1010 Cobit Jobs

Location: Gurugram, Haryana; Hyderabad, Telangana Time type: Full time Job level: Associate Job type: Regular Category: Technology Risk Services ID: JR113394 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. As an associate in RSM’s growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Responsibilities include Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements. Qualifications B.Tech/MCA/MBA with ISO 27001 Lead Auditor and up to 2 years of relevant experience in Information Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, and IT Application Controls. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL etc.) Qualified to pursue a job-relevant certification (CIA, CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (Vlookups, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Over the past 15 years, Medanta has created an unrivalled impact in delivering world class multi-specialty care for patients in India. We have hospitals in Gurgaon, Lucknow, Patna, Indore and Ranchi. In addition, we have clinics in Defence Colony (South Delhi), Cybercity & Subhash Chowk (Gurgaon), and at the Delhi Airport. Medanta is constantly growing and has also ventured in Retail vertical through Diagnostics (Laboratory Services) and Pharmacies. We also have also launched homecare services. We further plan to scale up existing facilities and expand into a few more geographical areas and also identify new avenues (Academics - Medical College) within the Healthcare eco-system. As we continue to scale and grow into new geographies, explore innovative methods of healthcare delivery, we are looking to hire exceptional talent to help us achieve our vision and grow in the process to achieve their professional aspiration. Roles & Responsibilities: Leverage the existing cybersecurity tools and capable to identify open-source tools to discover threat agent actions. Identify potential threats and mitigation strategies to enable a proactive defense mechanism before an actual security incident. Design and implement a security incident response process. Act as the primary control point during significant information security incidents, manage the development of incident response plans and generate detailed reports. Identify and propose the implementation of the key information security initiatives, plans, practices and tools to the management. Proactive support on the approved information security projects, internal/external security audits, internal audits, application security assessment and reviews and compliance. Identify and understand potential and emerging information security threats and vulnerabilities and implement an effective communication channel across the appropriate teams. Detect and respond to cyber security threats and implement remediation controls. Perform GRC assessment on IT infrastructure and Applications and prepare plan to mitigate. Hardening reviews of endpoints, networks and servers. Manage security compliance for end points, networks, servers, databases, etc. Proficient in operating cyber security solutions to protect IT Infrastructure and data it hold What we are looking for Bachelor’s degree specializing in Information Security, Computer Science, Information Management Systems, or relevant work experience. Minimum 6 years of experience in Cyber Security . Individual Contributor and capable of working independently. Strong technical skills relevant to Information Security such as SIEM, IDAM, PIM/PAM, Breach Attack Simulation and Micro segmentation An excellent knowledge and deep understanding of the complex network and end point security principles and concepts. Practical knowledge of operating systems (such as: Windows, Linux, Hypervisors). Detailed experience with vulnerability scanning solutions. Ability to identify and mitigate network vulnerabilities and an understanding of their remediation. Required to assist with root cause identification for incident management. Should be acquainted with Information Security Industry standards/best practices and relevant regulations (such as: SSAE16, SOC 2, PCI DSS, HIPAA, GLBA, FISMA, NIST, ISO27000, CobiT, ISF, OWASP, SANS). Must have proficient analytical, technical research and detail-oriented skills Available to work on-call whenever required. Employment Type : Full-Time Job Location - Gurgaon Work Days - 6 Days a week from office

A cyber security analyst job description typically includes monitoring networks for security breaches, investigating incidents, developing security policies, and implementing security measures to protect an organization's systems and data from cyber threats. They also work on improving security posture by identifying vulnerabilities and recommending enhancements. Here's a more detailed breakdown: Key Responsibilities: Monitoring and Investigation: Continuously monitoring network traffic and systems for suspicious activities, security breaches, and unauthorized access attempts using tools like intrusion detection systems (IDS). Incident Response: Investigating security incidents, analyzing their root cause, and coordinating efforts to contain, mitigate, and recover from the incident. Vulnerability Assessment and Management: Identifying and assessing vulnerabilities in systems, networks, and applications, and recommending remediation steps. Security Policy Development and Implementation: Developing, implementing, and enforcing security policies, procedures, and best practices to ensure compliance with industry standards and regulations. Security Enhancements: Recommending security enhancements to management or senior IT staff, and implementing new security tools and technologies. Threat Research: Staying up-to-date on the latest cyber threats, attack techniques, and security trends. Ethical Hacking/Penetration Testing: Conducting penetration tests and ethical hacking exercises to proactively identify vulnerabilities and weaknesses. Reporting and Documentation: Creating reports on security metrics, incidents, and vulnerabilities, and documenting security policies and procedures. Required Skills and Knowledge: Technical Skills: Strong understanding of network security concepts, security technologies (firewalls, intrusion detection systems, antivirus software), operating systems (Windows, Linux, macOS), and security protocols. Analytical Skills: Ability to analyze security logs, network traffic, and system logs to identify threats and vulnerabilities. Problem-Solving Skills: Ability to investigate security incidents, identify the root cause, and develop effective solutions. Communication Skills: Ability to communicate security risks and recommendations to both technical and non-technical audiences. Knowledge of Security Frameworks: Understanding of security frameworks like NIST, ISO, and COBIT. Knowledge of Cyber Security Trends: Staying up-to-date on the latest cyber security threats and trends. Work Environment: Cyber security analysts typically work in an office environment, often with some flexibility to work remotely depending on the organization and the type of data handled. They may also work in rotational shifts, including nights and weekends, due to the need for continuous monitoring and response. Tamil candidates only Job Type: Full-time Pay: ₹281,097.55 - ₹1,121,579.81 per year Benefits: Food provided Work Location: In person

2-3 years of experience in GRC, Information Security, or Compliance roles, preferably in a FinTech or financial services environment. Strong knowledge of PCI DSS, ISO 27001, SOC 2, GDPR, RBI guidelines, and other financial regulatory frameworks. Experience conducting internal audits, risk assessments, and compliance reviews. Familiarity with GRC tools and risk management frameworks (e.g., NIST, COSO, COBIT). Strong analytical, problem-solving, and stakeholder management skills. Educational & Professional Credentials Bachelors degree in information technology, Computer Science, i.e. MSc Computer Science, B. Tech or Equivalent technical background. Certifications: CISA, CISM, CRISC, CISSP, ISO 27001 Lead Auditor, PCI ISA/QSA. Experience working with payment systems, digital banking, remittances, or forex operations. Knowledge of third-party risk management (TPRM) and security governance models. Required Knowledge & Skills Role Overview: The GRC Manager will be responsible for establishing, implementing, and overseeing Governance, Risk, and Compliance frameworks within the company. This role ensures compliance with PCI DSS, ISO 27001, and other regulatory requirements, while also managing risks related to financial transactions, data security, and operational processes in a FinTech environment. Governance & Compliance: Implement and maintain PCI DSS, ISO 27001, and other applicable compliance frameworks. Develop and enforce policies, procedures, and controls to meet regulatory and industry standards. Conduct periodic gap assessments and audits to ensure compliance with relevant security and privacy regulations (e.g., RBI guidelines, GDPR, etc.). Collaborate with internal teams (Security, IT, Legal, Product) to ensure compliance is embedded in all business processes. Stay updated on regulatory changes and proactively implement necessary compliance measures. Risk Management: Develop and manage the Enterprise Risk Management (ERM) framework, identifying, assessing, and mitigating risks related to cybersecurity, operations, and third-party vendors. Conduct risk assessments and business impact analyses to identify vulnerabilities in processes and technology. Oversee third-party/vendor risk management to ensure compliance with security and privacy requirements. Monitor key risk indicators (KRIs) and report findings to senior management. Audit & Incident Management: Lead internal and external audits related to PCI DSS and ISO 27001 compliance. Coordinate with auditors and regulators to address compliance gaps and implement corrective actions. Establish and oversee incident response protocols to ensure swift action in case of security breaches or compliance violations. Conduct root cause analysis (RCA) for compliance issues and implement continuous improvement measures. Training & Awareness: Conduct employee training programs on risk, compliance, and security best practices. Promote a strong compliance culture within the organization through regular awareness campaigns.

