546 Cobit Jobs - Page 20

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Invite and give in the moment feedback in a constructive manner.Share and collaborate effectively with others.Identify and make suggestions for improvements when problems and/or opportunities arise.Handle, manipulate and analyse data and information responsibly.Follow risk management and compliance procedures.Keep up-to-date with developments in area of specialism.Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.Build and maintain an internal and external network.Seek opportunities to learn about how PwC works as a global network of firms.Uphold the firm's code of ethics and business conduct. Essential Duties And Responsibilities Manage the work streams related to IT SOX compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s).Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations.Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews.Provide technical support in the assessment, design, and implementation of ITGC requirements.Review control evidence for adherence to accuracy, completeness, and precision of control execution for all ITGC.Develop, implement, and test controls for new acquisitions and in-scope entitiesWork with control owners and operators to ensure quality, consistency, and operability of new and existing controls.Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment.Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT.Mentors and develops peer and Associates, monitors their work, and takes corrective action when necessaryBuilds and maintains strong peer relationships within the team and across the organizationCoordinates work with External Auditors. Interpersonal Skills Ability to work independently under general supervision with latitude for initiative and independent judgmentEffective verbal and written communications, including active listening skillsAbility to establish and maintain effective working relationships with co-workers and external contactors/auditorsDetail-orientedComfortable working on multiple projects simultaneouslyIndividuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. Excellent Communication, written and verbal would be expected.In addition to being an exceptional individual contributor, manage engagements and relevant Teams allocated for the same. Managing predominantly offshore engagements and relevant PwC Territory teams.Ensure client service delivery in accordance with the quality guidelines & methodologies.Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables.Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties Client Management Develop strong working relationships with the client and onshore client teams.Maintain excellent rapport and proactive communication with the stakeholders and client. Operational Excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Ensure compliance with engagement plans and internal quality & risk management procedures. People Related Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives Minimum Qualifications Bachelor’s degree in Information Systems, Computer Science Engineering, or Finance PreferredB.E., B. TECH, M. TECH, MCA, BCA, CA, MBAExperience in technology audit, risk management, compliance, consulting, or information securityExcellent knowledge of IT General Controls, automated and security controls.Knowledge of security measures and auditing practices within various operating systems, databases, and applicationsExperience in auditing financial applications, cyber security practices, privacy, and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle DatabasesKnowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud)Experience designing continuous auditing and monitoring tools and techniques is a plus.Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC)Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/ClientsKnowledge of regulations impacting privacy, integrity, and availability of clients PII.Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS)Understanding of audit concepts and regulationsRequired overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO frameworkCandidates with 3-5 years of relevant experience in similar role, preferably with a “Big 4” or equivalentChartered Accountant (would be added advantage) Certification(s) Preferred CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001

Job Title- Associate Location- Pune, Bangalore India About DWS Group DWS Group (DWS) is one of the world's leading asset managers with EUR 700bn of assets under management (as of 31 March 2020). Building on more than 60 years of experience and a reputation for excellence in Germany and across Europe, DWS has come to be recognized by clients globally as a trusted source for integrated investment solutions, stability, and innovation across a full spectrum of investment disciplines. We offer individuals and institutions access to our strong investment capabilities across all major asset classes and solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management as well as our deep environmental, social and governance focus –complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground-knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, which guides our investment approach strategically. DWS wants to innovate and shape the future of investing: with approximately 3,500 employees in offices all over the world, we are local while being one global team. We are investors –entrusted to build the best foundation for our clients’ future. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy. Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities This role will support India DCO office with activities as outlined below: Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the newly established Independent Testing Team Assess end to end business processes to identify significant gaps and determine issue root causes. Partners with business units to perform control evaluations, monitoring and testing efforts within Compliance and Operation Risk Framework to identify control gaps as well as opportunities for effectiveness and efficiency improvements. These assessments will include coverage for other regulatory programs including SOX Apply critical thinking skills to substantive testing techniques to thoroughly evaluate the effectiveness of high-risk business processes. Assess and monitor risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices. Collaborate with cross-functional teams and stakeholders to support control design and effectiveness. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Your preferred skills and experience Bachelor's degree in information security or related field required, with a preference towards master's degree. Demonstrated ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices Strong and progressive Auditing or Control Testing experience with current knowledge and understanding of Control testing methodology. Experience developing test scripts, audit programs, or testing templates. 6+ years in information security management and governance, with a focus on control design and testing Detailed experience in ISO 27001, GDPR, COBIT, KAIT, BAIT, etc. and other cyber security frameworks Good to have Certifications: CRISC, CISSP, CISM, CISA, ISO 27001 Lead Implementer/ Auditor Should possess strong communication skills (written/ spoken) Should be skilled to work with minimal supervision. Strong analytical and strategic mindset along with the ability to collaborate with different stakeholders including top management representatives. How we’ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm

Proven track record of successful project delivery, on time and within budget Demonstrated ability to think strategically and translate vision into actionable plans Excellent interpersonal skills with the ability to influence and build relationships at all levels Strong analytical and problem-solving skills Related certifications (ie : CBA, CISM) and knowledge of frameworks like COBIT and ITIL Sounds of knowledge in VAPT processes and tools Good problem solving and ability to quickly learn and master new topics and domains Good written and verbal communication skills Good interpersonal skills and ability to work with a team Highly self-motivated and directed Possess professional qualification and/or minimum Bachelor Degree in Business, Computer Science, Project Management majoring in Security and/or Bachelor s degree in accounting, finance, business management, or equivalent work experience Proven track record of successful project delivery, on time and within budget Demonstrated ability to think strategically and translate vision into actionable plans Excellent interpersonal skills with the ability to influence and build relationships at all levels Strong analytical and problem-solving skills Related certifications (ie : CBA, CISM) and knowledge of frameworks like COBIT and ITIL Sounds of knowledge in VAPT processes and tools Good problem solving and ability to quickly learn and master new topics and domains Good written and verbal communication skills Good interpersonal skills and ability to work with a team Highly self-motivated and directed Responsibilities: Serving as a Threat and Vulnerability Management (TVM) point of contact for service deliverymatters such as Regional Security Assessment (RSA), new project implementation and ChangeRequest (CR) Process TVM existing Business Paper for renewal, presentation to relevant forums and/orcommittee including weekly meeting, if any Attending all project meetings on behalf of TVM s including entrance conferences, end ofplanning meetings, status meetings, and end of field work meetings Communicating with stakeholders to ensure that they are aware of project status and any issuesthat may arise along the way Creating a project plan that outlines all major milestones, tasks, and deliverables Coordinating with internal teams to ensure that team members have what they need tocomplete their work on time Managing project budgets and expenses, and communicating regularly with procurementdepartments to ensure that funds are available when needed Coordinating with outside vendors such as contractors or consultants as needed for specifictasks or phases of projects Managing conflict resolution between team members and stakeholders as needed Monitoring project performance to ensure that projects are meeting objectives within budgetand on schedule Collaborate with VAPT team members to provide guidance to reprioritize remediation activities Develop dashboard and provide project and/or task status updates for monitoring and trackingpurposes

About The Role : Job Title- Divisional Risk and Control Senior Analyst, AVP Location- Pune, India Role Description The 1st line Tech Risk, Insights and controls function at Deutsche Bank sits within the Chief Technology Office (CTO) for Deutsche Bank Group. CTO has the largest footprint within the Technology, Data and Innovation (TDI) division and is joined by other business-aligned CIO IT divisions. The Tech Risk, Insights and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise for risk identification and remediation advisory, records management supporting a proactive risk management function. It will therefore also include planning and executing thematic risk assessments and inputting into risk scenario testing and macro threat assessments. Further you will respond to client due diligence requests. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. This role will report to the Head of Risk Assessments and Response and ultimately to the Global Head of Risks, Insights and Controls. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Risk Management Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting, and keeping CTO risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for CTO and key cross divisional priorities impacting CTO (control / remediation book of work) Support CTO in managing the CTB budget allocated for high risk finding remediation and CTO involvement in reducing risk owned by other CIO and CISO divisions Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Audit Management Manage and govern audit requests and findings in a quality assured and controlled manner Respond to client due diligence requests in a timely manner End-to-end governance, monitoring, control, and reporting of audit lifecycles Audit support and advice incl. quality assurance of management action plans, completion check of the deliverables, closure review, ownership transfer, downgrade, risk acceptance and target date extensions Act as overall interface with Audit for fieldwork support and ongoing oversight, co-ordination, quality control, read across for all divisional audit findings Establish a consistent approach to ownership of management action plans Manage operation of audit interface to vendors including monitoring and reporting Foster lessons-learned on audit findings and missed self-identified findings Stakeholder Management Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with DCRO team to manage the finding lifecycle Promote and support proactive IT risk culture at the Bank Your skills and experience Desired experience Minimum 2 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Knowledge of Agile change delivery methodology, DevOps and Shift left concepts Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

