development opportunities to ensure the use of best-in-class processes and procedures. Identifying and implementing efficiencies and process improvements related to the issues validation work. Ability to effectively multi-task and manage multiple competing deliverables within tight timeframes without compromising on quality of output.

Location: Hyderabad, Bangalore - India Function: HV Product Management Requisition ID: 1033000 The Company We’re Hitachi Vantara, the data foundation trusted by the world’s innovators. Our resilient, high-performance data infrastructure means that customers – from banks to theme parks – can focus on achieving the incredible with data. ?? If you’ve seen the Las Vegas Sphere, you’ve seen just one example of how we empower businesses to automate, optimize, innovate – and wow their customers. Right now, we’re laying the foundation for our next wave of growth. We’re looking for people who love being part of a diverse, global team – and who get excited about making a real-world impact with data. The Team The VSP 360 team is focused on building an intelligent, hybrid cloud platform that integrates observability, automation, protection, and data insights. As part of this mission, we are expanding platform capabilities to include rich data services integrations that enhance visibility, governance, compliance, and cyber resilience. This team works cross-functionally with engineering, partner ecosystems, and customer-facing teams to deliver seamless experiences and actionable insights from a wide range of data services and third-party platforms. The Role As the Product Manager for Data Services within the VSP 360 platform, you will lead the strategy and execution for integrating a diverse set of data services that drive data intelligence, governance, and protection. This includes managing platform-level integrations with services such as data classification, data cataloging, PII detection, cyber resilience, and third-party data protection solutions. You’ll collaborate with internal and external stakeholders to define use cases, capture integration requirements, and drive partner enablement. Your role will focus on building scalable APIs and workflows that bring context-rich insights and automation to the forefront of hybrid cloud storage management. You will be responsible for managing the backlog in Aha!, coordinating cross-functional execution, and ensuring customer-facing outcomes around security, compliance, and operational efficiency. What You’ll Bring 5+ years of product management experience in data services, storage, or enterprise software Strong understanding of data classification, cataloging, governance, and PII/security frameworks Familiarity with cyber resilience concepts and tools Experience integrating third-party solutions (e.g., Commvault, Veeam) into a platform environment Proven ability to define APIs and workflows for data services integration Agile product management experience with tools like Aha!, Jira, or equivalent Ability to balance technical requirements with customer value and usability Strong collaboration and communication skills across product, engineering, and partners Strategic mindset with experience driving partner ecosystems and joint solutions Passion for delivering customer-centric solutions with measurable business impact About us We’re a global team of innovators. Together, we harness engineering excellence and passion for insight to co-create meaningful solutions to complex challenges. We turn organizations into data-driven leaders that can a make positive impact on their industries and society. If you believe that innovation can inspire the future, this is the place to fulfil your purpose and achieve your potential. #LI-SP7 Championing diversity, equity, and inclusion

You will be responsible for developing and maintaining a robust application security strategy and architecture that aligns with industry best practices and regulatory requirements. The ideal candidate will possess a deep understanding of both AppSec and general cybersecurity principles. Your Day to Day Develop and maintain a robust application security strategy, standards and target state architectures which aligns with industry best practices and regulatory requirements. Be the application security advocate across the organization. Lead discussions and reviews around new technologies, framework enhancements and product reviews. Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies. Ensure compliance with relevant security standards, regulations, and industry frameworks (eg, PCI DSS, GDPR). Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organization s AppSec program. Collaborate with software engineers and leadership teams as we'll and cybersecurity teams to integrate security controls throughout the software development lifecycle. Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions. What do you need to bring Degree in Computer Science, Cybersecurity, Mathematics, or a related field. 15+ years experience in AppSec, Software/Systems Engineering, and/or Architecture. Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA). Familiarity with iOS, Android and browser SDK development. Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments. In depth knowledge of SDLC, and CI/CD pipelines best practices. Good understanding of SLSA and supply chain security. Expert level understanding of containerized platforms and security best practices. In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection. Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews. Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud. Industry certifications (eg, CISSP, CISM, CCSP, or equivalent) are a plus.