Location: Gurugram, Haryana; Hyderabad, Telangana Time type: Full time Job level: Associate Job type: Regular Category: Technology Risk Services ID: JR113394 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. As an associate in RSM’s growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Responsibilities include Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements. Qualifications B.Tech/MCA/MBA with ISO 27001 Lead Auditor and up to 2 years of relevant experience in Information Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, and IT Application Controls. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL etc.) Qualified to pursue a job-relevant certification (CIA, CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (Vlookups, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

JOB PURPOSE The Governance Lead will drive the end-to-end ICT governance function to ensure that the organization’s information and communication technology (ICT) operations are well-governed, compliant, and optimized for performance. This senior role is responsible for overseeing vendor governance, including sourcing and contracting oversight, contractual compliance (Deliverables & Obligations), Service Level Agreement (SLA) management, enterprise risk management for ICT, and vendor relationship management. PRINCIPAL ACCOUNTABILITIES Sourcing & Contract Governance for ICT Operations, Solutions Engagement, Transformation Projects, Innovation and Airport Expansion Initiatives Ensure robust governance of all ICT sourcing and procurement activities. The Governance Lead will work jointly with the Procurement and Legal teams to establish and review ICT vendor contracts, making sure that terms, conditions, and service expectations are clearly defined and in line with organizational policies. This includes overseeing contracts for Solution Engagement (SE) projects, ICT projects, and major “PAL2” strategic initiatives, ensuring these contracts support the projects’ objectives and comply with internal standards. Policy Compliance in Procurement: Develop and enforce governance guidelines for ICT sourcing. Ensure that all RFPs, vendor evaluations, and contract awards follow the company’s procurement policies, ICT templates/standards and ethical standards for transparency and fairness. Contract Establishment and Approval: Coordinate contract drafting and negotiations in collaboration with Legal, making sure that deliverables, service levels, and compliance requirements are contractually documented. All ICT purchase requisitions and contracts should go through proper approval workflows as per the authority matrix. Vendor Selection Oversight: Participate in or oversee key vendor selection committees for significant ICT deals to provide governance perspective – validating that due diligence is performed, risks are assessed, and the best value vendors are chosen in alignment with strategic goals. Deliverables & Obligations (D&O) Compliance for ICT Vendors Maintain strict compliance tracking of all vendor deliverables and obligations as per contracts. In this role, the Governance Lead ensures that each ICT vendor fulfills the commitments stipulated in their contracts. D&O Tracker Management: Implement and maintain a D&O tracking system for all ICT vendor contracts. This tracker lists every deliverable (e.g. monthly service reports, audit findings, project milestones, compliance certificates) and obligation (e.g. data backups, staffing levels, training sessions) that vendors owe, along with due dates. The Governance Lead reviews this tracker on a regular basis and updates the status of each item. Review and Verification: For each deliverable submitted by a vendor, coordinate with the relevant ICT operational teams to review the content and quality. Enforcement of Obligations: If vendors miss deadlines or fail to meet an obligation, the Governance Lead initiates escalation. This can include issuing formal notices of non-compliance through Governance notes, requiring the vendor to provide explanations, and setting immediate corrective actions. Repeated misses without valid reasons are treated seriously – flagged as non-compliances in governance forums and can trigger penalty clauses or management escalation as per the contract. Reporting D&O Compliance: Prepare summaries of D&O compliance status for leadership review (e.g., in monthly CDIO governance meetings). Highlight areas where compliance is strong and call out any deliverable that is delayed or disputed. SLA Governance of ICT Vendors Monitor and govern service performance through Service Level Agreements (SLAs). The Governance Lead is responsible for ensuring that all ICT vendors meet or exceed their agreed Service Level targets, which is critical for reliable airport operations. SLA Definition and Alignment: Collaborate with procurement and technical teams during contract negotiation to define clear, measurable SLA metrics for each service. Performance Monitoring: The Governance Lead will regularly review vendors’ SLA performance reports covering all key metrics. SLA Change Management: Oversee any adjustments to SLAs over time. The Governance Lead manages a structured process for SLA re-baselining when necessary, negotiating changes with vendors and documenting them via formal contract amendments or change requests. Reporting: Summarize SLA compliance across all vendors in management reports. Highlight any significant SLA breaches and the actions taken. Risk Management for the ICT organization Lead the ICT risk management and compliance efforts. Governance Lead, will implement a comprehensive risk management framework to identify, assess, and mitigate risks across the entire ICT landscape (infrastructure, applications, data, vendors, and processes). Risk Identification & Register: Work with all ICT sub-departments (operations, security, projects, etc.) to continuously identify potential risks – including operational risks (e.g. system failures, capacity shortfalls), security risks (cyber threats, data breaches), compliance risks (regulatory or policy violations), and vendor-related risks (dependency on a single supplier, supplier financial stability, etc.). Risk Assessment & Mitigation Planning: Conduct periodic risk assessments (e.g. quarterly or during major changes) to evaluate the current risk levels. Compliance Oversight: Ensure that ICT processes and vendors comply with relevant regulatory and policy requirements. This includes compliance with data protection laws (for instance, India’s Digital Personal Data Protection Act) and industry standards or certifications the organization adheres to (such as ISO/IEC 27001 for Information Security, ISO 20000 for IT Service Management, or other aviation industry regulations). Reporting and Review: Provide regular risk updates to senior management (e.g., risk dashboards or presentations to the CDIO or risk committee). Clearly communicate the top ICT risks, status of mitigation actions, and any support needed. Also, organize management review meetings for the ICT governance/risk domain. Relationship Management for all ICT Vendors Serve as the executive owner of vendor relationships. Beyond enforcing contracts and SLAs, the Governance Lead focuses on building and maintaining strategic partnerships with ICT suppliers. Governance Structure & Meetings: Establish a structured vendor governance cadence. Governance Meetings: Monthly governance meetings to review overall performance, SLA metrics, ongoing issues, and progress on initiatives. Executive Steering Committees (ESC): Quarterly or bi-annual high-level meetings with the vendor’s senior executives and the organization’s ICT leadership to discuss strategic alignment, major upcoming projects, innovation ideas, and any significant concerns. For key vendors, ensure that Executive Steering Committee meetings happen on schedule and address the right agenda. Performance and Relationship Monitoring: Develop a vendor scorecard or dashboard for each major vendor that tracks not only SLA performance and D&O compliance, but also qualitative aspects like responsiveness, proactiveness, and quality of collaboration. Use these scorecards in governance meetings to provide a transparent view of how the vendor is doing. Additionally, solicit feedback from internal teams that interact with the vendor (e.g. project managers, engineers) to identify any pain points or areas of excellence. This holistic view feeds into a “relationship health” assessment discussed with the vendor. Vendor Development and Alternate Sourcing: Work on long-term strategies such as developing secondary vendors for critical services (to mitigate risk of single-supplier dependency) or helping improve a smaller vendor’s capabilities if they are important to the business. Executive Reporting on Vendor Ecosystem: Summarize the status of vendor relationships to executive leadership. DIMENSIONS Financial Ensure value delivery in all outsourced services and/or product contracts. Arrest any value leakage in the contract. Non-Financial Manage a team of 1-2 FTEs with day-to-day task allocation, review, and guidance on in-scope functions. Assess the skills, capabilities & expectations of the team from time to time and work with BIAL ICT & HR leadership to define/refine the career path for the team periodically, along with identifying necessary training & mentoring needs of the team Provide inputs on team capacity planning & hiring plans if any JOB SPECIFICATION In-depth understanding of IT governance frameworks and best practices. Familiarity with standards like COBIT and ITIL/ISO 20000 Strong knowledge of contract management principles, procurement processes, and legal basics of IT contracts (liabilities, indemnities, penalties, etc. in vendor agreements). Solid grasp of risk management techniques and compliance requirements relevant to ICT – including cybersecurity standards (ISO 27001) and data protection regulations. Analytical and Problem-Solving: Exceptional analytical skills to interpret performance data, contract details, and risk assessments. Leadership and Influence: Demonstrated ability to lead cross-functional teams and influence without direct authority. Communication: Excellent communication and interpersonal skills. Must be adept at stakeholder management – able to communicate effectively with C-level executives as well as technical project managers. Qualifications Bachelor’s degree in CS, IS, Engineering MBA or a relevant master’s degree is highly valued 12-15 years of experience in the IT/ICT sector, with 5-7 years in leadership roles focusing on IT governance, vendor management & program management 5 days WFO

