681 Cobit Jobs - Page 28

POSITION SUMMARY: The IT GRC Lead is responsible for establishing and maintaining IT governance frameworks, managing risk and compliance activities, and ensuring alignment with business objectives and regulatory requirements. This role supports audit readiness, drives process improvements, and collaborates across departments to promote a strong GRC culture. It also involves administering GRC tools like RSA Archer and MetricStream and providing training to ensure organizational adherence to best practices. KEY RESPONSIBILITIES:Establish and enforce IT governance frameworks, policies, and procedures that are aligned with industry best practices.Ensure IT governance strategies are in line with the broader business objectives and IT strategy to support organizational growth and operational efficiency.Regularly review and update IT policies and standards to ensure alignment with organizational goals and regulatory requirements.Lead efforts to continuously improve IT governance processes and enhance efficiency across the organization.Conduct comprehensive risk assessments and collaborate with relevant teams to implement effective risk mitigation strategies.Assist in the preparation for and response to internal and external audits, ensuring compliance with relevant standards and regulations.Perform regular audits to assess compliance with internal policies, industry standards, and external regulations.Prepare detailed reports on governance, risk management, compliance status, and audit outcomes for senior management and stakeholders.Maintain comprehensive documentation of IT governance processes, risk assessments, and compliance activities for future reference and audits.Collaborate with IT, legal, InfoSec and other business units to foster a robust culture of governance, risk management, and compliance across the organization.Offer training and guidance to staff on GRC policies, processes, and tools to ensure awareness and adherence to best practices.Administer and optimize GRC tools (RSA Archer, MetricStream) to streamline risk management and compliance activities, improving efficiency and accuracy. DESIRED CANDIDATE PROFILE:10 to 14 years of Experience (Min 6 years in IT Governance)Strong knowledge of IT governance, risk management, and regulatory compliance (BFSI focus)Experience with IT frameworks (COBIT, ITIL, ISO 27001/27002)Skilled in risk assessments, audits, and mitigation strategiesProject management and stakeholder engagement experienceExcellent communication, documentation, and presentation skillsFamiliar with GRC tools and regulatory codes in governance

POSITION DETAILSPosition SummaryAssist CIRCOR in identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for IT SOX related Controls.Assist in the selection and tailoring of approaches, methods, and tools to perform IT AuditsPrincipal ActivitiesManage ITGC and ITACs audit engagements, including planning, scoping, and execution phases, ensuring compliance with audit methodology and professional standards. Conduct risk assessments and design audit programs tailored to clients' ITGC and ITACs control environments.Perform detailed testing of ITGC and ITACs controls, identifying control gaps, weaknesses, and areas for improvement.Evaluate IT systems and processes to identify control deficiencies and recommend practical solutions to mitigate risks.Collaborate with cross-functional teams, including internal audit, IT security, and business stakeholders, to assess control effectiveness and facilitate remediation activities.Have relevant experience in IT audit, ITGC and ITACs controls, preferably in a consulting or professional services firm.Strong knowledge of ITGC and ITACs control frameworks (e.g., COSO, COBIT), IT risk management, and regulatory requirements (e.g., SOX).Experience in performing ITGC and ITACs control assessments, including design effectiveness and operating effectiveness testing.Familiarity with IT systems, applications, and infrastructure, with the ability to understand complex IT environments across different industries.Travel up to 15% may be required (or as needed)RequirementsCANDIDATE REQUIREMENTSKnowledge Skills & AbilitiesCandidate will be able to leverage past experiences and knowledge to provide advice on optimal solutions for implementation of effective IT controls to strengthen our processes, reduce risk and sustain compliance requirements. Maintains effective communication with team members and functional leadership in all activities required to plan, perform, monitor, and support the global IT compliance and SOX work.Shows effective project management skills, the ability to be a self-starter, and able to effectively manage workload.Familiarity with PCAOB requirements and evolving points of emphasis preferred.Experience with evaluating IT control deficiencies and the development of action plans to remediate control deficiencies, including guiding IT organizations on creating new controls to address design gaps.Understands business processes, particularly information technology related areas, and related master data.Has a working knowledge of SAP, preferably at a super user level.Has knowledge and experience with business processes to understand the business operations and can propose improvements or new alternatives that will assist all locations (US and International) in their efforts to implement the global business process in a controlled manner.Can work well within a complex team environment comprised of a virtual team members located across multiple regions.Ability to effectively partner with business functions as well as a 3rd party service provider team.Understands the value of process-oriented approaches as well as ability to establish and monitor key metrics.Experience in projects accountable for leading change is a definite plus.Preferably has experience with a GRC tool.Knowledge of Information Security Risk is preferred.Big 4 or equivalent experience preferred.Education & ExperienceA bachelor’s degree in a subject related to one of the following functions: Information Technology, Management, Information Security, Finance, or related discipline. CISA, CISM, CRISC, CISSP or other relevant certification preferred7+ years’ experience with IT controls and SOX complianceExperience with managing a team.Advanced knowledge of IT controls and SOX regulationsExperience with testing and reviewing the testing of IT SOX controls. CIRCOR is an EEO Employer of Females / Minorities / Veterans / Individuals with Disabilities

