1032 Cobit Jobs - Page 16

Key Responsibilities: This role serves as the primary IT contact for internal and external audits, ensuring compliance with policies and procedures including... Roles and Responsibilities Be the main point of contact for IT and assist on all internal and external audit teams where IT inquiry is required. Monitor activities of assigned IT areas to ensure compliance with internal policies and procedures including monthly, quarterly, and annual account and activity reviews. Assist in supporting current and future compliance related responsibilities (SOX, SOC2, ISO, SEC, etc.) Gather evidence required for internal and external audits. Develop IT General Control procedures and policies. Provide guidance in implementing ITGC controls. Reviews analyze and interpret controls for design and operational effectiveness to determine adherence to regulatory, contractual, and corporate policies and standards. Ability to manage Sarbanes-Oxley IT General Control testing and certification requests from Internal and External Auditors. Identifies, quantifies, tracks, and leads mitigation of risks and control exceptions and communicates results to department leadership. Supports and interprets information provided by Internal/External Audit for relevant compliance concerns. Make broad recommendations on improving compliance related processes and/or procedures as it pertains to the IT department. Partner with management, business teams, and/or data team to implement solutions. Requirements BA/BS in a business related field and/or equivalent years of education and experience working in a related field. 3-5 years experience in Information Technology or Information Security experience. Big 4 auditing experience is a plus. Identity Access Management tool/RBAC experience a plus. Experience testing controls and the documentation of those tests as it relates to frameworks such as COSO, COBIT, NIST Cyber Security Framework, and/or ISO 27001. Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etcCOSO, COBIT, NIST Cyber Security Framework, and/or ISO 27001.) and experience working directly with internal or external auditors for at least one of the listed standards. (previous external audit experience a plus). Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff. Successful experience working, collaborating, and establishing credibility and relationships with senior leadership, colleagues, and clients. Demonstrated success working with internal audit, external auditors, outside consultants, and legal affairs. Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) preferred.

Job Description: We are now looking for an experienced and qualified candidate with the main mission to work as Information Security Specialitst. Mission: To understand the threat landscape, improve the effectiveness of Epiroc's Cybersecurity Program and protect business assets. Identify Information Security risks and required mitigating activities. Raising awareness and educating employees and business partners to improve activities related to cyber risk management. Your main responsibilities in this role will be: Serve as the primary point of contact between the business units in India and the central cybersecurity team, ensuring clear communication and understanding of security initiatives, policies, and concerns Participate in the Security Awareness Training area Participate in risk assessments to reduce risk and security exposure for Epiroc Communicate risk assessment findings and provide risk remediation guidance Identify opportunities to improve risk posture and give advice for risk mitigation Participate in developing the Information Security Management System (ISMS) Participate in developing and delivering Supply Chain security assessments Manage information security projects Assist in M&A Activities to evaluate information security requirements Participate in improving Information Ownership & Classification Assist in developing intellectual property Asset Management Supporting the business in creating Business Impact Analyses Business Continuity support Participate in improving our Threat Intelligence Participate in monitoring & reporting information security KPIs Liaise with the IT Security team Competences, Skills and Experience Requirement: Excellent analytical skills Bachelor's Degree in Business Information Systems, Cybersecurity, Computer Science, or a related field, or equivalent work experience At least 3-5 years' experience in the field Knowledge of regulatory compliance, including information security management frameworks (e.g., ISF Standard of Good Practice, NIST CSF, ISO2700x, SANS Top 20 Critical Security Controls, SOX, COBIT), preferred Security certifications such as CISSP, CISA or CISM is a plus High level of both verbal and written English. Additional languages are a plus Personality Requirement: Energetic, team player, willing to learn, approachable & goal oriented. Excellent Interpersonal & Communication skills Open to constructive feedback Result-oriented and capable of working independently. Location: This position is located in Bengaluru, India. In this recruitment process we review applications continuously. Welcome with your application as soon as possible, but no later than 11th April 2025. Epiroc is a global productivity partner for mining and construction customers, and accelerates the transformation toward a sustainable society. With ground-breaking technology, Epiroc develops and provides innovative and safe equipment, such as drill rigs, rock excavation and construction equipment and tools for surface and underground applications. The company also offers world-class service and other aftermarket support as well as solutions for automation, digitalization and electrification. Epiroc is based in Stockholm, Sweden, had revenues of around SEK 64 billion in 2024, and has almost 19000 passionate employees supporting and collaborating with customers in around 150 countries.

Summary Position Summary ServiceNow Developer — Solution Advisor Deloitte Cyber Risk Services Overview Deloitte’s Cyber Services help clients stay secure, vigilant, and resilient against a growing array of cyber threats and vulnerabilities. Our Cyber Risk practice delivers end-to-end solutions using proven methodologies and tools, addressing issues such as identity theft, data security breaches, cyber security, and system outages. Our goal is to enable ongoing, secure, and reliable operations across enterprises of all sizes and industries. Deloitte’s Cyber Risk Services have been recognized as a leader by several independent analyst firms. Work You Will Do As a Consultant in Governance, Risk, and Compliance (GRC)/Integrated Risk Management (IRM) , you will: Own SDLC Efforts: Lead the build, test, and rollout of GRC solutions into production. Conduct Risk Assessments: Implement solutions to minimize exposure and enhance business resilience. Application Deployment: Understand and manage application deployment, configuration baselines, and secure operations. Automate with GRC Tools: Use tools like ServiceNow, Archer, Aravo, or OneTrust to automate risk management and compliance monitoring. Configure GRC Solutions: Set up modules for risk management, compliance, issue management, exception management, policy lifecycle, privacy, third-party risk, audit, threat and vulnerability management, security operations, and business continuity. Requirements Gathering: Define and document user stories, create UI mock-ups, and execute project deliverables. Implement Risk Frameworks: Enhance and implement frameworks (ISO 27001, COSO, COBIT, PCI, NIST, HIPAA) using GRC technologies. Regulatory Compliance: Ensure compliance with all relevant laws and update internal policies as regulations change. Ongoing Support: Provide ongoing support and enhancements to risk management frameworks. GRC Governance: Assist in developing GRC governance and operating models. Reporting: Prepare detailed reports on compliance activities, risk assessments, and mitigation plans, ensuring audit readiness. The Team Deloitte’s Cyber Governance, Risk, and Compliance (GRC)/Integrated Risk Management (IRM) team is one of the fastest-growing market offerings, specializing in: GRC strategy, design, and implementation GRC & Security solutions using ServiceNow, Archer, Aravo, and OneTrust Key Success Factors: Deep accountability and passion for excellence Strong relationship-building skills with clients and industry In-depth understanding of GRC tools and leading practices Experience designing and implementing scalable, usable GRC technology solutions Required Qualifications Education Bachelor’s degree in Computer Science, Information Technology, or a related field Experience 3–5 years in GRC solution implementation or ServiceNow/Archer/Aravo/OneTrust/cyber strategy Proficiency with at least one GRC tool (ServiceNow, Archer, Aravo, or OneTrust) Experience gathering/documenting business requirements and identifying process gaps Hands-on with at least two GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.) Experience in solution development, access control, rules/events, notifications, data integrations, UI, reports/dashboards, workflows, and admin activities in GRC tools Experience with privacy enhancement and automation tools (e.g., OneTrust) Proficient in risk management processes and compliance regulations Consulting experience in GRC Proficiency with scripting languages for API integrations Development experience in at least 2–3 projects from scratch to go-live Strong understanding of GRC frameworks (COBIT, ISO 27001, NIST, etc.) Strong analytical and problem-solving skills Excellent interpersonal and communication skills Flexibility in work hours to meet project/client needs Preferred Qualifications Education: Master’s degree in Business Administration, Cyber Security, or related field Certifications: ServiceNow CSA, Archer Administrator #CA-DS Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 301258

