1022 Cobit Jobs - Page 6

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

ROLE & RESPONSIBILTY: Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. Risk Consulting IT Advisory Cyber Security: Cyber Risk Assessments The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. 2020 KPMG, an Indian Registered Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International. REQUIREMENTS: Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments.•Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices.•Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. >>CRITERIA oEducation 60% above throughout academicsoOne 3 years (at least) regular course is must either Diploma or GraduationoCourse: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalentoCertification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA (At least one)oCCNA (Mandatory), CCNP or equivalent(optional).

Join our Team About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Why join Ericsson What happens once you apply Primary country and city: India (IN) || Noida Req ID: 769907

About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Primary country and city: India (IN) || Noida Req ID: 769907

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

JOb Dicription: Role & responsibilities : Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills. Specially for Managers Experience of writing proposal and responding to RFP’s Handling team of 4-5 people Profiles from consulting background to be preferred. Qualification Any full time bachelor’s degree with relevant technical work experience.

Vice President - Technology Risk Management II - Chief of Operations (COPS) Officer We re seeking a future team member for the role of Vice President - Technology Risk Management II to join our Technology Risk Management (2LOD) team. This role is located in Pune, MH Hybrid. In this role, you ll make an impact in the following ways: Drive consistent, robust, and repeatable independent technology & cybersecurity risk and control management processes with developed centralized process documentation, templates, tooling, dashboarding, reporting and related work products Enable high-quality and consistent delivery of key independent 2LOD risk and control management activities across the broader Technology Risk Management organization to support key stakeholder deliverable work products including risk committee reporting, audit trail submissions, regulatory engagement responses, and 1LOD and Internal Audit reporting transparency Implement appropriate checks and change management capabilities to ensure broader TRM teams are challenged to produce high-quality, risk-based analysis, challenges, issues, and work products to stand-up to audit and regulatory requirements Interface collaboratively with other TRM teams including Reporting, Frameworks, Process, Automation/AI, and Functional SME teams, to ensure process efficiencies are implemented and enhanced over time To be successful in this role, we re seeking the following: Bachelor s degree or the equivalent combination of education and experience is required 7+ years of experience required experience with technology or financial services industry is required Sound understanding of Industry wide Technology Controls, Issue Management and Risk Management Framework Expert attention to detail, organizational and executive communication skills and experience are required Relevant professional certifications are a plus (CRISC, CISA, ITIL, ISO27001, COBIT) Technical experience with SharePoint, Tableau, PowerBI, ServiceNow is a plus Consulting and engagement with senior leadership experience is a plus America s Most Innovative Companies, Fortune, 2024 World s Most Admired Companies, Fortune 2024 Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024 Best Places to Work for Disability Inclusion , Disability: IN 100% score, 2023-2024 Most Just Companies , Just Capital and CNBC, 2024 Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024 Bloomberg s Gender Equality Index (GEI), 2023

We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are in search of a candidate with an experience in SAP technologies who has experience scoping, supervising, and executing ERP security & controls, segregation of duties assessments, security role designs, GRC implementations, and operationalizing user access management. Qualification and Minimum Entry Requirements Bachelor or Master degree with a minimum of 4-5 years of professional experience in public accounting or relevant compliance industry experience Deep understanding of business processes and controls in SAP (various versions). Preferred secondary ERP of similar skills ERP implementation experience; functional SAP background is a plus Broad industry experience or deep expertise in a specific industry Minimum 4-7 years in SAP, audit, internal audit, or internal control roles Experience working with SAP S/4 HANA is a plus Technical knowledge of controls monitoring/auditing tools such as SAP GRC, GRC Control Panel, ERP Maestro, or other tools such as ACL, Tableau, Alteryx, a plus Experience working with clients in multiple industry's Experience training others on ERP controls and security knowledge Experience with SOX, COSO, COBIT and other related IT controls methodology and frameworks, such as ISO, NIST, HIPAA, or FDA is a plus. Experience with risk and controls for S/4 HANA and HANA database/platform preferred Candidate should have CISA/CA/SAP certification Candidate with CIA, CISSP, CPA will be preferred Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments Excellent verbal, written, interpersonal communication (English) as the position requires frequent communications with RSM International clients Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Execute SAP ERP engagements, specifically related to audit, risk and control related issues highly visible ERP clients. Execute SAP IT automated controls (ITACs), IT general controls (ITGCs), and Key Report assessments, SAP security role and configuration reviews, SAP Implementation Risk Assessments, SAP SOD assessments, and other ERP services as needed Execute testing of SAP application control design and effectiveness; validate test scripts and review results Handle multiple client projects while contributing to internal initiatives (talent, practice, business development) Help to maintain our multiple segregation of duties tools and revise security rulesets Execute SAP security role and user security managed services support. Execute SAP security role build and testing activities. Proactively driving the continued maturation and industrialization of our current SAP Security methodology, associated work programs, accelerators, and testing procedures. Provide first choice advisor experience to existing clients while working to maximize client value Ability to exceed client expectations in a sophisticated consulting or accounting firm environment Develop and maintain strong relationships with centers of influence and professionals Understand their impact and contribute to the fundamentals of practice (i.e. realization, utilization, resource leverage) Engage with automation, analytics, and business/application control specialists to address SAP risk management needs in a holistic manner. Professionally presents themselves at all times at the office and the clients meetings. This includes but is not limited to appearance, communication, and actions. Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis

Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. The ERP, Risk and Automation Services (ERAS) Consulting practice, assists with various consulting, internal, and external audit clients by bringing in-depth ERP, automation, and data analytics skills where needed. The practice performs security and controls designs/assessments, complex data analytics, security role design, security managed services, segregation of duties assessments, as well as ERP implementation risk reviews. We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are in search of a candidate with an experience in Oracle technologies who has experience scoping, supervising, and executing ERP security & controls, segregation of duties assessments, security role designs, and operationalizing user access management. Qualification and Minimum Entry Requirements Bachelor or Master degree with a minimum of 4-5 years of professional experience in public accounting or relevant compliance industry experience Deep understanding of business processes and controls in Oracle (various versions). Preferred secondary ERP of similar skills ERP implementation experience; functional Oracle background is a plus Broad industry experience or deep expertise in a specific industry Minimum 4-7 years in Oracle, audit, internal audit, or internal control roles Technical knowledge of controls monitoring/auditing tools such as fastpath, ACL, Tableau, Alteryx, a plus Experience working with clients in multiple industry's Experience training others on ERP controls and security knowledge Experience with SOX, COSO, COBIT and other related IT controls methodology and frameworks, such as ISO, NIST, HIPAA, or FDA is a plus. Candidate should have CISA/CA certification Candidate with CIA, CISSP, CPA will be preferred Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments Excellent verbal, written, interpersonal communication (English) as the position requires frequent communications with RSM International clients Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Execute ERP Oracle engagements, specifically related to audit, risk and control related issues highly visible ERP clients. Execute Oracle IT automated controls (ITACs), IT general controls (ITGCs), and Key Report assessments, Oracle security role and configuration reviews, Oracle Implementation Risk Assessments, Oracle SOD assessments, and other ERP services as needed Execute testing of Oracle application control design and effectiveness; validate test scripts and review results Handle multiple client projects while contributing to internal initiatives (talent, practice, business development) Help to maintain our multiple segregation of duties tools and revise security rulesets Execute Oracle security role and user security managed services support. Execute Oracle security role build and testing activities. Proactively driving the continued maturation and industrialization of our current Oracle Security methodology, associated work programs, accelerators, and testing procedures. Provide first choice advisor experience to existing clients while working to maximize client value Ability to exceed client expectations in a sophisticated consulting or accounting firm environment Develop and maintain strong relationships with centers of influence and professionals Understand their impact and contribute to the fundamentals of practice (i.e. realization, utilization, resource leverage) Engage with automation, analytics, and business/application control specialists to address Oracle risk management needs in a holistic manner. Professionally presents themselves at all times at the office and the clients meetings. This includes but is not limited to appearance, communication, and actions. Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on security and automation tools to protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts and risk management personnel to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. Network Security Governance Implementing network governance frameworks and policies. Establish standards for network architecture, design, and security Conducting regular network risk assessments and vulnerability scans Identifying, implementing and operationalizing metrics, dashboards, scorecards, and tracking to consistently measure the current state of cybersecurity across VGS Network, leveraging industry best practices and standards where possible Ensuring effectiveness and coverage of the Security Policies and Controls of VGS Network, prioritizing by risk level Installing ownership and accountability for security-based metrics and drive increased maturity, visibility, and subject-matter expertise for all segments Developing action plans jointly with all stakeholders to remediate deviations, providing necessary support to close on all key items Championing a highly collaborative work model with an aptitude of building and maintaining relationships across different teams at multiple senior levels, internally and externally Developing awareness, training & compliance programs focused on Network Cybersecurity practices, leveraging the Mavens program - a team of security professionals who facilitate adoption of security by design Ensuring Security posture of VGS Network, e.g., access management, vulnerabilities remediation, etc. Coordinating necessary activities with our VCS Cybersecurity organization: pen testing, incident response, data collection, etc. Identifying and evaluating potential threats and vulnerabilities. Develop mitigation strategies and track remediation efforts What We’re Looking For... You'll need to have: Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Experience in Security, IT, and/or Network. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN, web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Knowledge of IT governance frameworks and standards (e.g., COBIT, ITIL) Relevant certifications such as CISSP, CISM, CRISC or CompTIA Security+ Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Master’s degree in cybersecurity, network, engineering, computer science or related field. Ability to thrive in a dynamic environment while managing multiple high-priority projects. Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC, etc Strong expertise in at least one operating system Window or Linux. Cloud relevant certifications CCSP, CCSK Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-ICFR IT – Risk Consulting - Senior As part of our Risk Consulting team, you will be part of the team performing ICFR IT assessment/audits (ICFR IT controls and IT Application Control testing) for various clients across the MENA region. Working with Risk team, you will also perform/provide insights for the implementation of ICFR IT controls, IT Risk assessment, IT Governance, ERP reviews and conduct maturity assessment on the client’s current IT posture. The client base spans across various sectors and includes collaboration with other teams within EY. The opportunity We’re looking for Senior Auditor with expertise in ICFR - IT Audit & Implementation to join the group of our Risk team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering Your key responsibilities Responsible for executing multiple client engagements in MENA region and working with team members including Senior Consultant/Associate Manager level within the EY GDS team You can expect to work with high level client personnel to address compliance, financial, and operational risks, ICFR risk and controls and perform audits based on the business requirements You are also expected to conduct Kick-off Meetings, IT internal control testing, develop ICFR IT internal audit plans, conduct ICFR audit closure meetings and provide other IT internal audit services for the MENA stakeholders. You are expected to perform design and implementation of ICFR IT controls for the client based on their business processes. You will assess the client’s current state IT internal controls for the client's IT environment and identify IT risks and subsequent recommendations. Skills and attributes for success Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other documents/templates. Experience in leading teams to execute ICFR IT control implementation. ICFR IT audit/Risk Management within stipulated timeline along with high quality deliverables. Lead and execute ICFR IT internal audit engagements, IT engagements Exposure to ICFR controls, ISMS, COBIT reviews and IT audits Experience in performing ICFR IT control implementation and audits in Banking, Oil & Gas and Telecom Sectors is preferred. Good Communication skill and willingness to travel at a short notice Experience in applying relevant technical knowledge in at least one of the following engagements: ICFR ITGC audits; (b) ICFR IT internal or operational control