835 Cobit Jobs - Page 32

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Control Tester - Associate - Risk & Resiliency Management Profile Description We are seeking for a junior who is accountable for executing and documenting control testing which must stand up to high-quality expectations, as well as project management of control testing reviews from start to finish. CDRR_Technology The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Firm Resilience Firm Resilience leads and coordinates initiatives to proactively prepare the Firm to be resilient against operational threats as well as identify and manage material operational risk. Risk & Resiliency Management This is Associate position that Identifies, assesses, and mitigates risks to ensure operational continuity and resilience in the face of potential threats or disruptions that could impact the organization, plus management of ongoing incidents. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. At Morgan Stanley India, we support the Firm’s global businesses, with critical presence across Institutional Securities, Wealth Management, and Investment management, as well as in the Firm’s infrastructure functions of Technology, Operations, Finance, Risk Management, Legal and Corporate & Enterprise Services. Morgan Stanley has been rooted in India since 1993, with campuses in both Mumbai and Bengaluru. We empower our multi-faceted and talented teams to advance their careers and make a global impact on the business. For those who show passion and grit in their work, there’s ample opportunity to move across the businesses for those who show passion and grit in their work. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on… What You’ll Do In The Role Roles and Responsibilities Planning Reviews Support the Review Lead in kick-off meetings with PCOs and Risk Officers to review scope, timeline, and approach. Schedule walkthroughs with control contacts, document walkthrough takeaways, send follow-up requests for artifacts. Develop draft test procedures for each control after walkthroughs or peer-review test procedures developed by another control tester. Address feedback from Review Lead or peer reviews. Executing Reviews Create evidence request list from final set of test procedures and communicate requests to stakeholders. Stay on top of evidence requests, including following up with reminders when needed. Review evidence upon receipt and escalate quality concerns to Review Lead if needed. Document workpapers and evidence per control using the ITCT workpaper template. Perform a critical self-review of workpapers or perform a QA review over the workpapers of a peer. Address feedback from Review Lead or peer reviews. Reporting Review Results and Managing Risk Issues Escalate potential risk issues to the Review Lead as soon as possible. Develop draft issue descriptions and determine a draft risk rating for potential issues using the Risk Level Standard. Support the Review Lead during issue confirmation discussions with control contacts. Document draft results reports and/or peer-review the draft report of another. Help the Review Lead to address comments from 2/3 LOD. Create and monitor risk issues in OpenPages. Closure-verify issues in OpenPages once remediated. Project Management Of Reviews Complete responsibilities described above in line with milestone dates agreed upon with the Review Lead. Regularly provide the ITCT Review Lead with status updates on ongoing activities, escalating concerns on meeting milestones to the Review Lead when necessary. Updating the ITCT Master Tracker on a twice weekly basis. What You’ll Bring To The Role Desired Skills / Experience Working knowledge of key Technology, Information Security, and Cybersecurity concepts (e.g., data security, identity and access management, network security, change management, etc.) Understanding of relevant regulations and industry standards (e.g., ISO 27001, COBIT, NIST, etc.) including principles and key concepts related to risk assessment, controls, and testing. Working knowledge of technology applications and infrastructure (e.g., server, network, platform desktop environment) and ability to identify risk and controls. Ability to employ process-based thinking to effectively obtain, analyze, and interpret information, identify root causes of problems, and draw logical conclusions. Excellent written and verbal communication skills. Good organizational skills with diligence and ability to manage multiple priorities. Proficient use of Microsoft Excel and other Microsoft Office products Required Education: Bachelor's degree. Minimum 2 years relevant risk experience from roles in any of the following: Audit (internal or external), Risk Officer / Information Security Officer, Technology Risk Governance / Consulting, Regulatory agencies What You Can Expect From Morgan Stanley We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work. Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents. Show more Show less

Details: Job Description *Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives* About Stefanini Group The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like Americas, Europe, Africa and Asia, and more than 400 clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting, company with global presence. We are CMM Level 5 company. Role Description: The Information Security team member will augment the Supply Chain Security team and play an integral part in the development, implementation, and compliance of technical security across the enterprise. The candidate will be key contributor to ongoing security assessments of third-party tools and products and will regularly act as a voice of Information Security to business teams and management, building cyber security confidence in support of business development and governance processes. Responsibilities: Perform focused risks assessments of existing or new service providers, and technologies being introduced into the firm's technology environment Provide governance and oversight over existing and new SaaS and IaaS products Influence the overall direction for securing infrastructure, applications and third parties service providers for the firm Communicate risk assessment findings to information security stakeholders or business partners and influences the risk mitigation Provide consultative advice to information security customers that enables them to make informed risk management decisions Performing assessments of new and existing Internet of Things (IoT) Deployments Identify appropriate controls to effectively manage information risks as needed Identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Support the documentation of Information Security Policies and Standards Security assessments of third-party software packages deployed on machines Perform vulnerability impact analysis of newly identified vulnerabilities of the firm's critical service providers Candidates Will Be Evaluated Based On Their Ability To Perform The Duties Listed Above While Demonstrating The Skills And Competencies Necessary To Be Highly Effective In The Role. These Skills And Competencies Include: Strong documentation and process-oriented background with experience working on complex technology projects An ability to effectively influence others to account for the plans and collaborative behaviors for results An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners in a way that influences optimum risk mitigation Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to react to high pressure dynamic changing environments Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization An ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches A discipline and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations Job Requirements Details: Experience: Degree in Business, Computer Engineering, Computer Science, Information Security, or a related field Working knowledge of data analysis techniques, including Excel, Python and basic SQL skills Experience with agile project management Knowledge of Azure security, AWS security, web security, including API and token security 5+ years Information Security experience 3+ years with risk advisory and senior management communication, metrics, collaboration to drive risk-based results 3+ years of experience with documenting, project management, written analysis for Information Security risk assessments 3+ years of experience in an Enterprise Risk Management and/or assessing controls within a Technology and/or Financial Services firm Experience with information security management frameworks (e.g., IS027001, COBIT, NIST 800) Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) AWS, GCP, or Azure security certifications are a plus Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, CISA or India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects Show more Show less