About The Role : Job Title: Divisional Risk and Control Location: Pune, India Corporate TitleAVP Role Description The 1st line Tech Risk and controls function at Deutsche sits within the Group Technology Infrastructure (GTI) for Deutsche Bank Group. GTI has the largest footprint within the Technology, Data and Innovation division and is joined by other business-aligned CIO IT divisions.The Tech Risk and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise to Control definition and assessments capability across IT Infrastructure, SDLC and Architecture domains supporting a proactive risk management function. It will therefore also include providing change risk advisory services for transformational change programs undertaken by or impacting GTI. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. You will also support Regulatory Adherence and Policy Management function within TDI Risk Management. Its purpose is to provide oversight and supervision of new & changed material regulation impacting TDI, including full traceability to derived DB-specific Policies, Procedures, Key Operating Documents and Supporting Documents. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Risk & Control Management Identify and evaluate potential areas of non-compliance or risk, assessing impact, probability and present findings and proposals for risk mitigation measures. Support the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. Work closely with teams in and out of the division to understand risks impacting the group. Align internal Deutsche Bank policies/procedures against industry recognized framework to strengthen the control framework and its implementation for both within the Bank and our 3rd party vendor relationships Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Regulatory Adherence and Policy Management Coordination of regulatory adherence assessments across sub-divisions within TDI and management and review of Policies, Procedures, Key Operating Documents, Supporting Documents within TDI. Engage with stakeholders across TDI and other (e.g. 2nd line of defence) divisions in reviewing, assessing, and documenting the impact of regulations and ensuring remedial actions are established and monitored. Steer and support the publication of a consistent set of global and local Policies, Procedures, Key Operating Documents and Supporting Documents relating to Information Technology from laws, rules, and regulations. Risk remediation and Change Risk Advisory Support the Head of TDI GTI Risk Management in assessing risks related to strategic changes within the GTI Organization Proactively monitor risk landscape shift within the industry to identify transformation project opportunities to insulate Deutsche Bank from any potential risk exposure e.g., Production design life cycle, application and infrastructure architecture and its resilience Stakeholder Management Identify, Partner and Collaborate Work with relevant stakeholders to identify and assess controls gaps related to technology risk - measure and mitigate them in a timely manner Align with COO Division Control Office (DCO) team and NFRM (2nd LoD) ensuring successful and consistent implementation of the established control framework. Promote and support proactive IT risk culture at the Bank. Your skills and experience Desired experience Minimum 5 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework or IT Audit in a global organization. Experience in a regulatory oversight, assurance, or policy management function within technology. Or have suitable compliance or audit background within infrastructure (and preferably IT & Information Security). Extensive experience regarding development, training and implementation of IT Policies, Procedures, Key Operating Documents and Supporting Documents. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Description Enphase. Power by people. Founded in 2006, Enphase transformed the solar industry with our revolutionary microinverter technology, turning sunlight into a safe, reliable, resilient, and scalable energy source to power our lives. Today, our intelligent microinverters work with virtually every solar panel. When paired with our award-winning smart battery technology, we engineer one of the industrys best-performing clean energy systems. The Enphase Energy system enables people to use, save, sell, and own their power. This includes our industry-leading app, which provides unprecedented data and control in the palm of your hand. For the first time in the evolution of our centuries-old grid, people can get paid for the clean energy they produce and share with their communities, helping to build a new energy future that harnesses the sun. This clean, free, abundant energy source can power our lives and help replace fossil fuels altogether. Enphase Energy is seeking top-tier talent to join our leading-edge tech company. We hire creative, top-performing people with a passion for high achievement. Enphase Energy provides employees with the opportunity to do their best work in a stimulating, dynamic, challenging, and fun environment. Be a part of the industry leader pioneering improvements in how Solar Energy is delivered to homes and businesses. Who we are looking for: We are seeking a meticulous and detail-oriented IT Auditor to join our team. As an IT Auditor, you will be crucial in evaluating and assessing our organization s IT systems, infrastructure, and processes to ensure compliance, efficiency, and security. You will conduct thorough audits, identify risks, recommend improvements, and help maintain the integrity and reliability of our IT environment. This position requires working from the office at least two days a week. What you will be doing: Conduct comprehensive audits of IT systems, networks, and infrastructure to assess compliance with regulatory requirements, industry standards, and internal policies. Evaluate the effectiveness, efficiency, and security of IT controls, procedures, and practices. Identify and assess risks related to information technology, including cybersecurity threats, data breaches, system vulnerabilities, and compliance issues. Review and analyze IT policies, procedures, and documentation to ensure alignment with best practices and regulatory requirements. Collaborate with IT and business stakeholders to understand system architectures, processes, and objectives. Develop audit plans, methodologies, and procedures tailored to specific IT environments and objectives. Perform design and operating effectiveness testing of IT controls and processes, including reviewing configurations, analyzing data, and conducting interviews with stakeholders. Identify potential risk areas and recommend control enhancements to mitigate those risks. Document clear and concise audit findings, including deficiencies, vulnerabilities, areas for improvement, remediation actions, and risk mitigation strategies, and communicate them effectively to management. Monitor the implementation of audit recommendations and verify that corrective actions are effective. Assist in the development and maintenance of SOX documentation, including process narratives, flowcharts, and control matrices. Stay informed about emerging IT trends, technologies, regulations, threats, and industry best practices to continuously improve audit methodologies and practices. Participate in special projects and initiatives related to process improvements or system implementations. Provide support during external audits and regulatory inspections as needed. Facilitate the use of technology-based tools or methodologies to perform control testing Support audit planning, managing idle time, and self-productivity Maintain independence and objectivity. Maintain an in-depth understanding of IT environment and supporting functions. Exercise professional skepticism and judgment and adhere to the code of ethics Who you are and What you bring: Bachelor s degree in Information Technology, Computer Science, or a related field Four or more years of experience auditing publicly traded companies or Big 4 consulting firms, specifically in SOX compliance Knowledge of IT systems, networks, databases, and cybersecurity principles. Familiarity with IT auditing standards, frameworks, and methodologies (e.g., COBIT, ISO/IEC 27001, NIST). Strong knowledge of ITGCs, application controls, cloud computing, and cybersecurity frameworks. Experience with audit tools, data analytics, and IT risk assessment methodologies. Knowledge of ERP systems, databases, and IT infrastructure reviews.Strong analytical skills, attention to detail, and the ability to identify and assess risks and controls effectively. Excellent communication skills, including the ability to convey technical information to non-technical stakeholders and to write clear and concise audit reports. Ability to work independently and collaboratively in a dynamic environment, managing multiple priorities and deadlines. Proficiency in audit tools and technologies, data analysis techniques, and Microsoft Office applications Excellent communication skills, including the ability to convey technical information to non-technical stakeholders and to write clear and concise audit reports. Proficiency in using computer software and applications for data management, analysis, and reporting purposes incredibly, PowerPoint and Excel efficiently Strong analytical skills, attention to detail, and the ability to identify and assess risks and controls effectively. Proficiency in audit tools and technologies, data analysis techniques, and Microsoft Office applications. Ability to work under pressure and deliver results in a fast-paced and deadline-oriented environment with the agility to respond effectively to changing priorities. Team player, who integrates with the team and adapts to the dynamic environment. Aptitude for problem-solving and root cause analysis, including the ability to conceptualize and analyze multiple scenarios in solving business problems. Ability to coordinate with cross-functional teams, outsourced consultants, and external auditors in executing the Internal Audit Program. Ability to work across time zones and manage diverse stakeholders and resources in multiple countries. Initiative-taker with a sense of urgency and working in a fast-changing environment with shifting priorities. Ability to work independently and collaboratively in a dynamic environment, managing multiple priorities and deadlines. Experience with AuditBoard Platform or experience with other automated SOX tools. Managing the SOX database, building ad-hoc reporting, and leveraging the tool to administer and optimize the SOX program. Continuous development of the SOX platform to enhance user-friendliness and expand the capabilities of the platform Strong analytical skills to evaluate root causes of control weaknesses and partner with business leaders to enhance control effectiveness and remediate control deficiencies, as needed.