implementation; (c) Service Organization Controls Reporting engagements; and/or (d) ERP security and control reviews (Oracle, SAP, MS Dynamics) Demonstrating and applying strong project management skills, inspiring teamwork and responsibility with engagement team members To qualify for the role, you must have A bachelor's or master's degree A minimum of 4-7 years of experience on ICFR controls with IT/IS internal audit background in a professional services firm. Excellent communication skills with consulting experience preferred A valid passport for travel. Ideally, you’ll also have A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline. CPA, CIA, ISO27001, ITSM, CoBIT, ITIL V3, CISA (anyone certification is desired) What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-ICFR IT – Risk Consulting - Manager As part of our Risk Consulting team, you will be part of the team performing ICFR IT assessment/audits (ICFR IT controls and IT Application Control testing) for various clients across the MENA region. Working with Risk team, you will also perform/provide insights for the implementation of ICFR IT controls, IT Risk assessment, IT Governance, ERP reviews and conduct maturity assessment on the client’s current IT posture. The client base spans across various sectors and includes collaboration with other teams within EY. The opportunity We’re looking for Managers with expertise in ICFR - IT Audit & Implementation to join the group of our Risk team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering. Your key responsibilities Responsible for managing multiple client engagements in MENA region and team members including Senior Consultant/Associate Manager level within the EY GDS team You can expect to work with high level client personnel to address compliance, financial, and operational risks, ICFR risk and controls and perform audits based on the business requirements You are also expected to conduct Kick-off Meetings, IT internal control testing, develop ICFR IT internal audit plans, conduct ICFR audit closure meetings and provide other IT internal audit services for the MENA stakeholders. You are expected to perform design and implementation of ICFR IT controls for the client based on their business processes. You will assess the client’s current state IT internal controls for the client's IT environment and identify IT risks and subsequent recommendations. Working with client personnel to analyse, evaluate and enhance information systems facilitating the business internal control process, and assisting clients and other technology professionals in performing information technology control audits, information technology control engagements, security audits and security engagements Skills and attributes for success Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other documents/templates. Able to manage Senior stakeholders in the ICFR internal audit domain. Experience in leading teams to execute ICFR IT control implementation. ICFR IT audit/Risk Management within stipulated timeline along with high quality deliverables. Lead and execute ICFR IT internal audit engagements, IT engagements Exposure to ICFR controls, ISMS, COBIT reviews and IT audits Experience in performing ICFR IT control implementation and audits in Banking, Oil & Gas and Telecom Sectors is preferred. Willingness to work on new opportunities at the pursuit level Good Communication skill and willingness to travel at a short notice Experience in applying relevant technical knowledge in at least one of the following engagements: ICFR ITGC audits; (b) ICFR IT internal or operational control implementation; (c) Service Organization Controls Reporting engagements; and/or (d) ERP security and control reviews (Oracle, SAP, MS Dynamics) Demonstrating and applying strong project management skills, inspiring teamwork and responsibility with engagement team members To qualify for the role, you must have A bachelor's or master's degree A minimum of 8-12 years of working experience on ICFR controls with IT/IS internal audit background in a professional services firm. Excellent communication skills with consulting experience preferred A valid passport for travel. Ideally, you’ll also have A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline. CPA, CIA, ISO27001, ITSM, CoBIT, ITIL V3, CISA (anyone certification is desired) What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What you’ll be doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on security and automation tools to protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts and risk management personnel to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. Network Security Governance Implementing network governance frameworks and policies. Establish standards for network architecture, design, and security Conducting regular network risk assessments and vulnerability scans Identifying, implementing and operationalizing metrics, dashboards, scorecards, and tracking to consistently measure the current state of cybersecurity across VGS Network, leveraging industry best practices and standards where possible Ensuring effectiveness and coverage of the Security Policies and Controls of VGS Network, prioritizing by risk level Installing ownership and accountability for security-based metrics and drive increased maturity, visibility, and subject-matter expertise for all segments Developing action plans jointly with all stakeholders to remediate deviations, providing necessary support to close on all key items Championing a highly collaborative work model with an aptitude of building and maintaining relationships across different teams at multiple senior levels, internally and externally Developing awareness, training & compliance programs focused on Network Cybersecurity practices, leveraging the Mavens program - a team of security professionals who facilitate adoption of security by design Ensuring Security posture of VGS Network, e.g., access management, vulnerabilities remediation, etc. Coordinating necessary activities with our VCS Cybersecurity organization: pen testing, incident response, data collection, etc. Identifying and evaluating potential threats and vulnerabilities. Develop mitigation strategies and track remediation efforts What we’re looking for... You'll need to have: Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Experience in Security, IT, and/or Network. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN, web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Knowledge of IT governance frameworks and standards (e.g., COBIT, ITIL) Relevant certifications such as CISSP, CISM, CRISC or CompTIA Security+ Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Master’s degree in cybersecurity, network, engineering, computer science or related field. Ability to thrive in a dynamic environment while managing multiple high-priority projects. Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC, etc Strong expertise in at least one operating system Window or Linux. Cloud relevant certifications CCSP, CCSK Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Job Description We’re looking for a highly motivated and detail-oriented Sr. Compliance Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you’ll drive governance, risk, and compliance (GRC) initiatives, support audits, enhance policy frameworks, and contribute to the organization’s overall information security posture. If you have a solid background in GRC frameworks, risk management, and regulatory compliance, and enjoy working cross-functionally to build a culture of trust and accountability, this role is a great fit for you. Key Skills 5+ years of experience in GRC, compliance, or related fields. Bachelor’s degree in a relevant field; certifications like CRISC, CISM, CISSP, PMP, or Scrum Master are a strong plus. Deep understanding of frameworks such as ISO27001, ISO27701, ISO31000, NIST, COSO, COBIT, and ITIL. Strong knowledge of global regulations, including GDPR, CCPA, HIPAA, and ITGC. Proven experience in risk assessment and mitigation strategies. Hands-on experience with audit planning, execution, and documentation. Proficiency in developing and implementing information security policies. Strong analytical, communication, and stakeholder management skills. Roles and Responsibilities Develop, implement, and refine GRC strategy in alignment with business objectives. Monitor organizational compliance with laws, regulations, and industry standards. Participate in risk assessments and recommend risk mitigation strategies. Support and contribute to security incident response and resolution. Assist in drafting and enforcing information security policies and procedures. Collaborate with external auditors for compliance and control assessments. Conduct internal audits to evaluate the effectiveness of controls and processes. Manage documentation, training, and awareness programs to promote a compliance culture. Provide regular updates to leadership and stakeholders on GRC metrics and initiatives. Continuously improve GRC practices based on audit feedback and regulatory changes.