About ACA: ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We empower our clients to reimagine GRC and protect and grow their business. Our innovative approach integrates consulting, managed services, and our ComplianceAlpha® technology platform with the specialized expertise of former regulators and practitioners and our deep understanding of the global regulatory landscape. Position Summary The IT Security Systems Administrator is responsible for the implementation and ongoing management of the security related technology systems utilized by ACA Group (“ACA”). This position needs to understand the IT vision and work towards realizing it. Individual would be responsible for finding ways to apply departmental new ideas into their daily work. This position needs a self-starter who works to improve their own effectiveness as well as provides ad-hoc suggestions for broader improvements for IT Security Systems. Execution of assigned tasks on time and on quality with some oversight and assistance from others. Job Duties Identify gaps, vulnerabilities, exploits, and patches in IT controls in order to generate issue lists and mitigation recommendations Execute ongoing testing and gap analysis of information security-related policies, practices, and procedures, and perform tasks related to monitoring IT infrastructure according to established guidelines Handle and delegate as necessary the tracking of periodic reviews, audits, and updates Assist with maintenance of back-end technology systems such as Server Hosts, Backup Software, Networking, and Security Systems 5. Assist with conducting technical reviews of ACA’s IT systems and audit security controls. Analyze IT audit submissions and related documentation, and align responses with various risk frameworks (e.g., COBIT, NIST, SANS) Assist with the research, review, development, and/or enhancement of information security policies and technical risk documentation, as well as white paper content and/or training programs Assist with creating content for cybersecurity and IT-risk related email alerts Assist with the design and production of phishing campaign email templates Assist with content generation for end user information security training Handle escalations from the 1st/2nd line support Identify, map, and diagram data flow and processes Perform ad-hoc work/special projects as necessary to support ACA on various client and internal initiatives Preferred Education And Experience Relevant cybersecurity professional certification (e.g., ISC(2), SANS GSEC/GICSP, ISACA, Offensive Security OSCP/OSCE) 4-7yrs of an experience is required Required Skills And Attributes Demonstrated professional integrity Dependable, flexible, and adaptable to new ACA initiatives and changing client needs Ability to work well in a fast-paced, small-team environment Ability to work independently, multi-task and prioritize effectively Ability to establish and maintain effective working relationships with colleagues and clients Highly motivated and goal oriented; proactive in one’s own education and career progression; volunteers for and shows initiative on both internal and external projects and tasks Dedicated to upholding ACA’s high-quality standards and customer service focus Strong organizational and problem-solving skills with attention to detail Strong oral and written communication skills What working at ACA offers: We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. Our Total Rewards package includes medical coverage fully funded by ACA for employees and their family as well as access to Maternity & Fertility and Wellness programs. ACA also provides Personal Accident Insurance, Group Term Life Insurance, Employee Discount programs and Employee Resource Groups. You’ll be granted time off for designated ACA Paid Holidays, Privilege Leave, Casual/Sick Leave, and other leaves of absence to support your physical, financial and emotional well-being. About ACA: ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We empower our clients to reimagine GRC and protect and grow their business. Our innovative approach integrates consulting, managed services, and our ComplianceAlpha® technology platform with the specialized expertise of former regulators and practitioners and our deep understanding of the global regulatory landscape. What we commit to: ACA is firmly committed to a policy of nondiscrimination, which applies to recruiting, hiring, placement, promotions, training, discipline, terminations, layoffs, transfers, leaves of absence, compensation and all other terms and conditions of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected status.

