1022 Cobit Jobs - Page 3

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA As a Senior Solutions Architect at NTT DATA, you will play an essential role in collaborating with clients and internal teams to create advanced, transformational designs and architectural visions for complex solutions. Your expertise will drive the development of multi-technology consulting services that span application software, infrastructure, and related technology components. You will contribute to complex solution architectures in specific business, infrastructure, or functional areas while evaluating alternative architectures for cost, performance, and scalability. By developing detailed specifications for cloud-based or on-premises components, you will ensure robust, cutting-edge solutions that meet our clients' unique needs. Your hands-on role will involve preparing technical plans and designs that comply with enterprise and solution architecture standards, remaining agile to adapt to changing project requirements. You will be accountable for understanding client requirements, collecting DATA, delivering thorough analysis, and providing effective problem resolution. Keeping ahead of industry trends and emerging technologies, you will produce insightful reports and technology roadmaps, sharing your knowledge with internal teams and clients alike. By creating multiple design views, you will address both functional and non-functional requirements, offering innovative solutions with proof-of-concept (POC) implementations. You will also mentor and guide less experienced colleagues, contributing to our collaborative culture. To thrive in this role, you need to have: Advanced knowledge of multi-vendor service integrations and cross-functional software, operating systems, and infrastructure designs. In-depth understanding of how specific infrastructures and application software are deployed in line with methodologies such as TOGAF, Zachman, SOA, ITIL, and COBIT. Ability to develop and utilize advanced specialist knowledge of reference architectures. Extensive experience in technical, IT, or operations roles within large-scale technology services environments. Strong client engagement and consulting experience, including needs assessment and change management. Proven ability to collaborate effectively with cross-functional teams such as sales, product, and delivery. Excellent communication and interpersonal skills to build strong working relationships with both internal and external stakeholders. A continuous learning mindset to stay updated on trends and developments in technology domains. A bachelor's degree in computer science, engineering, business, or a related field. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Job Description #KGS Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Preferred Technical & Functional Skills Flair to be abreast with emerging Technology / innovations like Cloud computing, Agile, Blockchain, AI etc. Proficient with MS Office suite of applications [MS Word, MS Exec, MS PowerPoint, Power BI]. Certifications like CISA, CISSP, HITRUST,ISO etc. Key behavioral attributes/requirements Critical thinking and analytical ability. Excellent written and verbal communication skills. Flexibility to adapt to a variety of situations and multitask. Ability to work both independently and as part of a team. Personal drive and positive work ethic. Innovative mindset. Collaborate and build rapport with onshore and offshore teams Uphold the firm’s code of ethics and business conduct Responsibilities Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Qualifications This role is for you if you have the below Education Qualification: BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA, M.Tech, CA. Work Experience: The candidate must have 3-6 years of relevant experience in a similar role, preferably with a Big 4 firm.

Job Title-Senior Manager – Cybersecurity (CISSP, GRC & Risk Assessment) Experience-8-10Years. Location-Pune. Key Responsibilities: Lead the development and execution of the organization’s Cybersecurity GRC framework. Conduct comprehensive cyber risk assessments, threat modeling, and impact analyses for critical systems and processes. Define and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements (ISO 27001, NIST, GDPR, HIPAA, etc.). Manage internal and external cybersecurity audits and ensure closure of findings and action items. Work closely with business and IT stakeholders to drive cyber risk mitigation plans and ensure alignment with risk appetite. Develop executive-level reports, dashboards, and KPIs on cyber risk posture and GRC performance. Oversee vendor risk assessments and third-party cybersecurity due diligence. Provide guidance on compliance with data privacy, regulatory, and legal obligations. Ensure incident response readiness and participate in tabletop exercises and investigations. Support training and awareness programs across the enterprise to strengthen the cyber risk culture. Required Skills & Qualifications: 8+ years of experience in Cybersecurity, with at least 4 years in GRC or Risk Management leadership roles. CISSP certification is mandatory; additional certifications like CISA, CISM, CRISC, ISO 27001 LA are a plus. Strong understanding of cybersecurity principles, frameworks, and standards (NIST CSF, ISO 27001, COBIT, PCI-DSS, etc.). Deep expertise in risk assessment methodologies (OCTAVE, FAIR, etc.). Experience with GRC platforms like RSA Archer, ServiceNow GRC, MetricStream, etc. Familiarity with data protection regulations (GDPR, HIPAA, SOX, etc.). Strong analytical, leadership, and communication skills to engage with executive stakeholders.

Job Title: ITCG - Consultant Location : Bangalore, Mumbai & Gurgaon About us : - We are a US incorporated company with offices and teams across the US, India, and the Middle East, offering services like accounting & reporting, ESG & technology to our clients. Within a year, we have grown our team to 40+ Partners & Directors and 300+ people serving more than 150 clients, including some of the most prominent companies across the markets in which we operate. Our Accounting & Reporting Consulting (ARC) practice is designed to collaborate seamlessly with finance, internal audit, and risk functions, serving as a valuable extension of your team. Drawing from a global talent pool, we possess deep expertise in both functional and technological aspects within these domains. We offer the essential technical acumen, skills, technology, and operational capacity to address your challenges without incurring additional manpower costs for your organization. Our team brings a comprehensive understanding of diverse accounting, reporting & compliance frameworks including U.S. GAAP, IFRS, Ind AS, SOX and other jurisdiction-specific regulations. Roles & Responsibility: - Experience - 3 to 7 years IT Controls Design and Implementation: Extensive hands-on experience in evaluating and implementing IT controls in compliance with SoX/ICoFR/IFC, with a focus on IT General Controls (ITGC) and Application Controls. IT Governance Frameworks: Proven ability to design and assess information security and governance frameworks (COBIT, ISO27001, ISO 27701 etc) , policies, and procedures to enhance IT risk management and compliances. ERP Proficiency: Strong knowledge of major ERP systems, including SAP (S/4HANA), Oracle (Fusion/Cloud) etc. Expertise in design/review of either of area will be a plus: Data migration, data cleansing, ERP post implementation, access controls, SoD , ERP security concepts. IT Security Knowledge: Good understanding of IT security across key areas such as DevOps, Cloud Computing, Cyber Risks, Network Security, and Database Management Systems. Communication and Client Focus: Strong communication skills with a commitment to mobility and client-centric solutions.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30187464 Job Category Digital Technology Job Description Job Description Role: Audit & Complaince Location: Bangalore Full/ Part time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do About the role: We are seeking a highly skilled and experienced DT Compliance Lead to join our team, within Cyber Security function in Carrier, the ideal candidate will have a strong background in IT audits, compliance, and risk management. This is an individual contributor role that requires a proactive and detail-oriented professional to manage and support various compliance and audit activities. The individual will be responsible for governance and oversight of enterprise-wide SOX IT control program to mitigate the risk of material omissions, errors or weaknesses in our technology and security controls. The position requires a combination of strong program management and leadership skills, along with broad technical knowledge and subject-matter expertise in IT audits and compliance. This individual will be responsible for managing SOX compliance expectations with our key stakeholders including control owners, senior/executive management, and internal/external auditors. Key Responsibilities: Oversee program management for all activities including planning, scoping, audit fieldwork, issue identification, reporting, and remediation of issues. Develop an intimate understanding of Carrier’s business processes and the role of technology in meeting business objectives including key IT processes, automations, reports, data flows, and interfaces. Maintain SOX IT documentation, liaise with internal and external auditors, and provide guidance and support to technology control owners on control design, audit requirements, and issue remediation. Conduct internal audits to assess the effectiveness of internal controls and compliance with policies and regulations. Coordinate and support external audits, including providing necessary documentation and information. Evaluate IT control deficiencies for impact and perform root cause analysis to determine appropriate management actions. Monitor management’s remediation efforts to closure, including review of supporting evidence. Serve as subject matter expert and advise on the SOX compliance implications of technology related changes to the business such as new product lines, new system implementations etc. Develop a continuous monitoring program with an emphasis IT controls automation. Develop metrics, reporting and dashboards to track SOX IT control effectiveness and ensure process efficiency, and that risks are being appropriately tracked, communicated and managed. Continually identify opportunities to benchmark controls, automate control testing and streamline manual efforts to increase efficiency and reduce cycle times. Stay current on new technical literature applicable to the internal control process (e. g., PCAOB guidance, SEC, COSO, COBIT, etc.) and maintain awareness of emerging trends and best practices around technology and security controls. Successfully partner with and manage executive level stakeholders, PMOs & Working Groups with Domestic & International cross-functional teams. Create and deliver DT SOX Compliance training materials to key stakeholders. Provide guidance and support to other teams on compliance-related matters. Prepare and present reports on compliance activities and findings to senior management. Requirment Minimum 8-10 years of experience in IT audits, compliance, and risk management. Full-time Bachelor’s degree in IT, Computer Science or equivalent. Certifications such as CISA, CISM, or CISSP or similar professional certifications are highly desirable. Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework. Advanced knowledge of SOX IT requirements, COSO/CoBIT framework and PCAOB standards, and in-depth experience with testing general IT and application controls, segregation of duties (SoD) rules, reports and interfaces. ServiceNow GRC preferred. Excellent analytical and problem-solving skills. Excellent written and verbal communication skills, strong interpersonal skills and the ability to communicate technical concepts effectively across functions and all levels of management. Highly motivated self-starter with a meticulous attention to detail and bias to action, who is eager to put his/her stamp on our rapidly increasing compliance footprint. Ability to work independently and manage multiple priorities. Detail-oriented with a high level of accuracy., or accounting. Key Attributes: Forward-thinking mindset with strong digital acumen. Ability to collaborate across business, legal, and engineering functions. Strong sense of ethics, accountability, and customer trust. Excellent communication and stakeholder influence capabilities. Benefits We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary. Make yourself a priority with flexible schedules, parental leave Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