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Job Description Main purpose of the job and key background information Professional responsibilities for this manager position include but are not limited to: Applying internal control principles and technical knowledge, including Application Controls and IT General Controls; Developing and/or supervising the execution of detailed audit work plans for the IT audit component of the IA team through resource allocation, stakeholder coordination and quality review; Managing the identification of key risks and controls, including evaluation of control design; Evaluation of operational effectiveness of IT System Controls, utilizing appropriate testing techniques and professional skepticism; Providing regular status reports to IA management and internal clients/stakeholders, when necessary, to keep relevant parties informed of progress and potential issues; Assessing audit results, translating findings into level of risk, to produce meaningful insights and recommendations; Communicating risk findings, verbally and written, to clients in a pragmatic and helpful manner; Driving follow up and remediation of reported issues in a timely manner; Building meaningful relationships with clients through client engagements and networking; Managing and delivering against deadlines while working on multiple projects; Participating in development and delivery of training curriculum; and Coaching team members and reviewing their work. Requirements These should include essential and desirable requirements such as: Level of experience Education/qualifications Industry experience Technical capability Sales/BD capability Metrics Key personal attributes Consulting experience Minimum Years Of Experience 5+ year(s) of external/ internal audit experience (big four experience is preferred) Minimum Degree Required Bachelor’s or master’s degree in accounting, Management Information Systems, Computer Science, Engineering or business related field Preferred Certifications CISA, CISM, CISSP, CA and/or CIA Preferred Knowledge/ Skills Demonstrates extensive knowledge and/or proven record of success in the following areas: Security and controls for various on-premise and cloud-based technologies; Control standards (COSO, COBIT), control testing strategies; Public accounting practices and internal audit processes i.e., technology and tools for planning, testing and reporting; IT general controls concepts in the areas of system development, change management, computer operations and access to programs; Identifying and assessing business process controls and linkage to IT systems; and, IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, investigations and ethics. Additionally, candidates should have excellent communication (written and verbal) skills and should be able to work with global teams independently with minimal supervision. Additional Information Flexible work hours are required to align with US and UK hours as agreed upon. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD – Risk Consulting - Protect Tech – Staff (ITGC) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 1-3 years of related work experience At least 2-3 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description Oracle Customer Success Services Building on the mindset that "Who knows Oracle …. better than Oracle?" Oracle Customer Success Services assists customers with their requirements for some of the most cutting-edge applications and solutions by utilizing the strengths of more than two decades of expertise in developing mission-critical solutions for enterprise customers and combining it with cutting-edge technology to provide our customers' speed, flexibility, resiliency, and security to enable customers to optimize their investment, minimize risk, and achieve more. The business was established with an entrepreneurial mindset and supports a vibrant, imaginative, and highly varied workplace. We are free of obligations, so we'll need your help to turn it into a premier engineering hub that prioritizes quality. Why? Oracle Customer Success Services Engineering is responsible for designing, building, and managing cutting-edge solutions, services, and core platforms to support the managed cloud business including but not limited to OCI, Oracle SaaS, and Oracle Enterprise Applications. This position is for the CSS Architecture Team, and we are searching for the finest and brightest technologists as we begin on the road of cloud-native digital transformation. We operate under a garage culture, rely on cutting-edge technology in our daily work, and provide a highly innovative, creative, and experimental work environment. We prefer to innovate and move quickly, putting a strong emphasis on scalability and robustness. We need your assistance to build a top-tier engineering team that has a significant influence. What? As a Senior Principal Architect - Cybersecurity within our team, you’ll lead and contribute towards shaping the strategy for Cybersecurity efforts in designing and building scalable, distributed, resilient services that provide or augment critical business capabilities involving security controls for the business which are consumed by Oracle Corporation and Oracle Customers. You will be responsible for the design and development of core security capabilities spanning across all security domains but not limited to Identity, Data, Network & Communications, Asset, Threat Management,Risk Management, Cyber Resilience & Software Security aligning Oracle Corporate Security (CSA) and Global Information Security (GIS) standards and policies in combination with industry standards such as NIST, COBIT, ISACA, SABSA & CIS for ensuring they meet the needs of our clients and align with the company's strategic vision and business objectives. This role requires a unique blend of strategic architectural thinking and deep technical expertise, including hands-on experience in deploying and operating security products and services. The ideal candidate will also possess a solid understanding of security frameworks, standards, and regulatory compliance mandates & extensive experience in designing security solutions involving building security capabilities and integrating controls into large scale products and services that operate at scale on hyperscalers for customers in both regulated and non-regulated environments. We strongly believe in ownership and challenging the status quo. We expect you to bring critical thinking and create long-term design impact while building solutions and products defining system integrations, and cross-cutting concerns. Being part of the architecture function also provides you with the unique ability to enforce standards, patterns and advisory that will be future-proof while building new services or products. As a thought leader, you will own and lead the complete SDLC from Architecture Design, Development, Test, Operational Readiness, and Platform SRE across the CSS CDO Engineering function. Responsibilities As a Senior Principal Architect for Cybersecurity domain you will be playing a pivotal role in shaping up the Cybersecurity Strategy for the business, providing thought leadership impacting business and technology decisions and leading the technology charter for the Development and Engineering teams while working with Corporate CISO and Line of Business Group CISO delivering services and solutions as part of the CSS CDO Engineering function. As a core member of the Architecture Chapter, you will be expected to advocate for the adoption of software architecture and security design patterns among cross-functional teams both within and outside of engineering roles. You will also be expected to act as a mentor and act in capacity as an advisor to the team(s) within the Cybersecurity domain. In this role you will be expected to work as a liaison between the business, engineering and security leaders within Oracle. As we push for digital transformation throughout the organization, you will constantly be expected to think creatively, optimize and harmonize business processes. Core Responsibilities Lead the Cybersecurity Strategy, Architecture and Design for the core security domains, Threat Modelling with MITRE ATT&CK and D3FEND, Cyber Resilience with solutions built on top/integrated with OCI, Oracle Cloud Applications & Oracle Enterprise. Lead threat modelling, risk assessments and security design reviews for all new/ existing systems, services and products as part of the CSS CDO Engineering and larger CSS Organization globally. Liaise with senior executives across multiple business lines to combine business requirements into technology work packages in alignment with the overall CSA & GIS, CISO & Oracle Corporate Security Strategy for Next-Gen Technology Stack. Translate security controls and requirements into design standards and patterns for implementation as part of the shift-left approach within the SDLC process. Ensure architecture design conformity and compliance with Oracle Corporate Security, Corporate Security Architecture, Global Information Security and global Cyber standards and frameworks for Security & Compliance such as but not limited to : NIST CSF/ NIST 800-53 / NIST 800-171 ISO / IEC 27001/ 27002 CIS Controls SOC 2, HIPPA, PCI-DSS, GDPR and / OR FedRAMP (as applicable) SABSA / COBIT / TOGAF Cloud Security Alliance (CSA) & Cloud Control Matrix OWASP Develop and maintain technical documentation, including architecture diagrams, design specifications, and system diagrams. Continuously evaluate new security technologies and recommend improvements or enhancements. Act in capacity as a trusted advisor for executive leadership on security architecture and strategy. Provide guidance and mentorship to junior developers. Innovation and critical problem solving skills with exceptional communication skills are a must in this role as the Senior Principal Architect would effectively act as a conduit between business executives, functional teams and technology engineering teams. The role requires very strong technology thought leadership skills with practical hands on knowledge along with influential skills to create a broader impact within the business and engineering functions. Required Qualifications Master’s or Bachelors in Computer Science, specialization in Cybersecurity, Information Systems or a closely related field. 