About The Role : Job Title- DCO Independent Testing, AVP Location- Pune, India Role Description DWS Group (DWS) is one of the world's leading asset managers. Building on more than 60 years of experience and a reputation for excellence in Germany and across Europe, DWS has come to be recognized by clients globally as a trusted source for integrated investment solutions, stability, and innovation across a full spectrum of investment disciplines. We offer individuals and institutions access to our strong investment capabilities across all major asset classes and solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management as well as our deep environmental, social and governance focus complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground-knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, which guides our investment approach strategically. DWS wants to innovate and shape the future of investingwith approximately 3,500 employees in offices all over the world, we are local while being one global team. We are investors entrusted to build the best foundation for our clients future. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities This role will support India DCO office with activities as outlined below: Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the newly established Independent Testing Team Assess end to end business processes to identify significant gaps and determine issue root causes. Partners with business units to perform control evaluations, monitoring and testing efforts within Compliance and Operation Risk Framework to identify control gaps as well as opportunities for effectiveness and efficiency improvements. These assessments will include coverage for other regulatory programs including SOX Apply critical thinking skills to substantive testing techniques to thoroughly evaluate the effectiveness of high-risk business processes. Assess and monitor risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices. Collaborate with cross-functional teams and stakeholders to support control design and effectiveness. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Your skills and experience Bachelor's degree in information security or related field required, with a preference towards master's degree. Demonstrated ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices Strong and progressive Auditing or Control Testing experience with current knowledge and understanding of Control testing methodology. Experience developing test scripts, audit programs, or testing templates. 6+ years in information security management and governance, with a focus on control design and testing Detailed experience in ISO 27001, GDPR, COBIT, KAIT, BAIT, etc. and other cyber security frameworks Good to have CertificationsCRISC, CISSP, CISM, CISA, ISO 27001 Lead Implementer/ Auditor Should possess strong communication skills (written/ spoken) Should be skilled to work with minimal supervision. Strong analytical and strategic mindset along with the ability to collaborate with different stakeholders including top management representatives. How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm

Role & responsibilities :- Perform assessments of the in-scope facilities against relevant standards such as ISO 27001, ISO 22301, SOC 1, SOC 2. Collaborate closely with various stakeholders to support the entire certification lifecycle. Engage with relevant stakeholders to manage compliance requirements through awareness initiatives and regular interactions, ensuring users understand and comply with necessary procedures to maintain security. Identify gaps and non-compliances, and work with relevant stakeholders to ensure timely resolution Promote a risk-aware culture throughout the organization. Assist in scoping and develop a calendarized schedule of activities for regular monitoring. Perform risk assessments based on HCLTechs methodology and collaborate with stakeholders to develop remediation plans for identified risks. Adhere to a defined escalation matrix to manage identified risks. Coordinate and facilitate to third parties for external audits. Stay informed about the latest information security trends and threat landscapes to take proactive measures during assessments. Keep management informed of critical issues that may impact customers, suppliers, or the company. Introduce efficiencies to enhance existing programs. Participate in other projects as required. Desired Experience and skills Bachelor’s Degree - BE/B Tech/B.Sc/Master degree in any domain, preferably in Information Technology or Computer sciences. Security Certifications like CISA/CRISC/Security+ Relevant experience of minimum 7-8 years in the field of ISO 27001 & SSAE 18 /assessment and Risk management (risk assessment and remediation) Strong analytical, problem solving, organizational, documentation; time management skills. Candidate assists with management of stakeholder needs and expectations while providing consistent and regular communications with support from management Candidate is able to effectively balance multiple tasks through careful prioritization Candidate is able to work collaboratively with others to produce a quality work product Proven ability to communicate with multiple stakeholders Proven ability to manage output from multiple teams Excellent spoken and written English Good Report Writing and Analytical Skills Proficient in MS Office Good in Data Analytics, MIS, Inferences and self-scrutiny for continuous improvement Preferred candidate profile :- CISM OR CISA CERTIFICATION PCI DSS ISO 27001 CERTIFICATION