As a Senior Principal Technologist (Data Architect) at Medtronic, you will be responsible for delivering data architecture solutions that align with business capability needs and enterprise standards. In this role, you will collaborate with Enterprise Solution Architects, Business Solution Architects, Technical Architects, and external service providers to ensure that data and information models and technologies are in line with architecture strategies and Medtronic's standards. Your role will involve working with Business Analysts to review business capability needs, define requirements, conduct data analysis, develop data models, write technical specifications, and collaborate with development teams to ensure the successful delivery of designs. Your technical expertise will be crucial in leveraging tools such as webMethods suite, Informatica, ETL tools, Kafka, and data transformation techniques to design and implement robust integration solutions. You will oversee the implementation of integration solutions, ensuring they meet technical specifications, quality standards, and best practices. Additionally, you will lead continuous improvement initiatives to enhance integration processes, troubleshoot and resolve integration-related issues, mentor junior team members, collaborate with vendors, optimize performance, and contribute to documentation and knowledge management efforts. To be successful in this role, you should have at least 8 years of IT experience with a Bachelor's Degree in Engineering, MCA, or MSc. You should also have experience in relevant architecture disciplines (integrations, data, services, infrastructure), Oracle, SAP, or big data platforms, Informatica, PowerDesigner, Python coding, and Snowflake. Specialized knowledge in Enterprise-class architecture concepts, data integration, data modeling methodologies, cloud-based solutions, and data governance would be advantageous. It would be beneficial to have a high degree of learning agility, experience with large enterprise systems, technical modeling and design skills, awareness of architecture frameworks, and strong leadership, teamwork, analytical, and communication skills. Experience in the Medical Device Industry or other regulated industries, as well as the ability to work independently and collaboratively, would also be valuable. At Medtronic, we offer a competitive salary, flexible benefits package, and a commitment to recognizing and supporting the contributions of our employees. Our mission is to alleviate pain, restore health, and extend life by boldly addressing the most challenging health problems. As part of our global team of passionate individuals, you will have the opportunity to engineer real solutions for real people and contribute to our mission of making healthcare technology accessible to all. Join us at Medtronic and be a part of a team that is dedicated to innovation, collaboration, and making a meaningful impact on global healthcare technology.,

FS - Amid comprehensive regulatory change, today’s financial services institutions are focusing on digital transformation, convergence and disruption from an array of non-traditional competitors — all while meeting greater demands for trust and transparency. To address this delicate balance of issues, our proficient team of business strategists, technologists and industry leaders bring fresh thinking and sector knowledge across banking and capital markets, insurance, and wealth and asset management. The results are seamless collaboration, innovative problem solving, breakthrough performance gains and sustainable value creation. We recruit, train and foster a diverse set of people who give their minds to building the future of financial services. Together, we explore new perspectives with innovative and innovative thinking to deliver exceptional client service and ensure that what we do today, counts for tomorrow. Technology Risk - helps clients to achieve sustainable growth by supporting their efforts to protect their business performance and by providing trusted communications on internal control and regulatory compliance to investors, management, regulators, customers and other stakeholders. EY teams accomplish this by assessing the technology risks that are introduced to businesses. The opportunity As a Consultant within the India’s Financial Services Technology Risk team, you will serve as a team member responsible for executing client related engagements in the areas of Technology risk and controls, IT governance, risk & compliance (GRC), IT Audits, IT process reviews, standard operating procedures, and other Technology Risk Services related solutions. Your Key Responsibilities Operate as an on-field team-member to assist leadership in employing proper information systems, resources, and controls to build solutions to maximize efficiencies and minimize risk. You can expect to work with client personnel to analyse, evaluate, and enhance information systems facilitating the business internal control process, and will assist clients and other Technology Risk professionals in performing information technology control and security engagements. Demonstrate in-depth technical capabilities and professional knowledge. Provide high quality client service, working directly with onshore and/or client teams to understand and evaluate client's IT environment and controls. Execution on client engagements - Ensure quality delivery as per client requirements. Actively establish, maintain and strengthen relationships with other team members. You'll need to report any identified risks within engagements and share any issues and updates with senior members of the team Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Identify & communicate potential business opportunities for the firm on existing client engagements Review of working papers & client folders. Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Identify areas requiring improvement in the client's business processes to enable preparation of recommendations. Identify & internally escalate and potential red flags related to the engagement. Demonstrate industry expertise (detailed understanding of the industry, trends, issues/challenges and leading practices). Preparation of reports/deliverables/status updates/audit committee presentations. Demonstrate ability of multi-task and manage multiple projects as directed by the managers. Ensure compliance with engagement plans and internal quality & risk management procedures. Awareness of Tech Risk/ Information security concepts and apply them on day-to-day business Demonstrate an application & solution-based approach to problem solving technique. Manage the engagement budgets and support superiors in developing marketing collaterals, business proposals and new solution / methodology development. Attention to detail and mentor young interns and analysts within the practice. Contribute to knowledge management sessions within the practice. What Are We Looking For A minimum of 4-6 years of experience Technology Risk Consulting, preferably from a public accounting firm or a professional services firm Bachelor/ master’s degree in computer science, Information Technology, Information Security or a related discipline, or equivalent work experience. have prior work experience in the areas of IT Application controls, Automated business controls, IT General controls, IT audit and other technology risk and controls areas. Knowledge of IT systems, operating system, databases, mainframe and other technologies Knowledge of application development lifecycle such as DevOps, Agile methodologies Skilled in programming languages and SQL Proactive, self-starter, enthusiastic Adapt to different environment and enthusiastic Relevant consulting or industry experience, preferably in a professional services environment or MNC Excellent written and verbal communication, interpersonal, networking, teaming and problem-solving skills. Initiative in keeping abreast of changing industry practices, analysis and design methods, tools and techniques and emerging technologies. Familiarity with leading industry standards and frameworks such as SSAE 16/ISAE 3402, ISO/IEC 27001, COBIT, ITIL, COSO etc What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach. What we offer EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. EY is equally committed to being an inclusive employer and we strive to achieve the right balance for our people - enabling us to deliver excellent client service whilst allowing our people to build their career as well as focus on their wellbeing. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.