10+ years of experience in cyber and information security with explicit focus on security architecture and security solution & products build/ integration. Proven ability to build and manage enterprise-distributed and/or cloud-native systems. Broad knowledge of Cloud Service Providers and 3rd Party Risk Assessments for enterprises and regulated environments. Advanced knowledge in building & implementing Identity, Data and Network Security solutions involving but not limited to Zero-trust security, Identity Aware Proxies, FIDO, DLP, Data Privacy and Security for PI /SPI, Data Obfuscation and Tokenization, WAF, SIEM, SOAR, SOC etc. Deep experience with MITRE & STRIDE threat modelling for all cloud native applications and being part of Red, Blue and Purple teams. Knowledge in Adversarial ML involving the entire tech stack of AI and ML. Experience in Data Security including but not limited to vault-less Tokenization, Obfuscation, Encryption with latest Cryptography standards, Data Access & Governance. Strong expertise in software design concepts, patterns (e.g., 12-Factor Apps), and tools to create Cloud Native Computing Foundation (CNCF) compliant software with hands-on knowledge of containerization technologies like Docker and Kubernetes. Solid understanding of Design Thinking, Test-Driven Development (TDD), BDD, and end-to-end SDLC. Experience in DevOps practices, including Kubernetes, CI/CD, Blue-Green, and Canary deployments. Experience with Microservice architecture patterns, including API Gateways, Event-Driven & Reactive Architecture, CQRS, and SAGA. Familiarity with OOP design principles (SOLID, DRY, KISS, Common Closure, and Module Encapsulation). Proven ability to design software systems using various design patterns (Creational, Structural, and Behavioral). Strong interpersonal skills and the ability to effectively communicate with business stakeholders. Excellent analytical, problem-solving, communication, and leadership skills. Qualifications Career Level - IC5 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Summary Position Summary ServiceNow Developer — Senior Solution Advisor Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies . Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 – ID#US50463423 Work you will do As a Senior Consultant in Governance, Risk, and Compliance ( GRC )/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients . This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place. This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust As a Consultant, you would be expected to perform the following activities: Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse. Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience. Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations; Utilize GRC tools to automate risk management and compliance monitoring tasks. Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries. Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen. Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo. Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes. Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements. Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram. Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready. The team Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloitte’s Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust. Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in thisrole. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tool’s capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions. Required: Education: Bachelor’s degree in Computer Science/ Information Technology, or a related field. Experience: Minimum of 7-10 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy. Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust. Gathering and documenting business requirements and identifying gaps within existing systems and processes. Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.). Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust. Experience on Privacy Enhancement and Automation tools such as OneTrust. Proficient in risk management processes and compliance regulations. Proven experience in GRC, particularly within a consulting environment. Proficiency with scripting language in implementing API integrations with external system Must have development experience in more than 2- 3 projects from scratch to till go-live Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc. Strong analytical and problem-solving skills. Excellent interpersonal and communication skills, capable of working effectively with clients and team members. Flexibility in work hours may be necessary to meet project deadlines and client needs. Preferred: Education: Master’s degree in Business Administration, Cyber Security or a related field GRC Certifications: ServiceNow CSA, Archer Administrator Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302575 Show more Show less

Summary Position Summary ServiceNow Developer — Senior Solution Advisor Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies . Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 – ID#US50463423 Work you will do As a Senior Consultant in Governance, Risk, and Compliance ( GRC )/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients . This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place. This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust As a Consultant, you would be expected to perform the following activities: Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse. Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience. Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations; Utilize GRC tools to automate risk management and compliance monitoring tasks. Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries. Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen. Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo. Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes. Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements. Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram. Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready. The team Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloitte’s Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust. Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in thisrole. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tool’s capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions. Required: Education: Bachelor’s degree in Computer Science/ Information Technology, or a related field. Experience: Minimum of 7-10 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy. Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust. Gathering and documenting business requirements and identifying gaps within existing systems and processes. Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.). Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust. Experience on Privacy Enhancement and Automation tools such as OneTrust. Proficient in risk management processes and compliance regulations. Proven experience in GRC, particularly within a consulting environment. Proficiency with scripting language in implementing API integrations with external system Must have development experience in more than 2- 3 projects from scratch to till go-live Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc. Strong analytical and problem-solving skills. Excellent interpersonal and communication skills, capable of working effectively with clients and team members. Flexibility in work hours may be necessary to meet project deadlines and client needs. Preferred: Education: Master’s degree in Business Administration, Cyber Security or a related field GRC Certifications: ServiceNow CSA, Archer Administrator Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302575 Show more Show less