Job Description KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities Requirement Functional Knowledge: Significant Know How of various domains under Governance & Management of Enterprise IT, Financial Statements - IT Audit Process & Integrated Audits, Leading IT Risk Management Frameworks & Standards ( such as COBIT, COSO, ITIL, ISO 27001, NIST etc.) Core Technical Skills: Hands on experience in executing and delivering audits/assurance engagements (At least in 2-3 areas) of IT General Controls around Applications, Database, Operating Systems, Middleware, Networks, IT Application Controls, IT Attestation (SOC1SOC 2 etc.), IT Regulatory Compliance, Third Party Risk Assurance etc. Additional Skills: Understanding of at Technology Risks & Controls for at least one of Emerging Technology solutions such as Cloud, Social Media, Intelligent Automation, DevSecOps etc. Professionals would be leading at least 3-5 projects at any time on IT Audit & Controls Assurance. They shall be having teams report to them at a project level. Professional have the responsibility of project execution and shall report to a director/partner on every project. They shall be responsible for ensuring project profitability, quality as well as adherence to the agreed project plan Will have End to End responsibility of managing the project lifecycle from Initiation till Closure and maintain requisite documentation at each stage. Professionals shall assist the Partner/Director in managing quality & risks associated with the projects The job would require travel to client locations within India and abroad Certifications such as CISA, CISSP, CIA, SAP/Oracle Securityand related certifications in the areas of Emerging Technologies would be plus. Responsibilities for Internal Candidates Provide high quality, day-to-day execution of client engagements, and projects for the financial services practice Develop engagement work programs, assist in conducting risk assessments, documentation of working papers and preparation of audit committee presentations Shall be responsible for client relationship management, team management along with ability to handle multiple client engagements Understand client needs and challenges and identify revenue opportunities for the firm Work on project teams focused on advisory projects and assist engagement management to successfully complete engagement objectives Understand firm service offerings and mentor associates, interns, and new hires. Qualification QUALIFICATIONS Possesses extensive experience in IT Audit, IT Risk & Control Assurance space Prior experience in client facing / account management roles Exposure to business development in consulting (Pre-sales support, proposals, RFP responses) Possess strong domain knowledge, understanding of business processes and possible risks in operations of at least two industry sectors Consistent display of leadership skills Have experience in process consulting/ internal audit/ risk consulting at a project professional level role Strong analytical and problem solving skills. Strong written and verbal communication skills Ability to work well in teams Equal Employment Opportunity Information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Job Description Job Description Role: Audit & Complaince Location: Bangalore Full/ Part time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we&aposve led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do About The Role We are seeking a highly skilled and experienced DT Compliance Lead to join our team, within Cyber Security function in Carrier, the ideal candidate will have a strong background in IT audits, compliance, and risk management. This is an individual contributor role that requires a proactive and detail-oriented professional to manage and support various compliance and audit activities. The individual will be responsible for governance and oversight of enterprise-wide SOX IT control program to mitigate the risk of material omissions, errors or weaknesses in our technology and security controls. The position requires a combination of strong program management and leadership skills, along with broad technical knowledge and subject-matter expertise in IT audits and compliance. This individual will be responsible for managing SOX compliance expectations with our key stakeholders including control owners, senior/executive management, and internal/external auditors. Key Responsibilities Oversee program management for all activities including planning, scoping, audit fieldwork, issue identification, reporting, and remediation of issues. Develop an intimate understanding of Carriers business processes and the role of technology in meeting business objectives including key IT processes, automations, reports, data flows, and interfaces. Maintain SOX IT documentation, liaise with internal and external auditors, and provide guidance and support to technology control owners on control design, audit requirements, and issue remediation. Conduct internal audits to assess the effectiveness of internal controls and compliance with policies and regulations. Coordinate and support external audits, including providing necessary documentation and information. Evaluate IT control deficiencies for impact and perform root cause analysis to determine appropriate management actions. Monitor managements remediation efforts to closure, including review of supporting evidence. Serve as subject matter expert and advise on the SOX compliance implications of technology related changes to the business such as new product lines, new system implementations etc. Develop a continuous monitoring program with an emphasis IT controls automation. Develop metrics, reporting and dashboards to track SOX IT control effectiveness and ensure process efficiency, and that risks are being appropriately tracked, communicated and managed. Continually identify opportunities to benchmark controls, automate control testing and streamline manual efforts to increase efficiency and reduce cycle times. Stay current on new technical literature applicable to the internal control process (e. g., PCAOB guidance, SEC, COSO, COBIT, etc.) and maintain awareness of emerging trends and best practices around technology and security controls. Successfully partner with and manage executive level stakeholders, PMOs & Working Groups with Domestic & International cross-functional teams. Create and deliver DT SOX Compliance training materials to key stakeholders. Provide guidance and support to other teams on compliance-related matters. Prepare and present reports on compliance activities and findings to senior management. Requirment Minimum 8-10 years of experience in IT audits, compliance, and risk management. Full-time Bachelors degree in IT, Computer Science or equivalent. Certifications such as CISA, CISM, or CISSP or similar professional certifications are highly desirable. Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework. Advanced knowledge of SOX IT requirements, COSO/CoBIT framework and PCAOB standards, and in-depth experience with testing general IT and application controls, segregation of duties (SoD) rules, reports and interfaces. ServiceNow GRC preferred. Excellent analytical and problem-solving skills. Excellent written and verbal communication skills, strong interpersonal skills and the ability to communicate technical concepts effectively across functions and all levels of management. Highly motivated self-starter with a meticulous attention to detail and bias to action, who is eager to put his/her stamp on our rapidly increasing compliance footprint. Ability to work independently and manage multiple priorities. Detail-oriented with a high level of accuracy., or accounting. Key Attributes Forward-thinking mindset with strong digital acumen. Ability to collaborate across business, legal, and engineering functions. Strong sense of ethics, accountability, and customer trust. Excellent communication and stakeholder influence capabilities. Benefits We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary. Make yourself a priority with flexible schedules, parental leave Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Apply Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. Job Applicant&aposs Privacy Notice Click on this link to read the Job Applicant&aposs Privacy Notice Show more Show less

Job Description Job Description Role: Audit & Complaince Location: Bangalore Full/ Part time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we&aposve led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do About The Role We are seeking a highly skilled and experienced DT Compliance Lead to join our team, within Cyber Security function in Carrier, the ideal candidate will have a strong background in IT audits, compliance, and risk management. This is an individual contributor role that requires a proactive and detail-oriented professional to manage and support various compliance and audit activities. The individual will be responsible for governance and oversight of enterprise-wide SOX IT control program to mitigate the risk of material omissions, errors or weaknesses in our technology and security controls. The position requires a combination of strong program management and leadership skills, along with broad technical knowledge and subject-matter expertise in IT audits and compliance. This individual will be responsible for managing SOX compliance expectations with our key stakeholders including control owners, senior/executive management, and internal/external auditors. Key Responsibilities Oversee program management for all activities including planning, scoping, audit fieldwork, issue identification, reporting, and remediation of issues. Develop an intimate understanding of Carriers business processes and the role of technology in meeting business objectives including key IT processes, automations, reports, data flows, and interfaces. Maintain SOX IT documentation, liaise with internal and external auditors, and provide guidance and support to technology control owners on control design, audit requirements, and issue remediation. Conduct internal audits to assess the effectiveness of internal controls and compliance with policies and regulations. Coordinate and support external audits, including providing necessary documentation and information. Evaluate IT control deficiencies for impact and perform root cause analysis to determine appropriate management actions. Monitor managements remediation efforts to closure, including review of supporting evidence. Serve as subject matter expert and advise on the SOX compliance implications of technology related changes to the business such as new product lines, new system implementations etc. Develop a continuous monitoring program with an emphasis IT controls automation. Develop metrics, reporting and dashboards to track SOX IT control effectiveness and ensure process efficiency, and that risks are being appropriately tracked, communicated and managed. Continually identify opportunities to benchmark controls, automate control testing and streamline manual efforts to increase efficiency and reduce cycle times. Stay current on new technical literature applicable to the internal control process (e. g., PCAOB guidance, SEC, COSO, COBIT, etc.) and maintain awareness of emerging trends and best practices around technology and security controls. Successfully partner with and manage executive level stakeholders, PMOs & Working Groups with Domestic & International cross-functional teams. Create and deliver DT SOX Compliance training materials to key stakeholders. Provide guidance and support to other teams on compliance-related matters. Prepare and present reports on compliance activities and findings to senior management. Requirment Minimum 8-10 years of experience in IT audits, compliance, and risk management. Full-time Bachelors degree in IT, Computer Science or equivalent. Certifications such as CISA, CISM, or CISSP or similar professional certifications are highly desirable. Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework. Advanced knowledge of SOX IT requirements, COSO/CoBIT framework and PCAOB standards, and in-depth experience with testing general IT and application controls, segregation of duties (SoD) rules, reports and interfaces. ServiceNow GRC preferred. Excellent analytical and problem-solving skills. Excellent written and verbal communication skills, strong interpersonal skills and the ability to communicate technical concepts effectively across functions and all levels of management. Highly motivated self-starter with a meticulous attention to detail and bias to action, who is eager to put his/her stamp on our rapidly increasing compliance footprint. Ability to work independently and manage multiple priorities. Detail-oriented with a high level of accuracy., or accounting. Key Attributes Forward-thinking mindset with strong digital acumen. Ability to collaborate across business, legal, and engineering functions. Strong sense of ethics, accountability, and customer trust. Excellent communication and stakeholder influence capabilities. Benefits We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary. Make yourself a priority with flexible schedules, parental leave Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Apply Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. Job Applicant&aposs Privacy Notice Click on this link to read the Job Applicant&aposs Privacy Notice Show more Show less

