Job Description #KGS We are recruiting for Assistant Manager / Manager in the Technology M&A team. In this role you would leading small to medium sized engagements (technology due diligence, post-merger integrations, carve outs) and being the day to day support for clients on these engagements. You will work closely alongside Senior Managers/Directors on delivery of multiple projects simultaneously. Your responsibilities will include Due Diligence Analyzing target data to build up a view on the technology of the business including cost, products and systems, and IT contracts Finding risks in Target’s IT environment, remediations and associated costs Condensing the data and explaining findings to other team members, highlighting the impact of technology on the business strategy, operations, and ultimately, deal valuation Developing an understanding of IT benchmark and qualitative information to provide insights to clients to describe a typical IT function Assisting and leading client communications, calls and meetings Contributing content for sections of IT reports/deliverables Integration and Separation Advising clients and managing all client communications on all technology aspects of integration, separation (carve outs) and optimization initiatives (e.g. synergy analysis) including the development of target operating models, understanding the current IT landscape, defining transitional service agreements, developing detailed plans, and supporting the implementation of such plans. Leading the technology workstream in integrations and separations within a larger team of Integration & Separation colleagues to fulfil their workstream objectives Facilitating and leading key client workshops and meetings Identifying, reviewing, or calculating client synergies for IT within a larger team Wider Responsibilities Business development, ensuring high chargeability of the KGS team Project Management, including work allocations, guiding and reviewing quality of work of junior project team members People management, managing the performance of junior staff members through coaching and mentoring Interacting with senior client stakeholders as well as internal stakeholders (KPMG Partners and Directors) Supporting the growth of the team through development of new propositions and initiatives Ensuring engagement management protocols are followed and kept up to date including quality and risk management When you are not working on a project, you will provide support to senior colleagues in a number of different aspects such as preparation of proposal materials, development of propositions Job Requirements Mandatory Skills MBA / Bachelor’s degree in a related field from an accredited college/university preferably with major in Technology 6 to 10 years of experience in M&A IT Integration and Separation / IT strategy / IT due diligence / solution architecture / IT project management Good overall understanding of the following areas with specialist knowledge of at least one Application Support & Maintenance Network & Data Center Operations Management Software Development Life Cycle Service Management Cyber Security End user computing Disaster Recovery/Business Continuity Cloud-based Deployment Models (e.g., Infrastructure-as-a- Service) Software Asset Management/Compliance Infrastructure Optimization (e.g., consolidation, rationalization, cost savings) Service Level Definition and Agreements / IT Scorecard and Metrics Enterprise Resource Planning Technology certifications such as ITIL, AWS, Azure, GCP, TOGAF, COBIT, CISSP, COMPTIA etc. would be a plus Knowledge about enterprise business applications (e.g. ERP, CRM) Experience in assisting with technology assessment/diligence Preferred Skills A good understanding of, or preferably a background in, an M&A environment IT specialization such as: IT strategy, applications, infrastructure, architecture, cyber security Experience in facilitating client meetings, workshops and interviews Project management experience and track record of successful delivery of projects Comfort with ambiguity, fluid consulting situations and a highly pressured environment as characteristic of transactions Ability to work well under pressure, learn quickly and leverage skills in new situations Ability to travel at a moderate level Show more Show less

Manage IT audits (SOX, ITGC), ensure quality delivery, review testing docs, identify process gaps, prepare reports, handle clients, guide juniors, support proposals, and improve engagement productivity.. Required Candidate profile Looking for 3–5 yrs exp in IT audits (SOX, ITGC), risk assessment, SOC1/2, with strong MS Office skills, good communication, and CISA/BE/B.Tech/MBA/MCA background. Big 4 experience preferred.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting – AI Governance - Senior Manager The opportunity: your next adventure awaits. Are you a tech-savvy professional with a risk mindset who is passionate about building a better working world through the power of people, technology, and innovation? We have an incredible opportunity for you to join our dynamic Enterprise Risk team and make a real impact in the rapidly evolving world we live in. Within Risk Consulting, you will focus in the areas of Artificial Intelligence (AI) Risk Management and Governance which would cover AI Auditing techniques, AI Risk and Controls, Pre-Implementation reviews, Data Privacy reviews, AI application security and BCP review of AI Applications. This is client-facing role in a rapidly growing practice, where you’ll build client relationships with key stakeholders, including management executives for some of the most globally recognized brands. It makes this the perfect place to gain a deeper understanding of complex businesses