Job Summary The Internal Auditor II will coordinate, budget, and execute audit plans designed to identify risk, to mitigate loss, and to protect the people, assets, and cash flow of the company. Essential Duties And Responsibilities Assist manager to develop audit scope using risk assessment techniques. With appropriate approval, create or revise audit programs where necessary to accomplish audit objectives. Coordinate and lead site and project reviews (time and resource budgeting) with the Internal Audit Manager, external auditors, and regulatory agencies. Conduct audits in accordance with approved audit programs while effectively managing time budgets. Prepare audit workpapers documenting each audit step in the audit program. Ensure information is presented clearly, concisely, accurately, in a logical format, and has appropriate audit conclusions. Express ideas and information in a clear and concise manner. Prepare written presentations to management at the conclusion of an audit, discussing deficiencies, recommending corrective actions, and suggesting improvements in internal controls. Maintain updated knowledge of rules, regulations, and standards in the fields of internal audit, accounting, information technology and/or other related matters of interest to the department. Provide timely feedback to the in-charge or Internal Audit Manager about the status of the audit and as issues arise. Elevate real and emerging business control issues/problems to the Internal Audit Manager and local management if needed. Educate functional management in business risk concepts and suggest cost effective approaches to mitigate risk. Complete periodic education to stay informed of emerging issues and maintain a degree of professionalism. Review and compliment external auditing roles and practices. Train and educate other auditors in knowledge of audits using the COSO and/or CobIT frameworks. Demonstrate understanding of Jabil’s goals & business strategy and key industry trends and issues in the markets. Use internal and external data to understand the underlying causes / drivers of issues and opportunities. Gain a basic understanding of the roles and processes of other functional departments. Ability to travel internationally. Adhere to all safety and health rules and regulations associated with this position and as directed by supervisor. Comply and follow all procedures within the company’s various administrative policies including but not limited to security and non-disclosure policies. Ensure all sensitive and confidential information is handled appropriately. May perform other duties and responsibilities as assigned. Job Qualifications KNOWLEDGE REQUIREMENTS Understanding of internal audit standards, procedures, techniques, risk assessment practices, and frameworks such as COSO. Understanding of accounting principles and techniques. Other specialty areas (IT, security, fraud investigation, etc.) are additionally preferred. Basic critical thinking and analytical skills to help evaluate information received and identify critical trends in the information being reviewed. Understanding of the technical aspects of accounting and financial reporting. Proficiency with the Microsoft Office suite of products. Familiarity with AuditBoard and SAP is preferred. Education & Experience Requirements Bachelor’s Degree required preferably in Accounting or related field. Minimum 3 - 5 years related work experience related to audit, accounting, finance and operations. ACA, CA, CPA, CIA, or equivalent preferred. Or an equivalent combination of education, experience and/or training , BE AWARE OF FRAUD: When applying for a job at Jabil you will be contacted via correspondence through our official job portal with a jabil.com e-mail address; direct phone call from a member of the Jabil team; or direct e-mail with a jabil.com e-mail address. Jabil does not request payments for interviews or at any other point during the hiring process. Jabil will not ask for your personal identifying information such as a social security number, birth certificate, financial institution, driver’s license number or passport information over the phone or via e-mail. If you believe you are a victim of identity theft, contact your local police department. Any scam job listings should be reported to whatever website it was posted in. Show more Show less

Job Description: Cyber Maturity Assessment Consultant Team: Security Consulting Designation : Cyber Maturity Assessment Consultant Job Role: Run Cybersecurity Maturity Assessments (CMA/SMA) and risk evaluations for customers, aligned with industry frameworks to enhance client security posture and operational resilience. Experience: 5+ years in cybersecurity consulting, focused on cyber maturity assessments, risk management, and compliance programs. Job Location: Cyberjaya Shifts : Day Shift. However, flexibility is required to provide extended support and be available on-call when needed. Key Responsibilities Cyber Maturity & Risk Assessments  Conduct comprehensive CCyber Maturity Assessments for clients, aligned with frameworks such as NIST CSF, ISO 27001, CMMI, and COBIT.  Perform risk assessments—both qualitative and quantitative—to prioritize vulnerabilities and recommend mitigation strategies.  Evaluate third-party and supply chain security exposures. Strategy & Advisory  Analyse and Discover gaps in the Cybersecurity Technologies, People and Processes for clients.  Develop cybersecurity roadmaps to improve clients’ maturity and governance structures.  Recommend enhancements to cyber operating models and organizational alignment.  Deliver executive-level reports and gap analyses with clear business impact insights. Client Engagement & Training  Facilitate workshops to train clients on cybersecurity best practices and self-assessment techniques.  Mentor junior consultants on methodologies, report creation, and client communication.  Support business development initiatives, including proposal writing and client presentations. Compliance & Certification  Provide guidance for ISO 27001/20000-1 certification and audit readiness.  Ensure alignment of security programs with standards like NIST 800-30 and ISO 27005. Work Experience  5+ years of hands-on experience in cybersecurity consulting.  Demonstrated history of executing cyber maturity reviews and third-party risk assessments.  Demonstrated success in leading end-to-end client engagements, from scoping to delivery of assessment reports.  Proven ability to work cross-functionally with IT, Risk, and Compliance teams to align cybersecurity efforts with business priorities.  Delivered executive-level briefings translating technical assessment findings into strategic, business-aligned recommendations. Qualifications  Bachelor’s/Master’s degree in Cybersecurity, Information Security, or a related field. Essential Technical Skills  In-depth understanding of NIST CSF, NIST RMF, COBIT, ITIL, and ISO 31000.  Familiarity with cybersecurity governance models and risk assessment tools. Certifications  CRISC, ISO 27001 LA, CC (ISC)², or equivalent certifications. Desired Skills  Strong analytical, communication, and presentation skills.  Experience in financial services, insurance, or critical infrastructure sectors.  Ability to lead and mentor team members effectively. Performance Metrics  Client satisfaction scores and feedback.  Number and quality of assessments completed annually.  Contributions to proposals and business development success. Skills: risk assessment,qualitative risk assessments,risk,quantitative risk assessments,nist csf,cybersecurity,mentoring,ccyber maturity assessments,nist 800-30,cybersecurity training,assessment,cybersecurity governance models,compliance programs,cobit,analytical skills,risk assessment tools,iso 27001 certification guidance,security,maturity assessments,communication skills,iso 27001,cybersecurity maturity assessments,cybersecurity roadmaps,cyber,nist rmf,security assurance,iso 27005,risk management,iso 27001/20000-1 certification,presentation skills,cmmi,cybersecurity roadmap development Show more Show less

Job Description KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Qualifications IT Audit + SAP experience with knowledge of IT governance practices Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skills Knowledge of security measures and auditing practices within various applications, operating systems, and databases. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal Employment Opportunity Information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

About The Role Manager - Technology Risk Assessment Team - Technology Risk & Compliance ,Compliance Location - Bangalore The PhonePe Technology Risk and Compliance team plays a critical role in the successful execution of the firm's compliance mission. The Tech Risk and Compliance function ensures the development and maintenance of a strong compliance culture by developing and maintaining program infrastructure that identifies, measures and monitors compliance with applicable laws, regulations and rules that govern our business globally. Compliance teams work closely with Engineering, SREs, business, legal and other functions to provide expertise on regulatory compliance matters; assess and measure compliance and related risks and monitor and test the adequacy of the firm's compliance control environment. Roles and Responsibilities: To review PhonePe products, processes and environment from the perspective of security, regulatory compliance and best practices. To conduct due diligence on new and existing technology implementations across business units at PhonePe. To provide support to internal departments in areas of compliance with regulatory bodies (i.e. RBI, NPCI, SEBI, IRDAI, UIDAI), and implementation of security related requirements from circulars issued by regulators. To collaborate with product/business/engineering teams to implement compliance plans to mitigate risks in the early stage of product development To create control frameworks in guidance of the team and conduct gap assessment against security practices, various regulatory guidelines and compliance requirements Must Haves: 7 to 9 years of relevant work experience, B. Tech Prior people management experience. Strong understanding of ITGC domains and business processes. Experience in managing audits and implementing cyber security controls, NIST, PCI DSS standards, ISMS etc., Certifications such as ISO 27001 / CISA / CISM / CISSP preferred. High ethical standards and are able to work diligently to complete your duties. Analytical mind able to see the complexities of procedures and regulations. Demonstrate the ability to plan and execute projects with minimal management support. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy

Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology At Pall Corporation, one of Danaher s 15+ operating companies, our work saves lives and we re all united by a shared commitment to innovate for tangible impact. You ll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher s system of continuous improvement, you help turn ideas into impact - innovating at the speed of life. As a global leader in high-tech filtration, separation, and purification, Pall Corporation thrives on helping our customers solve their toughest challenges. Our products serve diverse, global customer needs across a wide range of applications to advance health, safety and environmentally responsible technologies. From airplane engines to hydraulic systems, scotch to smartphones, OLED screens to paper everyday Pall is there, helping protect critical operating assets, improve product quality, minimize emissions and waste, and safeguard health. For the exponentially curious, Pall is a place where you can thrive and amplify your impact on the world. Find what drives you on a team with a more than 75-year history of discovery, determination, and innovation. Learn about the Danaher Business System which makes everything possible. The Analyst, IT Compliance is responsible for hands-on SOX control testing activities and responsible to ensure assigned processes are compliant with SOX program requirements and deadlines This position reports to the Sr. Manager - IT Compliance and is part of the IT Compliance team located in Pune and will be an on-site role. Perform SOX control testing, process walkthroughs, and documentation reviews, including SOPs and policies. Identify, document, and communicate control issues and audit findings to control owners in a timely manner. Escalate control deficiencies to the IT Compliance Manager and participate in remediation planning with process owners. Support control owners in timely remediation of deficiencies and perform retesting for design and operational effectiveness. Maintain accurate records of controls and testing results to support reporting to senior management and Audit Committee. Contribute to continuous improvement of IT compliance and audit processes. Assist in preparing reports and updates for leadership on compliance testing progress and status The essential requirements of the job include: 5+ years of experience in SOX IT Controls testing and review enterprise applications across the IT ecosystem. Strong independent problem solving, project management and analytical skills in finance, accounting, or auditing related areas SAP application experience desirable Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate Sox-related concepts to technical and nontechnical audiences in all levels of the organization, up to and including Executive Management. Bachelor s Degree or equivalent It would be a plus if you also possess previous experience in: Strong hands-on experience with SAP IT General Controls (ITGCs) - including user access management, change management, and IT operations within SAP landscapes (e.g., ECC, S/4HANA). Proven ability to implement, test, and remediate SOX controls in SAP environments. Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or other relevant certifications preferred - with a strong understanding of control frameworks (e.g., COBIT, NIST) and how they apply to SAP systems. Exhibit excellent analytic skills, the ability to manage multiple projects under strict timelines, and to work well in a demanding, dynamic environment and meet overall objectives. Pall Corporation, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it s a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info . At Pall we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Pall can provide. Join our winning team today. Together, we ll accelerate the real-life impact of tomorrow s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life. For more information, visit www.danaher.com . At Danaher, we value diversity and the existence of similarities and differences, both visible and not, found in our workforce, workplace and throughout the markets we serve. Our associates, customers and shareholders contribute unique and different perspectives as a result of these diverse attributes.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Portfolio Compliance Enablement Leader Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 1000 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The Opportunity As an Assistant Director in the Information Security Portfolio Compliance Enablement function, you will work closely with our service line and function technologists from across the globe to support EY's digital services by ensuring compliance with Information Security policies. You will work with business teams to enhance their risk posture and partner with leaders to uphold policy compliance across global, regional, and country-based assets and systems. Your role includes maintaining the security and technology compliance posture through governance and oversight, ensuring data protection, privacy, and software development practices meet legal and regulatory standards. Key Responsibilities This position in the Information Security Portfolio Compliance Enablement function will focus on these pillars: Risk Management and Reduction: Assisting with managing the Portfolio or Service Line of security risk and compliance, engaging directly with key EY stakeholders to mitigate and reduce risks and provide insights on top risks impacting the security posture of the businesses. Trend Identification and Remediation: Gather information and report on security risk trends and themes that require a comprehensive approach to remediation. Proactive Security Initiatives: Proactively seeking out and identifying security risks, weaknesses, and potential vulnerabilities in systems and processes before they can be exploited. Improve compliance with security standards and policies though continuous improvement and innovation in security practices. Governance, Risk, and Compliance (GRC) Management: Assist with managing the end-to-end workflow of security compliance of risk findings in our Governance, Risk, and Compliance (GRC) tool to ensure continuity and compliance with security policies, standards and regulations. Key responsibilities include: Lead and contribute to projects that improve EY's risk posture. Develop and implement compliance strategies and remediation plans. Collaborate with Service Line and business stakeholders to reinforce policies, control ownership, and compliance responsibilities and support the communication of security findings and recommendations. Contribute to proactive security initiatives and continuous improvement of security practices. Translate technical vulnerabilities into business risk terms. Maintain and enhance compliance assessment toolkits. Conduct assessments and evaluate compliance effectiveness for technology infrastructure, applications, and third-party dependencies. Identify policy enforcement gaps and propose improvements. Skills And Attributes For Success Proven experience in compliance management within Information Security. Ability to balance security needs with business impact. Strong leadership and organizational skills. Capable of building relationships and facilitating compliance to security policies. Experience in risk assessments and recommending remediation strategies. Ability to develop and oversee enforcement protocols. Proficient in communicating complex issues and negotiating solutions. Knowledgeable in technical infrastructure and applications. Ability to team well with others to facilitate and enhance the understanding & compliance to security policies. Assist with metrics to evaluate the effectiveness of policy enforcement and generate regular reports. Ability to maintain a high level of integrity, trustworthiness and confidence to represent the company and security leadership with professionalism To Qualify for the Role, You Must Have At least 8 years of experience in Cyber Security or a related field ( At least 3 years of experience in a leadership role managing a team. A degree in Cybersecurity, Information Security, Computer Science, or related discipline; or equivalent work experience. One or more of the following or equivalent certifications: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT Familiarity with security standards like ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT. Understanding of governance, risk, and compliance (GRC) frameworks. Experience with regulatory requirements such as PCI, SOX, HIPAA, GDPR, GLBA. Proven ability to identify and mitigate security risks proactively. Capable of working with diverse teams and promoting an enterprise-wide, collaborative security culture Experience in managing communication and recommendations to IT project teams. Strong English language communication skills and the ability to work with diverse teams. Ideally, You’ll Also Have Good judgment, tact, and decision-making ability. Familiarity with local and regional regulatory requirements. Flexibility to adapt to changing priorities. Strong management, interpersonal, communication, organizational, and decision-making skills. Experience with GRC platforms like RSA Archer or IBM Open Pages. What We Look For We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that are supporting the growth strategy of a global professional services firm. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Portfolio Compliance Enablement Leader Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 1000 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The Opportunity As an Assistant Director in the Information Security Portfolio Compliance Enablement function, you will work closely with our service line and function technologists from across the globe to support EY's digital services by ensuring compliance with Information Security policies. You will work with business teams to enhance their risk posture and partner with leaders to uphold policy compliance across global, regional, and country-based assets and systems. Your role includes maintaining the security and technology compliance posture through governance and oversight, ensuring data protection, privacy, and software development practices meet legal and regulatory standards. Key Responsibilities This position in the Information Security Portfolio Compliance Enablement function will focus on these pillars: Risk Management and Reduction: Assisting with managing the Portfolio or Service Line of security risk and compliance, engaging directly with key EY stakeholders to mitigate and reduce risks and provide insights on top risks impacting the security posture of the businesses. Trend Identification and Remediation: Gather information and report on security risk trends and themes that require a comprehensive approach to remediation. Proactive Security Initiatives: Proactively seeking out and identifying security risks, weaknesses, and potential vulnerabilities in systems and processes before they can be exploited. Improve compliance with security standards and policies though continuous improvement and innovation in security practices. Governance, Risk, and Compliance (GRC) Management: Assist with managing the end-to-end workflow of security compliance of risk findings in our Governance, Risk, and Compliance (GRC) tool to ensure continuity and compliance with security policies, standards and regulations. Key responsibilities include: Lead and contribute to projects that improve EY's risk posture. Develop and implement compliance strategies and remediation plans. Collaborate with Service Line and business stakeholders to reinforce policies, control ownership, and compliance responsibilities and support the communication of security findings and recommendations. Contribute to proactive security initiatives and continuous improvement of security practices. Translate technical vulnerabilities into business risk terms. Maintain and enhance compliance assessment toolkits. Conduct assessments and evaluate compliance effectiveness for technology infrastructure, applications, and third-party dependencies. Identify policy enforcement gaps and propose improvements. Skills And Attributes For Success Proven experience in compliance management within Information Security. Ability to balance security needs with business impact. Strong leadership and organizational skills. Capable of building relationships and facilitating compliance to security policies. Experience in risk assessments and recommending remediation strategies. Ability to develop and oversee enforcement protocols. Proficient in communicating complex issues and negotiating solutions. Knowledgeable in technical infrastructure and applications. Ability to team well with others to facilitate and enhance the understanding & compliance to security policies. Assist with metrics to evaluate the effectiveness of policy enforcement and generate regular reports. Ability to maintain a high level of integrity, trustworthiness and confidence to represent the company and security leadership with professionalism To Qualify for the Role, You Must Have At least 8 years of experience in Cyber Security or a related field ( At least 3 years of experience in a leadership role managing a team. A degree in Cybersecurity, Information Security, Computer Science, or related discipline; or equivalent work experience. One or more of the following or equivalent certifications: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT Familiarity with security standards like ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT. Understanding of governance, risk, and compliance (GRC) frameworks. Experience with regulatory requirements such as PCI, SOX, HIPAA, GDPR, GLBA. Proven ability to identify and mitigate security risks proactively. Capable of working with diverse teams and promoting an enterprise-wide, collaborative security culture Experience in managing communication and recommendations to IT project teams. Strong English language communication skills and the ability to work with diverse teams. Ideally, You’ll Also Have Good judgment, tact, and decision-making ability. Familiarity with local and regional regulatory requirements. Flexibility to adapt to changing priorities. Strong management, interpersonal, communication, organizational, and decision-making skills. Experience with GRC platforms like RSA Archer or IBM Open Pages. What We Look For We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that are supporting the growth strategy of a global professional services firm. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Role Profile Job Title Internal: Operational Risk & Control - Senior Analyst External: Risk Analyst Location India Reports to Head of Operational Risk & Resilience For advertising: About FNZ Who We Are FNZ Group is an established and rapidly growing company in the financial technology sector. We partner with the entire industry to make wealth management accessible to more people. Today, we partner with over 650 financial institutions and 12,000 wealth management firms, enabling over 20 million people across all wealth segments to invest in the things they care the most about, on their own terms. We have over 30+ offices globally with 5000+ employees (and growing!). To learn more about us and our journey, check out our careers site. Role Description What our Senior Risk Analysts do: Our Senior Risk Analysts are analytical thinkers who have excellent attention to detail skills. They are deadline driven and understand complex edicts, regulation guidelines, wealth products, and financial legislation. They have technical knowledge in product life cycle, market risk solutions, fixed income products, credit risk and attributions. Our Senior Risk Analysts are excellent communicators with a proven ability to influence and challenge. They use their previous experience to support an effective risk management function in Operations. Responsibilities This Senior Risk Analyst is a critical role on our North America Operations team reporting into the Head of Operational Risk & Resilience. That person is required to support the implementation and application of the Risk Management Framework responsibilities, including but not limited: Performs technology risk assessments for applications and infrastructure assets. Conducts Business Impact Analysis and apply the enterprise risk methodology to determine criticality. Works with the Operations function to develop and maintain business continuity plans. Exercise the business continuity plans periodically. Address lessons learned from the exercise to continuously improve business resiliency. Work across the business to ensure timely and accurate recording and reporting of Risk Events, providing challenge to content and cause of the Event to ensure it is factually accurate. Ensure delivery of quality, accurate Risk Events to clients in a timely manner, with appropriate assessment of regulatory impact. Identifying efficiencies and improvements in the process related to quality and timeliness. Root Cause and thematic analysis along with working with the business to improve the control environment to reduce the volume of Risk Events. Lead or assist in driving quality action plans (events and audits), with appropriate ownership and oversight to ensure completion on schedule thereby mitigating FNZ risk exposure. Lead or support first line of defence with any technology Risk Event related enquiries. Design and deliver technology and business continuity Risk training. Acts as a resource for team members with less experience. Broader work or accountabilities may be assigned as needed. Experience Required Typically, between 3-5 years of relevant experience in the financial services industry. Experience working in banking, wealth management, asset management, or technology providers to those industries. Good knowledge of IT risk management and IT security concepts, including COBIT, NIST and ISO 27001. Excellent written and verbal communication skills at a variety of levels within a regulated environment, both internally and externally. Ability to build and maintain relationship with clients. Ability to take initiatives and work under pressure. Experience Preferred Related professional or industry qualifications with Audit, Compliance or Risk Management certification. Business continuity/resiliency experience. Opportunities What We Offer Be part of a highly successful, rapidly growing, global business that is leading the delivery of financial services. A competitive base salary, uncapped bonus, and paid time off. Flexibility in working hours for better work-life balance. Fulfilling mentor and leadership opportunities. Working with