Seeking an experienced Enterprise Security Architect with 8+ years in cybersecurity and cloud security (AWS/Azure/GCP). Must have expertise in EDR, SIEM, IAM, firewalls, compliance (NIST, GDPR, PCI), and security architecture design. Required Candidate profile Strong in DevSecOps, CI/CD, and SDLC integration. Certifications like CISSP, CISM, ISO 27001 preferred.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. FS TR- ITC – Tech Risk As Risk consultant, you’ll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Seniors Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Participate in IT Risk and Assurance engagements. Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Responsible for managing reporting on assurance findings and ensure control owners take remediation action as required. Identify, lead, and manage the continuous improvement of Internal Controls through implementation of continuous control monitoring and automation. Obtain and review evidence of compliance for adherence to standards. Key domains of compliance controls, including change management, access to system, network and Data, computer operations and system development. Stay current with and promote awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. Understanding on Control frameworks such as COSO, internal control principal and related regulations including SOX and J-SOX. Common IT governance and Assurance standards including NIST, COBIT, Risk IT, ITIL and third-party reporting standards as SSAE16. Understanding on independent and risk based operational audits such as Software Development Life Cycle (SDLC), Business Resilience, Cybersecurity audits, Data privacy and data protection audits, Network security audit. Understanding and hands-on experience on data analysis tool such as Tableau, Power Bi, python etc. Conduct performance reviews and contribute to performance feedback for staff. Adhere to the Code of Conduct. The Code of Conduct sets the standards of behaviour, actions, sand decisions we expect from our people. Skills And Attributes For Success Experience in application controls and Information security experience. Understanding of risk management systems and processes Ability to build relationships with key stakeholders across different levels of seniority. Strong written and verbal communication skills To qualify for the role, you must have. Preferably bachelor’s degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA Minimum of 3-4 years of experience in internal controls and Internal Audit Enterprise risk services with specific focus on IT and related industry standards IT Risk Assurance framework Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX Preferred security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems. Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT Experience of security testing methods and techniques including network, operating and application system configuration review Application controls and security experience: sensitive access and SOD testing controls testing Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. Preferred Certifications: CISA What We Look For We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What Working At EY Offers At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that’s right for you. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Internal Firm Services Industry/Sector Management Level Senior Associate & Summary In ServiceNow consulting at PwC, you will gain extensive experience in ServiceNow applications and assist clients in optimising operational efficiency through analysis, implementation, training, and support tailored to ServiceNow software. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . & Summary PwC is driving major change across technology including the building of a centralized model to deliver and manage technology services across the entire network of member firms. A career in PwC s Technology and Security Operations, within Internal Firm Services, will provide opportunity to develop and support our global technology service delivery, both internally and externally. ServiceNow is the enterprise platform that enables Service Management at PwC. Using the ServiceNow platform, our team helps Internal Firm Services transform how they manage services to the business, and how the business manages services to our clients. If you are seeking an exciting career with the scope to grow your ServiceNow skills through major change on a global scale, then PwC Technology will empower you to do so. What a Business Analyst does A ServiceNow Business Analyst focuses on analysing, designing, and implementing business processes within the ServiceNow platform. They bridge the gap between business needs and technical solutions, working with stakeholders to gather requirements, document processes, and ensure successful implementation and optimization of ServiceNow solutions. Their responsibilities include analysing business processes, translating requirements into actionable specifications, collaborating on solution design, and supporting users during and after implementation. Conducting stakeholder interviews, workshops, and analysis of existing processes to understand business needs. Documenting requirements, creating use cases, and developing process diagrams. Translating business needs into functional and technical specifications for ServiceNow development. Solution Design and Implementation o Collaborating with IT teams and stakeholders to design and implement ServiceNow solutions. o Performing gap analysis and recommending solutions to optimize business processes within ServiceNow. o Ensuring alignment of solutions with business goals and objectives. o Participating in testing and validation of delivered solutions. Ensure support items are rapidly triaged and managed Building and maintaining positive relationships with stakeholders. Communicating effectively with stakeholders throughout the project lifecycle. Providing support and guidance to users during and after implementation. Identifying areas for improvement in business processes and recommending solutions using ServiceNow. Staying uptodate with new ServiceNow releases and features to continuously improve solutions. Conducting audits to ensure proper tool usage and adherence to ITIL processes. Planning and prioritizing tasks using agile methodologies. Working with suppliers to prioritize requests and manage daytoday operations. Providing timely status reports to project managers. Collaborate with other ServiceNow administrators and developers to develop effectively with a global focus Be diligent in maintaining consistency in code alignment across instances and in clean code in update sets Proactively identify system deficiencies in the ServiceNow instances and provide solutions to remediate Ensure that configuration is consistent across development, testing, and production environments. Mandatory skill sets 5+ years of experience working in a BA role for a ServiceNow Applications. 3+ years of experience as a ServiceNow administrator. Experience in transitioning technology from locally focused to centralized technology service organization. Experience with ITSM, ITBM, HRSD, Integration Hub or Service Portal modules within ServiceNow Understanding of RESTful Web Service and APIs. IT and Security management best practice (ITIL, COBIT, ISO standards). Experience developing workflows and supporting service technology teams Experience in developing solutions in JavaScript and Glide Preferred skill sets Desired Certifications ITIL Foundations Certification ServiceNow Developer Certification(s) Skills Strong understanding of business analysis principles and methodologies. Proficiency in ServiceNow platform and its various modules (ITSM, ITOM, etc.). Experience with requirements gathering, documentation, and process modeling. Excellent communication, collaboration, and problemsolving skills. Familiarity with ITIL framework and best practices. Ability to work independently and as part of a team. Years of experience required 5+ yrs Education qualification Bachelors Education Degrees/Field of Study required Bachelor Degree Degrees/Field of Study preferred Required Skills ServiceNow Platform Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Application Security, Communication, Configuration Management (CM), Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Enterprise Architecture, Human Resources (HR) Consulting, Inclusion, Intellectual Curiosity, IT Change Management, Learning Agility, Optimism, Risk Compliance, SelfAwareness, ServiceNow Customer Service Management (CSM), ServiceNow Ticketing Tool, Teamwork, Well Being No