HOURS: 8am CST- 4pm CST (6:30pm IST-2:30am IST) Rate- $13-$18/hr USD Must Have: 4-6 years of hands on SOC Control Testing experience Extensive knowledge of SOC1, and SOC 2 compliance requirements and ITGC framework Must have experience designing, executing, and documenting test procedures Expert-level Excel skills (pivot tables, complex formulas) Experience with one of the Big Four (Deloitte, EY, PwC, KPMG) Understanding of ERP, Cloud, and DevOps, and IAM tools for controls testing (SAP, Azure, GitHub, Sailpoint)- MUST have SAP Ability to manage multiple priorities and projects simultaneously Must be familair with COSO/COBIT, NIST, and ISO frameworks with hands on experience with COSO/COBIT Plusses: CISA Certification (Certified Information Systems Auditor) CISSP Certification (Certified Information Systems Security Professional) Extensive scripting experience for automation and data extraction Job Summary: We are seeking a SOC Controls Tester specializing in IT General Controls (ITGC) to assist with SOC monitoring across over 87 systems. The successful candidate will have extensive experience with SOC compliance requirements and the overall ITGC framework. Responsibilities include designing, executing, and documenting control testing procedures, identifying potential control deficiencies, and recommending effective remediation strategies. The ideal candidate must have advanced Excel skills, including complex formulas, pivot tables, and handling large datasets. Proficiency in scripting languages is required to pull and analyze different data sets. Competence in troubleshooting issues within automated scripts and data analysis processes is essential. Excellent verbal and written communication skills are necessary to document findings and collaborate effectively with IT and business stakeholders. Meticulous attention to detail is crucial to ensure thoroughness and precision in testing and documentation.

Job Description The Security Operation Specialist has end-to-end responsibility for the physical and logical security of the Network/Services, OSS/SQM, and Infrastructure, as per the security policy, and manages the components of security services provided to Nokia customers' end users, within service levels agreed upon with those customers. How You Will Contribute And What You Will Learn Recognised expert in one or more Managed Security Services (MSS) functional areas, at a regional or global level. Addresses and resolves highly complex MSS operations performance issues or challenges, including through technical leadership of highly-skilled teams. Interprets internal and external MSS operational and technology challenges and recommends how they should be overcome. Takes a leadership role in the development of innovative practices to improve MSS operations. Is responsible for leading the design, build, test, and implementation of security systems within an organisation’s IT and telecom network and shall be the owner for Performance & Quality Management of Security Operations & Administration. Approves new and/or changes to guidelines and procedures for the function. Contributes to strategic decisions for not only Managed Services operations, but also the MSS business. Contributes to the development of concepts to determine the professional direction of Managed Services delivery operations personnel. Acts as a professional leader for Managed Services operations, mentoring senior Service Operations Engineers. Often leads longer-term MSS complex improvement projects with moderate resource requirements, risk, and complexity. Key Skills And Experience You Have: Graduate or Master's in engineering with more than 10 years of relevant experience in a combination of security operations (managed detection and response), threat intelligence, and threat hunting. Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Computer Hacking Forensic Investigator (CHFI) Proven track record and experience in Security Operations Management, Managed detection and response, Threat modelling & Use case development, Threat Intelligence & Threat hunting, Investigation and Digital forensics Can determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of risk areas. It Would Be Nice If You Also Have: Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels Strategic leader and builder of both vision and bridges, and able to motivate the appropriate teams in the organization Knowledge and understanding of relevant legal and regulatory requirements, e.g. Country country-specific telecom security conditions, CII (Critical Information Infrastructure) regulations, etc. Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework About Us Come create the technology that helps the world act together Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world. We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work What we offer Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered. Nokia is committed to inclusion and is an equal opportunity employer Nokia has received the following recognitions for its commitment to inclusion & equality: One of the World’s Most Ethical Companies by Ethisphere Gender-Equality Index by Bloomberg Workplace Pride Global Benchmark At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect. Join us and be part of a company where you will feel included and empowered to succeed. About The Team In Mobile Networks , our ambition is to become the trusted partner of choice for Communications Service Providers (CSPs), as well as for non-CSP entities in sectors like utilities, transportation, public services, and defense. We strive to deliver unbeatable customer experiences in wireless connectivity.

Job Description The Security Operation Specialist has end-to-end responsibility for the physical and logical security of the Network/Services, OSS/SQM, and Infrastructure, as per the security policy, and manages the components of security services provided to Nokia customers' end users, within service levels agreed upon with those customers. How You Will Contribute And What You Will Learn Recognised expert in one or more Managed Security Services (MSS) functional areas, at a regional or global level. Addresses and resolves highly complex MSS operations performance issues or challenges, including through technical leadership of highly-skilled teams. Interprets internal and external MSS operational and technology challenges and recommends how they should be overcome. Takes a leadership role in the development of innovative practices to improve MSS operations. Is responsible for leading the design, build, test, and implementation of security systems within an organisation’s IT and telecom network and shall be the owner for Performance & Quality Management of Security Operations & Administration. Approves new and/or changes to guidelines and procedures for the function. Contributes to strategic decisions for not only Managed Services operations, but also the MSS business. Contributes to the development of concepts to determine the professional direction of Managed Services delivery operations personnel. Acts as a professional leader for Managed Services operations, mentoring senior Service Operations Engineers. Often leads longer-term MSS complex improvement projects with moderate resource requirements, risk, and complexity. Key Skills And Experience You Have: Graduate or Master's in engineering with more than 10 years of relevant experience in a combination of security operations (managed detection and response), threat intelligence, and threat hunting. Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Computer Hacking Forensic Investigator (CHFI) Proven track record and experience in Security Operations Management, Managed detection and response, Threat modelling & Use case development, Threat Intelligence & Threat hunting, Investigation and Digital forensics Can determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of risk areas. It Would Be Nice If You Also Have: Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels Strategic leader and builder of both vision and bridges, and able to motivate the appropriate teams in the organization Knowledge and understanding of relevant legal and regulatory requirements, e.g. Country country-specific telecom security conditions, CII (Critical Information Infrastructure) regulations, etc. Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework About Us Come create the technology that helps the world act together Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world. We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work What we offer Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered. Nokia is committed to inclusion and is an equal opportunity employer Nokia has received the following recognitions for its commitment to inclusion & equality: One of the World’s Most Ethical Companies by Ethisphere Gender-Equality Index by Bloomberg Workplace Pride Global Benchmark At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect. Join us and be part of a company where you will feel included and empowered to succeed. About The Team In Mobile Networks , our ambition is to become the trusted partner of choice for Communications Service Providers (CSPs), as well as for non-CSP entities in sectors like utilities, transportation, public services, and defense. We strive to deliver unbeatable customer experiences in wireless connectivity.

Job Summary GRC Consultant Responsibilities Job Summary We are seeking an experienced IT GRC Manager to lead our Governance Risk and Compliance initiatives The candidate will be responsible for developing and implementing IT GRC strategies ensuring compliance with regulatory requirements and managing risk across the organization This role requires a deep understanding of IT governance frameworks risk management practices and compliance standards Key Responsibilities Governance Develop and maintain IT governance frameworks policies and procedures Ensure alignment of IT strategies with business objectives Oversee the implementation of IT governance initiatives and monitor their effectiveness Risk Management Identify assess and manage IT risks across the organization Develop and implement risk mitigation strategies Conduct regular risk assessments in according with NIST standard and audits to ensure compliance with internal and external standards Compliance Ensure compliance with relevant regulatory requirements eg GDPR HIPAA SOX Develop and maintain compliance documentation and reports Coordinate with internal and external auditors to facilitate compliance audits Leadership Lead and mentor a team of IT GRC professionals Collaborate with crossfunctional teams to promote a culture of risk awareness and compliance Provide regular updates to senior management on IT GRC activities and initiatives Qualifications Strong knowledge of IT governance frameworks eg COBIT ITIL Experience with regulatory compliance standards eg GDPR HIPAA SOX Excellent analytical problemsolving and communication skills Relevant certifications eg CISA CRISC CISM are a plus Skills Strong leadership and team management skills Ability to work collaboratively with crossfunctional teams Proficiency in risk assessment and management tools Excellent organizational and project management skills Strong attention to detail and ability to manage multiple priorities