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-ICFR IT – Risk Consulting - Senior As part of our Risk Consulting team, you will be part of the team performing ICFR IT assessment/audits (ICFR IT controls and IT Application Control testing) for various clients across the MENA region. Working with Risk team, you will also perform/provide insights for the implementation of ICFR IT controls, IT Risk assessment, IT Governance, ERP reviews and conduct maturity assessment on the client’s current IT posture. The client base spans across various sectors and includes collaboration with other teams within EY. The opportunity We’re looking for Senior Auditor with expertise in ICFR - IT Audit & Implementation to join the group of our Risk team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering Your Key Responsibilities Responsible for executing multiple client engagements in MENA region and working with team members including Senior Consultant/Associate Manager level within the EY GDS team You can expect to work with high level client personnel to address compliance, financial, and operational risks, ICFR risk and controls and perform audits based on the business requirements You are also expected to conduct Kick-off Meetings, IT internal control testing, develop ICFR IT internal audit plans, conduct ICFR audit closure meetings and provide other IT internal audit services for the MENA stakeholders. You are expected to perform design and implementation of ICFR IT controls for the client based on their business processes. You will assess the client’s current state IT internal controls for the client's IT environment and identify IT risks and subsequent recommendations. Skills And Attributes For Success Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other documents/templates. Experience in leading teams to execute ICFR IT control implementation. ICFR IT audit/Risk Management within stipulated timeline along with high quality deliverables. Lead and execute ICFR IT internal audit engagements, IT engagements Exposure to ICFR controls, ISMS, COBIT reviews and IT audits Experience in performing ICFR IT control implementation and audits in Banking, Oil & Gas and Telecom Sectors is preferred. Good Communication skill and willingness to travel at a short notice Experience in applying relevant technical knowledge in at least one of the following engagements: ICFR ITGC audits; (b) ICFR IT internal or operational control implementation; (c) Service Organization Controls Reporting engagements; and/or (d) ERP security and control reviews (Oracle, SAP, MS Dynamics) Demonstrating and applying strong project management skills, inspiring teamwork and responsibility with engagement team members To qualify for the role, you must have A bachelor's or master's degree A minimum of 4-7 years of experience on ICFR controls with IT/IS internal audit background in a professional services firm. Excellent communication skills with consulting experience preferred A valid passport for travel. Ideally, you’ll also have A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline. CPA, CIA, ISO27001, ITSM, CoBIT, ITIL V3, CISA (anyone certification is desired) What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-ICFR IT – Risk Consulting - Senior As part of our Risk Consulting team, you will be part of the team performing ICFR IT assessment/audits (ICFR IT controls and IT Application Control testing) for various clients across the MENA region. Working with Risk team, you will also perform/provide insights for the implementation of ICFR IT controls, IT Risk assessment, IT Governance, ERP reviews and conduct maturity assessment on the client’s current IT posture. The client base spans across various sectors and includes collaboration with other teams within EY. The opportunity We’re looking for Senior Auditor with expertise in ICFR - IT Audit & Implementation to join the group of our Risk team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering Your Key Responsibilities Responsible for executing multiple client engagements in MENA region and working with team members including Senior Consultant/Associate Manager level within the EY GDS team You can expect to work with high level client personnel to address compliance, financial, and operational risks, ICFR risk and controls and perform audits based on the business requirements You are also expected to conduct Kick-off Meetings, IT internal control testing, develop ICFR IT internal audit plans, conduct ICFR audit closure meetings and provide other IT internal audit services for the MENA stakeholders. You are expected to perform design and implementation of ICFR IT controls for the client based on their business processes. You will assess the client’s current state IT internal controls for the client's IT environment and identify IT risks and subsequent recommendations. Skills And Attributes For Success Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other documents/templates. Experience in leading teams to execute ICFR IT control implementation. ICFR IT audit/Risk Management within stipulated timeline along with high quality deliverables. Lead and execute ICFR IT internal audit engagements, IT engagements Exposure to ICFR controls, ISMS, COBIT reviews and IT audits Experience in performing ICFR IT control implementation and audits in Banking, Oil & Gas and Telecom Sectors is preferred. Good Communication skill and willingness to travel at a short notice Experience in applying relevant technical knowledge in at least one of the following engagements: ICFR ITGC audits; (b) ICFR IT internal or operational control implementation; (c) Service Organization Controls Reporting engagements; and/or (d) ERP security and control reviews (Oracle, SAP, MS Dynamics) Demonstrating and applying strong project management skills, inspiring teamwork and responsibility with engagement team members To qualify for the role, you must have A bachelor's or master's degree A minimum of 4-7 years of experience on ICFR controls with IT/IS internal audit background in a professional services firm. Excellent communication skills with consulting experience preferred A valid passport for travel. Ideally, you’ll also have A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline. CPA, CIA, ISO27001, ITSM, CoBIT, ITIL V3, CISA (anyone certification is desired) What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to lead the creation and implementation of impactful digital assurance initiatives. As a Manager you are expected to guide the execution of digital assurance engagements, focusing on a customer-centric approach that supports PwC's goals and vision. You are expected to be responsible for supervising, developing, and coaching teams, managing client service accounts, and driving assigned client engagement workstreams by independently solving and analyzing complex problems to develop impactful deliverables. Responsibilities Lead the creation and implementation of digital assurance initiatives Guide digital assurance engagements with a client-focused approach Supervise and mentor digital assurance teams to enhance performance Manage client service accounts and deliver elevated-quality deliverables Analyze complex problems and develop practical solutions Drive engagement workstreams independently Assure adherence to PwC's quality standards and vision Foster a collaborative and supportive team environment What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics 7 years of combined relevant experience (SAP/Oracle controls auditing, consulting and/or implementing, data analysis, compliance, internal audit, or risk experience) Employees to have an active primary credential as follows, per your territory: US Certified Public Accountant or CISA or, Local Territory Credentials: For AC India – India Chartered Accountant (CA) Oral and written proficiency in English required In lieu of Bachelor Degree, Chartered Accountant What Sets You Apart Financial reporting and information technology risks, processes and controls Current and emerging technologies including Cloud-computing, Oracle, SAP Risks, processes and internal controls related to financial reporting COSO Framework, CoBIT, ITIL and other leading control frameworks Leading IT related controls assurance or controls readiness projects Identifying key risks and controls, recommend improved controls Leading the adoption of a work program and practice aid Demonstrating significant project management skills related to IT audit projects