: Job Title- I&A On-boarding Information Security Analyst, Associate Location- Pune, India Role Description: As I&A On-boarding Information Security Analyst you will be part of Access Lifecycle On-boarding global family which includes access management for application end user recertification On-boarding, user access for request & approval, user provision On-boarding and Functional Taxonomy SoD On-boarding & maintenance as well as IDAHO (Access concept) SME as central DB services. Deutsche Bank is looking for bright and open-minded individuals to support Business Identity & Access Services within Access Lifecycle Solution On-boarding team for application end user request & approval as well as end user access provision central service On-boarding. A key success factor of the Access Lifecycle Solution On-boarding team is the quick understanding of complex application set ups for Identity & Access Management and support Information Security Officer (ISO) and IT Application Owner (ITAO) along end-to-end central solution On-boarding process across DB. You will gain insights into the complete Identity & Access Management lifecycle as you will learn about the roles and entitlements and their set up, segregation of duties, application authentication and authorization process. What well offer you . 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities As I&A On-boarding Information Security Analyst you will be responsible to perform On-boarding assessments if an IT asset is applicable for end user application access for request & approval and business requirement gathering (based on existing KOP ID Admin procedures) to identify, how future user provisioning (ID Admin via automated connector or manual, centrally or decentral managed) will be set up between central request & approval platform and to be on-boarded application in adhering to Information Security (IS) internal and regulatory requirements. Efficiently engage, manage, and influence the main stakeholders, along with application On-boarding process including Information Security Officer, IT Application Owner, Engineering and Operations teams Provide process improvement inputs to various stakeholders involved. Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions. Report and escalate potential risks to the management to help avoid / minimize the impact. Work with multiple, distributed teams (across different locations) Support develops key operational procedures where necessary and ensure adherence to all such defined policies. Comfortable with associated disciplines of Security Policy and Governance in banking domain Very good presentation and communication skills allowing to communicate with our stakeholders. A structured and methodological way of working with the objective to deliver high quality results. Supports tough people decisions to ensure people performance is aligned with organization imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance. Pro-active and flexible working approach, Team spirit Your skills and experience Minimum 5 years working experience in Identity & Access Management, Governance, Risk and Control related topics. Team management experience Basic knowledge and/or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, COBIT, ITIL Good business analyses knowledge of system design, development, implementation, and user support principles and practices Knowledge of IT Service Management or IT Governance or IT Delivery Management or IT Project Management or IT Delivery background or IT Security Knowledge on Database Systems, application interactions and server operating systems Excellent Excel knowledge Competencies: Self-motivated and flexibility to work autonomously in virtual and multicultural teams. Good communication skills (both written and verbal), fluent in English (written/verbal) Good analytical skills and problem-solving abilities Pro-active and flexible working approach A structured and methodological way of working with the objective to deliver high quality results. Flexible mindset with an eye for detail and continuous improvement Good understanding in business related information Being flexible, open minded, able to share information, transfer knowledge and expertise to stakeholders and other team members. How well support you . . . .

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. independent accounting, tax and consulting firms. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. The ERP, Risk and Automation Services (ERAS) Consulting practice, assists with various consulting, internal, and external audit clients by bringing in-depth ERP, automation, and data analytics skills where needed. The practice performs security and controls designs/assessments, complex data analytics, GRC automation/implementation, security role design, security managed services, segregation of duties assessments, as well as ERP implementation risk reviews. We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are in search of a candidate with an experience in SAP technologies who has experience scoping, supervising, and executing ERP security & controls, segregation of duties assessments, security role designs, GRC implementations, and operationalizing user access management. Qualification And Minimum Entry Requirements Bachelor or Master degree with a minimum of 4-5 years of professional experience in public accounting or relevant compliance industry experience Deep understanding of business processes and controls in SAP (various versions). Preferred secondary ERP of similar skills ERP implementation experience; functional SAP background is a plus Broad industry experience or deep expertise in a specific industry Minimum 4-7 years in SAP, audit, internal audit, or internal control roles Experience working with SAP S/4 HANA is a plus Technical knowledge of controls monitoring/auditing tools such as SAP GRC, GRC Control Panel, ERP Maestro, or other tools such as ACL, Tableau, Alteryx, a plus Experience working with clients in multiple industry's Experience training others on ERP controls and security knowledge Experience with SOX, COSO, COBIT and other related IT controls methodology and frameworks, such as ISO, NIST, HIPAA, or FDA is a plus. Experience with risk and controls for S/4 HANA and HANA database/platform preferred Candidate should have CISA/CA/SAP certification Candidate with CIA, CISSP, CPA will be preferred Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments Excellent verbal, written, interpersonal communication (English) as the position requires frequent communications with RSM International clients Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Execute SAP ERP engagements, specifically related to audit, risk and control related issues highly visible ERP clients. Execute SAP IT automated controls (ITACs), IT general controls (ITGCs), and Key Report assessments, SAP security role and configuration reviews, SAP Implementation Risk Assessments, SAP SOD assessments, and other ERP services as needed Execute testing of SAP application control design and effectiveness; validate test scripts and review results Handle multiple client projects while contributing to internal initiatives (talent, practice, business development) Help to maintain our multiple segregation of duties tools and revise security rulesets Execute SAP security role and user security managed services support. Execute SAP security role build and testing activities. Proactively driving the continued maturation and industrialization of our current SAP Security methodology, associated work programs, accelerators, and testing procedures. Provide first choice advisor experience to existing clients while working to maximize client value Ability to exceed client expectations in a sophisticated consulting or accounting firm environment Develop and maintain strong relationships with centers of influence and professionals Understand their impact and contribute to the fundamentals of practice (i.e. realization, utilization, resource leverage) Engage with automation, analytics, and business/application control specialists to address SAP risk management needs in a holistic manner. Professionally presents themselves at all times at the office and the client’s meetings. This includes but is not limited to appearance, communication, and actions. Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