Description: Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Key Responsibilities: • Develop, implement, and maintain an enterprise-wide information security risk management program. • Identify, assess, and document information security risks, ensuring alignment with business objectives. • Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. • Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. • Monitor, track, and report on risk metrics and key performance indicators (KPIs). • Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. • Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. • Drive security awareness programs and train employees on risk management practices. • Prepare and present detailed risk assessment reports to senior management. • Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: • Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. • Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: • 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: • Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. • Proven analytical expertise in evaluating and prioritizing risks effectively. • Advanced proficiency in utilizing security tools for risk assessment and mitigation. • Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. • Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. • Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. • Skilled in leading security initiatives and managing projects across global teams. • A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. • An effective team player with exceptional interpersonal and collaboration skills. Drop your resume at sowmya.v@acesoftlabs.com

Job Description: Job Title: PMO Risk Reduction and Service Owner for Key Vendors Corporate Title: VP Location: Pune, India Role Description The Project Manager - Risk reduction is responsible for leading risk and audit remediation initiatives for Hybrid Cloud Infrastructure division. This includes managing end to end delivery of risk mitigation plans, ensuring timely closure of audit findings and strengthening control environments. Strong project management, stakeholder engagement and risk oversight are key success to the role. The Service Owner (SO) is responsible for managing the entire lifecycle of third-party relationships within the organization. This role involves ensuring that all risk assessment tasks and activities are completed accurately and in a timely manner, overseeing the selection and screening of third parties, and ensuring compliance with regulatory requirements. The SO will work closely with various stakeholders to mitigate risks, manage subcontractors, and ensure continuous risk monitoring. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Project Manager - Risk Reduction : Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting and keeping GTI risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for GTI and key cross divisional priorities impacting GTI (control / remediation book of work) Track project status, maintain action logs, and ensure documentation Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Ensure alignment with internal risk frameworks and regulatory expectations. Service Owner Risk Assessment and Management: Complete risk assessments, ensure proper screening, and report third-party issues. Regulatory Compliance: Nominate Local Service Owners and ensure compliance with local regulatory requirements. Third-Party Selection and Screening: Select third parties, consider risk aspects, and review screening outputs. Control Assessments and Mitigation: Ensure third parties complete required tasks, develop continuity plans, and manage risk mitigation actions. Continuous Monitoring and Termination: Update risk assessments, perform post go-live controls, and execute termination strategies. Contracting and Payment: Complete risk assessments before service commencement, ensure contractual clauses are included, and execute risk process activities for contract renewals or amendments. Stakeholder Management - Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD functions within the bank to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with Divisional Control teams and Embedded Risk teams to manage the audit finding lifecycle Promote and support proactive IT/IS risk culture at the Bank Your skills and experience Overall experience in similar roles for 5-8 years in a global Bank withing Technology division or IT/IS audit Minimum 5 years of experience within Risk and Control domain steering technology risk framework / control implementation in a global organization Proven experience in Project management in Risk related programs, including managing vendor governance in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 etc Deeper understanding of industry wide risk landscape and regulatory expectations Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

About The Role : Job Title- I&A On-boarding Information Security Analyst, Associate Location- Pune, India Role Description: As I&A On-boarding Information Security Analyst you will be part of Access Lifecycle On-boarding global family which includes access management for application end user recertification On-boarding, user access for request & approval, user provision On-boarding and Functional Taxonomy SoD On-boarding & maintenance as well as IDAHO (Access concept) SME as central DB services. Deutsche Bank is looking for bright and open-minded individuals to support Business Identity & Access Services within Access Lifecycle Solution On-boarding team for application end user request & approval as well as end user access provision central service On-boarding. A key success factor of the Access Lifecycle Solution On-boarding team is the quick understanding of complex application set ups for Identity & Access Management and support Information Security Officer (ISO) and IT Application Owner (ITAO) along end-to-end central solution On-boarding process across DB. You will gain insights into the complete Identity & Access Management lifecycle as you will learn about the roles and entitlements and their set up, segregation of duties, application authentication and authorization process. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities As I&A On-boarding Information Security Analyst you will be responsible to perform On-boarding assessments if an IT asset is applicable for end user application access for request & approval and business requirement gathering (based on existing KOP ID Admin procedures) to identify, how future user provisioning (ID Admin via automated connector or manual, centrally or decentral managed) will be set up between central request & approval platform and to be on-boarded application in adhering to Information Security (IS) internal and regulatory requirements. Efficiently engage, manage, and influence the main stakeholders, along with application On-boarding process including Information Security Officer, IT Application Owner, Engineering and Operations teams Provide process improvement inputs to various stakeholders involved. Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions. Report and escalate potential risks to the management to help avoid / minimize the impact. Work with multiple, distributed teams (across different locations) Support develops key operational procedures where necessary and ensure adherence to all such defined policies. Comfortable with associated disciplines of Security Policy and Governance in banking domain Very good presentation and communication skills allowing to communicate with our stakeholders. A structured and methodological way of working with the objective to deliver high quality results. Supports tough people decisions to ensure people performance is aligned with organization imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance. Pro-active and flexible working approach, Team spirit Your skills and experience Minimum 5 years working experience in Identity & Access Management, Governance, Risk and Control related topics. Team management experience Basic knowledge and/or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, COBIT, ITIL Good business analyses knowledge of system design, development, implementation, and user support principles and practices Knowledge of IT Service Management or IT Governance or IT Delivery Management or IT Project Management or IT Delivery background or IT Security Knowledge on Database Systems, application interactions and server operating systems Excellent Excel knowledge Competencies: Self-motivated and flexibility to work autonomously in virtual and multicultural teams. Good communication skills (both written and verbal), fluent in English (written/verbal) Good analytical skills and problem-solving abilities Pro-active and flexible working approach A structured and methodological way of working with the objective to deliver high quality results. Flexible mindset with an eye for detail and continuous improvement Good understanding in business related information Being flexible, open minded, able to share information, transfer knowledge and expertise to stakeholders and other team members. How well support you . . . .