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you are part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let’s do this. Let’s change the world. In this vital role you will be responsible for identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various groups to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Identification and Assessment : Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring : Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management : Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience: 2 - 4 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Solid understanding of IT infrastructure, systems, and security standard processes. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical collaborators. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS). Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and fixing skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. Collaboration with distributed team. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you are part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let’s do this. Let’s change the world. In this vital role you will be responsible for identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various groups to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Identification and Assessment : Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring : Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management : Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience: 2 - 4 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Solid understanding of IT infrastructure, systems, and security standard processes. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical collaborators. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS). Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and fixing skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. Collaboration with distributed team. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Role- ITGC -Senior Location - Gurgaon, Kochi, Kolkata, Noida, Bengaluru, Chennai, Pune Exp- 3-6 Years To qualify for the role, you must have Preferably B.E/B.Tech (Computers, Electronics, Data Analytics), BCA/MCA, B.Sc/M.Sc. (computers major), MBA, CA. Must Have 3-6 years of hands-on internal/external IT Audits Atleast One - IT General Controls, IT Automated Controls, and Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting Able to perform independent security configuration review of common operating systems and databases - Windows, Unix, DB2, AS400, SAP R3ECC/HANA, Mainframe, SQL, Oracle. Knowledge of documentation and data analysis tools like Word, Excel, Access, Strong English verbal and written communication skills. Nice to have CISA, CISM, CRISC, ISO27001, Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI German/Dutch/French language is an added advantage.

As a Security Specialist you will be responsible for monitoring, managing, and securing IT and telecommunications services provided to end users, ensuring optimal security and service availability. Youll focus on threat detection, incident response, and security monitoring for both routine and emergency situations, contributing to the success of Nokias customer service. You have: BE/B.Tech/ME/M.Tech with- 2 to 5 years of experience in Security Operations Support and tools like SIEM (Splunk) and EDR (CrowdStrike). Experience in security risk management and cybersecurity technologies. Understanding of relevant legal and regulatory requirements, including cybersecurity laws and CII regulations. It would be nice if you also had: Basic security certifications like CEH, NSE, CompTIA+, or others. Hands-on experience with CrowdStrike, ArcSight, or Q-Radar platforms. Exposure to developing and updating SIEM/EDR use cases. Familiarity with handling confidential information with integrity. Experience in working with high-stakes, demanding environments where security operations are crucial. Understanding of cyber threat frameworks such as the NIST Cybersecurity Framework. You will contribute to daily security monitoring activities and enhance response strategies during emergencies. You will work on advanced incident detection and response techniques to resolve service interruptions and outages efficiently. You will develop skills in aggregating and normalizing logs from various security devices and platforms. You will be participate in proactive threat hunting, building on your ability to identify and resolve vulnerabilities before they become threats. You will gain experience in managing critical situations, ensuring security services remain operational during service unavailability or outages. You will be getting exposer in work with industry-standard security practices and frameworks like ISO/IEC 27001 and NIST to improve security processes and governance. You will develop skills to communicate complex security issues to both technical and non-technical stakeholders at various levels. You will gain a deeper understanding of security regulations and frameworks (e.g., ITIL, COBIT, CII) to ensure services are aligned with compliance standards.