transactions, all the while recommending solutions to some of the most pressing business challenges and process inefficiencies. You will also team up with our global professionals in multidisciplinary engagements, helping major global clients transform and sustain business performance. By plugging into our market-leading global network, you'll gain the experience you need to become an exceptional AI Risk Advisor Key Responsibilities The purpose of this role will be to supervise delivery, provide technical and project leadership to your team members, as well as build relationships with clients. While delivering quality client services and enabling high-performing teams, you will drive high-value work products within expected timeframes and budget. You will monitor progress, manage risks and ensure key stakeholders are kept informed about progress and expected outcomes. Additionally, you will: Understand client’s challenges and industry related issues and offer solutions in the areas of process, technology and regulatory risk Participate in go to market, create proposals and respond to RFPs, client orals etc. Identify opportunities for cross-selling to current clients/introduce colleagues from other service lines. Jointly lead global account relationships along with onshore, manage engagement deliveries, quality and drive the growth agenda on accounts. Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Manage a team of Seniors and Staffs (across geographies) for delivery of engagements across clients. Foster an innovative and inclusive team-oriented work environment. Play an active role in counselling and mentoring junior consultants within the firm. Use knowledge of the current tech environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Assist with cultivating and managing business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients. Skills And Attributes For Success You will leverage your proven track record of technology plus business process internal audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of AI Risk solutions To qualify for the role, you must have A bachelor’s or master’s degree and approximately 9-12 years of internal audit related work experience At least 5 years of experience in Internal Audit, Risk and Compliance in the following areas - Skilled in business process and operational internal audits - P2P, O2C, policy reviews etc and risk reviews IT Pre-implementation and Post implementation reviews. Compliance and regulatory assessments – Risk and Controls Risk Assessment – Assessment of internal processes to identify security findings, vulnerabilities, and control gaps/deviations identified on applications and infrastructure. Develop risk control matrix in line with COSO, COBIT, ISO, NIST and ITIL Best Practice and recommendations. Control Monitoring / Testing - Understanding of SOX, Cyber and compliance standards like PCAOB, PCI, ISO27001, perform test the design and operational effectiveness of the controls. Defect / Gap Identification: Identify the extent, materiality, confidentiality, integrity and the availability related deficiencies in the client environment and evaluate against industry standards. IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Knowledge of AI is preferred but not mandatory Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, process and IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CIA, CISA, CISM, CISSP EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Summary Position Summary ServiceNow Developer — Solution Advisor Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies . Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 – ID#US50463423 Work you will do As a Consultant in Governance, Risk, and Compliance ( GRC )/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients . This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place. This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust As a Consultant, you would be expected to perform the following activities: Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse. Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience. Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations; Utilize GRC tools to automate risk management and compliance monitoring tasks. Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries. Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen. Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo. Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes. Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements. Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram. Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready. The team Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloitte’s Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust. Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in thisrole. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tool’s capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions. Required: Education: Bachelor’s degree in Computer Science/ Information Technology, or a related field. Experience: Minimum of 3-5 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy. Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust. Gathering and documenting business requirements and identifying gaps within existing systems and processes. Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.). Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust. Experience on Privacy Enhancement and Automation tools such as OneTrust. Proficient in risk management processes and compliance regulations. Proven experience in GRC, particularly within a consulting environment. Proficiency with scripting language in implementing API integrations with external system Must have development experience in more than 2- 3 projects from scratch to till go-live Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc. Strong analytical and problem-solving skills. Excellent interpersonal and communication skills, capable of working effectively with clients and team members. Flexibility in work hours may be necessary to meet project deadlines and client needs. Preferred: Education: Master’s degree in Business Administration, Cyber Security or a related field GRC Certifications: ServiceNow CSA, Archer Administrator Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301258 Show more Show less