Position: IT Auditor (SME – BFSI Systems & Compliance) Location: India (Remote) Employment Type: Full-Time Schedule: Monday to Friday, Day Shift Experience: 3+ Years in IT Audit, BFSI or RegTech Sector Preferred Company Description Scry AI is a research-driven enterprise AI company delivering secure, intelligent automation platforms to Banking, Financial Services, and Insurance (BFSI) clients. Our solutions empower organizations to manage data, automate workflows, and ensure compliance across mission-critical financial operations. We maintain a strong commitment to security, regulatory alignment, and internal control integrity. We are looking for an IT Auditor with deep experience in IT controls, risk assessments, and security audits to help strengthen and align our platforms with client expectations and compliance frameworks. Role Overview As an IT Auditor at Scry AI, you will evaluate the integrity, confidentiality, and availability of systems powering our AI platforms and client engagements. You’ll work closely with engineering, compliance, and operations teams to assess controls, identify gaps, and ensure we meet industry standards like ISO 27001, SOC 2, and regulatory frameworks including RBI and SEBI guidelines. Key Responsibilities 1. IT Risk & Control Assessments Conduct regular IT audits across infrastructure, applications, data workflows, and user access. Evaluate the effectiveness of internal controls, cybersecurity measures, and business continuity plans. Identify vulnerabilities and recommend actionable mitigation strategies. 2. Compliance & Standards Alignment Ensure ongoing compliance with industry frameworks (ISO 27001, NIST, SOC 2, RBI, SEBI, etc.). Work with engineering to embed audit-readiness and risk mitigation into system design. Support internal audits, external audits, and regulatory inspections. 3. Reporting & Documentation Prepare audit reports detailing findings, risks, and control effectiveness. Maintain logs of issues, resolutions, and audit evidence for internal records. Track and follow up on audit remediation plans and risk closures. 4. Collaboration & Advisory Partner with DevOps, security, and data teams to implement audit recommendations. Provide advisory support during product development and client onboarding. Contribute to IT policies, SOPs, and internal training on security and compliance. Required Qualifications & Skills 3+ years of experience in IT auditing, IT risk management, or information security. Strong understanding of audit frameworks (ISO, SOC, COBIT, NIST, RBI/SEBI norms). Familiarity with cloud infrastructure (AWS, Azure, GCP) and DevSecOps principles. Experience auditing SaaS platforms, databases, and user access control systems. Excellent documentation and analytical skills. CISA, CISM, or similar certifications preferred. Our Ideal Candidate Understands the unique risk and compliance landscape of BFSI and enterprise tech. Has hands-on experience conducting IT audits and collaborating across technical teams. Is detail-oriented, structured, and proactive in surfacing risks before they escalate. Thrives in an evolving, high-accountability environment where security is non-negotiable. Is eager to contribute to secure, compliant, and trusted AI adoption in financial services. Tip for candidates If this role interests you, then follow our page to stay updated on similar future job openings and insights.

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects

Role- Internal Auditor Experience- 3+ years Location- Ahmedabad Roles & Responsibilities: The Internal Auditor will execute internal audits under the direction of the Internal Audit Senior Manager and Zone Audit Director. The Senior Internal Auditor based in Ahmedabad will perform audits across multiple zones, including Europe, Middle East and Africa, Asia pacific, and potentially certain global audits. Key responsibilities include:  Support the Internal Audit manager to conduct the audit engagements, including the budgeting and staffing assignments for the different areas of review, ensuring that adequate documentation and timely execution of the tasks to successfully complete each project.  Lead business process reviews to evaluate the design and operating effectiveness of internal controls over the business cycles, as well as the efficiency and effectiveness of operations;  Lead reviews to assess the accuracy of the financial statements.  Lead reviews to evaluate IT applications and the adequacy/efficiency of accounting, financial and operating procedures established for IT control purposes.  Determine compliance with established Finance and/or IT policies and Sarbanes Oxley legislation.  Prepare reports based upon audit results, audit documentation, and management action plans defined to address observations noted.  Maintain business management timely informed on audit progress, including road blocks, and observations via update meetings and closing conferences.  Update Audit Manager and Zone Audit Director as needed on audit progress and potential issues in a timely manner.  Be part a global Internal Audit Competency Center of selected business process. As such, work closely the Internal Audit Manager responsible for the area of expertise to analyze issues with global/regional/local impacts, develop trend analysis and compile best practices to be shared through the organization for adoption.  Assess the efficiency and effectiveness of actions implemented to address audit issues. Communication :  Communicate effectively verbally and in writing by adopting appropriate communication style to individuals at all levels of the organization and remaining open to disagreement or new ideas.  Articulate understanding of business areas under review, and demonstrates thorough test work and solid rationale for potential audit issues.  Update Audit Manager and Zone Audit Director as needed on audit progress and potential issues in a timely manner. Leadership:  Develop an open and honest working relationship with those being audited and maintain a professional approach at all times.  Share best practices, tools and testing methodologies with other team members, and contribute to departmental projects.  Will be leading an audit team, and will be the key point of contact with those being audited.  Displays leadership and project management skills to complete quality work on time with budgeted resources. Qualifications & Skills:  Undergraduate degree in Finance/Business Administration, Accounting and/or in Computer Science, MIS, or other relevant field.  3-4 plus years of professional experience in an audit related role within a Big-4 accounting firm and/or large corporation’s internal audit department preferred. Additional finance experience would be a plus.  General knowledge of risk/control frameworks (COSO, COBIT) required.  A professional accounting/audit certification (CPA, CIA, etc.) or IT (CISA, CIA, CISM, etc.) certification preferred.  FMCG/Manufacturing experience preferred.  Sarbanes-Oxley experience preferred.  US GAAP/IFRS experience preferred.  SAP knowledge preferred.  Goal-oriented and outgoing with strong interpersonal and teamwork skills.  Strong written and verbal communication skills.  Ability to think and work analytically.  Ability to develop strong and lasting relationships with all levels of management.  Willingness to travel (50%).  Must fluently speak English (Asian/European languages are plus).