As one of the world’s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day! Job Description Department: The Invesco Internal Audit function provides independent assurance, advisory, and investigative services for the organization. Partnering closely with business leaders, the department focuses on the most critical risks and issues facing the organization and delivers strategic, innovative, and data-driven results. The department strives to be valued business advisors that provide meaningful solutions and insights, not just information and recommendations. Our team continuously seeks opportunities to improve our methodology by leveraging technology, data, agile principles, and creative solutions to maximize value to the organization. Role Summary: The Assistant Manager, IT Internal Audit, is responsible for conducting Sarbanes-Oxley testing, traditional internal audits, and other projects assigned by the Audit Director. This role requires obtaining an understanding of the areas under review, executing internal control tests, and documenting the results in accordance with Invesco’s agile auditing principles and applicable professional standards. Key Responsibilities: Audit Planning and Execution: Plan and execute Sarbanes-Oxley testing and traditional internal audits of applicable business areas, as requested by the Audit Director and the Internal Audit Leadership Team. This includes: Performing assessments and evaluating the design and operation of global ITGCs, IT Application Controls, and IPE (Key Reports) to determine the effectiveness of controls, identify gaps, and implement action plans to remediate gaps. Assessing risks associated with system implementations and working with management to identify and implement controls to address identified risks. Partnering with global IT and Business Leadership to manage, control, perform, and audit activities related to SOX regulations and the ITGC environment. Reviewing control descriptions, process narratives, and testing strategies for reasonableness and accuracy. Influencing stakeholders and related affiliates to implement necessary process modifications to meet regulatory needs. Reviewing and implementing remediation of control gaps found from SOX and ITGC/ITAC/IPE reviews and risk assessments. Partnering with the Big 4 audit team to handle both administrative and testing tasks. Documentation and Reporting: Conduct walkthroughs, document business procedures, evaluate key controls, and develop audit programs to guide test work. Execute audit testing, complete high-quality work papers, and obtain management acceptance on control weaknesses and action plans. Manage assignments within timeframes, foster relationships with business partners, and promote a culture of risk and control awareness. Continuous Improvement: Embrace a culture of agility, innovation, and continuous improvement within the Internal Audit function. Special Projects: Perform other duties and special projects as assigned by the Audit Director. Qualifications and Experience: Education: Bachelor’s degree in Information Systems, Computer Science, Engineering, or Finance preferred. Other business or technology-related degrees considered depending upon relevant experience. Certifications: Professional auditing, security, or technology designation (e.g., CISA, CISSP, CCSP, AWS Cloud Practitioner, etc.) or actively pursuing the completion of such designation preferred. Experience: Minimum 2-4 years of auditing experience with strong knowledge of general controls and SOX Compliance, technology audit, consulting, or information security roles. Previous experience in audit-related, risk management, and/or compliance roles is desirable. Technical Skills: Knowledge of IT Security aspects towards key areas like Cloud Computing, database management systems, SDLC, IT general controls (ITGC), COBIT, and experience working with agile development methodologies. Sound experience with SOX 404 documentation and testing compliance. Analytical Skills: Strong critical thinking, analytical, and decision-making skills. Knowledge of analytical tools such as Tableau is an added advantage. Communication Skills: Excellent verbal and written communication skills in English. Project Management: Strong project management, interpersonal, and administrative skills. Professional Ethics: Demonstrates high professional ethics. Microsoft Office: Proficient in Microsoft Office (MS Word, Excel, PowerPoint, etc.). Key Competencies: Integrity and Ethics: Uphold the highest standards of integrity and ethical behavior. Critical Thinking: Apply critical thinking and problem-solving skills to identify risks and develop effective audit strategies. Adaptability: Demonstrate flexibility and adaptability in a rapidly changing business environment. Collaboration: Work effectively with cross-functional teams and build strong relationships with stakeholders. Professional Development: Commit to continuous learning and professional development to stay current with the latest audit practices and standards. Travel: Potential for up to 10% domestic and international travel. Full Time / Part Time Full time Worker Type Employee Job Exempt (Yes / No) Yes Workplace Model At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office. Why Invesco In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other’s identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and each other by building on different voices and perspectives. We nurture and encourage each other to ensure our meaningful growth, both personally and professionally. We believe in diverse, inclusive, and supportive workplace where everyone feels equally valued, and this starts at the top with our senior leaders having diversity and inclusion goals. Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups (BRGs). What’s in it for you? As an organization we support personal needs, diverse backgrounds and provide internal networks, as well as opportunities to get involved in the community and in the world. Our benefit policy includes but not limited to: Competitive Compensation Flexible, Hybrid Work 30 days’ Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day In Invesco, we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth. Our AI enabled learning platform delivers curated content based on your role and interest. We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence. To Know More About Us About Invesco: https://www.invesco.com/corporate/en/home.html About our Culture: https://www.invesco.com/corporate/en/about-us/our-culture.html About our D&I policy: https://www.invesco.com/corporate/en/our-commitments/diversity-and-inclusion.html About our CR program: https://www.invesco.com/corporate/en/our-commitments/corporate-responsibility.html Apply for the role @ Invesco Careers : https://careers.invesco.com/india/

Home to the world's best loved and trusted hygiene, health, and nutrition brands. Our purpose defines why we exist: to protect, heal and nurture in the relentless pursuit of a cleaner, healthier world. We are a global team united by this purpose. Join us in our fight to make access to the highest quality hygiene, wellness, and nourishment a right and not a privilege. Information Technology & Digital About the role Reckitt is seeking a skilled and experienced IT Controls professional to join our team in the 1st Line of Defence (1LOD). This role will be responsible for implementing, remediating, and ensuring adherence to IT controls across systems, with a strong focus on the SAP environment. The candidate will work closely with various business units to proactively manage IT General Control (ITGC) issues, ensure timely remediation, and maintain a compliant IT environment. Your responsibilities Remediation and Compliance: Implement IT controls and remediate control deficiencies in collaboration with control owners, ensuring adherence to the ITGC framework and other relevant standards. Issue Tracking and Reporting: Develop and maintain a detailed tracking system for ongoing remediation efforts, providing regular updates to relevant stakeholders. SAP Systems Expertise: Leverage knowledge of SAP systems to identify, evaluate, and address control deficiencies specific to SAP environments. Coordination and Collaboration: Work with control owners to ensure timely execution of remediation actions, facilitating alignment on corrective measures. Documentation Management: Maintain up-to-date and accurate documentation for all remediation efforts and control adjustments. Risk Acceptance and Escalation: Support the risk acceptance process for issues that cannot be remediated, in consultation with relevant stakeholders. The experience we're looking for With 9+ years of experience and minimum 5 years of experience in IT controls, IT audit, or a related field within the 1LOD. Strong understanding of IT General Controls (ITGC) and IT control frameworks such as COBIT/NIST/ISO 27001/SOX. Proven experience in hands-on remediation of IT control deficiencies and managing risk acceptance. SAP systems experience is essential, with knowledge of control requirements specific to SAP environments. SAP systems experience is essential, with knowledge of control requirements specific to SAP environments, including SAP Change Control processes. Demonstrated ability to collaborate with cross-functional teams and effectively influence stakeholders. Language skills: Fluency in German, Polish, or Spanish (depending on role and region) is highly desirable. Relevant certifications, such as CISA, CISM, or CISSP, are a plus. The skills for success What we offer With inclusion at the heart of everything we do, working alongside our four global Employee Resource Groups, we support our people at every step of their career journey, helping them to succeed in their own individual way. We invest in the wellbeing of our people through parental benefits, an Employee Assistance Program to promote mental health, and life insurance for all employees globally. We have a range of other benefits in line with the local market. Through our global share plans we offer the opportunity to save and share in Reckitt's potential future successes. For eligible roles, we also offer short-term incentives to recognise, appreciate and reward your work for delivering outstanding results. You will be rewarded in line with Reckitt's pay for performance philosophy. Equality