Summary Position Summary ServiceNow Developer — Lead Solution Advisor Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies . Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 – ID#US50463423 Work you will do As a Senior Consultant in Governance, Risk, and Compliance ( GRC )/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients . This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place. This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust As a Consultant, you would be expected to perform the following activities: Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse. Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience. Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations; Utilize GRC tools to automate risk management and compliance monitoring tasks. Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries. Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen. Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo. Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes. Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements. Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram. Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready. The team Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloitte’s Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust. Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in thisrole. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tool’s capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions. Required: Education: Bachelor’s degree in Computer Science/ Information Technology, or a related field. Experience: Minimum of 5-7 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy. Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust. Gathering and documenting business requirements and identifying gaps within existing systems and processes. Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.). Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust. Experience on Privacy Enhancement and Automation tools such as OneTrust. Proficient in risk management processes and compliance regulations. Proven experience in GRC, particularly within a consulting environment. Proficiency with scripting language in implementing API integrations with external system Must have development experience in more than 2- 3 projects from scratch to till go-live Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc. Strong analytical and problem-solving skills. Excellent interpersonal and communication skills, capable of working effectively with clients and team members. Flexibility in work hours may be necessary to meet project deadlines and client needs. Preferred: Education: Master’s degree in Business Administration, Cyber Security or a related field GRC Certifications: ServiceNow CSA, Archer Administrator Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301260 Show more Show less

Position Overview Job Title: NFRM Information Security & Technology Risk Specialist Location: Mumbai, India Corporate Title: Associate Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your Skills And Experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (5+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 3+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controls: SDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How We’ll Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Portfolio Compliance Enablement Leader Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 1000 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The Opportunity As an Assistant Director in the Information Security Portfolio Compliance Enablement function, you will work closely with our service line and function technologists from across the globe to support EY's digital services by ensuring compliance with Information Security policies. You will work with business teams to enhance their risk posture and partner with leaders to uphold policy compliance across global, regional, and country-based assets and systems. Your role includes maintaining the security and technology compliance posture through governance and oversight, ensuring data protection, privacy, and software development practices meet legal and regulatory standards. Key Responsibilities This position in the Information Security Portfolio Compliance Enablement function will focus on these pillars: Risk Management and Reduction: Assisting with managing the Portfolio or Service Line of security risk and compliance, engaging directly with key EY stakeholders to mitigate and reduce risks and provide insights on top risks impacting the security posture of the businesses. Trend Identification and Remediation: Gather information and report on security risk trends and themes that require a comprehensive approach to remediation. Proactive Security Initiatives: Proactively seeking out and identifying security risks, weaknesses, and potential vulnerabilities in systems and processes before they can be exploited. Improve compliance with security standards and policies though continuous improvement and innovation in security practices. Governance, Risk, and Compliance (GRC) Management: Assist with managing the end-to-end workflow of security compliance of risk findings in our Governance, Risk, and Compliance (GRC) tool to ensure continuity and compliance with security policies, standards and regulations. Key responsibilities include: Lead and contribute to projects that improve EY's risk posture. Develop and implement compliance strategies and remediation plans. Collaborate with Service Line and business stakeholders to reinforce policies, control ownership, and compliance responsibilities and support the communication of security findings and recommendations. Contribute to proactive security initiatives and continuous improvement of security practices. Translate technical vulnerabilities into business risk terms. Maintain and enhance compliance assessment toolkits. Conduct assessments and evaluate compliance effectiveness for technology infrastructure, applications, and third-party dependencies. Identify policy enforcement gaps and propose improvements. Skills And Attributes For Success Proven experience in compliance management within Information Security. Ability to balance security needs with business impact. Strong leadership and organizational skills. Capable of building relationships and facilitating compliance to security policies. Experience in risk assessments and recommending remediation strategies. Ability to develop and oversee enforcement protocols. Proficient in communicating complex issues and negotiating solutions. Knowledgeable in technical infrastructure and applications. Ability to team well with others to facilitate and enhance the understanding & compliance to security policies. Assist with metrics to evaluate the effectiveness of policy enforcement and generate regular reports. Ability to maintain a high level of integrity, trustworthiness and confidence to represent the company and security leadership with professionalism To Qualify for the Role, You Must Have At least 8 years of experience in Cyber Security or a related field ( At least 3 years of experience in a leadership role managing a team. A degree in Cybersecurity, Information Security, Computer Science, or related discipline; or equivalent work experience. One or more of the following or equivalent certifications: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT Familiarity with security standards like ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT. Understanding of governance, risk, and compliance (GRC) frameworks. Experience with regulatory requirements such as PCI, SOX, HIPAA, GDPR, GLBA. Proven ability to identify and mitigate security risks proactively. Capable of working with diverse teams and promoting an enterprise-wide, collaborative security culture Experience in managing communication and recommendations to IT project teams. Strong English language communication skills and the ability to work with diverse teams. Ideally, You’ll Also Have Good judgment, tact, and decision-making ability. Familiarity with local and regional regulatory requirements. Flexibility to adapt to changing priorities. Strong management, interpersonal, communication, organizational, and decision-making skills. Experience with GRC platforms like RSA Archer or IBM Open Pages. What We Look For We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that are supporting the growth strategy of a global professional services firm. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security - Strategy, Risk, Compliance and Resilience – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Portfolio Compliance Enablement Leader Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 1000 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The Opportunity As an Assistant Director in the Information Security Portfolio Compliance Enablement function, you will work closely with our service line and function technologists from across the globe to support EY's digital services by ensuring compliance with Information Security policies. You will work with business teams to enhance their risk posture and partner with leaders to uphold policy compliance across global, regional, and country-based assets and systems. Your role includes maintaining the security and technology compliance posture through governance and oversight, ensuring data protection, privacy, and software development practices meet legal and regulatory standards. Key Responsibilities This position in the Information Security Portfolio Compliance Enablement function will focus on these pillars: Risk Management and Reduction: Assisting with managing the Portfolio or Service Line of security risk and compliance, engaging directly with key EY stakeholders to mitigate and reduce risks and provide insights on top risks impacting the security posture of the businesses. Trend Identification and Remediation: Gather information and report on security risk trends and themes that require a comprehensive approach to remediation. Proactive Security Initiatives: Proactively seeking out and identifying security risks, weaknesses, and potential vulnerabilities in systems and processes before they can be exploited. Improve compliance with security standards and policies though continuous improvement and innovation in security practices. Governance, Risk, and Compliance (GRC) Management: Assist with managing the end-to-end workflow of security compliance of risk findings in our Governance, Risk, and Compliance (GRC) tool to ensure continuity and compliance with security policies, standards and regulations. Key responsibilities include: Lead and contribute to projects that improve EY's risk posture. Develop and implement compliance strategies and remediation plans. Collaborate with Service Line and business stakeholders to reinforce policies, control