The Opportunity “FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" – Director, Cyber Security. What You’ll Contribute 2.8+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelor’s degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.

We’re Hiring: Cybersecurity & GRC Audit (2+ Years Experience) Location: Mumbai / Gurgaon/ Bengaluru / Hybrid Experience: 3+ Years Budget: Competitive, based on experience Role: Cybersecurity Analyst / GRC Consultant / IT Risk & Compliance Specialist Are you a certified cybersecurity and GRC professional with 3+ years of experience looking to grow in a fast-paced, compliance-driven environment? We're looking for a motivated expert to support IT audits, compliance, risk assessments , and governance frameworks across leading clients and internal operations. What We’re Looking For: 3+ years of experience in Cybersecurity, IT Audit, Risk & Compliance Strong knowledge of frameworks and standards like ISO 27001:2022, GDPR, NIST, SOX, PCI-DSS, ITGC, COBIT, CIS Controls Certifications preferred: CISA, CISM, ISO 27001 LA, CRISC, or CISSP Hands-on experience with data protection , cloud security , SIEM/DLP tools , and policy documentation Ability to manage internal audits , perform gap assessments , and ensure regulatory compliance Key Responsibilities: Support implementation and audit of ISO 27001 , GDPR , NIST , and other compliance frameworks Perform risk assessments, policy reviews, and control validations Prepare audit documentation and reports for stakeholders Collaborate with IT, legal, and business teams to align security and compliance goals Monitor security events using tools like SIEM, DLP, EDR , and support in mitigation planning Nice to Have: Exposure to cloud platforms (Azure, AWS) Experience with tools like Qualys, Wireshark, ServiceNow, JIRA Strong communication and reporting skills