Role & responsibilities :- Perform assessments of the in-scope facilities against relevant standards such as ISO 27001, ISO 22301, SOC 1, SOC 2. Collaborate closely with various stakeholders to support the entire certification lifecycle. Engage with relevant stakeholders to manage compliance requirements through awareness initiatives and regular interactions, ensuring users understand and comply with necessary procedures to maintain security. Identify gaps and non-compliances, and work with relevant stakeholders to ensure timely resolution Promote a risk-aware culture throughout the organization. Assist in scoping and develop a calendarized schedule of activities for regular monitoring. Perform risk assessments based on HCLTechs methodology and collaborate with stakeholders to develop remediation plans for identified risks. Adhere to a defined escalation matrix to manage identified risks. Coordinate and facilitate to third parties for external audits. Stay informed about the latest information security trends and threat landscapes to take proactive measures during assessments. Keep management informed of critical issues that may impact customers, suppliers, or the company. Introduce efficiencies to enhance existing programs. Participate in other projects as required. Desired Experience and skills Bachelors Degree - BE/B Tech/B.Sc/Master degree in any domain, preferably in Information Technology or Computer sciences. Security Certifications like CISA/CRISC/Security+ Relevant experience of minimum 7-8 years in the field of ISO 27001 & SSAE 18 /assessment and Risk management (risk assessment and remediation) Strong analytical, problem solving, organizational, documentation; time management skills. Candidate assists with management of stakeholder needs and expectations while providing consistent and regular communications with support from management Candidate is able to effectively balance multiple tasks through careful prioritization Candidate is able to work collaboratively with others to produce a quality work product Proven ability to communicate with multiple stakeholders Proven ability to manage output from multiple teams Excellent spoken and written English Good Report Writing and Analytical Skills Proficient in MS Office Good in Data Analytics, MIS, Inferences and self-scrutiny for continuous improvement Preferred candidate profile :- CISA CISM ISO 27001 CERTIFICATION PCI DSS

ROLE AND RESPONSIBILITIES Develop, implement, and manage strategic, comprehensive enterprise information security and IT risk management program. Make a risk assessment of company systems, networks, and data to prevent it from being accessed (viewed by unauthorized personnel, data corrupted, or data lost) Define Risk Management framework and implement across the enterprise business functions. Security assessment, validation & clearance of developed /acquired applications for production launch. Assist with the overall business technology planning, providing a current knowledge and future vision of technology, cloud security and systems aligned to security framework. Managing the daily operation and conducting continuous assessment of current IT security practices and systems and identifying areas for improvement. Implement and maintain compliance of security requirements for new products/services. Devising strategies, solutions and implementing security solutions and minimizing the risk of cyber-attacks. Lead Implementation of security products and solution across organization Implement and comply with best Industrial standards on Security, IT Acts/ISO and other IT statutory requirements. Determines security violations and inefficiencies by conducting periodic audits. Conduct Investigations and forensics for any breaches dealing with those responsible and planning to avoid repeats of the same crisis. Lead the various internal and external IT/Security audits and ensure all compliances are met. Lead various Internal, External IT and security audits. Ensure compliances are met. Preparing Cybersecurity roadmap and assisting for all Cybersecurity compliances requirement. QUALIFICATIONS AND EDUCATION REQUIREMENT Bachelors degree in IT, Computer Science, or a related field. Good to have relevant industry certifications such as CISA, CISM, CISSP, ISO 27001, and others (as relevant) At least 8+ years of working experience in domains related to Information security and with a very strong security mindset. Experience in area of IT Security, IT Audits, Compliance and Risk Management in IT/FMCG Industry Excellent Knowledge of Cyber Security, risks, threats in infrastructure, network, Cloud, Application and Data Centre Technologies Experience of various security solutions such as Firewall / IDS/ IPS / NAC / Email Security/CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc. Good understanding of Security technologies for private and public cloud Thorough Knowledge of IT and Security processes implementation and compliances Knowledge of information and network security principles, with a major focus on information, network & application security risks and impact. Good understanding of security frameworks, standards such as ITCG Control, ISO 27001, NIST, CIS etc.