ownership, and compliance responsibilities and support the communication of security findings and recommendations. Contribute to proactive security initiatives and continuous improvement of security practices. Translate technical vulnerabilities into business risk terms. Maintain and enhance compliance assessment toolkits. Conduct assessments and evaluate compliance effectiveness for technology infrastructure, applications, and third-party dependencies. Identify policy enforcement gaps and propose improvements. Skills And Attributes For Success Proven experience in compliance management within Information Security. Ability to balance security needs with business impact. Strong leadership and organizational skills. Capable of building relationships and facilitating compliance to security policies. Experience in risk assessments and recommending remediation strategies. Ability to develop and oversee enforcement protocols. Proficient in communicating complex issues and negotiating solutions. Knowledgeable in technical infrastructure and applications. Ability to team well with others to facilitate and enhance the understanding & compliance to security policies. Assist with metrics to evaluate the effectiveness of policy enforcement and generate regular reports. Ability to maintain a high level of integrity, trustworthiness and confidence to represent the company and security leadership with professionalism To Qualify for the Role, You Must Have At least 8 years of experience in Cyber Security or a related field ( At least 3 years of experience in a leadership role managing a team. A degree in Cybersecurity, Information Security, Computer Science, or related discipline; or equivalent work experience. One or more of the following or equivalent certifications: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT Familiarity with security standards like ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT. Understanding of governance, risk, and compliance (GRC) frameworks. Experience with regulatory requirements such as PCI, SOX, HIPAA, GDPR, GLBA. Proven ability to identify and mitigate security risks proactively. Capable of working with diverse teams and promoting an enterprise-wide, collaborative security culture Experience in managing communication and recommendations to IT project teams. Strong English language communication skills and the ability to work with diverse teams. Ideally, You’ll Also Have Good judgment, tact, and decision-making ability. Familiarity with local and regional regulatory requirements. Flexibility to adapt to changing priorities. Strong management, interpersonal, communication, organizational, and decision-making skills. Experience with GRC platforms like RSA Archer or IBM Open Pages. What We Look For We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that are supporting the growth strategy of a global professional services firm. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Pro-active communication approach with local AZT / AZS entity colleagues, especially building strong relationships with other key / safeguarding functions Actively supports the implementation of the Risk Policy Framework (Risk Policy, Risk Strategy, NFRM policy) and Control Assurance Report. Support running Risk Reporting in time and quality, report of any material risk management related information to relevant stakeholders Support timely execution of the risk management lifecycles (NFRM, ERM, SoG) and drive for full compliance with AZ Technology Risk Framework (Risk Policy, Risk Strategy, NFRM Policy). Support implementation and coordinate Top & Emerging Risk assessments process. Support maintenance of an oversight on IT RM - ARA coverage (having strong interaction with Local ISO). Coordinate activities with other safeguarding functions, in particular Data Privacy, Information Security, TPRM, Protection & Resilience, Compliance, Legal. Have a coordinated view on risks. Coordinate risk assessments supporting the business in control implementation, documentation and performance, development of mitigation plans and its follow up. Perform project risk assessments reviews and decisions in the relevant tool, in an accurate and timely manner. Keep up to date RM tools (ServiceNow and ORGS), ensure consistency between what is reported in the systems and reality. Keep up to date the Regions MS Teams Repository. Support the timely delivery and high quality of the Control Assurance Report and other related audit reports by emphasizing on the comprehensive coverage, quality and effectiveness of the internal control system. Support awareness sessions in the location, and with the OE to explain the CAR results. Support the NFRM Testing Plan with the execution of 2nd LoD testing activities, and coordination of updated testing dates (working with Internal Audit, external audit plans, and compliance, as necessary). Qualification, Experience, Technical and Functional Skills Degree holder Relevant Certifications like C-Risk, ISO 31000 Certified Risk Management, COBIT Multi-year professional experience in different areas of IT risk management or other safeguarding functions. Experience in IT Risk management,. ISO, IT Security etc Good understanding of the risk categories: operational risk, IT risk, project risk, third party risk, business risk. Good knowledge of supplier relationships and outsourcing management Basic knowledge of local regulatory environment and standards like: COBIT 2019, COSO, and ISAE/SOC Strong communication and conflict management skills Advanced skills in MS Office, knowledge of ORGS, SNOW is a plus Fluent in English (oral and written) Ability to work in an international team in a global set-up