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. The Opportunity When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills. As part of the Digital Assurance and Transparency - AC India team you are expected to provide services related to controls around the financial reporting, compliance, and operational processes. As an Associate you are expected to focus on learning and contributing to client engagement and projects while developing your skills and knowledge to deliver quality work. You are expected to be responsible for identifying key risks and controls, applying internal control principles and business/technical knowledge, and leading the execution of a work program and practice aid. Responsibilities Providing services related to controls around financial reporting, compliance, and operational processes Identifying key risks and controls Applying internal control principles and business/technical knowledge Leading the execution of a work program and practice aid Contributing to client engagement and projects Developing skills and knowledge to deliver quality work Supporting senior staff in various tasks Engaging in research and learning opportunities What You Must Have Bachelor's Degree in one of the following fields of study: Accounting, Finance, Management Information Systems, Computer and Information Science, Information Technology, Economics, Business Administration/Management, Engineering, Statistics, Management Information Systems & Accounting, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Accounting & Technology, Mathematical Statistics, or Technology Mathematics In lieu of Bachelor Degree, Chartered Accountant 1 year of IT auditing, auditing, consulting and/or implementing experience- Oral and written proficiency in English required What Sets You Apart Knowledge of financial reporting and IT risks, processes, and controls Familiarity with Oracle, SAP, Oracle Database, web development tools Understanding of COSO Framework, CoBIT, and other IT control frameworks Proficiency in IT general controls, including change management Experience in Sarbanes Oxley readiness and controls optimization Significant project management skills, including developing project plans Creating a positive environment and monitoring team workloads Interacting with clients and forming client relationships Although a credential is not required to be hired at this level, it is required to progress to Manager