We are looking for a highly skilled and experienced Third-Party Risk as a Service (TPRaaS) - Staff to join our team in Bengaluru. The ideal candidate will have 1 to 4 years of experience in Third-Party Risk Management, with expertise in TPRM tools and technology solutions. ### Roles and Responsibility Participate in the delivery of Third-Party Risk Management (TPRM) engagements, including walkthroughs, testing, documentation, and other engagement-related activities. Provide delivery updates during vendor calls and client interactions. Follow policies and procedures to support the successful implementation of TPRM operating models. Assist in process walkthrough discussions to document end-to-end business processes and functional requirements. Contribute to assessing the application of legal and regulatory requirements to clients' TPRM practices. Identify process gaps and propose preventive/corrective actions. Demonstrate interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfilling project activities to achieve exceptional client service. Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring an innovative mindset and analytical thinking capability to enhance service delivery. ### Job Requirements Bachelor's degree in IT/Computer Science, BSc.(IT), BE, MCA from a tier 1 or tier 2 college. 1 to 4 years of demonstrated experience in Risk Management, preferably in Third-Party engagement lifecycle (pre-contracting, contracting, and post-contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices, and Contract Risk Reviews. Good exposure to TPRM tools and technology solutions, such as GRC enablement solutions (Process Unity, Prevalent, Archer, ServiceNow). Basic knowledge of standards like ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc., and privacy regulations like GDPR, CCPA, etc. Basic knowledge of TCP/IP, OSI layer, networking, security concepts, Physical & Environmental Security, Asset Security, and Identity & Access Management. Good to have certifications: CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer. Exposure to tools like ProcessUnity, ServiceNow, Archer is desirable.

We are looking for a highly skilled and experienced Digital Risk Manager to join our team in Mumbai. The ideal candidate will have 3-5 years of experience in IT Audit, with a strong background in SAP business processes and excellent communication skills. ### Roles and Responsibility Understand client challenges and industry-related issues, offering solutions in IT risk management. Participate in go-to-market strategies, create proposals, and respond to RFPs and client orals. Identify opportunities for cross-selling to current clients and introduce colleagues from other service lines. Travel to client locations (India and abroad) for meetings, conduct workshops, and knowledge-sharing sessions. Jointly lead global account relationships with onshore teams, manage engagement deliveries, quality, and drive growth. Consistently deliver high-quality client services within expected timeframes and budget. Manage a team of Seniors and Staff (across geographies) for delivery of engagements across clients. Foster an innovative and inclusive team-oriented work environment, actively counseling and mentoring junior consultants. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, communicating this information to the engagement team and client management through written correspondence and verbal presentations. Foster relationships with client personnel to analyze, evaluate, and enhance information systems, developing and improving security at procedural and technology levels. Assist with cultivating and managing business development opportunities, understanding EY and its service lines to assess and present ways to serve clients. ### Job Requirements Bachelor’s or master’s degree and approximately 3-5 years of related work experience in IT Audit. Deep understanding of SAP business processes (e.g., purchase-to-pay, record-to-report, order-to-cash). Excellent communication, documentation, and report writing skills. Strong leadership and teaming skills, with the ability to train, coach, and mentor. A willingness to travel (India and abroad) for client needs. Preferred: SAP certification; additional Industry-related certifications such as CISA or CISM are a plus.