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Area: Finance & Accounting Group, Finance & Accounting Group > IT Internal Audit Qualcomm Overview: Qualcomm is a company of inventors that unlocked 5G ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. General Summary: Unique opportunity to join Qualcomms Corporate Internal Audit & Advisory Services department within the SOX Program Management Office (PMO) organization to support the IT SOX 404 and 302 Compliance efforts. The departments activities and services focus on assisting the Audit Committee of the Qualcomm Board of Directors and Management in the evaluation and improvement of processes that identify and manage risks related to achieving Qualcomms business objectives. Key responsibilities include: Lead the IT SOX 404 risk assessment and scoping exercise, execute the process and control walkthroughs, assess the design of controls, develop and enhance comprehensive test plans, and perform independent testing Perform deficiency root cause analyses and assist management with the development of remediation plans Offer effective supervision to, and review the work of other auditors, including the companys co-sourcing audit partners Collaborate with Qualcomm management to identify financial risks, assess business impacts, and present potential solutions (leading practices) As a key member of the SOX PMO, the successful candidate will be a primary interface between IT management and the external auditors to provide guidance, support, training, and project management Collaborate with the external auditors in the planning and execution of SOX 404 requirements and ensure all deadlines are met with high quality deliverables Participate and assists in ad-hoc projects such as system implementations when needed Three to seven years of recent relevant professional experience in IT SOX compliance for a fast-paced global company or a public accounting firm ("Big 4" or mid-tier). Prior SOX PMO experience preferred. Independent and adaptable team player with strong project management skills to comfortably lead and conduct multiple significant projects and tasks with quality, accuracy, and attention to detail. Strong critical thinking with sound judgment and decision-making skills. Self-motivated, positive, and professional attitude. Exceptional prioritization, organization, and time-management skills to consistently meet deadlines with quality deliverables in a fast-paced environment. Strong interpersonal skills (including oral and written communications) with the ability to lead all related interactions with various levels of the organization including middle and senior management. Excellent understanding of internal controls, frameworks (COSO, COBIT), fundamental audit methodology, SOX 302 and 404 requirements. Strong ability to understand IT and business process risks and related controls Experienced with leading practices for business processes, financial accounting, and reporting risks to ensure compliance with GAAP and external reporting requirements Delivers high-quality work products (form and substance) including the ability to prepare written documents (e.g., work papers, PowerPoint presentations, audit reports, etc.) that clearly lay out key messages Professional Certifications (e.g., CPA, CISA, CIA preferred) ERP experience with Oracle EBS a plus Semiconductor business experience or familiarity Fluent English; multi-lingual capability is a plus Strong communication (oral and written) and presentation skills Fast learner with strong, organization, analytical, critical thinking, and problem-solving skills Ability to work in flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously, and multi-task to meet deadlines with high-quality deliverables Bachelor's degree in Accounting, Business Administration, Management Information Systems, or related field. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail myhr.support@qualcomm.com or call Qualcomm's toll-free number found here . Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 2-3 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain applications implementation experience; functional expertise in IT and supporting front/back-office operations preferred At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Manage and develop members of the RSM USI team. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Expertise and working knowledge of infrastructure management, network architecture, virtualization, application and data hosting architectures (data center, on-premise, public cloud), and business continuity/disaster recovery (BCDR) best practices. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Exposure to various sectors such as financial services, healthcare, life sciences, power and utility, energy, retail and hospitality, business services and technology. An experience across a wide spectrum of IT and security pillars including IT Strategy, Infrastructure, Business Applications, Cybersecurity, Spend Analysis, etc. Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner. Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 4-7 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Deal experience with onshore team including data room management, document request list preparation, management meeting preparation, workbook analysis, quality of earnings, due diligence reports, client calls and engagement team calls. Experience with post-acquisition/carve-out integration and separation related engagements. Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain application implementation experience; functional expertise in IT and supporting front/back-office operations preferred IT and cyber related certifications (CISSP, CISM, HITECH, PCI DSS QSA, CEH, Azure, AWS) At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less