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In IT audit at PwC, you will focus on helping to assess and evaluate the design and effectiveness of an organisation's IT systems and controls to provide compliance with regulations and mitigate risks. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Job Description Manage and direct the work streams related to IT SOX Compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s). Provide technical support in the assessment, design and implementation of ITGC requirements. Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations. Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews. Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC. Develop, implement and test controls for new acquisitions and in-scope entities. Work with control owners and operators to ensure quality, consistency and operability of new and existing controls. Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment. Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management of client/Onshore teams. Plan and direct the work to team members, monitor their work, and take corrective action when necessary. Coaches, mentors, and develops direct reports, including overseeing new hire onboarding process and providing career development planning and opportunities; maintains a safe, secure, and legal work environment. Builds and maintains strong peer relationships within the team and across the organization. Coordinates work with External Auditors of the client if needed. Manage the Cyber, Risk & Regulatory (Advisory) team and client portfolio to deliver 8,000 to 12,000 of client hours. Interpersonal Skills Ability to work independently under general supervision with latitude for initiative and independent judgment. Effective verbal and written communications, including active listening skills and skill in presenting findings and recommendations. Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors. Detail-oriented & comfortable working on multiple projects simultaneously. Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. Excellent communication skills, written and verbal would be expected. Ensure client service delivery in accordance with the quality guidelines & methodologies. Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. Contribute to people and knowledge development initiatives by developing training material and conducting training. Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties. Demonstrate superior relationship building and relationship management skills. Client Management Develop strong working relationships with the client and onshore teams. Maintain excellent rapport and proactive communication with the stakeholders and clients. Operational excellence Suggest ideas on improving engagement productivity and identify opportunities for improving client service. Manage engagement budgets and ensure compliance with engagement plans and internal quality & risk management procedures. People related Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. Conduct workshops and technical training sessions for team members. Contribute to the learning & development agenda and knowledge harnessing initiatives Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers. Minimum Qualifications Bachelor’s degree in Information Systems, Computer Science Engineering B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA Experience of business experience in technology audit, risk management, compliance, consulting, or information security including acting in the capacity of a supervisor Excellent knowledge of IT General Controls, automated and security controls Knowledge of security measures and auditing practices within various operating systems, databases and applications Experience in auditing financial applications, cyber security practices, privacy and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud) Experience designing continuous auditing and monitoring tools and techniques is a plus. Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC) Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients Knowledge of regulations impacting privacy, integrity and availability of clients PII. Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS, Peoplesoft) Understanding of audit concepts and regulations Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework Candidates with 6-8 years of relevant experience in similar role, preferably with a “Big 4” or equivalent Chartered Accountant (would be added advantage) Certification(s) Preferred CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years