purpose and making an impact together. A positive work environment with a sense of purpose to share knowledge and skills amongst other colleagues. Inclusion At FNZ, we recognise that diversity, equity, and inclusion are important factors contributing to our success. We embrace the unique perspective and capabilities of our current and future employees, which will help us continue to drive innovation and achieve our business goals. Recruitment decisions at FNZ are made in a non-discriminatory manner without regard to gender, ethnicity/race, faith, age, nationality, gender identity, sexual orientation, marital status, socio-economic background, disability, or military veteran status where all applicants and employees are valued and respected. In addition, we want to ensure accessibility needs are well supported, if you require specific support, please advise us. About FNZ FNZ is committed to opening up wealth so that everyone, everywhere can invest in their future on their terms. We know the foundation to do that already exists in the wealth management industry, but complexity holds firms back. We created wealth’s growth platform to help. We provide a global, end-to-end wealth management platform that integrates modern technology with business and investment operations. All in a regulated financial institution. We partner with over 650 financial institutions and 12,000 wealth managers, with US$1.5 trillion in assets under administration (AUA). Together with our customers, we help over 20 million people from all wealth segments to invest in their future. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Career Family - Analysis Role Type - Business Analysis Career Framework Role Description Evaluates business models, processes and operations to develop a good understanding of business needs and requirements. Analyses and evaluates business requirements and translates these into technical requirements and specifications, providing insights on system and technical components to incorporate into the technical design. Interacts with business stakeholders to gather, understand, document, and analyse business requirements. Analyses reports and assessments to provide insights on whether a solution/technology being implemented is meeting business requirements. Responsibilities Reviews materials and supports in meetings and workshops with business stakeholders to understand and gather business / functional requirements, undertaking client assessments and building relationships with business stakeholder. Builds relationships and collaborates with the wider team to understand business requirements and translates these into complex technical requirements. Produces technical specifications to guide system architectural design and development and conducts quality assurance tasks to ensure completeness of requirements, peer reviewing the work of more junior members of the team. Monitors and reports on potential risks/opportunities of emerging technologies, and forms recommendations for system and technical components based on understanding of business requirements, reviewing and supporting with process modelling and improvement. Contributes to the design and review of test cases to ensure tests adequately meet the requirements and coordinates with infrastructure and operations teams to resolve system issues, contributing to moderately complex aspects of a project. Provides insights on whether solutions and technologies being implemented are meeting business requirements. Contributes to business case development and completes RFP responses, exploring and experimenting with new and existing data to tackle defined business problems. Technical Skills & Knowledge Proven experience gathering and interpreting business requirements. Proven experience developing technical requirements and specifications, including knowledge of software engineering methodologies, reporting tools, modelling and testing. Proven understanding of Lean Six Sigma and Business Process Modelling and Notation. Knowledge on application building using Python would be an added advantage. Experience Sound relevant experience in either an internal or external business analysis role and/or software / technical analysis role or similar, evidenced by adding business value through identifying, analysing and articulating problems and solutions. Developed technical knowledge and experience in delivering IT solutions, providing technical advice and understanding user requirements. Some stakeholder management experience. Typical Education Business Administration Business Management Computer Science Data Science Engineering IT Statistics Mathematics Similar Titles in the Market Oracle Functional Consultant Oracle GRC Consultant Oracle Risk Management Consultant Business Analyst – Oracle ERP Senior Business Analyst - Oracle ERP Leadership Capabilities LEAD: Gold Standard Definitions Available Technical Learning Business Analysis Skills And Capabilities Preferably CA/MBA/B.E/B.Tech with 1 to 3 years of implementation and advisory experience on Oracle Cloud ERP/EBS security and controls. Ability to drive risk and control programs for Oracle EBS/ERP Cloud, with a focus on the following: Segregation of duty concerns in an ERP environment along with an ability to design SoD (Segregation of Duties) risk libraries, and preparation of remediation roadmaps. System role-design, build security and troubleshoot security defects. Design risk control matrices by conducting workshops with business process owners. Review Oracle ERP IT Application Controls (ITAC) for test of design and test of effectiveness. Identify potential opportunities to automate current ITDM/manual controls leveraging Oracle EBS/ERP Cloud. Deep understanding of regulatory frameworks like COSO, COBIT. Knowledge and audit experience across regulations like SOX, GDPR, CCPA. Functional knowledge on Oracle EBS/ERP Cloud Financials, Procurement, Supply chain management, Projects and HRMS is a pre-requisite. Ability to simplify data and explain trends through Excel spreadsheets, dashboards, power-point presentations is highly desirable. Knowledge of Oracle GRC (Governance, Risk & Compliance) & Oracle Risk Management Cloud (RMC) is highly desirable. Working knowledge on Peoplesoft, NetSuite, MS Dynamics and Workday would be an added advantage. Willing to learn and work on different ERPs and CRM solutions. Technologies and Tools Oracle Fusion Cloud Financials, SCM modules, Projects and HCM. Oracle EBS Financials, SCM modules, Projects and HRMS. SQL /PLSQL, Python. SpotFire/ PowerBI. PeopleSoft, NetSuite, MS Dynamics and Workday. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity “FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". – Cyber Security - Director What You’ll Contribute Applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What We’re Seeking Bachelor’s degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO? At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today – Big Data analytics. You’ll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide: Credit Scoring — FICO® Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security — 4 billion payment cards globally are protected by FICO fraud systems. Lending — 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICO’s solutions, placing us among the world’s top 100 software companies by revenue. We help many of the world’s largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people – just like you – who thrive on the collaboration and innovation that’s nurtured by a diverse and inclusive environment. We’ll provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at www.fico.com/Careers FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and we’re proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they don’t meet all stated qualifications. While our qualifications are clearly related to role success, each candidate’s profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to the FICO Privacy policy at https://www.fico.com/en/privacy-policy Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting – Senior Manager or Associate Director (IT and Cyber Compliance) The opportunity: your next adventure awaits. Are you a tech-savvy professional with a risk mindset who is passionate about building a better working world through the power of people, technology, and innovation? We have an incredible opportunity for you to join our dynamic Technology Risk team and make a real impact in the rapidly evolving world we live in. Within Risk Consulting, you will focus in the areas of areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, IT and Digital Transformations (including ERP and Cloud transformations), while enabling technology to better manage risk. As a member of our team, you will have the chance to work with industry leaders and help transform businesses by tackling the most complex challenges with our clients. This is client-facing role in a rapidly growing practice, where you’ll build client relationships with key stakeholders, including management executives for some of the most globally recognized brands. It makes this the perfect place to gain a deeper understanding of complex businesses transactions, all the while recommending solutions to some of the most pressing business challenges and process inefficiencies. You will also team up with our global professionals in multidisciplinary engagements, helping major global clients transform and sustain business performance. You will be leveraging emerging technologies like AI, ML, to build and enhance new solutions and actively work in building multiple tools and assets for efficient and effective client delivery. By plugging into our market-leading global network, you'll gain the experience you need to become an exceptional IT Risk Advisor Your Key Roles And Responsibilities Market Leadership and client management Executive-level skills in client relationship management and the hold conversations with senior executives. Partnering with onshore teams to understand client’s business & related industry issues / trends for global clients. Contribute to new solution development basis the industry trends and client’s problem statement in the areas of IT Risk Management Conduct knowledge sharing discussions & contribute to EY thought leadership. Participate in go to market, create proposals and respond to RFPs, client orals etc. Identify opportunities for cross-selling to current clients/introduce colleagues from other service lines. Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Identify opportunities for cross-selling to current clients/introduce colleagues from other service lines. Assist Partners/Directors in driving the account management agenda by focusing on high impact opportunities. Create innovative insights for clients, adapts methods & practices to fit operational team needs & contributes to thought leadership documents. Delivery and Team management Understanding our clients’ overall technology strategy to effectively manage risk while transforming their business. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Lead large engagements in the areas of IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits Actively contribute to improving operational efficiency on projects & internal initiatives by leveraging on lessons learned from other projects. Monitor engagement economics & ensure timely billing of invoices & actively follow-up on collections by managers/seniors. Manage a team of Managers and Seniors (across locations) to manage delivery of engagements for multiple processes across clients and conduct comprehensive risk assessments to identify and prioritize potential IT risks against technology strategies, business applications and platforms, and digital transformations. Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate subject matter & industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices). Stay up to date with emerging industry trends and technologies, suggest innovative solutions to engagement teams and provide recommendations to clients on potential risks and opportunities. Operational Excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Manage engagement budgets and ensure compliance with engagement plans and internal quality & risk management procedures. People related Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Understand EY and its service lines. Actively encourage team members to contribute ideas. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives. To qualify for the role, you must have Chartered accountant (CA) or Master's degree in Management, Information Systems/ Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline Passion for technology and an ardent desire to work in risk management. Minimum 12 years of a “Big 4” or professional firm or professional industry experience in risks & controls, with more than 10 years of experience in IT Risk Management, IT & Cyber Compliance areas such as Risk Assessment – Assessment of internal processes to identify security findings, vulnerabilities, and control gaps/deviations identified on applications and infrastructure. Develop risk control matrix in line with COBIT, ISO, NIST and ITIL Best Practice and recommendations. Control Monitoring- Understanding of Cyber and compliance standards like PCI, ISO27001, perform test the design and operational effectiveness of the controls. Control Automation – Identify controls automation opportunities through analytics platform to monitor the operational effectiveness on the regular basis. Defect / Gap Identification: Identify the confidentiality, integrity and the availability related deficiencies in the client environment and evaluate against industry standards. IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Good to have relevant industry certifications such as CISA, CISM, CISSP, ISO 27001, and others (as relevant) Cognitive problem-solving capabilities, quick decision-making skills and ability to handle complex situations with a calm demeanor Exceptional interpersonal, written, and verbal communication skills Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines. Globally mobile and flexible to travel to onsite locations. Team player with strong interpersonal skills Ability to think differently and innovate Ideally, you’ll also have Responsible for the performance and appraisal of direct reports, including training and developing necessary skill sets to enable them to grow in their careers. Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Role: Internal Auditor Gender: Female candidates (mandate) Experience: 3 to 8 Years Qualification: CA (mandate) Budget: upto 18 LPA Notice Period: immediate to 30 days (preferred) Location: Ahmedabad (wfo) Shift timings: UK Shift Roles & Responsibilities: The Internal Auditor will execute internal audits under the direction of the Internal Audit Senior Manager and Zone Audit Director. The Senior Internal Auditor based in Ahmedabad will perform audits cross multiple zones, including Europe, Middle East and Africa, Asia pacific, and potentially certain global audits. Key responsibilities include:  Support the Internal Audit manager to conduct the audit engagements, including the budgeting and staffing assignments for the different areas of review, ensuring that adequate documentation and timely execution of the tasks to successfully complete each project'  Lead business process reviews to evaluate the design and operating effectiveness of internal controls over the business cycles, as well as the efficiency and effectiveness of operations;  Lead reviews to assess the accuracy of the financial statements;  Lead reviews to evaluate IT applications and the adequacy/efficiency of accounting, financial and operating procedures established for IT control purposes;  Determine compliance with established Finance and/or IT policies and Sarbanes Oxley legislation;  Prepare reports based upon audit results, audit documentation, and management action plans defined to address observations noted;  Maintain business management timely informed on audit progress, including road blocks, and observations via update meetings and closing conferences.  Update Audit Manager and Zone Audit Director as needed on audit progress and potential issues in a timely manner.  Be part a global Internal Audit Competency Center of selected business process. As such, work closely the Internal Audit Manager responsible for the area of expertise to analyze issues with global/regional/local impacts, develop trend analysis and compile best practices to be shared through the organization for adoption.  Assess the efficiency and effectiveness of actions implemented to address audit issues. Communication:  Communicate effectively verbally and in writing by adopting appropriate communication style to individuals at all levels of the organization and remaining open to disagreement or new ideas.  Articulate understanding of business areas under review, and demonstrates thorough test work and solid rationale for potential audit issues.  Update Audit Manager and Zone Audit Director as needed on audit progress and potential issues in a timely manner. Leadership:  Develop an open and honest working relationship with those being audited and maintain a professional approach at all times.  Share best practices, tools and testing methodologies with other team members, and contribute to departmental projects.  Will be leading an audit team, and will be the key point of contact with those being audited.  Displays leadership and project management skills to complete quality work on time with budgeted resources. Qualifications & Skills:  Undergraduate degree in Finance/Business Administration, Accounting and/or in Computer Science, MIS, or other relevant field;  3-4 plus years of professional experience in an audit related role within a Big-4 accounting firm and/or large corporation’s internal audit department preferred. Additional finance experience would be a plus  General knowledge of risk/control frameworks (COSO, COBIT) required;  A professional accounting/audit certification (CPA, CIA, etc.) or IT (CISA, CIA, CISM, etc.) certification preferred.  FMCG/Manufacturing experience preferred;  Sarbanes-Oxley experience preferred;  US GAAP/IFRS experience preferred;  SAP knowledge preferred;  Goal-oriented and outgoing with strong interpersonal and teamwork skills;  Strong written and verbal communication skills;  Ability to think and work analytically;  Ability to develop strong and lasting relationships with all levels of management.  Willingness to travel (50%);  Must fluently speak English (Asian/European languages are plus) The qualified candidate must be able to work with multiple organizations and teams, consistently meet deadlines and work well under time constraints and be able to quickly learn and understands diverse business areas/systems. Show more Show less