About the role Role Description: Let’s do this. Let’s change the world. In this vital role you will involve working closely with various groups to ensure that GxP controls are in place, GxP deviations are managed and monitored, and security standards are met. The GxP Specialist will assist in owning and maintaining GxP deviation records, performing GxP assessments, and supporting regulatory compliance efforts. Roles & Responsibilities: GxP Deviation and CAPA Management : Manage and own technology related GxP deviations, CAPA, and CAPA-EV records Manage GxP reporting and monitoring metrics for Technology/IT records Collaborate with record owners and QA to ensure timely record resolution Assist in the identification and evaluation of risks associated with GxP deviation records. Identify and support new record owners across IT/Technology (e.g. office hours, ad-hoc meetings, document management support). Attend enterprise network meetings as needed to represent the Technology / IT function. GxP Deviation Monitoring and Improvements: Recommend deviation management improvement strategies across Technology/IT. Collaborate with Quality, IT application, cybersecurity, and business teams to supervise and resolve identified risks and vulnerabilities associated with deviations and CAPA’s. Assist in conducting CAPA applicability assessments, time studies, and related initiatives to identify impacts and improvement opportunities in IT systems, processes, and policies. Supervise, monitor, and report on the efficiency of existing GxP records, trends, and recommend improvements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GxP, GDPR, SOX, NIST). Assist in proactive measures to facilitate compliance, such as collaborating with collaborators to initiate periodic reviews Assist in the preparation for audits and inspections by internal and external parties, providing documentation and evidence of IT GxP deviation management practices. Support the development and implementation of IT governance, risk, and compliance frameworks and continuous improvements. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Doctorate degree OR 5+ years of experience in IT GxP deviation management, IT quality management, IT auditing, or information security. Hands-on experience with deviation management tools and associated frameworks (e.g., ISO 27001, NIST, COBIT). Master’s degree and 4 to 6 years of information technology, Cybersecurity, Risk Management, or a related field experience OR Bachelor’s degree and 6 to 8 years of information technology, Cybersecurity, Risk Management, or a related field experience OR Diploma and 10 to 12 years of information technology, Cybersecurity, Risk Management, or a related field experience Preferred Qualifications: Skills and Competencies : Good understanding of GxP deviation management, document management, IT infrastructure, systems, and security standard methodologies. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex GxP and risk concepts to non-technical collaborators. Familiarity with regulatory frameworks and compliance standards (e.g., GxP, GDPR, HIPAA, SOX). Technical Knowledge : Proficiency with GxP deviation management tools, GRC (Governance, Risk, and Compliance) software, enterprise change management tools, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Equal opportunity statement Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com

We are seeking a highly experienced and motivated Director of Technical Services for our Enterprise IT Service Management (ITSM) product line In this leadership role, you will drive the technical strategy, oversee product deployment, and ensure exceptional customer support Your expertise and leadership will be crucial in guiding our implementation teams to success Key Responsibilities: Technical Strategy and Roadmap: Develop and maintain the technical strategy and roadmap for our ITSM product line, aligning with company goals and customer needs Collaborate with product management and stakeholders to prioritize enhancements and new features, based on market trends and customer feedback Technical Leadership: Lead, mentor, and inspire a team of architects, subject matter experts, and technical engineers for high-quality product deployment and delivery Establish best practices and standards for software deployment, quality assurance, and technical support Foster a culture of innovation and continuous improvement Product Deployment: Oversee the design, testing, and deployment of ITSM products for global customers Experience with tools like ServiceNow, HP, BMC, or CA is advantageous Implement processes for Service Strategy, Service Design, and Continuous Service Improvement Lead the development of Service Portfolio and Service Catalog, and establish OLAs and SLAs with stakeholders Strive to establish the team as a Service Management Center of Excellence Work closely with cross-functional teams for timely product releases and updates Customer Support and Success: Ensure exceptional technical support and services, ensuring high customer satisfaction and prompt resolution of issues Act as the escalation point for critical technical issues, collaborating with internal teams and customers Stakeholder Management: Build strong relationships with internal and external stakeholders, including customers, partners, and vendors Provide regular updates to executive management on project status, implementation support, and team performance Qualifications and Experience: Bachelor s or master s degree in Computer Science, Engineering, or a related field ITIL Expert certification is a significant advantage 12+ years of experience in software deployments and technical management, focusing on Enterprise IT Service Management or similar products Proven leadership and mentoring experience with high-performing technical teams Strong knowledge of ITSM best practices and standards (e g , ITIL, COBIT, ISO/IEC 20000) Proven experience managing large-scale customer projects globally Strong customer orientation and excellent relationship management skills Exceptional communication, presentation, and interpersonal skills What We Offer: Competitive salary and comprehensive benefits package A collaborative and innovative work environment Opportunities for professional growth and development Join us at SymphonyAI and make a significant impact on the future of Enterprise IT Service Management solutions We look forward to welcoming a dynamic leader who can drive success and innovation Introduction SymphonyAI is at the forefront of innovation, leveraging cutting-edge artificial intelligence and machine learning technologies to transform industries and drive business growth As a global leader in AI-powered solutions, we empower organizations to harness the full potential of data-driven insights SymphonyAI enterprise applications rapidly deliver transformative business value across retail, CPG, financial services, manufacturing, media, Enterprise IT (SymphonyAI Summit) and the public sector SymphonyAI combines unrivalled AI technology, vertical expertise and industry-specific data and insights into applications that drive the highest value for customers We are one of the largest and fastest growing AI portfolios Job Description Position Summary: We are seeking a highly experienced and motivated Director of Technical Services for our Enterprise IT Service Management (ITSM) product line In this leadership role, you will drive the technical strategy, oversee product deployment, and ensure exceptional customer support Your expertise and leadership will be crucial in guiding our implementation teams to success Key Responsibilities: Technical Strategy and Roadmap: Develop and maintain the technical strategy and roadmap for our ITSM product line, aligning with company goals and customer needs Collaborate with product management and stakeholders to prioritize enhancements and new features, based on market trends and customer feedback Technical Leadership: Lead, mentor, and inspire a team of architects, subject matter experts, and technical engineers for high-quality product deployment and delivery Establish best practices and standards for software deployment, quality assurance, and technical support Foster a culture of innovation and continuous improvement Product Deployment: Oversee the design, testing, and deployment of ITSM products for global customers Experience with tools like ServiceNow, HP, BMC, or CA is advantageous Implement processes for Service Strategy, Service Design, and Continuous Service Improvement Lead the development of Service Portfolio and Service Catalog, and establish OLAs and SLAs with stakeholders Strive to establish the team as a Service Management Center of Excellence Work closely with cross-functional teams for timely product releases and updates Customer Support and Success: Ensure exceptional technical support and services, ensuring high customer satisfaction and prompt resolution of issues Act as the escalation point for critical technical issues, collaborating with internal teams and customers Stakeholder Management: Build strong relationships with internal and external stakeholders, including customers, partners, and vendors Provide regular updates to executive management on project status, implementation support, and team performance Qualifications and Experience: Bachelor s or master s degree in Computer Science, Engineering, or a related field ITIL Expert certification is a significant advantage 12+ years of experience in software deployments and technical management, focusing on Enterprise IT Service Management or similar products Proven leadership and mentoring experience with high-performing technical teams Strong knowledge of ITSM best practices and standards (eg, ITIL, COBIT, ISO/IEC 20000) Proven experience managing large-scale customer projects globally Strong customer orientation and excellent relationship management skills Exceptional communication, presentation, and interpersonal skills