Our Exciting Opportunity The position of the Software Asset Manager is to ensure that Ericsson Internal use customers maximize the value of the SW investments and at the same time is license compliant. The Software Asset Manager keeps track of SW licenses and SW installations and works together with Product Owners, Sourcing, outsourcing suppliers and the SW suppliers. You Will: The Software Asset Manager is responsible, for assigned SW suppliers, licenses and associated costs and should: Define a comprehensive license management strategy for each assigned software supplier, including proactive action plans Drive regular connects with SW supplier and build and maintain good relationships Keep track of all SW license investments, maintain license records, current utilization and identify licensing surplus or shortfalls Implement internal SW pricing models. Safeguard SW maintenance and support renewals Ensure all the costs that are purchased through Asset Management are properly reported and recovered from the respective product team Identify savings opportunities for renewals, software licensing, and services. Follow through with product team, sourcing & end users to obtain identified savings Processes Secure SAM involvement in relevant Internal processes Participate in Ericsson relevant steering groups and other internal meetings important to the governance of SW licenses Monitor the SW business environment and best license practices Internal communication to make SAM functions visible for stakeholders and end users Define the interfaces to other internal functions/units and drive efficiency by cross unit collaboration (Sourcing, Prdouct Owner’s etc.) Offer licensing expertise and cost calculations for internal stakeholders Support commercial and legal teams to provide consequence analysis relating to licensing Inform/escalate major license incompliance and/or violations to line management and/or relevant governance body Initiate improvements and corrective actions when deficiencies are identified, including necessary monitoring and escalation until issues or gaps are resolved Ensure to report all the cost that needs to be recovered from the business through proper channels Identify license cost reduction activities together with product owners and Sourcing Ensure accurate reporting for cost allocation on a periodical basis Identify contact persons for all outsourcing suppliers, to manage information received from the SAM team Provide guidance and knowledge to our outsourcing suppliers regarding Ericsson’s license compliance requirements Actively communicate with software supplier's account manager to address license pricing model, usage and support issues, in collaboration with Sourcing Organizational Interfaces The Software Asset Manager should establish relationships to: Product Owners - to understand actual SW use and plans for the applications Sourcing - to get knowledge of existing license agreements and to support Sourcing in negotiations with demands, product selection and volumes etc Finance – for the budget process, follow-up of actual costs, internal cost allocation and reporting SW suppliers – for regular SW supplier governance and operational meetings and to build and maintain good relationships Qualifications & Experience: Experience working with multi-national global decentralized organizations Familiarity with IT cost saving initiatives and reporting Proficiency with software license management and related procurement practices Experience working with software suppliers Working knowledge of software asset optimization planning and scenario planning for buy, transfer and termination strategies for software asset use Certifications on CSAM & ASAM preferable (not mandatory) Knowledge: The Software Asset Manager should have knowledge of: General SW licensing definitions, rules and conditions, including maintenance and support, general software license agreements Standards like ITIL, ISO, CoBIT preferable Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Noida Req ID: 769357