As one of the world’s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day! Job Description Department: The Invesco Internal Audit function provides independent assurance, advisory, and investigative services for the organization. Partnering closely with business leaders, the department focuses on the most critical risks and issues facing the organization and delivers strategic, innovative, and data-driven results. The department strives to be valued business advisors that provide meaningful solutions and insights, not just information and recommendations. Our team continuously seeks opportunities to improve our methodology by leveraging technology, data, agile principles, and creative solutions to maximize value to the organization. Role Summary: The Assistant Manager, IT Internal Audit, is responsible for conducting Sarbanes-Oxley testing, traditional internal audits, and other projects assigned by the Audit Director. This role requires obtaining an understanding of the areas under review, executing internal control tests, and documenting the results in accordance with Invesco’s agile auditing principles and applicable professional standards. Key Responsibilities: Audit Planning and Execution: Plan and execute Sarbanes-Oxley testing and traditional internal audits of applicable business areas, as requested by the Audit Director and the Internal Audit Leadership Team. This includes: Performing assessments and evaluating the design and operation of global ITGCs, IT Application Controls, and IPE (Key Reports) to determine the effectiveness of controls, identify gaps, and implement action plans to remediate gaps. Assessing risks associated with system implementations and working with management to identify and implement controls to address identified risks. Partnering with global IT and Business Leadership to manage, control, perform, and audit activities related to SOX regulations and the ITGC environment. Reviewing control descriptions, process narratives, and testing strategies for reasonableness and accuracy. Influencing stakeholders and related affiliates to implement necessary process modifications to meet regulatory needs. Reviewing and implementing remediation of control gaps found from SOX and ITGC/ITAC/IPE reviews and risk assessments. Partnering with the Big 4 audit team to handle both administrative and testing tasks. Documentation and Reporting: Conduct walkthroughs, document business procedures, evaluate key controls, and develop audit programs to guide test work. Execute audit testing, complete high-quality work papers, and obtain management acceptance on control weaknesses and action plans. Manage assignments within timeframes, foster relationships with business partners, and promote a culture of risk and control awareness. Continuous Improvement: Embrace a culture of agility, innovation, and continuous improvement within the Internal Audit function. Special Projects: Perform other duties and special projects as assigned by the Audit Director. Qualifications and Experience: Education: Bachelor’s degree in Information Systems, Computer Science, Engineering, or Finance preferred. Other business or technology-related degrees considered depending upon relevant experience. Certifications: Professional auditing, security, or technology designation (e.g., CISA, CISSP, CCSP, AWS Cloud Practitioner, etc.) or actively pursuing the completion of such designation preferred. Experience: Minimum 2-4 years of auditing experience with strong knowledge of general controls and SOX Compliance, technology audit, consulting, or information security roles. Previous experience in audit-related, risk management, and/or compliance roles is desirable. Technical Skills: Knowledge of IT Security aspects towards key areas like Cloud Computing, database management systems, SDLC, IT general controls (ITGC), COBIT, and experience working with agile development methodologies. Sound experience with SOX 404 documentation and testing compliance. Analytical Skills: Strong critical thinking, analytical, and decision-making skills. Knowledge of analytical tools such as Tableau is an added advantage. Communication Skills: Excellent verbal and written communication skills in English. Project Management: Strong project management, interpersonal, and administrative skills. Professional Ethics: Demonstrates high professional ethics. Microsoft Office: Proficient in Microsoft Office (MS Word, Excel, PowerPoint, etc.). Key Competencies: Integrity and Ethics: Uphold the highest standards of integrity and ethical behavior. Critical Thinking: Apply critical thinking and problem-solving skills to identify risks and develop effective audit strategies. Adaptability: Demonstrate flexibility and adaptability in a rapidly changing business environment. Collaboration: Work effectively with cross-functional teams and build strong relationships with stakeholders. Professional Development: Commit to continuous learning and professional development to stay current with the latest audit practices and standards. Travel: Potential for up to 10% domestic and international travel. Full Time / Part Time Full time Worker Type Employee Job Exempt (Yes / No) Yes Workplace Model At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office. Why Invesco In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other’s identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and each other by building on different voices and perspectives. We nurture and encourage each other to ensure our meaningful growth, both personally and professionally. We believe in diverse, inclusive, and supportive workplace where everyone feels equally valued, and this starts at the top with our senior leaders having diversity and inclusion goals. Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups (BRGs). What’s in it for you? As an organization we support personal needs, diverse backgrounds and provide internal networks, as well as opportunities to get involved in the community and in the world. Our benefit policy includes but not limited to: Competitive Compensation Flexible, Hybrid Work 30 days’ Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day In Invesco, we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth. Our AI enabled learning platform delivers curated content based on your role and interest. We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence. To know more about us About Invesco: https://www.invesco.com/corporate/en/home.html About our Culture: https://www.invesco.com/corporate/en/about-us/our-culture.html About our D&I policy: https://www.invesco.com/corporate/en/our-commitments/diversity-and-inclusion.html About our CR program: https://www.invesco.com/corporate/en/our-commitments/corporate-responsibility.html Apply for the role @ Invesco Careers: https://careers.invesco.com/india/

Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Your background Individual with IT risk/audit experience preferably in Banking/FI domain. Bachelor’s degree in IT, minimum 5 to 7 years of experience, industry certifications (CISA, CISM, COBIT foundation, etc) preferred. Relevant experience in executing Risk initiatives within a tech risk function, compliance or technology audit role Experience in leading programs for proactively identifying regulatory risk exposure and potential non-compliant areas Knowledge of APAC regulations & understanding of regulatory risk management preferred Project management skills and the ability to work independently Relationship management skills to navigate the complexities of aligning stakeholders, building consensus and resolving conflicts Proven ability to influence peers/stakeholders and senior leaders across various lines of business What You Can Expect The role sits within Global Corporate & Investment Banking and Global Payments Solutions Technology - APAC Risk & Controls function working with Application Managers, Enterprise Control functions and COOs across the Lines of Businesses to ensure that control gaps are identified and remediated. You will oversee the effective implementation of the Bank’s Risk framework and Global Technology (GT) governance routines and requirements, using established tools and documented procedures. This includes documentation to enable tracking, monitoring, and escalation of technology risk related issues to management, and acting as an ambassador of the risk culture. What You Will Do Foster the Identify, Escalate, Debate risk culture Develop and socialize potential risk mitigation strategies Drive risk engagement & management and issue identification; in particular E2E risk management includes ERP, RCSA, eRIC, SIAI, JDI, AIAI, RIAI etc. Assess regulatory (eg MAS, HKMA, CBRC, OJK, RBI, etc) changes impacting technology and operations and drive related risk mitigation program with required stakeholders Manage senior stakeholders’ communication and reporting Identify opportunities for enhancing or streamlining execution of risk management processes; partner across multiple divisions to execute. Manage regulatory relationships, where relevant Collaborate across the region application groups, Risk Leads and enterprise process owners (including Global Information Security) to respond to Internal and External Audits, Exams, and Regulatory/Clearing Inquiries & Assessments. Quality assurance and Global Information Security related findings program oversight Assist business and process owners with remediating the most significant risks including Audit Issues, Self-Identified Audit Issues, Compliance Identified Audit Issues, Regulatory Issues Practice and promote good risk culture and risk management within GCIBT, leading participation in technology risk activities.

Job Title: Con/Assistant Manager Location: Mumbai Role- Technical Risk & Regulatory compliance. OVERVIEW KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either System audit, IT reviews, Technology Risk Assessments & Gap Assessments inline with circulars issued by SEBI/RBI/IRDAI. Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills. Specially for Managers Experience of writing proposal and responding to RFP’s Handling team of 4-5 people Profiles from consulting background to be preferred. Qualification Any full time bachelor’s degree with relevant technical work experience. Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability, or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Job description To achieve real outcomes, we know that experience is the most important requirement for networking teams and the people they serve. Delivering an experience-first, AI-Native Network pivots on the creativity and commitment of our people. It requires a consistent and committed practice, something we call the Juniper Way. Join Our Identity and Platform Services Team at Juniper Are you passionate about working in the Identity domain and ready to take your career to the next level We re looking for talented engineers to join our team and help us design, implement, and manage Identity and platform services. If you have a knack for solving complex challenges and want to make a real impact, this is the perfect opportunity for you. Primary Responsibilities: Provide technical expertise and support for the implementation, expansion, and standardized use of Identity Governance, Access Management, and related workflows. Interpret business requirements to produce sound technical design Identity solutions that are scalable for the future. Write code to integrate in-house applications, third-party applications, and cloud applications with the Identity services platform to leverage features like automated provisioning, reconciliation, authentication, and federation. Work with RESTful APIs to integrate apps using modern authentication and authorization protocols. Design and develop workflows to route for approvals and trigger automation tasks. Provide operational support and guidance when required (L3). Write code to extend the functionalities of the IAM platform to accommodate connectors/integrations between IAM tools and system resources. Minimum Qualifications & Experience: Possess in-depth technical and working knowledge in Access Management, Identity Governance, Active Directory, and Privileged Access Management implementations. 5+ years of experience in developing, implementing, and supporting Identity & Access Management products, capabilities, and services. 5+ years managing IAM tools in an engineering role. Experience with more than one of: Microsoft Active Directory, Microsoft Identity Manager, Saviynt, AzureAD, and OKTA will be highly preferred. Knowledge and experience with Identity Management protocols like SCIM, SAML2.0, OAuth, OIDC. Desired Qualifications: Understanding of Zero Trust principles aligned to identity services and Access Management with emphasis on enforcing explicit trust (per identity, device, and session). Demonstrated experiential track record in building, executing, and managing enterprise IAM initiatives in a complex organizational environment. Knowledge of current and emerging information technology industry trends and standards including common information security management frameworks, such as NIST, ISO, and COBIT. Ability to manage project activities aligned to expected and defined objectives. Active security certification(s): One or more of the following: CISSP, CRISC, CCSP, and/or any Identity solution or services certification. Experience working in global and diverse teams. BS degree in Computer Science, Management Information Systems, or related area of study.