We are looking for a highly skilled and experienced Cyber Security Consultant to join our team in Bengaluru. The ideal candidate will have 6-8 years of experience in information security, with a focus on email security, security incident management, and EDR solutions. ### Roles and Responsibility Design, implement, and maintain Email security solutions (Proofpoint/M365) to safeguard Email flow. Manage and respond to security alerts triggered by email security solutions. Collaborate with cross-functional teams to integrate security solutions and ensure seamless operations. Monitor and analyze security incidents, responding promptly to security breaches and user incidents. Stay updated on industry best practices and emerging security threats, adapting security protocols as needed. Perform regular security audits and assessments to identify and mitigate risks. Develop and maintain security documentation, policies, and procedures. Provide technical support and guidance to other IT teams to enhance overall security posture. Troubleshoot and resolve security-related issues in a timely manner, continuously improving and optimizing security processes and procedures to enhance efficiency and effectiveness. ### Job Requirements Bachelor's degree in Computer Science, Information Security, or a related field. 6-8 years of professional experience in information security, focusing on email security, security incident management, and EDR solutions. Hands-on experience with Proofpoint email security and its components. Strong understanding of ITIL processes and the ability to handle security escalations as L2/L3. Excellent verbal and written communication skills, proficient in documentation and PowerPoint. Good social, communication, and technical writing skills, capable of interfacing with internal and external clients. Strong analytical problem-solving skills, able to prioritize tasks and work accurately under pressure to meet deadlines. Ability to understand and follow workplace policies and procedures. Proficiency in security tools and technologies, including encryption, O365, AV, and certificates. Relevant certifications such as CISSP, CISM, or relevant certifications are a plus. Excellent problem-solving skills and attention to detail. Strong communication and teamwork skills. Ability to work independently and manage multiple tasks. Willingness to stay current with evolving security technologies and threats. Clear and concise communication skills.

We are looking for a highly motivated and detail-oriented individual with 2 to 7 years of experience to join our team as a Portfolio Compliance Enablement Specialist in Bengaluru. The ideal candidate will have a strong foundation in Cyber Security, Information Security, or a related field. ### Roles and Responsibility Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies.### Job Requirements At least 2 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Understanding of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills, and the ability to work effectively within a team environment.

We are looking for a highly skilled and experienced Supervising Analyst to join our team in Bengaluru. The ideal candidate will have 3 to 8 years of experience in risk management, compliance, or a related field. ### Roles and Responsibility Serve as part of the GDS Account Data Risk - Independent Control Monitoring team, executing independent testing of controls related to Data Protection at the client account level. Execute control testing in line with EY’s global data protection framework. Consult and collaborate effectively across key data protection stakeholders on testing activities. Evaluate and summarize test results, proposing remediation activities. Document findings and observations to contribute to continuous learning and improvement. Participate in activities supporting a cohesive and balanced approach across Global Risk Management Data Protection and the client account. ### Job Requirements Bachelor's degree and approximately 3+ years of related work experience. Experience or background in quality, risk management, compliance, cybersecurity, or familiarity with data protection law. Strong understanding of metrics and reporting. Ability to work independently and collaboratively within a team environment. Excellent communication and problem-solving skills. IAPP certifications (CIPP/E, CIPP/US, CIPM) are preferred; CISA, CISM, CISSP, or equivalent certifications are also desirable.

We are looking for a skilled professional with 3 to 5 years of experience to join our team as a Manager - ERP Controls and Security (SAP) in Bengaluru. The ideal candidate will have a strong background in IT Risk and SAP business processes. ### Roles and Responsibility Understand client challenges and industry-related issues, offering solutions in IT Risk. Participate in go-to-market strategies, create proposals, and respond to RFPs and client orals. Identify opportunities for cross-selling to current clients and introduce colleagues from other service lines. Travel to client locations for meetings, conduct workshops, and knowledge-sharing sessions. Jointly lead global account relationships with onshore teams, manage engagement deliveries, quality, and drive growth. Consistently deliver high-quality client services within expected timeframes and budget. Manage a team of Seniors and Staff across geographies for delivery of engagements across clients. Foster an innovative and inclusive team-oriented work environment and actively counsel/mentor junior consultants. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, communicating this information to the engagement team and client management through written correspondence and verbal presentations. Foster relationships with client personnel to analyze, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Assist with cultivating and managing business development opportunities, understanding EY and its service lines to assess/present ways to serve clients. ### Job Requirements Bachelor's or Master's degree and approximately 3-5 years of related work experience. Deep understanding of SAP business processes, including purchase-to-pay, record-to-report, and order-to-cash. Experience in Internal controls within SAP ECC/S4 Applications and their integrations. Strong understanding of IT application controls, IT general controls, and interface controls. Excellent communication, documentation, and report writing skills. Excellent leadership and teamwork skills, with the ability to train, coach, and mentor. A willingness to travel (India and abroad) for client needs. Preferred: SAP certification; additional Industry-related certifications such as CISA or CISM are a plus.