Job Description: Overall, 5-7 years relevant experience with at least 2 years in endpoint security engineering Linux/UNIX, Windows, and/or Mac system administration Experience with client authentication and system management solutions for Windows and non-Window clients Proficiency with Microsoft Windows administrative tools, and Unix/Linux command line Hands-on technical expertise with common endpoint security controls such as endpoint antivirus, endpoint response, host logs Familiarity with other common security infrastructure such as firewalls, intrusion detection/prevention systems, vulnerability scanners, encryption, SIEM, identity and access management Functional understanding of scripting languages (Batch, PowerShell, Python, etc.) Familiarity with security best practices and industry standards (e.g., NIST, CIS, ISO27002, COBIT, etc .) Participate as a member of an on-call rotation Bachelors degree in Information Security, Security Assurance, Computer Science or related fields • Excellent written and verbal communication skills Technical understanding of cloud computing components and controls Able to deliver quality results in a high-energy/high-pressure environment Ability to multi-task and manage demands of many projects, issues, and tasks

Skills and attributes for success To qualify for the role, you must have Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk Compliance (GRC), Cyber risk assessments management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you ll also have Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable

Skills and attributes for success To qualify for the role, you must have Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk Compliance (GRC), Cyber risk assessments management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you ll also have Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable

Roles & Responsibilities: As a Senior Auditor, you will be a part of the Internal Audit team and responsible for: Independently managing delivery of the SOX engagements for multiple Business Processes - including scoping, test of design, test of effectiveness and reporting. Providing guidance to auditors to conduct effective assessment to comply to Sarbanes-Oxley (SOX) compliance Assisting Senior Manager in conducting SOX scoping, control rationalization and standardization for business processes Evaluating control gaps noted during design or operating effectiveness testing, partner with 2nd Line of defense, provide recommendations and track remediation Performing Design & Operating effectiveness testing & review for assigned Business Process Controls (Manual / ITDM / ITAC) while adhering to Internal Audit quality guardrails. Identifying & driving Automation opportunities in SOX controls testing Testing & Reviewing ITAC - configuration of standard SAP & Non SAP applications, reviewing variations, Interface Controls testing, building sample scenarios, source code reviews and key reports testing. Developing a strong understanding over Targets business & control environment and ensure control objectives are met during the course of your testing. Monitoring project progress, manage multiple assignments and related project teams, if needed Meet quality guidelines within the established turnaround time (or allotted budget) for assigned requests Provide regular status update on projects and controls in hand. Plan and execute operational audits in adherence to IA policies and procedures Managing relationships with key internal & external stakeholders and ensuring adherence to project timelines & deliverables. Identifying opportunities for use of Data Analytics & Automation to enhance Internal Audits ability to perform efficient testing/audit. Demonstrating a high level of engagement at work by closely interacting with HQ Internal Audit Team, participating in Internal Audit trainings, team building & community relations activities. Being independent, innovative & proactive in taking steps for your personal development by willingly taking on stretch assignments, cross-functional engagements & acquiring of new skills. *Job duties may change at any time due to business needs. About You. 3 or 4 year college degree (IT, Accounting, Engineering or related field preferred). 5 to 8 years of internal or external audit experience focused on SOX / IFC & Operational Audit. Experience in SAP environment is preferred. Knowledge of key IT regulations, standards and benchmarks used by the IT industry (e.g. COBIT, SSAE18/ISAE 3402 etc.) Knowledge of security measures and auditing practices within various applications, operating systems, and databases Working Knowledge of auditing ITGC & ITAC Exposure to Risk Management and Governance Frameworks/ Systems & ERP systems Preferred Certifications CIA/CISA.