Key Accountabilities JOB DESCRIPTION Develop the plan, track, monitor, coordinate & execute database restoration tests for non-critical applications & disaster recovery (DR) tests for critical applications of HO and regional Business units. Ensure all business units have DR plans & restoration procedures for their critical applications. Conduct business impact assessment for applications of HO to define RTO/RPO requirements, and ensure the DR plans and backup procedures are aligned. Collaborate with technology teams to ensure new initiatives/projects meet business and IT recovery levels (RPOs, RTOs) to ensure that new and ongoing projects sustain the level of recoverability consistent with business objectives. Conduct periodic review of backups configuration to ensure that all critical data, systems, applications are adequately backed up. Collaborate with business continuity management (BCM), business units, external business partners, internal regulatory partners, and key IT staff members to plan and maintain effective DR exercises. Facilitate coordination of recovery activities and ensure a smooth recovery of systems once a disaster is declared. Monitor critical applications & infrastructure availability, investigate and report on major unplanned downtimes. Provide periodic updates on DR drills and backup restoration tests conducted in HO and regional business units as an input for KPI reporting. Conduct workshops and train technology teams in business units on DR Management. Provide assurance to our insurers, partners, regulators & the Board on technology resilience. Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviour in harmony with DP World’s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World’s Code of Conduct and Ethics policies. Perform other related duties as assigned. Qualifications, Experience And Skills Knowledge and Experience Bachelor’s Degree in Computer Science or equivalent. Should have 8-10 years of experience in IT governance with at least 5 years’ experience in technology resilience management. Extensive experience in implementing organisation-wide program of continuity management and disaster recovery planning and processes, including backup, recovery, storage systems and IT security management. Experience with BCP and DR Recovery plan testing. CBCI, ISO 22301 Certified Business Continuity Manager, CBCP, C/DRE, EDRP or other industry relevant certifications are preferable. Working knowledge of ISO 22301, ISR, COBIT 2019 etc. Good understanding in E-commerce, logistics, supply chain & port operations applications will be an added advantage. Experience in working with Multinational Companies (MNC) is preferable. Soft Skills Excellent analytical skills. Excellent verbal and written communication. Program and Project management skills. Time management skills. Team player and conflict management skills. Ability to adapt in a complex environment, loves challenges, with the will and drive to learn new things on his/her own. Cultural awareness. Technical Skills Experience in Disaster Recovery, backup restoration, performance monitoring solutions and products. Knowledge of developing policies, procedures related to disaster recovery & resilience management processes. Expertise in Microsoft Word, Excel & PowerPoint.

The Enterprise Security Engineer plays a critical role in ensuring the security of software products, collaborating with development teams, and implementing best practices to protect against threats. Designing and implementing tools to automate security processes is a key responsibility. The role necessitates excellent communication and organizational leadership abilities. Understanding network security architecture and its development is crucial. Knowledge of wireless security, including routers, switches, and VLAN security, is essential. Familiarity with DNS security principles such as routing, authentication, VPN, proxy services, and DDOS mitigation technology is also important. As an Enterprise Security Engineer, you must stay informed about the latest security standards, recent security systems, and authentication protocols. Ensuring that all employees adhere to corporate security policies and procedures is necessary for a seamless workflow. You will be responsible for establishing standards for various IT assets like routers, firewalls, LANs, WANs, VPNs, and other network devices, evaluating their effectiveness and efficiency. Enhancing the security team's accomplishments and competencies by planning solution deliveries and addressing technical queries is part of your role. Planning, researching, and designing security architecture for IT systems, as well as reviewing and approving installation requirements for various network devices, are important tasks. You will need to determine security protocols based on business strategies and requirements, respond to security incidents, conduct post-event analyses, and develop project timelines for system upgrades. To qualify for this role, you need an Engineering degree in Computer Science, Network Security, or a related field, along with a CISSP (Certified Information Systems Security Professional) certification. In-depth knowledge of firewalls, intrusion detection and prevention systems (IDS/IPS), network access controls, and network segmentation is required. Proficiency in Windows, Linux, and MacOS environments, familiarity with ISO 27001/27002, COBIT, and ITIL frameworks, and the ability to conduct thorough third-party audits and assessments are also necessary. Experience in cloud risk assessment methodologies, IT risk, cybersecurity, operating systems, security protocols, cryptography, and general security practices will be beneficial for this role.,

At ABB, we help industries outrun - leaner and cleaner. Here, progress is an expectation - for you, your team, and the world. As a global market leader, we’ll give you what you need to make it happen. It won’t always be easy, growing takes grit. But at ABB, you’ll never run alone. Run what runs the world. This Position reports to: Category Lead Architect Your Role And Responsibilities (Mandatory) In this role, you will have the opportunity to lead the identification, planning, and coordination of a set of related programs and/or projects in a portfolio. Each day, you will be managing the interdependencies in support of specific business strategies and objectives. You will also showcase your expertise by providing framework for implementing business initiatives or medium-scale change, and communicating the outcomes and associated benefits. The work model for the role is #Onsite This role is contributing to the IS Services in India. You will be mainly accountable for: POSITION SPECIFIC RESPONSIBILITIES: Drives the end-to-end management of the IS Technology & Platform project portfolio, ensuring initiatives are aligned with ABB's digital transformation strategy and modernization priorities. Establishes and runs a structured portfolio governance model, enabling senior leadership with transparent insights on prioritization, resource allocation, and delivery effectiveness. Leads Core Platform Accelerator strategic planning cycles in partnership with Value Stream Owners and Domain Leads to define roadmaps that deliver tangible business outcomes. Ensure project delivery excellence by enforcing standardized methodologies (PMO, Agile, Lean), health checks, and key success metrics across active programs. Owns delivery performance dashboards and executive reporting to track portfolio progress, escalate risks, and highlight delivery wins in a timely and transparent manner. Champions operational effectiveness by identifying recurring blockers, delivery bottlenecks, and improvement areas in platform services, compliance, or project execution. Qualifications For The Role (Mandatory) Bachelor’s or Master’s in Information Technology, Computer Science, Engineering, or Business Administration with IT specialization. Certifications required : PMP® or PRINCE2® Foundation/Practitioner; ITIL® v4 Foundation Certifications preferred: SAFe® (Lean Portfolio Mgmt), COBIT®, ISO 27001 Awareness, Certified Scrum Master (CSM) More About Us (Mandatory) It is our mission in Information Systems (IS) to harness the power of information technology to deliver valuable, reliable and competitive IS services for ABB. If you have a strong technical and analytical mind and the drive to help us stay ahead of the competition, you are the one we are looking for. It has come to our attention that the name of ABB is being used for asking candidates to make payments for job opportunities (interviews, offers). Please be advised that ABB makes no such requests. All our open positions are made available on our career portal for all fitting the criteria to apply. ABB does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection to recruitment with ABB, even if is claimed that the money is refundable. ABB is not liable for such transactions. For current open positions you can visit our career website https://global.abb/group/en/careers and apply. Please refer to detailed recruitment fraud caution notice using the link https://global.abb/group/en/careers/how-to-apply/fraud-warning We value people from different backgrounds. Could this be your story? Apply today or visit www.abb.com to read more about us and learn about the impact of our solutions across the globe. Fraud Warning: Any genuine offer from ABB will always be preceded by a formal application and interview process. We never ask for money from job applicants. For current open positions you can visit our career website https://global.abb/group/en/careers and apply. Please refer to detailed recruitment fraud caution notice using the link https://global.abb/group/en/careers/how-to-apply/fraud-warning.