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on security and automation tools to protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts and risk management personnel to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. What You’ll Be Doing… Infrastructure Security Governance Implement IT infrastructure governance policies and procedures. Ensure compliance with relevant industry standards and regulations (e.g., ISO 27001, GDPR). Establish and maintain a control framework for infrastructure management Identify, implement and operationalize metrics, dashboards, scorecards, and tracking to consistently measure the current state of cybersecurity across VGS Infrastructure, leveraging industry best practices and standards where possible Ensure effectiveness and coverage of the Security Policies and Controls of VGS Infrastructure, prioritizing by risk level Instill ownership and accountability for security-based metrics and drive increased maturity, visibility, and subject-matter expertise for all segments Develop action plans jointly with all stakeholders to remediate deviations, providing necessary support to close on all key items Champion a highly collaborative work model with an aptitude of building and maintaining relationships across different teams at multiple senior levels, internally and externally Develop awareness, training & compliance programs focused on Infrastructure Cybersecurity practices, leveraging the Mavens program - a team of security professionals who facilitate adoption of security by design Ensure Security posture of VGS Infrastructure, e.g., access management, vulnerabilities remediation, etc. Coordinate necessary activities with our VCS organization: pen testing, incident response, data collection, etc. Identify and evaluate potential threats and vulnerabilities. Develop mitigation strategies and track remediation efforts What We’re Looking For... You'll need to have: Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Seven or more years of relevant work experience in Security, IT, and/or Network Experience in managing enterprise scale server infrastructure Experience in managing public/private cloud infrastructure Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN , web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Knowledge of IT governance frameworks and standards (e.g., COBIT, ITIL) Relevant certifications such as CISSP, CISM, CRISC or CompTIA Security+ Even better if you have one or more years of work experience: Bachelor’s degree in cybersecurity, network, engineering, computer science or related discipline. Ability to thrive in a dynamic environment while managing multiple high-priority projects. Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC etc Strong expertise in at least one operating system Window or Linux. Cloud relevant certifications CCSP, CCSK #NtwSec Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Invite and give in the moment feedback in a constructive manner. Share and collaborate effectively with others. Identify and make suggestions for improvements when problems and/or opportunities arise. Handle, manipulate and analyse data and information responsibly. Follow risk management and compliance procedures. Keep up-to-date with developments in area of specialism. Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce. Build and maintain an internal and external network. Seek opportunities to learn about how PwC works as a global network of firms. Uphold the firm's code of ethics and business conduct. Essential Duties And Responsibilities Manage the work streams related to IT SOX compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s). Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations. Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews. Provide technical support in the assessment, design, and implementation of ITGC requirements. Review control evidence for adherence to accuracy, completeness, and precision of control execution for all ITGC. Develop, implement, and test controls for new acquisitions and in-scope entities Work with control owners and operators to ensure quality, consistency, and operability of new and existing controls. Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment. Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT. Mentors and develops peer and Associates, monitors their work, and takes corrective action when necessary Builds and maintains strong peer relationships within the team and across the organization Coordinates work with External Auditors. Interpersonal Skills Ability to work independently under general supervision with latitude for initiative and independent judgment Effective verbal and written communications, including active listening skills Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors Detail-oriented Comfortable working on multiple projects simultaneously Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. Excellent Communication, written and verbal would be expected. In addition to being an exceptional individual contributor, manage engagements and relevant Teams allocated for the same. Managing predominantly offshore engagements and relevant PwC Territory teams. Ensure client service delivery in accordance with the quality guidelines & methodologies. Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties Client Management Develop strong working relationships with the client and onshore client teams. Maintain excellent rapport and proactive communication with the stakeholders and client. Operational Excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Ensure compliance with engagement plans and internal quality & risk management procedures. People Related Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives Minimum Qualifications Bachelor’s degree in Information Systems, Computer Science Engineering, or Finance Preferred B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA Experience in technology audit, risk management, compliance, consulting, or information security Excellent knowledge of IT General Controls, automated and security controls. Knowledge of security measures and auditing practices within various operating systems, databases, and applications Experience in auditing financial applications, cyber security practices, privacy, and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud) Experience designing continuous auditing and monitoring tools and techniques is a plus. Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC) Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients Knowledge of regulations impacting privacy, integrity, and availability of clients PII. Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS) Understanding of audit concepts and regulations Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework Candidates with 3-5 years of relevant experience in similar role, preferably with a “Big 4” or equivalent Chartered Accountant (would be added advantage) Certification(s) Preferred CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

Our Exciting Opportunity The position of the Software Asset Manager is to ensure that Ericsson Internal use customers maximize the value of the SW investments and at the same time is license compliant. The Software Asset Manager keeps track of SW licenses and SW installations and works together with Product Owners, Sourcing, outsourcing suppliers and the SW suppliers. You Will: The Software Asset Manager is responsible, for assigned SW suppliers, licenses and associated costs and should: Define a comprehensive license management strategy for each assigned software supplier, including proactive action plans Drive regular connects with SW supplier and build and maintain good relationships Keep track of all SW license investments, maintain license records, current utilization and identify licensing surplus or shortfalls Implement internal SW pricing models. Safeguard SW maintenance and support renewals Ensure all the costs that are purchased through Asset Management are properly reported and recovered from the respective product team Identify savings opportunities for renewals, software licensing, and services. Follow through with product team, sourcing & end users to obtain identified savings Processes Secure SAM involvement in relevant Internal processes Participate in Ericsson relevant steering groups and other internal meetings important to the governance of SW licenses Monitor the SW business environment and best license practices Internal communication to make SAM functions visible for stakeholders and end users Define the interfaces to other internal functions/units and drive efficiency by cross unit collaboration (Sourcing, Prdouct Owner’s etc.) Offer licensing expertise and cost calculations for internal stakeholders Support commercial and legal teams to provide consequence analysis relating to licensing Inform/escalate major license incompliance and/or violations to line management and/or relevant governance body Initiate improvements and corrective actions when deficiencies are identified, including necessary monitoring and escalation until issues or gaps are resolved Ensure to report all the cost that needs to be recovered from the business through proper channels Identify license cost reduction activities together with product owners and Sourcing Ensure accurate reporting for cost allocation on a periodical basis Identify contact persons for all outsourcing suppliers, to manage information received from the SAM team Provide guidance and knowledge to our outsourcing suppliers regarding Ericsson’s license compliance requirements Actively communicate with software supplier's account manager to address license pricing model, usage and support issues, in collaboration with Sourcing Organizational Interfaces The Software Asset Manager should establish relationships to: Product Owners - to understand actual SW use and plans for the applications Sourcing - to get knowledge of existing license agreements and to support Sourcing in negotiations with demands, product selection and volumes etc Finance – for the budget process, follow-up of actual costs, internal cost allocation and reporting SW suppliers – for regular SW supplier governance and operational meetings and to build and maintain good relationships Qualifications & Experience: Experience working with multi-national global decentralized organizations Familiarity with IT cost saving initiatives and reporting Proficiency with software license management and related procurement practices Experience working with software suppliers Working knowledge of software asset optimization planning and scenario planning for buy, transfer and termination strategies for software asset use Certifications on CSAM & ASAM preferable (not mandatory) Knowledge: The Software Asset Manager should have knowledge of: General SW licensing definitions, rules and conditions, including maintenance and support, general software license agreements Standards like ITIL, ISO, CoBIT preferable Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Noida Req ID: 769357

Hi all , we are looking for a role Information Security Risk Specialist experience : 7 -9 years notice period : Immediate - 15 days location : Bengaluru Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Job Summary: We are seeking an experienced Information Security Risk Manager to join our team at Daimler Truck Innovation Center India, Bengaluru. The ideal candidate will lead the risk management and coordination efforts related to the overall security of enterprise systems, ensuring the development, implementation, and oversight of strategies that safeguard the information assets from cybersecurity threats, vulnerabilities, and attacks. This role requires strong collaboration across internal teams, including engineering, IT, legal, and regulatory bodies, as well as with external partners, such as suppliers and industry organizations. The ideal candidate will have a deep understanding of cybersecurity risk management methodologies, and the ability to oversee multiple initiatives aimed at strengthening the risk management practices at Daimler Truck Key Responsibilities: Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

Job Title: Divisional Risk and Control Location: Pune, India Corporate Title: AVP Role Description The 1st line Tech Risk and controls function at Deutsche sits within the Group Technology Infrastructure (GTI) for Deutsche Bank Group. GTI has the largest footprint within the Technology, Data and Innovation division and is joined by other business-aligned CIO IT divisions. The Tech Risk and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise to Control definition and assessments capability across IT Infrastructure, SDLC and Architecture domains supporting a proactive risk management function. It will therefore also include providing change risk advisory services for transformational change programs undertaken by or impacting GTI. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. You will also support Regulatory Adherence and Policy Management function within TDI Risk Management. Its purpose is to provide oversight and supervision of new & changed material regulation impacting TDI, including full traceability to derived DB-specific Policies, Procedures, Key Operating Documents and Supporting Documents. Your key responsibilities Risk & Control Management Identify and evaluate potential areas of non-compliance or risk, assessing impact, probability and present findings and proposals for risk mitigation measures. Support the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. Work closely with teams in and out of the division to understand risks impacting the group. Align internal Deutsche Bank policies/procedures against industry recognized framework to strengthen the control framework and its implementation for both within the Bank and our 3rd party vendor relationships Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Regulatory Adherence and Policy Management Coordination of regulatory adherence assessments across sub-divisions within TDI and management and review of Policies, Procedures, Key Operating Documents, Supporting Documents within TDI. Engage with stakeholders across TDI and other (e.g. 2nd line of defence) divisions in reviewing, assessing, and documenting the impact of regulations and ensuring remedial actions are established and monitored. Steer and support the publication of a consistent set of global and local Policies, Procedures, Key Operating Documents and Supporting Documents relating to Information Technology from laws, rules, and regulations. Risk remediation and Change Risk Advisory Support the Head of TDI GTI Risk Management in assessing risks related to strategic changes within the GTI Organization Proactively monitor risk landscape shift within the industry to identify transformation project opportunities to insulate Deutsche Bank from any potential risk exposure e.g., Production design life cycle, application and infrastructure architecture and its resilience Stakeholder Management Identify, Partner and Collaborate Work with relevant stakeholders to identify and assess controls gaps related to technology risk - measure and mitigate them in a timely manner Align with COO Division Control Office (DCO) team and NFRM (2nd LoD) ensuring successful and consistent implementation of the established control framework. Promote and support proactive IT risk culture at the Bank. Your skills and experience Desired experience Minimum 5 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework or IT Audit in a global organization. Experience in a regulatory oversight, assurance, or policy management function within technology. Or have suitable compliance or audit background within infrastructure (and preferably IT & Information Security). Extensive experience regarding development, training and implementation of IT Policies, Procedures, Key Operating Documents and Supporting Documents. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on security and automation tools to protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts and risk management personnel to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. What You’ll Be Doing… Infrastructure Security Governance Implement IT infrastructure governance policies and procedures. Ensure compliance with relevant industry standards and regulations (e.g., ISO 27001, GDPR). Establish and maintain a control framework for infrastructure management Identify, implement and operationalize metrics, dashboards, scorecards, and tracking to consistently measure the current state of cybersecurity across VGS Infrastructure, leveraging industry best practices and standards where possible Ensure effectiveness and coverage of the Security Policies and Controls of VGS Infrastructure, prioritizing by risk level Instill ownership and accountability for security-based metrics and drive increased maturity, visibility, and subject-matter expertise for all segments Develop action plans jointly with all stakeholders to remediate deviations, providing necessary support to close on all key items Champion a highly collaborative work model with an aptitude of building and maintaining relationships across different teams at multiple senior levels, internally and externally Develop awareness, training & compliance programs focused on Infrastructure Cybersecurity practices, leveraging the Mavens program - a team of security professionals who facilitate adoption of security by design Ensure Security posture of VGS Infrastructure, e.g., access management, vulnerabilities remediation, etc. Coordinate necessary activities with our VCS organization: pen testing, incident response, data collection, etc. Identify and evaluate potential threats and vulnerabilities. Develop mitigation strategies and track remediation efforts What We’re Looking For... You'll need to have: Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Seven or more years of relevant work experience in Security, IT, and/or Network Experience in managing enterprise scale server infrastructure Experience in managing public/private cloud infrastructure Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN , web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Knowledge of IT governance frameworks and standards (e.g., COBIT, ITIL) Relevant certifications such as CISSP, CISM, CRISC or CompTIA Security+ Even better if you have one or more years of work experience: Bachelor’s degree in cybersecurity, network, engineering, computer science or related discipline. Ability to thrive in a dynamic environment while managing multiple high-priority projects. Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC etc Strong expertise in at least one operating system Window or Linux. Cloud relevant certifications CCSP, CCSK #NtwSec Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Inside Sales Executive Learn and understand Progressive’s portfolio of IT services and solutions. Conduct research to identify potential clients and key decision makers. Reach out to prospects via phone, email, and LinkedIn to generate interest. Set up introductory calls and meetings for senior sales or technical teams. Maintain records of interactions and lead status in the CRM system. Follow up with prospects to keep the conversation active. Work with marketing teams to follow up on inbound leads and campaign responses. Assist in preparing presentations, proposals, and documentation as needed. Participate in training sessions to build product knowledge and sales skills About Company Progressive Tech Serve is a leading provider of Transformation Services which spans across Cloud, Digital and Operations. We have been reinventing ourselves to remain relevant to the global marketplace and bring significant value to our clients engagements. With its robust delivery process and Integrated Quality Management System certified for ISO 9001:2008, ISO 20000-1:2005, as well as ISO 27001: 2005 standards and Governance models based on COBIT, Progressive is constantly redefining the way services are being delivered and consumed by our clients across the globe with assurance on sharper experience and superior outcomes. Founded in the year 1998, Progressives presence has grown to over 130+ locations with 1200+ associates spread across India, USA and the Middle East. Progressive Infotech also has ventured into international market through subsidiaries in USA and Middle East, to cater to the North America, Middle East, and African markets. For its globally distributed customers, Progressive has set up a state-of-the-art Hybrid NOC at its sprawling facility in NOIDA, the National Capital Region of Delhi. With over 27 years of experience across various Industry verticals, Progressive has traversed the journey from being a large VAR to a Cloud, Digital and Operations Transformation Services Company today. Our focus is to help our customers maximize returns on their existing IT investments, help manage the IT as well Transform IT to align with the constantly changing demands of their business. We differentiate through our agile, flexible, and razor-sharp focus on customer experience.