Job Title Oracle Consultant Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation and design and deployment You will explore the alternatives to the recommended solutions based on research that includes literature surveys, information available in public domains, vendor evaluation information, etc. and build POCs You will create requirement specifications from the business needs, define the to-be-processes and detailed functional designs based on requirements. You will support configuring solution requirements on the products; understand if any issues, diagnose the root-cause of such issues, seek clarifications, and then identify and shortlist solution alternatives You will also contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional Requirements: ExperienceAtleast two years of relevant experience in ORC based packages such as Finance, Supply Chain Management, Human Capital Management. KnowledgeEither Process understanding or Domain Knowledge in one or two areas, ITIL, COBIT, CMM, Six Sigma and other operational process frameworks awareness, ESM tools and architecture knowledge Skills: Communication (Written & Verbal)Consulting, Assessment, Design, Deployment, testing, Client Interfacing skills, Team management Preferred Skills: Domain->Supply Chain Management->Demand & Supply Planning Technology->Data Management - Data Integration->Informatica Technology->HCM Others->HCM Others Domain->Finance->Accounting & Reporting Technology->Business Intelligence - Visualization->MSBI (Power BI) Technology->Oracle->PL/SQL Additional Responsibilities: Ability to work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data Awareness of latest technologies and trends Logical thinking and problem solving skills along with an ability to collaborate Ability to assess the current processes, identify improvement areas and suggest the technology solutions One or two industry domain knowledge Educational Requirements Master of Science (Technology),Master Of Business Adm.,Master Of Comp. Applications,Master Of Engineering,Master Of Technology,Bachelor of Engineering,Bachelor Of Technology Service Line Enterprise Package Application Services * Location of posting is subject to business requirements

About Us Booking Holdings India is a Center of Excellence based in Bangalore, India and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands. As part of our Booking Holdings India team, you will have the opportunity to be a part of the worlds leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK, OpenTable and Rentalcars.com. About the Role We are now looking for an IT SOx Analyst, Risk & Control (R&C) in our CoE to support R&C with SOx testing of IT Controls. You will be directly working on testing internal controls to support SOX302 attestation. The R&C IT SOx Analyst is also a subject matter expert, responsible for advising the Risk team on controls design, deficiencies evaluation and improvements across multiple processes from SOx testing standpoint. A successful risk professional requires a dynamic personality and ability to adapt in a rapidly changing environment. B. responsible: key areas of responsibility will include, but are not limited to: - Execute and lead testing end to end for the assigned areas: - Design and execute the day-to-day testing activities of IT controls, with a focus on regulatory/compliance (SOx) related risks - Collect, analyze, and interpret information to assess and conclude on each assigned testing area with clear concise documentation - Identify gaps in design and execution, and communicate issues and recommendations to R&C team and control owners - Develop and maintain comprehensive documentation including process walkthrough documentation, control testing documentation and any others required - Collaborate and partner with R&C by providing guidance and ensuring that critical SOx controls are adequately designed and documented, in order to strengthen the control environment, mitigate the company risks and support the business in achieving objectives - Collaborate & participate within R&C to continuously improve the R&Cs capabilities and governance from SOx testing standpoint B. skilled: - The ideal candidate will have a strong background in IT risk management, IT frameworks, governance and controls, Segregation of Duties, and ERP audits. - 4+ years of experience gained within IT compliance, internal controls, internal/external audit, including experience working with teams in an international environment o Strong understanding of design assessment and operating effectiveness assessment of IT controls, and interface controls. o Experience in technology-based product development / DevOps processes, cloud security and other modern day technologies o Understanding of different architecture (SOA and micro services), and ability to review source codes is an added advantage. - Understanding of and experience with risk management relevant fields and frameworks, including SOx, COSO, and COBIT - Strong working knowledge of SOx - Ability to multitask and successfully manage multiple priorities and projects - Strong work ethic, enthusiastic, self-starting, adaptable and enjoys change in a super engaged team - Excellent communication skills to interact with audit teams, management and other stakeholders effectively - Ability to work effectively in a virtual environment - Fully comfortable working in English, both written and spoken - Professional certification, such as CISA/CRISC/CIA (or similar), would be an advantage - Relevant bachelors degree required - Experience working with a Big4 is preferred