Job Description The Global Head – IT Service Delivery & Engineering Excellence , India is responsible for establishing, managing, and scaling the Engineering and IT Services. Centre of Excellence (COE) to drive innovation, efficiency, and service excellence across ARi. This role focuses on standardizing IT service delivery, optimizing operational processes, and ensuring alignment with global business goals. The leader will collaborate with cross-functional teams, drive automation, and implement best practices to enhance IT service management, digital transformation, and enterprise IT strategy. Duties/responsibilities: Engineering and IT Services Strategy & COE Roadmap Develop and implement the Engineering & IT Services COE strategy, ensuring alignment with business and technology goals. Establish a governance model to standardize Engineering & IT service delivery, frameworks, and best practices. Drive process optimization, automation, and cost efficiency across Engineering & IT services. Service Management & Operations Excellence Oversee the implementation and continuous improvement of ITIL, Agile, and DevOps frameworks. Evaluate and implement emerging technologies to enhance product development and engineering efficiency. Ensure high availability, performance, and security of IT services through proactive monitoring and governance. Define and track SLAs, KPIs, and performance metrics to measure and enhance IT service effectiveness. Innovation & Digital Transformation Lead the adoption of emerging IT trends, cloud computing, AI-driven IT operations (AIOps), Advance Manufacturing and automation tools. Foster innovation by leveraging AI/ML, RPA, and cloud-native solutions for IT service optimization. Develop and drive the implementation of self-service IT models and AI-based support systems. Talent Development & Leadership Build and mentor a high-performing IT service management team, promoting a culture of continuous learning and innovation. Define training programs to upskill employees in ITSM, cloud platforms, automation, and security. Encourage collaboration between IT, business units, and external partners to drive service excellence. Collaborate with cloud providers, AI startups, research institutions, and open-source communities to stay ahead of industry trends. Develop, Guide and mentor a global delivery team with onshore, offshore, client location to deliver the required project and solutions with speed and agility. Managing risk and Mitigation while creating new Solutions, Proof of Concept (PoC), scalable new solutions. Stakeholder Engagement & Vendor Management Act as the primary liaison between global business leaders, IT teams, and external technology partners. Manage relationships with third-party IT service providers, cloud vendors, and managed service partners. Lead negotiations and optimize vendor contracts to drive cost efficiency and service quality. Build and maintain strong relationships with customers, proactively identifying opportunities for additional services and value creation. Strong Customer governance and strategic connections for strengthening delivery excellence. Responsible for the P&L management for the overall Global Delivery structure. Drive Margins with the Growth Mindset to improve the company topline numbers and maximize customer satisfaction. Education & Experience: Bachelor's/Master’s degree in IT, Computer Science, Business Administration, or a related field. MBA degree from a reputed B-School is preferred. 20+ years in IT service management, operations, or related roles, with 10+ years in a senior global leadership capacity. Required Skills Deep understanding of ITSM, cloud platforms (AWS, Azure, GCP), automation, and enterprise IT frameworks. IT Service Frameworks: Expertise in ITIL, COBIT, Agile, DevOps, and service automation tools. Leadership & Change Management: Proven ability to lead large, distributed IT teams and drive service transformation. Strategic Thinking: Ability to align IT services with long-term business goals and digital transformation initiatives. Communication & Collaboration: Strong stakeholder management skills to engage with C-level executives and global teams. 30% Domestic/International travel required Why Join Us? Lead strategic IT service transformation in a global organization. Work on cutting-edge IT automation, cloud transformation, and AI-driven IT operations. Collaborate with top IT experts, business leaders, and technology partners. Be part of an innovative, high-impact, and future-ready IT services organization Job Information Rate / Salary $ - $ Sector IT/Software/Technology Category Engineering Skills / Experience Not Specified Benefits Company paid holidays, Vacation and Sick paid time off, maternity/paternity/bereavement paid time off, Medical/Vision/Dental/Life/Accidental Death and Dismemberment Insurance, Short- and long-term disability, 401k with match. Our Reference JOB-1360

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30187464 Job Category Digital Technology Job Description Job Description Role: Audit & Complaince Location: Bangalore Full/ Part time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do About the role: We are seeking a highly skilled and experienced DT Compliance Lead to join our team, within Cyber Security function in Carrier, the ideal candidate will have a strong background in IT audits, compliance, and risk management. This is an individual contributor role that requires a proactive and detail-oriented professional to manage and support various compliance and audit activities. The individual will be responsible for governance and oversight of enterprise-wide SOX IT control program to mitigate the risk of material omissions, errors or weaknesses in our technology and security controls. The position requires a combination of strong program management and leadership skills, along with broad technical knowledge and subject-matter expertise in IT audits and compliance. This individual will be responsible for managing SOX compliance expectations with our key stakeholders including control owners, senior/executive management, and internal/external auditors. Key Responsibilities: Oversee program management for all activities including planning, scoping, audit fieldwork, issue identification, reporting, and remediation of issues. Develop an intimate understanding of Carrier’s business processes and the role of technology in meeting business objectives including key IT processes, automations, reports, data flows, and interfaces. Maintain SOX IT documentation, liaise with internal and external auditors, and provide guidance and support to technology control owners on control design, audit requirements, and issue remediation. Conduct internal audits to assess the effectiveness of internal controls and compliance with policies and regulations. Coordinate and support external audits, including providing necessary documentation and information. Evaluate IT control deficiencies for impact and perform root cause analysis to determine appropriate management actions. Monitor management’s remediation efforts to closure, including review of supporting evidence. Serve as subject matter expert and advise on the SOX compliance implications of technology related changes to the business such as new product lines, new system implementations etc. Develop a continuous monitoring program with an emphasis IT controls automation. Develop metrics, reporting and dashboards to track SOX IT control effectiveness and ensure process efficiency, and that risks are being appropriately tracked, communicated and managed. Continually identify opportunities to benchmark controls, automate control testing and streamline manual efforts to increase efficiency and reduce cycle times. Stay current on new technical literature applicable to the internal control process (e. g., PCAOB guidance, SEC, COSO, COBIT, etc.) and maintain awareness of emerging trends and best practices around technology and security controls. Successfully partner with and manage executive level stakeholders, PMOs & Working Groups with Domestic & International cross-functional teams. Create and deliver DT SOX Compliance training materials to key stakeholders. Provide guidance and support to other teams on compliance-related matters. Prepare and present reports on compliance activities and findings to senior management. Requirment Minimum 8-10 years of experience in IT audits, compliance, and risk management. Full-time Bachelor’s degree in IT, Computer Science or equivalent. Certifications such as CISA, CISM, or CISSP or similar professional certifications are highly desirable. Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework. Advanced knowledge of SOX IT requirements, COSO/CoBIT framework and PCAOB standards, and in-depth experience with testing general IT and application controls, segregation of duties (SoD) rules, reports and interfaces. ServiceNow GRC preferred. Excellent analytical and problem-solving skills. Excellent written and verbal communication skills, strong interpersonal skills and the ability to communicate technical concepts effectively across functions and all levels of management. Highly motivated self-starter with a meticulous attention to detail and bias to action, who is eager to put his/her stamp on our rapidly increasing compliance footprint. Ability to work independently and manage multiple priorities. Detail-oriented with a high level of accuracy., or accounting. Key Attributes: Forward-thinking mindset with strong digital acumen. Ability to collaborate across business, legal, and engineering functions. Strong sense of ethics, accountability, and customer trust. Excellent communication and stakeholder influence capabilities. Benefits We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary. Make yourself a priority with flexible schedules, parental leave Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

JOB DESCRIPTION KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. QUALIFICATIONS • IT Audit + SAP experience with knowledge of IT governance practices Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skills Knowledge of security measures and auditing practices within various applications, operating systems, and databases. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

JOB DESCRIPTION KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. QUALIFICATIONS • IT Audit + SAP experience with knowledge of IT governance practices Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skills Knowledge of security measures and auditing practices within various applications, operating systems, and databases. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Job Description Location: Mumbai/Gurgaon/Noida/ Bangalore/Chennai/Kochi/Kolkata/Ahmedabad/Pune/Hyderabad We are looking to hire Experienced Managers for IT Audit. Your role will be to provide direct real-time support and coaching to engagement teams. The BSR Second line of defense (2LoD) team helps enhance audit quality by providing direct real time support and coaching to engagement teams before the audit opinions are signed, with the goal of helping the team deliver an audit in accordance with relevant professional standards Function: Second line of defense (2LoD) Experience: At least 6+ Years of relevant experience Technical Skills Functional Knowledge: Significant Know How of various domains under Governance & Management of Enterprise IT, Financial Statements - IT Audit Process & Integrated Audits, Leading IT Risk Management Frameworks & Standards (such as COBIT, COSO, ITIL, ISO 27001, NIST etc.) Core Technical Skills: Hands on experience (At least 6+ years) in executing and delivering audits engagements of IT General Controls around Applications, Database, Operating Systems, Middleware, Networks, IT Application Controls, IT Attestation (SOC1SOC 2 etc.). Coach an engagement team from the beginning to the end of an engagement lifecycle (focusing on the 2LoD focus areas) along with providing relevant technical guidance , based on frequent areas of internal and external quality reviews, and/or emerging areas of guidance and best practice Managers would be reviewing multiple projects at any time on IT Audit. Manager shall report to a partner. They shall be responsible for ensuring project quality as well as adherence to the agreed project review plan. Additional Skills: Understanding of at Technology Risks & Controls for at least one of Emerging Technology solutions such as Cloud, DevSecOps etc. The job would not require travel to client locations within India. Certifications such as CISA, CISSP, CIA, SAP/Oracle Security and related certifications in the areas of Emerging Technologies would be plus. Practice Initiatives Contribute to Learning & Development Participate in practice initiatives and at times lead such initiatives such as knowledge management Responsibilities: Review documentation relating to the 2LoD focus areas (and related planning documentation such as assessment of materiality, significant risks, significant accounts) that has been prepared and reviewed by the engagement team and provide suggestions for improvement. Review observations should be articulated as clearly as possible Coach an engagement team from the beginning to the end of an engagement lifecycle (focusing on the 2LoD focus areas) along with providing relevant technical guidance Challenge the team on their planned audit approach in the areas of focus Support the team in understanding how to apply the audit requirements and guidance Communicate the status of engagement/review to engagement partner and 2LOD leader on a weekly basis Perform your role in a timely manner being considerate of the engagement team pressures Collaborate with your 2LOD lead or Audit Quality Leadership on Audit Quality matters. Job Type: Full-time Pay: ₹2,000,000.00 - ₹2,200,000.00 per year Application Question(s): Relevant years of experience in IT Audit? ( 5 Year) Work Location: In person

We are seeking an experienced IT Head to lead our IT department in India. The ideal candidate will have a strong background in IT management, with a proven ability to align IT strategies with business objectives and drive innovation within the organization. About the Role The IT Head will be responsible for overseeing the IT department and ensuring that all IT strategies align with the overall business goals. Responsibilities Lead and manage the IT department to ensure alignment with business goals. Lead and manage IT audits for pharmaceutical operations to ensure compliance with regulatory standards. Develop and implement audit strategies to assess the effectiveness of IT controls and processes. Oversee the management of IT infrastructure and applications to ensure optimal performance. Manage IT projects from conception to execution, ensuring adherence to timelines and budgets. Collaborate with other departments to understand their IT needs and provide solutions. Monitor and analyze IT systems and processes for continuous improvement and innovation. Ensure data security and compliance with relevant regulations and standards. Manage vendor relationships and negotiate contracts for IT services and products. Qualifications Bachelor's or Master's degree in Information Technology, Computer Science, or related field. Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or equivalent. Strong knowledge of IT audit standards and frameworks, such as ISO 27001, COBIT, and ITIL. Experience with regulatory compliance in the pharmaceutical industry (e.g., FDA, EMA, GMP). Proficient in risk assessment methodologies and tools for IT environments. Excellent analytical and problem-solving skills with attention to detail. Strong communication and interpersonal skills to effectively collaborate with various stakeholders. Required Skills Strong background in IT management. Ability to align IT strategies with business objectives. Drive innovation within the organization. Experience in the pharmaceutical industry.

Line of Service Internal Firm Services Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. In ServiceNow consulting at PwC, you will gain extensive experience in ServiceNow applications and assist clients in optimising operational efficiency through analysis, implementation, training, and support tailored to ServiceNow software. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: PwC is driving major change across technology including the building of a centralized model to deliver and manage technology services across the entire network of member firms. A career in PwC’s Technology and Security Operations, within Internal Firm Services, will provide opportunity to develop and support our global technology service delivery, both internally and externally. ServiceNow is the enterprise platform that enables Service Management at PwC. Using the ServiceNow platform, our team helps Internal Firm Services transform how they manage services to the business, and how the business manages services to our clients. If you are seeking an exciting career with the scope to grow your ServiceNow skills through major change on a global scale, then PwC Technology will empower you to do so. Responsibilities: What a Business Analyst does A ServiceNow Business Analyst focuses on analysing, designing, and implementing business processes within the ServiceNow platform. They bridge the gap between business needs and technical solutions, working with stakeholders to gather requirements, document processes, and ensure successful implementation and optimization of ServiceNow solutions. Their responsibilities include analysing business processes, translating requirements into actionable specifications, collaborating on solution design, and supporting users during and after implementation. Conducting stakeholder interviews, workshops, and analysis of existing processes to understand business needs. Documenting requirements, creating use cases, and developing process diagrams. Translating business needs into functional and technical specifications for ServiceNow development. Solution Design and Implementation: Collaborating with IT teams and stakeholders to design and implement ServiceNow solutions. Performing gap analysis and recommending solutions to optimize business processes within ServiceNow. Ensuring alignment of solutions with business goals and objectives. Participating in testing and validation of delivered solutions. Ensure support items are rapidly triaged and managed Building and maintaining positive relationships with stakeholders. Communicating effectively with stakeholders throughout the project lifecycle. Providing support and guidance to users during and after implementation. Identifying areas for improvement in business processes and recommending solutions using ServiceNow. Staying up-to-date with new ServiceNow releases and features to continuously improve solutions. Conducting audits to ensure proper tool usage and adherence to ITIL processes. Planning and prioritizing tasks using agile methodologies. Working with suppliers to prioritize requests and manage day-to-day operations. Providing timely status reports to project managers. Collaborate with other ServiceNow administrators and developers to develop effectively with a global focus Be diligent in maintaining consistency in code alignment across instances and in clean code in update sets Proactively identify system deficiencies in the ServiceNow instances and provide solutions to remediate Ensure that configuration is consistent across development, testing, and production environments. Mandatory Skill Sets: 5+ years of experience working in a BA role for a ServiceNow Applications. 3+ years of experience as a ServiceNow administrator. Experience in transitioning technology from locally focused to centralized technology service organization. Experience with ITSM, ITBM, HRSD, Integration Hub or Service Portal modules within ServiceNow Understanding of RESTful Web Service and APIs. IT and Security management best practice (ITIL, COBIT, ISO standards). Experience developing workflows and supporting service technology teams Experience in developing solutions in JavaScript and Glide Preferred Skill Sets: Desired Certifications: ITIL Foundations Certification ServiceNow Developer Certification(s) Skills - Strong understanding of business analysis principles and methodologies. Proficiency in ServiceNow platform and its various modules (ITSM, ITOM, etc.). Experience with requirements gathering, documentation, and process modeling. Excellent communication, collaboration, and problem-solving skills. Familiarity with ITIL framework and best practices. Ability to work independently and as part of a team. Years Of Experience Required: 5+ yrs Education Qualification: Bachelors Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor Degree Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills ServiceNow Platform Optional Skills Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Application Security, Communication, Configuration Management (CM), Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Enterprise Architecture, Human Resources (HR) Consulting, Inclusion, Intellectual Curiosity, IT Change Management, Learning Agility, Optimism, Risk Compliance, Self-Awareness, ServiceNow Customer Service Management (CSM), ServiceNow Ticketing Tool, Teamwork, Well Being Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date