Noida,Uttar Pradesh,India Job ID 769357 Our Exciting Opportunity The position of the Software Asset Manager is to ensure that Ericsson Internal use customers maximize the value of the SW investments and at the same time is license compliant. The Software Asset Manager keeps track of SW licenses and SW installations and works together with Product Owners, Sourcing, outsourcing suppliers and the SW suppliers. You Will: The Software Asset Manager is responsible, for assigned SW suppliers, licenses and associated costs and should: Define a comprehensive license management strategy for each assigned software supplier, including proactive action plans Drive regular connects with SW supplier and build and maintain good relationships Keep track of all SW license investments, maintain license records, current utilization and identify licensing surplus or shortfalls Implement internal SW pricing models. Safeguard SW maintenance and support renewals Ensure all the costs that are purchased through Asset Management are properly reported and recovered from the respective product team Identify savings opportunities for renewals, software licensing, and services. Follow through with product team, sourcing & end users to obtain identified savings Processes Secure SAM involvement in relevant Internal processes Participate in Ericsson relevant steering groups and other internal meetings important to the governance of SW licenses Monitor the SW business environment and best license practices Internal communication to make SAM functions visible for stakeholders and end users Define the interfaces to other internal functions/units and drive efficiency by cross unit collaboration (Sourcing, Prdouct Owner’s etc.) Offer licensing expertise and cost calculations for internal stakeholders Support commercial and legal teams to provide consequence analysis relating to licensing Inform/escalate major license incompliance and/or violations to line management and/or relevant governance body Initiate improvements and corrective actions when deficiencies are identified, including necessary monitoring and escalation until issues or gaps are resolved Ensure to report all the cost that needs to be recovered from the business through proper channels Identify license cost reduction activities together with product owners and Sourcing Ensure accurate reporting for cost allocation on a periodical basis Identify contact persons for all outsourcing suppliers, to manage information received from the SAM team Provide guidance and knowledge to our outsourcing suppliers regarding Ericsson’s license compliance requirements Actively communicate with software supplier's account manager to address license pricing model, usage and support issues, in collaboration with Sourcing Organizational Interfaces The Software Asset Manager should establish relationships to: Product Owners - to understand actual SW use and plans for the applications Sourcing - to get knowledge of existing license agreements and to support Sourcing in negotiations with demands, product selection and volumes etc Finance – for the budget process, follow-up of actual costs, internal cost allocation and reporting SW suppliers – for regular SW supplier governance and operational meetings and to build and maintain good relationships Qualifications & Experience: Experience working with multi-national global decentralized organizations Familiarity with IT cost saving initiatives and reporting Proficiency with software license management and related procurement practices Experience working with software suppliers Working knowledge of software asset optimization planning and scenario planning for buy, transfer and termination strategies for software asset use Certifications on CSAM & ASAM preferable (not mandatory) Knowledge: The Software Asset Manager should have knowledge of: General SW licensing definitions, rules and conditions, including maintenance and support, general software license agreements Standards like ITIL, ISO, CoBIT preferable Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

Job Title : Security GRC Consultant & Security Lead Experience: 10+ Years Location: [Thrissur / Cochin] Type: [Full-Time/Onsite] Industry : Information Security / Cybersecurity / Risk & Compliance Job Summary: A seasoned Security GRC (Governance, Risk, and Compliance) Consultant and Security Lead with over 10 years of experience in implementing, managing, and optimizing cybersecurity governance frameworks. Adept at bridging business and technology risk, ensuring regulatory compliance, and leading cross-functional teams to uphold enterprise security posture. Proven ability to drive enterprise risk programs, security audits, and compliance initiatives in diverse industries including finance, healthcare, and technology. Key Responsibilities: Governance, Risk, and Compliance (GRC): • Develop, implement, and manage enterprise-wide GRC strategies aligned with business and regulatory requirements (e.g., ISO 27001, NIST, SOC 2, HIPAA, GDPR, PCI-DSS). • Lead security risk assessments, third-party vendor evaluations, and business impact analyses (BIA). • Design and implement risk treatment plans, control testing programs, and continuous monitoring processes. • Maintain and enhance GRC platforms such as Archer, ServiceNow GRC, or LogicGate. Security Leadership & Strategy: • Act as the primary liaison between business stakeholders, technical teams, and executive leadership on cybersecurity initiatives. • Lead the development and execution of information security programs, policies, and procedures. • Provide expert guidance on security architecture, incident response, and data protection strategies. • Conduct security awareness training and culture-building across the organization Audit & Compliance: • Prepare organizations for internal and external audits; respond to audit findings and ensure timely remediation. • Manage and maintain documentation for control evidence, risk registers, and compliance reports. • Engage with regulatory bodies and customers during compliance reviews and assessments. Project Management & Team Leadership: • Lead or participate in cross-functional projects including cloud security assessments, privacy impact assessments (PIAs), and IT risk projects. • Mentor and lead junior security professionals; contribute to internal knowledge bases and best practices. • Manage project timelines, stakeholder expectations, and deliverables in Agile and Waterfall environments. Required Skills & Qualifications: • Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or related field. • Professional certifications: CISSP, CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor, or similar. • Strong knowledge of GRC frameworks (ISO, NIST CSF, COBIT), data protection laws (GDPR, CCPA), and industry standards. • Experience with security tools and platforms like Archer, ServiceNow GRC, Splunk, Tenable, Qualys, etc. • Excellent communication, stakeholder management, and technical writing skills. • Ability to work independently and drive multiple initiatives in complex environments. Preferred Experience: • Hands-on experience in cloud security (AWS, Azure, GCP). • Experience working in highly regulated industries (Finance, Healthcare, Pharma). • Familiarity with DevSecOps, secure SDLC, or CI/CD pipeline security controls.