We are looking for a skilled IT Risk Consultant with 3 to 6 years of hands-on experience in IT Risk/Audit, Assurance and Advisory to join our FS Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. ### Roles and Responsibility Lead and execute IT Audit and Risk Assurance engagements. Perform client walkthroughs, understand key IT processes and risk. Request and review audit evidence, draft control and risk review reports, and documentation. Plan team schedules and utilization, divide tasks amongst staff, and manage final delivery. Develop and maintain productive working relationships with clients and onshore stakeholders. Identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. ### Job Requirements Preferably B.E/B.Tech (Computers, Electronics, Data Analytics), BCA/MCA, B.Sc/M.Sc. (computers major), MBA, CA. Must Have: 3-6 years of hands-on internal/external IT Audits, Atleast One - IT General Controls, IT Automated Controls, and Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting. Able to perform independent security configuration review of common operating systems and databases - Windows, Unix, DB2, AS400, SAP R3ECC/HANA, Mainframe, SQL, Oracle. Knowledge of documentation and data analysis tools like Word, Excel, Access, Strong English verbal and written communication skills. CISA, CISM, CRISC, ISO27001, Data privacy certifications are a plus. IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX. Data analytics/automation tool – SQL, Monarch, BluePrism, Alteryx, PowerBI. German/Dutch/French language is an added advantage.

We are looking for a skilled Digital Risk Manager with 5 to 7 years of experience in IT Audit and strong personal skills to deliver quality results in the assessment, design, and support implementation of controls, security, and IT risk solutions. The ideal candidate will have a deep understanding of SAP business processes and experience in Internal controls within SAP ECC/S4 Applications. ### Roles and Responsibility Supervise delivery and provide technical and project leadership to team members. Build relationships with clients and drive high-value work products within expected timeframes and budget. Monitor progress, manage risks, and ensure key stakeholders are informed about progress and expected outcomes. Understand client challenges and industry-related issues, offering solutions in IT Risk. Participate in go-to-market activities, create proposals, and respond to RFPs and client orals. Travel to client locations (India and abroad) for meetings, conduct workshops, and knowledge-sharing sessions. Jointly lead global account relationships along with onshore teams, managing engagement deliveries, quality, and driving growth. Consistently deliver quality client services, driving high-quality work products within expected timeframes and on budget. Manage a team of Seniors and Staff (across geographies) for delivery of engagements across clients, fostering an innovative and inclusive team-oriented work environment and actively counseling/mentoring junior consultants. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, communicating this information to the engagement team and client management through written correspondence and verbal presentations. Foster relationships with client personnel to analyze, evaluate, and enhance information systems, developing and improving security at procedural and technology levels. Assist with cultivating and managing business development opportunities, understanding EY and its service lines to assess/present ways to serve clients. ### Job Requirements Bachelor’s or master’s degree and approximately 5-7 years of related work experience. Deep understanding of SAP business processes (e.g., purchase-to-pay, record-to-report, order-to-cash). Experience in Internal controls within SAP ECC/S4 Applications and their integrations. Strong understanding of IT application controls, IT general controls, and interface controls. Excellent communication, documentation, and report writing skills. Excellent leadership and teaming skills, with the ability to train, coach, and mentor. A willingness to travel (India and abroad) for client needs. Preferred: SAP certification; additional Industry-related certifications such as CISA, CISM are a plus.