Job Description: Job Title: Risk and Controls Specialist, VP Location: Bangalore, India Role Description: The 1st line GTI Risk and Controls function is part of Group Technology Infrastructure (GTI), which is a division of Technology, Innovation and Data (TDI) of Deutsche Bank Group. As part of the GTI Risk and Controls team, you will contribute towards DB strategic goals to improve operational resilience and reduce risk. Specifically, you will support a proactive risk management function. As such, your role will be focused on risk identification and remediation activities. Additionally, you will use your expertise to plan and execute thematic risk assessments as well as supporting risk scenario testing and macro threat assessments. What we ll offer you: As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities: GTI Risk Management (InfoSec) Serve as the IT Security delegate for the CIO Unit (i.e. GTI), managing a team of Analysts / Associates / AVPs. Drive InfoSec Controls compliance activities / InfoSec Controls implementation facilitation management responsibilities. Steer IT Security initiatives and programs. Interface with application-level teams and app owners to facilitate and support remediation activities and consequent adoption of compliance solutions for the GTI applications estate across the CSO mandated security control domains. Manage stakeholders across InfoSec Control areas and multiple InfoSec Governance Forums. Orchestrate periodic reporting activities and deliverables governing the InfoSec controls compliance space. This role holds the ownership of various InfoSec reporting outputs / work-products. Coordinate closure actions related to SII/Findings within the Findings Management space. Provide GTI ERTs with InfoSec SME support wherever required. Work with the associated D-CISO (Divisional Chief Information Security Officer) for maintenance of Divisional ISMS (Information Security Management System) over IT assets and processes. Support the implementation of IT Security requirements and ensure overall Information Security posture is within agreed Risk Appetite. Work in close collaboration with the CIO area (i.e. GTI) level application teams and the technical security structure embedded within the CIO-1 units namely the DTISOs/TISOs (Divisional Technical Information Security Officers). Steer IT Security initiatives and programs. Ensure all members of the IT Security organization are trained and have completed the curriculum specific to their assigned roles. Advise and report on Technical Information Security topics. Report regularly on the status of IT Security to the CIOs, relevant IT senior management and to key stakeholders. Additionally, Report to the associated Divisional CISOs on handling of information security topics, issues and risks. Support the Divisional CISO in managing Information Security topics for Technical Security Matters. Ensure effective and efficient communication of all IS requirements and decisions within their IT Security organization. Stakeholder Management Identify, Partner, and Collaborate Establish relationship with the DTISO/TISO community within GTI to ensure effective and robust support towards InfoSec realm of activities. Partner with the CSO teams to ensure alignment towards Group wide CSO mandated InfoSec controls and standards. Collaborate closely and proactively with the DTISO teams to manage the alignment towards InfoSec control requirements. Promote and support proactive IT risk culture at the Bank. Your skills and experience: Desired experience 15+ years of experience as Risk and Control Lead in designing and implementing Technology risk framework in a global organization. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001. Knowledge of Agile change delivery methodology, DevOps and Shift left concepts. Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains. Other professional qualifications and certifications in Technology risk management. Desired behaviors A strong team player able to operate in a cross-cultural and diverse operating environment. Result oriented and ability to deliver under tight timelines. Proven ability to lead a team Ability to successfully resolve conflicts in a globally matrix driven organization. Excellent communication and collaboration skills. Desire to learn about new and emerging technologies and continuous upskilling. Must be comfortable with navigating ambiguity to extract meaningful risk insights. How we ll support you: Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Location: Bangalore or Hyderabad Senior Digital Risk Advisor - DRG Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will have first-line responsibility for ensuring an effective and efficient risk and control framework is implemented across the different IT domains at Swiss Re. What's more, you'll be working in a hybrid setup, perfectly balancing work from home and the office premises. About The Team The Digital Risk Governance & Controls team is a key part of Swiss Re's Security Team, focused on defining and managing risks related to digital topics. We're looking for an experienced and highly motivated expert who can define and develop an efficient first-line risk and control framework that supports a strong risk-aware culture within the company. In your role, you will… Actively manage the implementation of the digital and technology risk framework Maintain oversight on the quality of internal measures implemented to address digital risk, ensuring controls, processes and standards are appropriately designed and operating effectively Ensure compliance with rules, regulations, and policies – making sure we meet our risk appetite and driving corrective actions where opportunities exist Actively collaborate with key stakeholders across the three lines of defense to automate, measure performance and continuously improve our risk position Understand complex concepts and identify solutions to problems Be someone who believes in continuous innovation, is curious and relentless in finding a better way every day Your Qualifications A track record of successful delivery in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management Practical knowledge of external IT good practices – particularly NIST – but also others, such as ISO and COBIT Qualified in an appropriate discipline such as CISA, CGEIT, CRISC Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within and across different teams The ability to effectively communicate with a broad spectrum of stakeholders – from senior managers to IT engineers, developers and operations staff Be curious, proactive, result-oriented and confident in decision making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re Swiss Re is one of the world’s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, working to make the world more resilient. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change to cybercrime. We cover both Property & Casualty and Life & Health. Combining experience with creative thinking and cutting-edge expertise, we create new opportunities and solutions for our clients. This is possible thanks to the collaboration of more than 14,000 employees across the world. Our success depends on our ability to build an inclusive culture encouraging fresh perspectives and innovative thinking. We embrace a workplace where everyone has equal opportunities to thrive and develop professionally regardless of their age, gender, race, ethnicity, gender identity and/or expression, sexual orientation, physical or mental ability, skillset, thought or other characteristics. In our inclusive and flexible environment everyone can bring their authentic selves to work and their passion for sustainability. If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords Reference Code: 134243