About the role: The global Identity Access Management team is passionately serving our stakeholders while evolving best practices. As an Identity Access Analyst , you have a pivotal operational role to provide and deprovision system access. You have an equally crucial role to partner collectively with stakeholders to mature, streamline, and automate Identity and Access Management procedures for Blackbaud. What you’ll do Ensure appropriate Control through timely removal of unnecessary or inappropriate system access? Expediently provision approved access, often utilizing evolving Role Based Access Controls (RBAC), for Blackbaud systems to prevent excessive permissions and rights. ?? Proactively expand approved RBAC roles through analysis, recommendation and adoption/rollout. Analyze and resolve access issues, coordinating with system owners or technical support resources as necessary. Participate in ongoing audits and assessments, and assist with implementation of audit or compliance recommendations? Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support? Identify , evaluate and recommend opportunities to eliminate, streamline, and automate access management practices. Partner with colleagues including application owners, cloud engineers, cyber security SMEs, etc. to effectively execute improvements based on expected value. Generate reports to perform in-depth analysis and data collection for issues associated with IAM? What you’ll bring 2 years of experience in Identity or Access Management?? Tireless adherence and attention to appropriate IT general computing controls? Ability to understand, work with and where appropriate leverage various technologies including PowerShell , ServiceNow, SailPoint's Identity-Now, Active Directory, EntraID , Salesforce, Workday, etc. Practical experience with SCA, ITIL, COBIT, NIST and/or other security and control frameworks? Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube ? Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. Are you a forward-thinking, high-energy, dynamic driver who wants to get directly involved in the daily business with our international teams, develop your own abilities, and manage responsibility? Join us as a Process Expert- Governance & Enablement Key Responsibilities: SPOC respectively Bridge Head to central IT, CYS and LC for all general Service-related topics. Definition of rules and regulations leading to a standard conform operation of GBS offered IT Services Supporting GBS business Lines for contract and technical related topics around Carve Outs/Ins Ensuring wide-spread know-how about existing IT-portfolio Support & monitoring GBS BLs in implementing Governance defined IT rules & regulations Offer IT related trainings for GBS BLs focusing relevant rules and regulations Management & support of ISO topics for DS services & Products Qualification: Bachelor’s degree in information technology or a related field. Knowledge of ITIL, COBIT or other IT governance standards and requirements. Strong organizational and project management skills. Proven but basic knowledge in CYS topics, mainly focusing on IT 5-7 years of experience in Information technology with at least 3 years in IT governance or related area. Good communication and networking skills in an intercultural environment and across all management levels Knowledge of ISO 9001, 27001 principles, DevOps, and Project Management methodologies will be an advantage Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers at: www.siemens.com/careers

Location: Gurugram, Haryana Time type: Full time Job level: Supervisor Job type: Regular Category: Transaction Advisory ID: JR112904 About us We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. About the Company: The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology and management consulting, tax and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company’s IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company’s cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Manage and develop members of the RSM USI team. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Expertise and working knowledge of infrastructure management, network architecture, virtualization, application and data hosting architectures (data center, on-premise, public cloud), and business continuity/disaster recovery (BCDR) best practices. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Exposure to various sectors such as financial services, healthcare, life sciences, power and utility, energy, retail and hospitality, business services and technology. An experience across a wide spectrum of IT and security pillars including IT Strategy, Infrastructure, Business Applications, Cybersecurity, Spend Analysis, etc. Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner. Evaluated as an exceptional performer in current position. Development Opportunity/What’s in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 4-7 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Deal experience with onshore team including data room management, document request list preparation, management meeting preparation, workbook analysis, quality of earnings, due diligence reports, client calls and engagement team calls. Experience with post-acquisition/carve-out integration and separation related engagements. Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain application implementation experience; functional expertise in IT and supporting front/back-office operations preferred IT and cyber related certifications (CISSP, CISM, HITECH, PCI DSS QSA, CEH, Azure, AWS) At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD 2 – Risk Consulting - Protect Tech – Senior (IT audit – General skills) No. of positions (India): 4 Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less