About This Role Role Description: The Information Security team member will augment the Supply Chain Security team and play an integral part in the development, implementation, and compliance of technical security across the enterprise. The candidate will be key contributor to ongoing security assessments of third-party tools and products and will regularly act as a voice of Information Security to business teams and management, building cyber security confidence in support of business development and governance processes. Responsibilities Perform focused assessments of existing or new service providers, and technologies being introduced into the firm’s environment. Experience in performing cyber security due diligence assessments of third-party service providers and vendors. Provide governance and oversight over existing and new SaaS and IaaS products Influence the overall direction for securing infrastructure, applications and third parties service providers for the firm Communicate risk assessment findings to information security stakeholders or business partners and influences the risk mitigation Provide consultative advice to information security customers that enables them to make informed risk management decisions Performing assessments of new and existing Internet of Things (IoT) Deployments Identify appropriate controls to effectively manage information risks as needed Identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Support the documentation of Information Security Policies and Standards Security assessments of third-party software packages deployed on machines Perform vulnerability impact analysis of newly identified vulnerabilities of the firm’s critical service providers Skills Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include: Strong documentation and process-oriented background with experience working on complex technology projects An ability to effectively influence others to account for the plans and collaborative behaviors for results An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners in a way that influences optimum risk mitigation Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to react to high pressure dynamic changing environments Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization An ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches A discipline and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations Experience Degree in Business, Computer Engineering, Computer Science, Information Security, or a related field Working knowledge of data analysis techniques, including Excel, Python and basic SQL skills Experience with agile project management Knowledge of Azure security, AWS security, web security, including API and token security 5+ years Information Security experience 3+ years with risk advisory and senior management communication, metrics, collaboration to drive risk-based results 3+ years of experience with documenting, project management, written analysis for Information Security risk assessments 3+ years of experience in an Enterprise Risk Management and/or assessing controls within a Technology and/or Financial Services firm Experience with information security management frameworks (e.g., IS027001, COBIT, NIST 800, SOC 2 Type 2) Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) AWS, GCP, or Azure security certifications are a plus Our Benefits To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about. Our hybrid work model BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock. About BlackRock At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress. This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive. For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law.

Line of Service Internal Firm Services Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. In ServiceNow consulting at PwC, you will gain extensive experience in ServiceNow applications and assist clients in optimising operational efficiency through analysis, implementation, training, and support tailored to ServiceNow software. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: PwC is driving major change across technology including the building of a centralized model to deliver and manage technology services across the entire network of member firms. A career in PwC’s Technology and Security Operations, within Internal Firm Services, will provide opportunity to develop and support our global technology service delivery, both internally and externally. ServiceNow is the enterprise platform that enables Service Management at PwC. Using the ServiceNow platform, our team helps Internal Firm Services transform how they manage services to the business, and how the business manages services to our clients. If you are seeking an exciting career with the scope to grow your ServiceNow skills through major change on a global scale, then PwC Technology will empower you to do so. Responsibilities: What a Business Analyst does A ServiceNow Business Analyst focuses on analysing, designing, and implementing business processes within the ServiceNow platform. They bridge the gap between business needs and technical solutions, working with stakeholders to gather requirements, document processes, and ensure successful implementation and optimization of ServiceNow solutions. Their responsibilities include analysing business processes, translating requirements into actionable specifications, collaborating on solution design, and supporting users during and after implementation. · Conducting stakeholder interviews, workshops, and analysis of existing processes to understand business needs. · Documenting requirements, creating use cases, and developing process diagrams. · Translating business needs into functional and technical specifications for ServiceNow development. · Solution Design and Implementation: o Collaborating with IT teams and stakeholders to design and implement ServiceNow solutions. o Performing gap analysis and recommending solutions to optimize business processes within ServiceNow. o Ensuring alignment of solutions with business goals and objectives. o Participating in testing and validation of delivered solutions. · Ensure support items are rapidly triaged and managed Building and maintaining positive relationships with stakeholders. · Communicating effectively with stakeholders throughout the project lifecycle. · Providing support and guidance to users during and after implementation. · Identifying areas for improvement in business processes and recommending solutions using ServiceNow. · Staying up-to-date with new ServiceNow releases and features to continuously improve solutions. · Conducting audits to ensure proper tool usage and adherence to ITIL processes. · Planning and prioritizing tasks using agile methodologies. · Working with suppliers to prioritize requests and manage day-to-day operations. · Providing timely status reports to project managers. · Collaborate with other ServiceNow administrators and developers to develop effectively with a global focus · Be diligent in maintaining consistency in code alignment across instances and in clean code in update sets · Proactively identify system deficiencies in the ServiceNow instances and provide solutions to remediate · Ensure that configuration is consistent across development, testing, and production environments. Mandatory skill sets: 5+ years of experience working in a BA role for a ServiceNow Applications. ● 3+ years of experience as a ServiceNow administrator. ● Experience in transitioning technology from locally focused to centralized technology service organization. ● Experience with ITSM, ITBM, HRSD, Integration Hub or Service Portal modules within ServiceNow ● Understanding of RESTful Web Service and APIs. ● IT and Security management best practice (ITIL, COBIT, ISO standards). ● Experience developing workflows and supporting service technology teams ● Experience in developing solutions in JavaScript and Glide Preferred skill sets: Desired Certifications: · ITIL Foundations Certification · ServiceNow Developer Certification(s) Skills - · Strong understanding of business analysis principles and methodologies. · Proficiency in ServiceNow platform and its various modules (ITSM, ITOM, etc.). · Experience with requirements gathering, documentation, and process modeling. · Excellent communication, collaboration, and problem-solving skills. · Familiarity with ITIL framework and best practices. · Ability to work independently and as part of a team. Years of experience required: 5+ yrs Education qualification: Bachelors Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills ServiceNow Platform Optional Skills Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Application Security, Communication, Configuration Management (CM), Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Enterprise Architecture, Human Resources (HR) Consulting, Inclusion, Intellectual Curiosity, IT Change Management, Learning Agility, Optimism, Risk Compliance, Self-Awareness, ServiceNow Customer Service Management (CSM), ServiceNow Ticketing Tool, Teamwork, Well Being Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date