Overview This role will lead and in cases support the execution of day-to-day activities for SAP GRC deliverables for the PIRT and NA GRC projects and operations. This role requires close collaboration with SAP Security project lead and Global SAP GRC Manager to determine priorities of work intake around access provisioning and recertification and ensure that requirements are reviewed, solutions developed and implemented according to the project timelines. The role will also closely work with the PMO, SAP Security, myidM, portal, Global GRC, design authority, technical and control teams to design solutions coming in through work intake processes and provide periodic updates on activities. Responsibilities Management of SAP GRC workflows and master data in compliance with controls. Provide governance and technical assistance to IT teams, control teams and key business users. (Executing actions & Making decisions) Facilitate and execute GRC workflow and master data change activities including providing assistance/ guidance to functional/ technical teams Define and maintain GRC configuration standards Monitor the GRC workflow and master data design to support Sarbanes-Oxley Compliance (SOX), including Segregation of Duties (SOD) and business/ technical sensitive transactions Work with SAP Security and SAP Governance team to define GRC solutions and influence role build strategy in line with system capabilities Provide recommendations on ways to simplify/ streamline existing processes and controls to gain productivity Ensures SOX controls compliance by executing SAP security sector procedures Reviews OSS Notes, security patches; implements and tests those patches Manages the execution of SAP GRC reporting approach and adoption, including risk assessment processes, continuous monitoring, training and reporting (Providing consultation) Participate and drive workshops and team discussions between SAP security and GRC teams Integrate security governance within overall control environment and sustain activities with the impacted parties Interaction with audit, risk, and control personnel to explain and evaluate the structure and design of GRC processes Plan, communicate and coordinate key control (e.g., SOX) activities such as the quarterly related IT application control reporting Reinforce correct SAP security and GRC procedures with project teams and third party provider teams Participates in security reviews Manage internal/ external audit relationships to maintain a positive outlook on the progression of SAP GRC processes (being informed) Work with Controls Governance and IT teams to ensure holistic approach is taken to remediate Corporate Audit findings Qualifications Minimum 10+ years of Total experience Minimum 5+ years SAP security and 4+ years of GRC experience Minimum of 1 full life cycle implementation Competent in GRC configurations, Access Controls, BRF+ , Emergency Access Management, Converged solution for cloud Good to have GRC 12 experience Knowledge of SAP security authorization concept, as well as design and implementation methodology Demonstrates ability with SAP security transactions and SAP GRC Multiple years of IT system support experience Understanding of internal controls, segregation of duties (SOD), sensitive transactions analysis, basic SAP development (e.g., ABAP integration points), SAP modules, SAP Transport Management System, SAP Web Application Server, NetWeaver, HANA) Analytical, motivated, and self-confident with communication to business users, IT partners, and managers Establish project deliverables and priorities working closely with PMO Ensures team success through organizational, functional, and team alignment towards team mission and objectives Proficient knowledge in Microsoft office tools including MS Access English proficiency required Product certification(s) in SAP Security Administration and or SAP GRC Information Security certifications such as CISA, CISM, CGEIT, CRISC Knowledge of COBIT, IT risk frameworks, and experience with ITIL processes Experience in an IT customer facing role; comfort and confidence interacting with various levels of users, including frontline management Ability to communicate solutions and impacts to customers and stakeholders Ability to excel in an aggressive, change oriented environment Ability to support weekend and off-hours activities Service oriented attitude

Key Accountabilities JOB DESCRIPTION Develop the plan, track, monitor, coordinate & execute database restoration tests for non-critical applications & disaster recovery (DR) tests for critical applications of HO and regional Business units. Ensure all business units have DR plans & restoration procedures for their critical applications. Conduct business impact assessment for applications of HO to define RTO/RPO requirements, and ensure the DR plans and backup procedures are aligned. Collaborate with technology teams to ensure new initiatives/projects meet business and IT recovery levels (RPOs, RTOs) to ensure that new and ongoing projects sustain the level of recoverability consistent with business objectives. Conduct periodic review of backups configuration to ensure that all critical data, systems, applications are adequately backed up. Collaborate with business continuity management (BCM), business units, external business partners, internal regulatory partners, and key IT staff members to plan and maintain effective DR exercises. Facilitate coordination of recovery activities and ensure a smooth recovery of systems once a disaster is declared. Monitor critical applications & infrastructure availability, investigate and report on major unplanned downtimes. Provide periodic updates on DR drills and backup restoration tests conducted in HO and regional business units as an input for KPI reporting. Conduct workshops and train technology teams in business units on DR Management. Provide assurance to our insurers, partners, regulators & the Board on technology resilience. Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviour in harmony with DP World’s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World’s Code of Conduct and Ethics policies. Perform other related duties as assigned. Qualifications, Experience And Skills Knowledge and Experience Bachelor’s Degree in Computer Science or equivalent. Should have 8-10 years of experience in IT governance with at least 5 years’ experience in technology resilience management. Extensive experience in implementing organisation-wide program of continuity management and disaster recovery planning and processes, including backup, recovery, storage systems and IT security management. Experience with BCP and DR Recovery plan testing. CBCI, ISO 22301 Certified Business Continuity Manager, CBCP, C/DRE, EDRP or other industry relevant certifications are preferable. Working knowledge of ISO 22301, ISR, COBIT 2019 etc. Good understanding in E-commerce, logistics, supply chain & port operations applications will be an added advantage. Experience in working with Multinational Companies (MNC) is preferable. Soft Skills Excellent analytical skills. Excellent verbal and written communication. Program and Project management skills. Time management skills. Team player and conflict management skills. Ability to adapt in a complex environment, loves challenges, with the will and drive to learn new things on his/her own. Cultural awareness. Technical Skills Experience in Disaster Recovery, backup restoration, performance monitoring solutions and products. Knowledge of developing policies, procedures related to disaster recovery & resilience management processes. Expertise in Microsoft Word, Excel & PowerPoint.

The role is to support the development and maintenance of robust control frameworks and a unified Technology & Cyber Security Control library. You will help implement process control monitoring capabilities to coordinate control execution across Engineering and contribute to driving a positive risk culture within Engineering by implementing processes for control efficiency demonstration. This role requires organized, methodical thinking with strong attention to detail for creating control test plans and documentation. Your responsibilities will include: - Maintaining and regularly updating the centralized Technology & Cyber Security control library, ensuring controls align with industry frameworks (NIST, ISO, COBIT) and regulatory requirements (e.g. DORA). You will help translate complex framework/regulatory requirements into clear, actionable controls. - Conducting Tests of Design Assurance and Operating Effectiveness Assurance for key controls at both group and divisional levels, providing critical support for Group Engineering, Risk & Control Assessments. Documenting test results and identifying areas for improvement. - Establishing and overseeing processes to ensure control evidence is properly documented, stored, and accessible at required frequencies. Creating standardized templates for evidence collection to improve consistency. Reviewing monitoring results for completeness and accuracy, driving corrective actions as needed. - Planning and coordinating periodic independent assurance activities with internal audit teams and external assessors, preparing documentation and facilitating access to evidence. - Implementing, tracking, and analyzing Key Control Indicators (KCIs) aligned to the control library, helping to identify trends and potential weaknesses before they impact operations. - Maintaining detailed control performance dashboards and metrics that clearly communicate control status to various partners, from technical teams to executive leadership. Performing sample-based testing of control operating efficiency. - Identifying thematic control weaknesses and collaborating with control/process owners to develop and implement effective remediation strategies with clear timelines and accountability. Representing Engineering in risk discussions with internal team members. - Leading a team of GRC analysts, providing mentorship, technical guidance, and career development opportunities while ensuring high-quality results. Qualifications: - Relevant degree in IT, Cybersecurity, or Risk Management (Desirable). - 5+ years of experience in technology controls or compliance. - Strong knowledge of control frameworks (NIST, ISO, COBIT). - Demonstrable knowledge of key controls across Technology process areas (e.g. incident, change, capacity management). - Experience in control implementation across Technology process areas. - Experience in control testing and evidence validation. - Proven team management and project delivery skills. - Excellent analytical, communication abilities, and presentation skills. - Experience with GRC tools and control automation. About Us: LSEG (London Stock Exchange Group) is a diversified global financial markets infrastructure and data business dedicated to excellence in delivering services to customers. With extensive experience and deep knowledge across financial markets, we enable businesses and economies worldwide to fund innovation, handle risk, and build jobs. LSEG values integrity, partnership, excellence, and change, guiding our decision-making and actions every day. We are committed to sustainability and driving sustainable economic growth.,

The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" Director, Cyber Security. What Youll Contribute 3+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.