We are looking for a highly skilled and experienced Supervising Analyst to join our team in Bengaluru. The ideal candidate will have 3 to 8 years of experience in risk management, compliance, or quality assurance. ### Roles and Responsibility Serve as part of the GDS Account Data Risk - Independent Control Monitoring team, executing independent testing of controls related to data protection at the client account level. Execute control testing in line with EY's global data protection framework. Consult and collaborate effectively across key data protection stakeholders on testing activities. Evaluate and summarize test results, proposing remediation activities. Document findings and observations to contribute to continuous learning and improvement. Support the development and maintenance of reporting, such as regional/area risk leaders, service line leaders, and account leaders. ### Job Requirements Bachelor's degree and approximately 3+ years of related work experience. Experience or background in quality, risk management, compliance, cybersecurity, or familiarity with data protection law. Strong understanding of metrics and reporting. Ability to work independently and collaboratively within cross-functional teams. Excellent communication and problem-solving skills. IAPP certifications (CIPP/E, CIPP/US, CIPM) are preferred; CISA, CISM, CISSP, or equivalent certifications are also desirable.

We are looking for a skilled Security Consultant Lead with 9 to 14 years of experience in information security, preferably in cloud security. The ideal candidate will have advanced knowledge of computer science and experience in managing significant Information Security risk management functions. ### Roles and Responsibility Review security architectures and provide pragmatic security guidance that balances business benefits and risks. Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on implementation. Perform threat modeling and risk assessments of information systems, applications, and infrastructure. Maintain Information Security Policies and Compliance standards and enhance InfoSec risk assessment and certification methodologies. Define security configuration standards for shared and multi-tenant platforms and technologies. Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit. Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stakeholders. Provide knowledge sharing and technical assistance to other team members, acting as a Subject Matter Expert (SME) in responsible technologies with a deep technical understanding of services and technology portfolios. ### Job Requirements Advanced degree in Computer Science or a related discipline; or equivalent work experience. Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or CISSP, CISM, or CISA, or similar cloud-security oriented certifications. Minimum 9 years of experience in managing a significant Information Security risk management function. Experience in managing communication of security findings and recommendations to IT project teams, business leadership, and technology management executives. Strong working knowledge of cloud security, infrastructure security, application security, Agile & DevSecOps methodologies, and operational security. Knowledge of common information security standards such as ISO 27001/27002, CSA and CIS Controls, NIST CSF, PCI/DSS, FEDRAMP is preferred. Experience with Azure Active Directory (AAD) based Identity and Access Management and Authorization design and integration with API, IDaaS, and Federation technologies is preferred.

We are looking for a highly motivated and detail-oriented individual with 2 to 7 years of experience to join our team as a Portfolio Compliance Enablement Specialist in Bengaluru. The ideal candidate will have a strong foundation in Cyber Security, Information Security, or a related field. ### Roles and Responsibility Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies. ### Job Requirements At least 2 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or an interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Understanding of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills, and the ability to work effectively within a team environment.

We are looking for a highly skilled and experienced Consultant to join our team in Gurgaon. The ideal candidate will have 2-3 years of experience in IT Audits, preferably with experience working on FS clients. ### Roles and Responsibility Conduct IT audits, including statutory and internal audits, to ensure compliance with regulatory requirements. Develop and implement effective IT General Controls (ITGC) testing procedures to identify areas for improvement. Collaborate with cross-functional teams to design and execute IT Application Controls (ITAC) testing and Automated Business Controls testing. Perform IT Infrastructure risks and control assessments to identify potential vulnerabilities. Assist in SOC1, SOC2 audits and reporting, as well as IT Compliance and regulatory reporting. Develop and maintain expertise in emerging technologies such as cloud, RPA, AI/ML, and Blockchain. ### Job Requirements Bachelor's degree in Computer Science, Statistics, or M.C.A; Master's degree preferred. Minimum 2-3 years of relevant experience in IT Audits, with a focus on client-facing roles managing audits. Strong knowledge of ITGC, ITAC, and IT Automated Business Controls testing. Experience with IT SOX 404, SOC1, SOC2 audits, and reporting. Familiarity with risk and control assessments considering emerging technologies. Preferred certifications include CISA, CISSP, CISM, CRISC, CCSK, and others relevant to the role.

We are looking for a skilled Senior Manager TPRM with 10 to 12 years of experience to join our team in Bengaluru. The ideal candidate will have a strong background in information security, risk management, and controls concepts. ### Roles and Responsibility Provide guidance and share knowledge with team members on complex, judgmental, and specialized issues. Brief the engagement team on client's environment and industry trends, maintaining relationships with client management to manage expectations of service. Demonstrate a thorough understanding of complex information systems and apply it to client situations, using extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Manage client engagements, determining and deploying the right team with adequate skill sets for executing engagements and periodically reviewing status updates. Contribute to thought leadership documents and develop new methodologies, facilitating discussions/knowledge sharing with key client personnel. Plan and schedule client engagements, staying abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Identify buyers, influencers, and stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity, and leadership, working with team members to set goals and responsibilities for specific engagements and fostering teamwork and innovation. Drive performance management for self and team, managing the performance management process for direct reportees as per organizational policies. Train and mentor project resources, participating in organization-wide people initiatives. ### Job Requirements Strong knowledge of information security concepts, risk, and controls is required. Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc., and regulations like FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, OSI layer, networking, and security concepts, along with sound familiarity with OWASP and Secure SDLC standards/frameworks. Experience in LAN/WAN architectures and reviews, cryptography, physical and environmental security, asset security, and identity and access management. CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer certifications are preferred. A BE/BTech degree with a sound industry experience of 10 to 12 years is required.

We are looking for a highly skilled and experienced Chartered Accountant (CA) or Master’s degree in management, Information Systems/Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline with 5 to 10 years of experience to join our team as a Senior Manager in Risk Consulting - Protect Tech. The ideal candidate will have a passion for technology and an ardent desire to work in risk management. ### Roles and Responsibility Consistently deliver quality client services, driving high-quality work products within expected timeframes and on budget. Foster relationships with client personnel to analyze, evaluate, and enhance information systems, developing and improving security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, communicating this information to the engagement team and client management through written correspondence and verbal presentations. Demonstrate deep technical capabilities and professional knowledge, quickly assimilating new knowledge. Identify strategic, IT, and business risks, control gaps, weaknesses, and areas of improvement. Design IT Risk Controls frameworks and RACMs, and implement IT general controls, application controls, and business process controls. Conduct IT internal control reviews and review SOC1 or SOC2 reports. Perform IT Risk and Controls assessment with exposure to technologies such as SAP, Oracle, Workday, MS Dynamics, or emerging technologies like Cloud, RPA, AI/ML. Possess knowledge of IT risk, information security, or cyber security frameworks such as COSO, COBIT, ISO, NIST, etc. Understand IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS, etc. Have strong exposure working in client-facing roles and collaborating with cross-functional teams including internal audits, IT security, and business stakeholders to assess control effectiveness and facilitate remediation activities. Exhibit excellent communication, documentation, and report writing skills. Relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001 are a plus. ### Job Requirements A Chartered Accountant (CA) or Master’s degree in management, Information Systems/Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline is required. Minimum 5 years of experience in risks & controls, preferably in a Big 4 or professional firm. Passion for technology and a desire to work in risk management. Strong understanding of IT risk, information security, or cyber security frameworks such as COSO, COBIT, ISO, NIST, etc. Experience in conducting IT internal control reviews and reviewing SOC1 or SOC2 reports. Excellent communication, documentation, and report writing skills are essential. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001.