SYX Services Private Limited, a subsidiary of Global Industrial Company (NYSE: GIC), provides information technology services exclusively to Global Industrial Company and its subsidiaries in the United States and Canada. Established in July 2011, we have grown to a 70-member team comprising Java developers, SAP professionals, .net developers, Oracle developers, a creative team, and a Web Chat team. With over 70 years of experience, Global Industrial Company and its subsidiaries have been industry leaders in supplying private label and brand name industrial equipment and supplies to businesses across North America. As a part of the SYX Services team, your responsibilities will include working closely with the IA manager to plan IT audits, develop work programs, timelines, risk assessments, and other planning documents. You will collaborate with IT leadership to document IT processes, identify and test controls, and participate in recurring SOX testing activities and Internal Audit programs. Acting as a fieldwork leader, you will oversee the daily progress of IT fieldwork, update management on audit status and issues, and demonstrate a thorough understanding of complex information systems. Your commitment to personal development will be key in staying abreast of technology trends and legislative changes impacting IT in North America and Europe. Additionally, you will leverage strong project management skills, collaborate with audit team members, and utilize current technology and tools to enhance deliverables" effectiveness. The ideal candidate will possess audit/risk experience in a $1B+ business, familiarity with PCI-DSS, ERP controls and security (preferably SAP), and knowledge of COBIT and Sarbanes-Oxley. Holding one or more of the following certifications: CPA, CA, CISA, CISSP, CISM, CBCP, CIA, or CFE will be advantageous. Qualifications for this role include a degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline, along with two to five years of experience as an auditor or risk adviser in a public accounting firm, professional services firm, or industry setting. Strong understanding of IT processes, risks, technologies, and controls, as well as excellent presentation, verbal communication, and report writing skills, will be essential. Furthermore, solid project management, teamwork, and relationship-building abilities are crucial for success in this role.,

We are seeking a Senior Associate/ Manager/ Senior Manager to join our rapidly expanding IT Risk Advisory Practice. We welcome candidates with CA/MBA/BE/BTECH qualifications and CISA/CISSP certification, along with a minimum of 2 years" experience in IT Risk Advisory Services. The ideal candidate should have expertise in the following areas: - IT General Controls Reviews - IT Application Reviews - IT SOX - ERP Reviews (SAP, Oracle, etc.) - Cybersecurity Assessments Additional knowledge of global frameworks such as NIST, COBIT, CSA, etc. would be advantageous. Exposure to regulatory audits like SEBI, IRDAI, RBI mandated Cybersecurity/IS audits will be considered a plus. This role will involve client-facing engagements, and the candidate should be adept at managing engagements from planning to fieldwork and reporting. We prefer candidates who can join immediately or at an early date. We kindly request that only candidates with an IT Audit background apply for this position.,