Role Description About The Role We are now looking for a Specialist, Risk & Control (R&C) in our CoE to support R&C with SOx testing of IT Application controls and IT Dependent Manual Controls. You will be directly working on testing internal controls to support SOX302 attestation. The R&C ITAC SOx Specialist is also a subject matter expert, responsible for advising the Risk team on controls design, deficiencies evaluation and improvements across multiple processes from SOx testing standpoint. A successful risk professional requires a dynamic personality and ability to adapt in a rapidly changing environment. Responsible: key areas of responsibility will include, but are not limited to : Support testing end to end: Design and execute the day-to-day testing activities of IT application controls and Business controls, with a focus on regulatory/compliance (SOX) related risks Collect, analyze, and interpret information to assess and conclude on each assigned testing area with clear concise documentation Identify gaps in design and execution, and communicate issues and recommendations to R&C team and control owners Develop and maintain comprehensive documentation including process walkthrough documentation, control testing documentation and any others required Collaborate and partner with R&C by providing guidance and ensuring that critical SOx controls are adequately designed and documented, in order to strengthen the control environment, mitigate the company risks and support the business in achieving objectives Collaborate & participate within R&C to continuously improve the R&Cs capabilities and governance from SOX testing standpoint 2. Skilled: The ideal candidate should have a strong background in IT risk management, and perform ERP audits with a good understanding of IT application controls and IT dependent manual controls / business process controls. 4+ years of experience gained within IT compliance, internal controls, internal/external audit, including experience working with teams in an international environment Strong understanding of design assessment and operating effectiveness assessment of IT automated process controls, IT dependent manual controls, and interface controls. Experience in technology-based product development / DevOps processes, cloud security and other modern day technologies Understanding of different architecture (SOA and microservices), and ability to review source codes is an added advantage. Understanding of and experience with risk management relevant fields and frameworks, including SOx, COSO, and COBIT Strong working knowledge of SOX Ability to multitask and successfully manage multiple priorities and projects Strong work ethic, enthusiastic, self-starting, adaptable and enjoys change in a super engaged team Able to work independently & autonomously, while still being a strong team player Fully comfortable working in English, both written and spoken Professional certification, such as CISA/CRISC/CIA (or similar), would be an advantage Relevant Bachelors degree required.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areasEvidence of self-motivation to continuously develop in the areas of cybersecurityGood organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlinesAbility to translate security issues into business risksExcellent interpersonal skills and ability to work effectively within a team at all hierarchical levelsWillingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologiesExperience, knowledge and strong interest in information and cyber security domains are essential for this roleExperience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologiesExperience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber securityExperience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc.Experience in data classification exercises and controls / mechanisms enforcementWorking knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirableExperience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagementsExperience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International StandardsSecurity-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Key responsibilities: As a Technology Transformation Risk Senior, you will play a pivotal role in ensuring that technology transformations within the organization are carried out with a comprehensive understanding and management of the associated risks. You will assist in identifying, assessing, and mitigating risks associated with significant technology changes, such as system upgrades, cloud migrations, and the introduction of new digital tools and platforms. Your role will ensure that technology advancements are implemented securely and in compliance with the companys risk management policies. Assist in conducting risk assessments for technology transformation projects, identifying potential risks and vulnerabilities. Support the development and implementation of risk mitigation strategies to address identified risks. Collaborate with project teams to ensure risk considerations are integrated throughout the project lifecycle. Monitor and report on the status of risk mitigation activities, providing updates to the Technology Transformation Risk Manager and other stakeholders. Participate in the creation and maintenance of risk documentation, including risk registers, reports, and dashboards. Contribute to the development of risk management policies, procedures, and training materials. Engage with internal and external stakeholders to communicate risk findings and recommendations. Stay informed about emerging technology trends, threats, and regulatory requirements that may impact the risk landscape. Support the Technology Transformation Risk Manager in fostering a culture of risk awareness and proactive risk management within the organization. To qualify for the role, you must have Bachelors degree in Information Technology, Computer Science, Risk Management, or a related field. Minimum of 3 years of experience in technology risk management, with a focus on transformation projects. Strong understanding of IT governance frameworks (e.g., COBIT, ITIL), cybersecurity principles, and data privacy regulations (e.g., GDPR, CCPA). Desired experience in Internal controls within SAP ECC/S4 Applications and their integrations and strong understanding of IT application controls, IT general controls and interface controls Professional certifications such as CRISC, CISM, CISSP, or equivalent are highly desirable. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach.

Project Role : Software Development Engineer Project Role Description : Analyze, design, code and test multiple components of application code across one or more clients. Perform maintenance, enhancements and/or development work. Must have skills : Service Management Framework Design and Implementation Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : minimum 15 years of fulltime education Summary :As a Software Development Engineer, you will be responsible for analyzing, designing, coding, and testing multiple components of application code across one or more clients. Your typical day will involve working on Service Management Framework Design and Implementation using your technical expertise and problem-solving skills. Roles & Responsibilities: Design and implement Service Management Frameworks for clients using industry best practices and standards. Collaborate with cross-functional teams to identify and resolve technical issues related to Service Management Frameworks. Develop and maintain technical documentation related to Service Management Frameworks. Provide technical guidance and support to team members on Service Management Frameworks. Stay updated with the latest advancements in Service Management Frameworks and integrate innovative approaches for sustained competitive advantage. Professional & Technical Skills: Must To Have Skills:Experience in Service Management Framework Design and Implementation. Good To Have Skills:Knowledge of ITIL, COBIT, and other industry frameworks. Strong understanding of IT Service Management principles and practices. Experience in developing and implementing Service Level Agreements (SLAs) and Operational Level Agreements (OLAs). Experience in designing and implementing Incident, Problem, Change, and Release Management processes. Solid grasp of IT Service Management tools such as ServiceNow, BMC Remedy, and JIRA. Additional Information: The candidate should have a minimum of 3 years of experience in Service Management Framework Design and Implementation. The ideal candidate will possess a strong educational background in Computer Science, Information Technology, or a related field, along with a proven track record of delivering impactful solutions. This position is based at our Bengaluru office. Qualification minimum 15 years of fulltime education

Qualification and Minimum Entry Requirements B.Tech/MCA/MBA with 2 4 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control's design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB's and work as a team in providing an integrated service delivery Ensure professional development through ongoing education

As a part of RSM's growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Qualification and Minimum Entry Requirements Chartered Accountant with relevant 3 to 5 years' experience in SSAE 18, SOC reports, IT General Controls and IT Application Controls. Candidate should have basic to intermediate knowledge of financials, operations and technology and its related risks Candidate should have basic knowledge for SOC 1, SOC 2, IT General Controls, and IT Application Controls Qualified to pursue a job-relevant certification (CIA, CISA) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the industry leading frameworks and methodologies for Sarbanes-Oxley, COSO, COBIT Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control's design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB's and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements.