82 Crisc Jobs

Key Accountabilities and Main Responsibilities: Strategic Focus: Development of First Line Risk Frameworks : Contribute to the design and enhancement of risk procedures aligned with enterprise standards. Participation in Strategic Projects : Engage in cross-functional initiatives like system implementations and regulatory efforts. Compliance with Risk Governance Standards : Ensure alignment with CUSO Risk Framework and promote a strong risk culture. Operational Management: Support RCSA Program Execution : Plan and execute Risk and Control Self-Assessments . Issue Monitoring and Remediation Coordination : Track and resolve open issues across risk domains. Policy and Procedure Management : Maintain and update risk-related documentation. Control Testing Execution : Perform and document control tests. Documentation & Reporting : Prepare reports and dashboards for transparency. Continuous Improvement : Recommend enhancements to controls and methodologies. Project Management Skills : Track progress and direct team efforts. People Leadership: Stakeholder Engagement : Collaborate with internal teams and communicate findings. Fostering Team Cohesion and Performance : Lead and motivate the team. Strong Presentation and Communication Skills : Communicate effectively across levels and demonstrate leadership in team settings. Governance & Risk: Compliance & Standards Alignment : Ensure adherence to internal and external standards. Experience in Operational Risk Management : Focus on Information/Technology Risk . Industry Frameworks Familiarity : Knowledge of NIST, FFIEC, COBIT, ISO27002, OWASP . Preferred Certifications : CISSP, CRISC, CISA, CISM . Issue Identification & Escalation : Identify and escalate control deficiencies. Experience & Personal Attributes: Qualifications: Educational and Professional Qualifications : Chartered Accountant / Master's degree in Business Administration, Commerce, Finance . Minimum of 4 years of experience in Operational Risk Management (with a focus on Information/Technology Risk ) and operations/accounting within the financial services industry. Experience in the Second Line of Defense (SLoD) is desirable. Strong understanding of risk assessment methodologies and experience in Financial Services , preferably in the Fund Services environment. Proven ability to demonstrate detailed knowledge of various operational risk types and internal control principles to support the execution of risk programs. Personal Attributes: Strong analytical and problem-solving skills with the ability to lead a medium-sized team. Support senior leadership in the adoption and execution of accounting review standards and best practices. Ability to analyze, resolve, and document problems and resolutions. Ability to work as part of a cross-cultural team . Strong organization and time management skills. Continuous improvement focus with the ability to identify risks, cost efficiencies, and operational improvements. Strong presentation and communication skills with the ability to communicate clearly and effectively at all levels. Self-driven and motivated with a focus on operational efficiency and continuous improvement .

Key Accountabilities and Main Responsibilities: Strategic Focus: Development of First Line Risk Frameworks : Contribute to the design and enhancement of risk procedures aligned with enterprise standards. Participation in Strategic Projects : Engage in cross-functional initiatives like system implementations and regulatory efforts. Compliance with Risk Governance Standards : Ensure alignment with CUSO Risk Framework and promote a strong risk culture. Operational Management: Support RCSA Program Execution : Plan and execute Risk and Control Self-Assessments . Issue Monitoring and Remediation Coordination : Track and resolve open issues across risk domains. Policy and Procedure Management : Maintain and update risk-related documentation. Control Testing Execution : Perform and document control tests. Documentation & Reporting : Prepare reports and dashboards for transparency. Continuous Improvement : Recommend enhancements to controls and methodologies. Project Management Skills : Track progress and direct team efforts. People Leadership: Stakeholder Engagement : Collaborate with internal teams and communicate findings. Fostering Team Cohesion and Performance : Lead and motivate the team. Strong Presentation and Communication Skills : Communicate effectively across levels and demonstrate leadership in team settings. Governance & Risk: Compliance & Standards Alignment : Ensure adherence to internal and external standards. Experience in Operational Risk Management : Focus on Information/Technology Risk . Industry Frameworks Familiarity : Knowledge of NIST, FFIEC, COBIT, ISO27002, OWASP . Preferred Certifications : CISSP, CRISC, CISA, CISM . Issue Identification & Escalation : Identify and escalate control deficiencies. Experience & Personal Attributes: Qualifications: Educational and Professional Qualifications : Chartered Accountant / Master's degree in Business Administration, Commerce, Finance . Minimum of 4 years of experience in Operational Risk Management (with a focus on Information/Technology Risk ) and operations/accounting within the financial services industry. Experience in the Second Line of Defense (SLoD) is desirable. Strong understanding of risk assessment methodologies and experience in Financial Services , preferably in the Fund Services environment. Proven ability to demonstrate detailed knowledge of various operational risk types and internal control principles to support the execution of risk programs. Personal Attributes: Strong analytical and problem-solving skills with the ability to lead a medium-sized team. Support senior leadership in the adoption and execution of accounting review standards and best practices. Ability to analyze, resolve, and document problems and resolutions. Ability to work as part of a cross-cultural team . Strong organization and time management skills. Continuous improvement focus with the ability to identify risks, cost efficiencies, and operational improvements. Strong presentation and communication skills with the ability to communicate clearly and effectively at all levels. Self-driven and motivated with a focus on operational efficiency and continuous improvement .

As a member of our team, your main responsibility will be to evaluate new and existing security vulnerabilities sourced both internally and externally. You will need to determine their relevance, document the impact, and devise a remediation strategy in a format that is understandable to our customers. Your focus will encompass a wide range of technologies, including major cloud hosting environments, Linux servers, specialized hardware, various coding languages, and virtualization technologies. The ideal candidate will possess the ability to comprehend the technicalities of security, evaluate risks, and communicate these complex concepts in a clear and simple manner. Your tasks will include: - Reviewing vulnerability scan reports - Monitoring external sources for new vulnerabilities - Assessing the applicability of vulnerabilities within context - Determining the real impact of vulnerabilities - Documenting findings and disclosures for each vulnerability and sharing them with customers - Negotiating disclosure timing with external researchers - Monitoring remediation progress and updating documentation - Participating in Security Incidents related to urgent vulnerabilities - Providing metrics and statistics Minimum Qualifications: - At least five (5) years of relevant experience (including indirectly related experience) - Strong team player - Ability to interpret and communicate CVEs to both technical and non-technical audiences - Familiarity with hacking techniques and programming languages - Knowledge of risk evaluation - Proficiency in the MS Office suite - Excellent written and verbal communication skills - Ability to adapt quickly to changing priorities - High school diploma, GED, or equivalent professional experience - Flexibility in terms of work location Preferred Qualifications: - Experience in evaluating security risks within a production environment - Familiarity with Jira - Direct customer communication experience - Proficiency in at least one of the following languages: Python, Go, Java, or C - Experience with scan reports from various tools like Snyk, Qualys, Crowdstrike, Inspector, Vdoo, or Binwalk - Remote work experience across different time zones and cultures - Security certifications such as CISSP, CRISC, AWS SCS, etc. - Ability to work flexible hours Join our team today and be part of a dynamic environment where your expertise in cybersecurity will be valued and utilized to make a real impact.,

As a Cybersecurity Analyst II - GRC at AGCO, you will play a crucial role in addressing some of the world's most pressing challenges related to cybersecurity. Your primary responsibilities will involve developing and maintaining relationships with various teams within the enterprise to influence and achieve cybersecurity objectives related to governance, risk, and compliance. By leveraging best practices, you will lead risk activities across product, enterprise, and manufacturing teams, ensuring compliance with policies and standards while staying informed about the latest regulatory trends. Your expertise will be pivotal in serving as a subject-matter expert in governance, risk, and compliance, guiding teams through threat modeling exercises and risk analysis using industry-leading practices. Key Responsibilities: - Maintain an active crosswalk mapping between all policies and standards and cybersecurity frameworks like NIST CSF and ISO 21434. - Define threat modeling strategies and lead teams in executing them across different sectors within the enterprise. - Act as an independent voice for the GRC team, contributing to innovative risk analysis efforts across projects. - Conduct regular risk register reviews, follow up on identified risks, and escalate high-risk areas appropriately. - Assist in defining the annual program calendar for all GRC activities, including compliance audits and risk reviews. - Develop standards and control checks to ensure compliance with policies and standards across teams and projects. Qualifications: - Bachelor's degree with at least 7 years of industry experience in information technology or GRC roles, with a minimum of 5 years of relevant experience. - Experience in developing or maintaining cybersecurity policies, risk management frameworks, and working in enterprise, cloud computing, product security, or manufacturing security. - Familiarity with cybersecurity frameworks such as NIST, ISO standards, and various risk methodologies. - Ability to evaluate cybersecurity risk and business value across different scenarios, with a willingness to learn new technologies quickly. - Comfortable working in a fast-paced, global organization with dispersed teams. Preferred Qualifications: - Experience in Agile, Scrum, or SAFe environments. - Relevant cybersecurity or risk management certifications like CRISC, CISSP, GTSRT. - Proficiency in working with GRC tools, managing policy documentation, and assessing cybersecurity risk. - Familiarity with the agriculture or manufacturing industry. At AGCO, we value diversity, inclusion, and innovation, and we are committed to providing a positive workplace culture where every individual can thrive. Join us in shaping the future of agriculture and contribute to making a positive impact on the world. Apply now and be part of our dynamic team! Please note that this job description may not encompass all duties, responsibilities, or benefits associated with the role and is subject to change as needed. AGCO is an Equal Opportunity Employer.,

As the Lead (BISO) Business Information Security Officer at Computacenter, you will have a unique opportunity to join the Cybersecurity leadership team reporting directly to the Group CISO. Your primary role will involve partnering with senior security professionals to protect Computacenter and its customers from Cyber threats. By ensuring security risk awareness, mitigation, and alignment with the strategic objectives of the business, you will play a crucial role in safeguarding the organization. In this hybrid working role, you will spend two to three days a week in Bangalore, following Computacenter's Strategic Business Partner model. Your responsibilities will include owning the Cybersecurity lens for supporting and guiding the protection of the business from Cyber threats and risks. You will work closely with the broader Group Information Systems and Cybersecurity team to drive the implementation of the evolving Security Strategy under the guidance of the CISO. Your key responsibilities will be divided into four main areas: 1. **Functional Management (40%):** - Develop and implement the business unit security approach in alignment with business goals and objectives. - Define roles and responsibilities of the Lead BISO to meet Strategic Partner and CISO responsibilities. - Establish proactive initiatives to support market trends, business strategies, and compliance requirements. - Build and maintain relationships with senior management for Business Units and regional executives. 2. **CISO deputy (30%):** - Act as a security ambassador and deputize in the region on cybersecurity matters. - Oversee legal Security Compliance requirements within the region. - Support local MDs in adapting business strategy on information and cybersecurity. - Advise on information security, initiate security-related improvements, and support crisis management activities. 3. **Management responsibility (20%):** - Manage, develop, and coach security managers and staff to achieve goals. - Set objectives at individual and team levels and manage performance. - Represent the cybersecurity team on Computacenter topics and projects within the region. 4. **Financial Management (10%):** - Contribute to annual budget planning and manage spend in the budget. - Prepare business cases and controlling mechanisms for major expenditures. - Develop business cases to support investments in Information Security. To be successful in this role, you should possess a completed university degree, preferably a Master's, or comparable cybersecurity education. You should have 5-8 years of professional experience in Information Security/Cyber Security, including experience in Information Security Management Systems. Holding professional certifications such as CISM, CISSP, or CRISC is desirable. Strong knowledge of Information Security frameworks and standards, as well as legislative and regulatory Security compliance requirements, is essential. At Computacenter, with over 20,000 employees globally, we are at the forefront of digitization, advising organizations on IT strategy and implementing technology solutions across 70 countries. We offer leadership training, coaching, mentoring, and international opportunities to support your professional development and personal growth. Join us in driving digital transformation and making a difference in the world of technology. If you are ready to take on a challenging yet rewarding role as a Lead (BISO) Business Information Security Officer and contribute to the cybersecurity initiatives at Computacenter, we welcome your application. Your dedication and expertise will play a vital role in protecting our business and customers from Cyber threats.,

Description: Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Key Responsibilities: • Develop, implement, and maintain an enterprise-wide information security risk management program. • Identify, assess, and document information security risks, ensuring alignment with business objectives. • Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. • Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. • Monitor, track, and report on risk metrics and key performance indicators (KPIs). • Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. • Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. • Drive security awareness programs and train employees on risk management practices. • Prepare and present detailed risk assessment reports to senior management. • Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: • Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. • Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: • 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: • Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. • Proven analytical expertise in evaluating and prioritizing risks effectively. • Advanced proficiency in utilizing security tools for risk assessment and mitigation. • Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. • Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. • Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. • Skilled in leading security initiatives and managing projects across global teams. • A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. • An effective team player with exceptional interpersonal and collaboration skills. Drop your resume at sowmya.v@acesoftlabs.com

About The Role : Job Title: Information Security Officer (ISO) LocationBangalore, India Corporate TitleAS Role Description The role of an Information Security Officer (ISO) is of a role holder aligned to a portfolio of applications (Application ISO). The ISO has the responsibility for the operational aspects of ensuring compliance with the Information Security Principles. The ISO is the primary contact for information security relevant matters within their area of responsibility. The ISO has a disciplinary reporting line into their Line Manager and a functional reporting line into the Divisional CISO. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities To assume the ownership and responsibility for the assigned IT assets, in line with the DB Group Information Security management processes and the Divisional ISMS. To support the development and maintenance of Information Security policies and procedures pertaining to the Unit in accordance with the Information Security policies and procedures of DB Group. To support the management of IS Risks within the Risk Appetite defined by the ISR. To execute the IS Risk assessments and compliance evaluations for assigned IT assets To ensure the execution of information security risk management requirements in their area of responsibility as additionally defined by the Divisional ISO (e.g., conducting risk assessments on an organizational basis, preparing and implementing management action plans to mitigate identified risks) To ensure the implementation of Identity and Access Management Processes and the execution of a periodic recertification of User Access Rights in their area of responsibility To provide timely updates to the Divisional ISO regarding the aforementioned information security management tasks To ensure that application entries regarding information security (e.g., Data Protection and Data Privacy fields) in the Groups inventory of applications are accurate and up to date To implement Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach Keep oneself informed of the Information Security Principles and its subordinate documents and liaise with any other necessary parties to accomplish their tasks. These resources may be e.g., the TISO, ITAO or any other subject matter experts To ensure appropriate documentation of information security risk management in area of responsibility. This includes major decisions including identified and assessed risks as well as risk mitigation measures To deliver all items requested during regulatory and internal Information Security related audits Your skills and experience Essential Candidate should have a minimum of 8 years of business experience in an operation management / risk management capacity, working knowledge in various banking products with strong communications skills Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within Banking Operations Good understanding of Regulatory, Compliance, Risk & Control Knowledge Have sound knowledge of Identity and Access Management Process Ability to multitask and manage multiple deliverables / projects that are highly visible and of strategic importance to our clients Ability to effectively communicate with clients internally and externally Must be a team player and facilitator Desirable Solid technical understanding of the business (CB Operations) including strong knowledge of application security related processes. Knowledge of electronic banking products and flow of instructions Computer proficiency in MS Office and ability to utilize IT initiatives to achieve a high degree of operational efficiency, optimize costs and add value to the service provided Innovative approach to work and continuously identify and implement process improvements Seek opportunities to improve service processes, minimize operational risk and reduce costs Strong analytical skills, detail orientation, service commitment and solid people management skills Strong awareness of risk control Education / Certification Graduation degree CRISC DesiredCISA/CISM/CISSP How well support you

Role & responsibilities GRC Manager, inter alia, be responsible for the following: Plan and establish organization-wide Information security Management System (ISMS) in accordance with ISO/IEC 27001 Standard, and other relevant security standards, Evaluate compliance with respect to legal and regulatory requirement for information security. Perform information security audit at least annually or whenever significant changes have been made in IT systems/ Infrastructure. Prepare information security audit report along with recommendations for improving information security. Monitor and manage information security risks and highlight them to various stakeholder Monitor information security measurement metrics and other key performance / risk indicators on regular basis Review information security / IT polices, standards, procedures, guidelines and processes. Review products / application for various information security risks and suggest control measure to mitigate them Help in defining / documenting information security presentation to various stakeholders Giving information security awareness training to employees and third parties Help in defining and monitoring cloud security controls Enforce and Monitor implementation of approved information security policies, procedures, guideline and ISMS etc. Design and Issue alerts and advisories with respect to new vulnerabilities / threats to all concerned. Continuous monitoring of security incidents. Take remedial action to reduce the same. Cyber Security Incident Response and Recovery Management. Competencies: Good communication and writing skills. High energy professional. Technical & functional expertise Familiarization with emerging technology Knowledge of relevant legislative or regulatory requirements such as IT Act and associated Rules, Privacy legislations etc

If you're seeking a career that will empower you to distinguish yourself, consider joining HSBC to unlock your full potential. Whether you aspire to ascend to the pinnacle of success or embark on a thrilling new path, HSBC offers a platform replete with opportunities, support, and rewards that will propel you towards greater heights. HSBC stands as one of the world's largest banking and financial services organizations, operating in 64 countries and territories globally. Our mission is to position ourselves where growth thrives, empowering businesses to flourish, economies to prosper, and individuals to achieve their aspirations and dreams. Currently, we are in search of a seasoned professional to become part of our team in the capacity of DBS Senior Control Tester. In this pivotal role, your responsibilities will include: - Conducting meticulous preparation, steering, and engaging in the execution of a diverse array of Technology control testing activities - Ensuring prompt delivery of control testing with a commitment to transparency and accuracy in the fulfillment of testing objectives - Exercising sound judgment in identifying and disclosing control testing findings by pinpointing key risks and issues - Infusing quality into control testing deliverables and upholding compliance with the CCO Control Testing Methodology - Offering expertise and counsel on control testing throughout CCO, while applying critical judgment and decision-making skills in the identification and disclosure of control testing findings by highlighting key risks and issues - Nurturing relationships with key stakeholders, staying abreast of significant business, regulatory, and industry developments, as well as any modifications to procedures and practices - Assisting in the preparation of testing reports to update key stakeholders on the testing outcomes and review work - Monitoring and pursuing actions identified as a result of testing and review work, escalating when necessary - Adhering to and demonstrating compliance with all pertinent internal and external rules, regulations, and procedures that govern the business operations in which the jobholder is engaged, particularly Internal Controls and any associated policies and procedures Requirements: To excel in this role, candidates should meet the following criteria: - At least 3-5 years of pertinent experience in IT controls testing within the Financial Service industry or process assessment experience - Proficiency in ITGC, SOX, NON-SOX, Internal Control, Automated Control Testing (BACs) - Preferred qualifications include IT Risk certifications (CRISC, CISM, CISA, CISSP, or equivalent) - Demonstrated expertise in Technology control testing, risk management, internal control, or internal audit, preferably within a financial/banking services operations environment - Proven ability as a self-starter and effective collaborator Your journey to success is amplified when you become a part of HSBC. HSBC is dedicated to nurturing a culture where each employee is esteemed, respected, and their opinions hold significance. We pride ourselves on providing a workplace that fosters continuous professional growth, flexible work arrangements, and avenues for advancement within an inclusive and diverse setting. Personal data shared with the Bank regarding employment applications will be handled in accordance with our Privacy Statement, accessible on our website. Issued by HSBC Software Development India,

This role is for one of Weekday's clients Salary range: Rs 1200000 - Rs 2200000 (ie INR 12-22 LPA) Min Experience: 7 years Location: Hyderabad, Telangana JobType: full-time About the role A minimum of 0810 years of experience in Information Security, with at least 05-06 years in a senior Offensive Security role, preferably within the financial or banking sector. Hands-on experience in conducting covert security assessments, including physical, network, application, and social engineering scenarios. Proficiency in exploiting vulnerabilities, bypassing security controls, lateral movement, privilege escalation, and exfiltration techniques. Strong understanding of operating systems, networking protocols, cloud platforms, and web applications. Analytical thinking, creativity, and adaptability in dynamic attack scenarios. Excellent communication skills to explain technical findings to non-technical audiences and work effectively within multi-disciplinary teams. Should have experience to performed Web Application, API (Rest & GraphQL), Infrastructure, Mobile Application (Android & iOS) Security Assessments. Regular Risk assessment Identifying and prioritizing protection resources for key assets in danger of exploitation Strengthening techniques making organization security stronger by knowing how to fix vulnerability weaknesses. Experience in monitoring and detection systems by using packet sniffing devices, SIEM systems, IDS, and IPS etc.. Threat Detection and Threat Hunting : Monitoring of indicators of compromise (IOCs) using SIEMs or EDRs and active threat search with SIEMs or EDRs Forensic analysis investigating and evaluating the impact and scale of a security incident Early threat detection to analyzing CVEs and 0-day vulnerabilities, the team will deploy decoys (deception)Excellent written, oral communication and presentation skills. Advanced Attack Simulations: Develop complex and realistic attack scenarios that mimic Advanced Persistent Threats (APTs) and other sophisticated tactics to test the resilience of security measures. Comprehensive Penetration Testing: Implement in-depth penetration testing modules that allow users to practice finding and exploiting vulnerabilities within a controlled environment. Operational Security (OpSec) Training: Create training modules focused on OpSec, teaching users how to avoid detection and maintain stealth during Red Team operations. Custom Exploits and Payloads: Develop and deploy custom exploits and payloads that can be used to test specific system vulnerabilities. Incident Response Testing: Simulate breaches to test and improve the incident response procedures of organizations, ensuring they can swiftly and effectively handle real-world attacks. Adversary Emulation Plans: Develop detailed adversary emulation plans that mirror the techniques, tactics, and procedures (TTPs) of known threat actors to provide a realistic training experience. Continuous Learning and Adaptation: Implement a system for continuously updating the platform with new tactics and vulnerabilities as they emerge, ensuring Red Team exercises remain relevant and challenging. Core Deliverables Advanced Penetration Testing: Conduct thorough penetration tests on simulated environments to identify and exploit vulnerabilities. Red Team Operations: Design, plan, and execute sophisticated red team exercises to assess organizational readiness against cyber threats. Threat Emulation: Develop and deploy threat emulation scenarios that mimic real-world adversaries tactics, techniques, and procedures (TTPs). Incident Response Simulation: Create and execute realistic incident response scenarios to test and enhance the response capabilities of blue teams Continuous Red Team Training: Train and mentor junior red team members and other IT staff on the latest security threats and tactics. Oversee the execution of automated vulnerability assessments Responsible and actively participate in Meetings to discuss assessment scope, requirements, deliverables, and client expectations. Responsible to authoring and presenting assessment reports to clients to discuss security findings and recommendations. Conduct simulated attacks on the organization's computer systems or physical locations Identify and exploit vulnerabilities, weaknesses, and gaps in the security systems and policies. Report findings and recommendations to the organization. Provide feedback and training to the blue team. Stay updated on the latest trends and developments in the security field. Plan and initiate Red Team activities based on realistic threats, by creating attack techniques and utilizing custom tooling to generate exploits. Platform-Specific Deliverables: Scenario Development: Design dynamic and scalable training scenarios tailored to the organization's needs, leveraging the capabilities of next-generation cyber range platforms like CYBER RANGES and others2. Automation and Scripting: Develop scripts and automation tools to enhance the efficiency and scalability of cyber range operations. Integration with Existing Tools: Ensure seamless integration of the cyber range platform with existing security tools and infrastructure. Comprehensive Reporting and Analysis: Deliver detailed reports on the findings from red team exercises, including risk assessments, detailed debriefs, and actionable recommendations. Data Analysis: Use data collected from exercises to provide insights into potential security improvements and adjustments. Continuous Improvement: Stay updated with the latest developments in cybersecurity and continuously improve the cyber range platforms and training scenarios. Emerging Threat Awareness: Identify and incorporate emerging threats into the training scenarios to keep defences robust and current. Certifications: Certified Red Team Professional (CRTP) - Mandatory CISA / CISM / CISSP / CEH / CRISC - Mandatory (atleast one certification). Offensive Security Certified Professional (OSCP) - Mandatory Offensive Security Certified Expert (OSCE) GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)CompTia Security+

Role Description Infrastructure Chief Operating Office (COO) is responsible for the effective operation of the infrastructure functions, driving operational efficiency whilst supporting the effective delivery of infrastructure services in line with business objectives and control requirements. It also includes oversight of Infrastructure Divisional Control Office (DCO) and Trade Settlement and Confirmations Operations (TSCO). Infrastructure Divisional Control Office (IDCO) as part of Infrastructure COO, provides services to multiple functions in infrastructure. The IDCO function is a dedicated risk, control, and regulatory oversight function, with prime responsibility for managing and proactively mitigating risk across the full breadth of the Technology and Infrastructure organization. Function also provides a consolidated view and central coordination of (non-financial) risks, as well as effective, efficient, and consistent standards and policies. (Technology Data & Innovation) TDI Control Testing & Assurance ( TDI CT&A) team part of IDCO identifies, tracks and reports control testing & assurance activities, conducts independent controls testing (design and operating effectiveness) on different risk types in line with the Control Testing Standards. The team also focuses on regulatory and risk-based assurance requirements. This role is within TDI Control Testing & Assurance team. Your key responsibilities Perform Control Testing in line with defined Control Testing methodology/minimum standard. Identify control deficiencies (findings), risks related to elements of controls, participate in findings agreement with stakeholders, escalate potential issues and exception items noted during the testing to senior management for discussion and further investigation, if deemed necessary Prepare Control Testing workpapers for senior management detailing testing results, document findings with highest quality Track Control Testing identified findings, perform required follow-up on open findings Consider regulatory and internal firm policy requirements as well as established best practices for control assurance. Support controls assurance activities Support in monitoring Control testing teams adherence to Control Testing methodology/minimum standards Track testing related effort/budget Plan Vs. Actuals throughout the testing lifecycle Build and maintain solid working relationships with key stakeholders such as within the DCO, IDCO, TSCO, GTI, Embedded Risk Teams (ERT), Risk managers and other Testing Teams including Divisions/sub-divisions, 2 LoD and Group Audit (GA) Your skills and experience University degree preferably in Computer Science, Mathematics, Engineering or a related subject or equivalent qualification in the areas of information security. Professional/industry recognized qualifications e.g., CISA, CISSP, CISM, CRISC are beneficial. Experience in Cloud Security audit/testing, GCP (Google Cloud Platforms) or Professional/industry recognized qualifications e.g., CCSP, CCSK will be an advantage. Knowledge of auditing IT application controls, e.g., from IT audits or IT risk management. Understanding of the relationship between IT risk and underlying business process risk. Knowledge of regulations governing financial institutions is beneficial. Strong written and verbal communication skills and the ability to communicate effectively in conflict situations. Strong organizational skills and attention to detail. Ability to work under pressure, multi-task and prioritize workload. Strong analytical skills and structured thought process with the ability to clearly articulate control deficiencies and related risk Flexible, proactive, and innovative mind set with strong organizational skills to take ownership and responsibility for agreed targets and to meet them within budget to enable a timely and efficient completion of projects. This is an IC (individual contributor) role.

Role Description The Vice President of Transformation Risk and Control will lead the strategic oversight and management of risks associated with the organizations transformation initiatives. This executive role is pivotal in ensuring that transformation projects align with the companys risk appetite and regulatory requirements, while driving sustainable growth and innovation. Your key responsibilities Strategic Risk Management: Develop and implement a comprehensive risk management strategy for transformation projects, ensuring alignment with the organizations overall risk framework. Leadership and Governance: Provide leadership and direction to the Transformation initiatives by fostering a culture of risk awareness and proactive risk management across the organization. Risk Assessment and Mitigation: Oversee the identification, assessment, and mitigation of risks, ensuring robust control frameworks are in place and effective. Stakeholder Engagement: Collaborate with senior executives, project leaders, and key stakeholders to integrate risk management practices into all transformation initiatives. Regulatory and Compliance Oversight: Ensure all transformation activities comply with relevant laws, regulations, and internal policies, and stay abreast of regulatory changes. Reporting and Communication: Regularly report to the executive team and board of directors on risk exposure, control effectiveness, and mitigation strategies. Continuous Improvement: Drive continuous improvement in risk management practices, leveraging industry best practices and emerging technologies. Your skills and experience Experience in risk management, internal control, or a related field, with significant experience in managing risks for large-scale transformation projects. Strategic thinking and leadership skills, strong analytical and problem-solving abilities, excellent communication and interpersonal skills, and proficiency in risk management software and tools. CRISC, CISA, or similar certifications are highly preferred. Experience in a senior risk management role within a large organization or consultancy. Deep understanding of industry-specific regulations and standards. Experience in leading cross-functional teams and managing complex projects.

Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the newly established Independent Testing Team Assess end to end business processes to identify significant gaps and determine issue root causes. Partners with business units to perform control evaluations, monitoring and testing efforts within Compliance and Operation Risk Framework to identify control gaps as well as opportunities for effectiveness and efficiency improvements. These assessments will include coverage for other regulatory programs including SOX Apply critical thinking skills to substantive testing techniques to thoroughly evaluate the effectiveness of high-risk business processes. Assess and monitor risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices. Collaborate with cross-functional teams and stakeholders to support control design and effectiveness. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Your preferred skills and experience Bachelor's degree in information security or related field required, with a preference towards master's degree. Demonstrated ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices Strong and progressive Auditing or Control Testing experience with current knowledge and understanding of Control testing methodology. Experience developing test scripts, audit programs, or testing templates. 6+ years in information security management and governance, with a focus on control design and testing Detailed experience in ISO 27001, GDPR, COBIT, KAIT, BAIT, etc. and other cyber security frameworks Good to have Certifications: CRISC, CISSP, CISM, CISA, ISO 27001 Lead Implementer/ Auditor Should possess strong communication skills (written/ spoken) Should be skilled to work with minimal supervision. Strong analytical and strategic mindset along with the ability to collaborate with different stakeholders including top management representatives.

Job description At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk Senior As an IT risk professional, you'll contribute technically to risk assurance client engagements and internal projects. An important part of your role will be to perform IT audits, document good quality assessment reports and issue opinions. You'll anticipate and identify risks within engagements and share any issues with the audit stakeholders. You'll also identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. In line with EY's commitment to quality, as an influential member of the team - you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We're looking for experienced staffs with 1 to 3 years of hands-on experience in IT Risk/Audit, Assurance and Advisory to join our Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities Participate, lead and execute the IT Risk and Assurance engagements Develop and maintain productive working relationships with client and onshore stakeholders Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress Help prepare reports and schedules that will be delivered to clients and other parties Develop and maintain productive working relationships with client personnel Build strong internal relationships within Ernst & Young Services and with other services across the organization Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Skills and attributes for success Work effectively as a team player - collaborate and share responsibility, coach, and support team members to succeed To qualify for the role, you must have B.E/B.Tech (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc., Chartered Accountant and/or MBA with Finance/IT with at least 1-3 years of experience 1-3 years of professional experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC1, SOC2, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits Expertise in pre and post implementation reviews and auditing configuration of major ERPs like SAP, Oracle, JDE, WorkDay, Netsuite, Navision etc. Expertise in performing infrastructure reviews pertaining to OS, DB and Active Directory such as Windows, UNIX, SQL, Mainframe, Oracle etc. Assist with the development of policies, procedures and standards that meet existing and newly developed policy and regulatory requirements Assist with facilitating IT security/risk training curriculum. Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Must have end-client facing experience Ideally, you'll also have CISA, CISM, CRISC, ISO27001, Cloud and Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI Familiarity with a typical IT systems development life cycle

As a Cloud Ops professional at Tally, you will be part of a team dedicated to delivering top-notch connected services in public clouds for Tally's customers. Your mission will be to ensure unmatched reliability, strong security, and optimal cost efficiency. You will have the opportunity to design, implement, and operationalize solutions using cutting-edge cloud native technologies to provide a seamless experience for our customers. Your responsibilities will include overseeing Risk Management & Governance for Tally's suite of cloud-based connected services, implementing secure access at every level, and ensuring compliance with regulatory requirements. You will focus on Cloud Security Oversight, primarily in the AWS environment, while also considering multi-cloud environments. Your role will involve managing regulatory and compliance issues and providing governance and reporting on cloud operations. To excel in this role, you should bring experience in risk management, governance, or compliance roles within fintech, banking, or cloud-centric organizations, particularly in product or fully hosted service-based settings. You should have expertise in AWS security tools, architectures, and best practices, along with a deep understanding of Indian financial sector regulations such as RBI, SEBI, and the IT Act. Possessing relevant certifications like CISSP, CISM, AWS Certified Security Specialty, CRISC, or CISA would be advantageous. You will be expected to demonstrate a thorough understanding of cloud-native security principles, AWS best practices, risk frameworks (NIST, ISO, COBIT), and regulatory mandates. Your role will involve bridging business requirements with technical security implementations, requiring strong communication, stakeholder management, analytical thinking, and a proactive problem-solving approach. Join us at Tally, where we value honesty, integrity, a people-first culture, excellence, and impactful innovation. Be a part of our journey to simplify the lives of millions of small and medium businesses globally through technology and innovation.,

As a Senior Auditor, Technology at LegalZoom, you will be an impactful member of the internal audit team, assisting in achieving the department's mission and objectives. Your role will involve evaluating technology risks in a dynamic environment, assessing the design and effectiveness of internal controls over financial reporting, and ensuring compliance with operational and regulatory requirements. You will document audit procedures and results following departmental standards and execute within agreed timelines. Additionally, you will provide advisory support to stakeholders on internal control considerations, collaborate with external auditors when necessary, and focus on continuous improvement of the audit department. Your commitment to integrity and ethics, coupled with a passion for the internal audit profession and LegalZoom's mission, are essential. Ideally, you hold a Bachelor's degree in computer science, information systems, or accounting, along with 3+ years of experience in IT internal audit and Sarbanes-Oxley compliance, particularly in the technology sector. Previous experience in a Big 4 accounting firm and internal audit at a public company would be advantageous. A professional certification such as CISA, CIA, CRISC, or CISSP is preferred. Strong communication skills, self-management abilities, and the capacity to work on multiple projects across different locations are crucial for this role. Familiarity with technologies like Oracle Cloud, AWS, Salesforce, Azure, and others is beneficial, along with reliable internet service for remote work. Join LegalZoom in making a difference and contributing to the future of accessible legal advice for all. LegalZoom is committed to diversity, equality, and inclusion, offering equal employment opportunities to all employees and applicants without discrimination based on any protected characteristic.,

You will be responsible for conducting third-party/supplier security risk assessments, interpreting security assurance reports including SOC2 and pen test reports, and reviewing security requirements in contracts. Additionally, you will need to understand outsourced solutions and associated information classification, assess supplier security controls based on ISO27001/2 standards, and identify and document security risks. You will be expected to suggest recommendations to address identified security risks, potentially perform information classification such as AIC assessment, and hold security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. If you have at least 4 years of experience in Information Security, possess the necessary certifications, and can work in Mumbai (Andheri East) with a notice period of immediate to 30 days, we encourage you to share your updated resume to manasa.chilla@visionyle.com.,

We are hiring for- Role: Technical product Manager Experience: 5-10 Years Location: Bangalore Work Mode: Hybrid Key Responsibilities Product Roadmap & Execution: Lead the product vision and execution for AI features in our GRC suite, bringing insight into leveraging AI for threat detection, vulnerability management, and risk quantification. Cross-functional Collaboration: Partner with engineering, data science, design, and QA teams to ensure the delivery of secure, scalable, and cyber risk-aligned product capabilities. User Research: Conduct deep-dive interviews and research with cyber stakeholders to pinpoint pain points, regulatory requirements, and opportunities for improvement across threat and control landscapes. Requirements Management: Translate complex business and user needs into clear product requirements, user stories, and acceptance criteria informed by real-world risk scenarios and industry standards. Prioritization & Backlog Management: Prioritize product enhancements to maximize value for cyber risk professionals, strengthen risk posture, and aid in incident response and resilience. Client Feedback Loop: Work with sales and customer success teams to integrate actionable client feedback into the product lifecycle, focusing on user experience for cyber risk stakeholders. Metrics & Analysis: Monitor adoption and effectiveness of AI-powered features, using product data to inform ongoing risk mitigation and reporting enhancements. Product Evangelism: Advocate for the product through presentations, documentation, and customer engagements, articulating its value for cyber risk and security teams. Subject Matter Expertise: Contribute your deep expertise in cyber risk management, threat modeling, NIST CSF, ISO 27005, and regulatory frameworks such as GDPR, PCI DSS, and DORA. Skills and Experience Experience : 510 years in Cyber Risk, Compliance, or Security Risk Management roles, preferably within high-impact or regulated environments. Domain Expertise : Advanced understanding of cyber risk methodologies—threat identification, impact analysis, vulnerability management, and risk treatment. Technical Acumen : Familiarity with AI/ML applications in cybersecurity (e.g., anomaly detection, behavioral analytics, automated risk prioritization). Product Mindset : Experience with design thinking and product development lifecycle (PDLC). Compliance Frameworks : Working knowledge of data protection laws and cybersecurity standards (e.g., NIST, ISO 27001, SOC 2). Certifications : Professional credentials such as CISSP, CRISC, CISM, or CEH. Security Product Development: Proven experience in security product creation or as a subject matter expert in GRC initiatives. Education Bachelor's or Master's degree in Cybersecurity, Information Technology, Risk Management, or related discipline. -- Muugddha Vanjarii 7822804824 mugdha.vanjari@sunbrilotechnologies.com

Minimum 5+ years of experience in Information security and preferably in Banking and Financial services sector In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent. Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM. Strong knowledge and subject matter expertise in multiple areas within Information Security. Hands on skill and expertise in performing risk / threat assessments/risk consulting. Excellent written, oral communication and reporting skills. Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems. Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide. Time management and organizational skills Ability and desire to learn new skills quickly Performs other related duties as assigned.

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Technology Transformation Risk Manager, you will play a pivotal role in ensuring that technology transformations within the organization are carried out with a comprehensive understanding and management of the associated risks. Your responsibilities will include identifying, evaluating, and mitigating risks related to technology change initiatives, ensuring alignment with the company's risk appetite and compliance with relevant regulations and standards. You will lead risk assessments for technology transformation projects such as cloud migrations, system implementations, and digital innovations. Additionally, you will develop and maintain a risk management framework tailored to technology transformations, integrating industry best practices and regulatory requirements. Collaboration with project teams to identify potential risks early in the transformation lifecycle and recommend mitigation strategies will be key. You will monitor the effectiveness of risk mitigation plans, adjust them as necessary to address emerging risks and changes in the project scope, and facilitate risk workshops and training sessions to promote a proactive risk management culture among technology and business teams. Furthermore, you will liaise with internal and external stakeholders, including auditors, regulators, and third-party vendors, to ensure comprehensive risk coverage. Providing regular reporting to senior management on the risk profile of technology transformation initiatives, including key risk indicators and status of mitigation efforts, will be part of your role. To qualify for this role, you must have a Bachelor's or Master's degree in Information Technology, Computer Science, Risk Management, or a related field, along with a minimum of 5 years of experience in technology risk management, focusing on transformation projects. Strong understanding of IT governance frameworks, cybersecurity principles, and data privacy regulations is required. Desired experience in Internal controls within SAP ECC/S4 Applications and professional certifications such as CRISC, CISM, CISSP, or equivalent are highly desirable. You are expected to have strong exposure to client-facing roles, collaborate with cross-functional teams, and possess excellent communication, documentation, and report writing skills. Stay abreast of emerging technologies, industry trends, and regulatory changes that may impact the risk landscape of technology transformations, and support the continuous improvement of risk management policies, procedures, and tools.,

As a Network Security Engineer with Third Party Risk Management, you will be responsible for conducting third party risk assessments in alignment with company security policies and industry standards. You will also perform on-site assessments of vendors to identify opportunities for improvement and provide input to aid in the development of policies focused on the security of third-party business processes. Additionally, you will foster relationships and influence the behavior of internal teams and external parties. Your role will involve developing and maintaining supplier risk and control monitoring plans, as well as performing monitor activities and analysis of evidence to ensure controls are operating effectively. You will be required to complete monitor and control tasks triggered by supplier Tier and Third Party Interaction Model. Collaboration with line of business stakeholders to deliver year-over-year cost savings with managed third party relationships is a key aspect of the position. Qualifications for this role include a minimum of 4 years of experience in developing and maintaining global vendor risk management programs. Possession of CISSP, CISM, CISA, or CRISC certification is preferred. A solid understanding of information technology and security solutions is essential. You will also be responsible for monitoring and ensuring successful delivery against third party contractual obligations, as well as assisting in the development of SLAs or key performance indicators for third party relationships. To apply for this position, please email your resume to hr@harinexsolutions.com and follow our company page for more job opportunities.,

As a Cyber Risk Manager at Stryker, your primary role will involve identifying, analyzing, evaluating, and mitigating present and future risks to Stryker's data and assets. You will be responsible for driving efforts to achieve acceptable risk levels by collaborating with IT, Business, and Partner stakeholders. Your responsibilities will include completing reviews for all aspects of the cyber risk management lifecycle. Key duties and responsibilities of this role include: - Leading and completing 3rd party cyber security assessments of vendors and other parties engaging Stryker. - Driving the completion of cyber risk assessments across functions and proactively identifying opportunities to minimize risk. - Engaging with stakeholders to leverage partnerships and triage existing risks based on inherent and overall risk to the organization. - Designing, implementing, maintaining, and enforcing cyber risk management policies, procedures, and controls. - Utilizing tools such as ServiceNow and OneTrust to streamline risk assessment activities. - Identifying key metrics to measure program effectiveness and the inherent risk to the organization. - Continuously improving the cyber risk assessment process from request intakes to completion. To qualify for this role, you should have a Bachelor's degree in computer information systems or Information Security, with relevant certifications such as CRISC, CISM, CISSP being preferred. You should also have at least 8 years of experience in a regulated industry, strong negotiation and leadership skills, and the ability to communicate, motivate, and influence others effectively. This position requires a results-oriented leader who can drive change, collaborate effectively, and possess excellent communication skills. You must demonstrate strategic agility, high energy, and stamina to navigate complex issues and deliver solutions successfully. Additionally, you should be a process and metrics champion with a focus on continuous improvement and driving outcomes through influence. Join Stryker, a global leader in medical technologies, and be part of a team dedicated to making healthcare better for millions of patients worldwide.,

As a Senior Information Security Engineer, you will be responsible for leading vulnerability assessments and policy compliance scans across various environments including on-premises, cloud, container, database, and web environments using tools like Qualys. Your role will involve validating scan results, eliminating false positives, and delivering accurate, actionable reports to stakeholders. You will serve as a technical Subject Matter Expert (SME), analyzing findings, diagnosing root causes, and guiding remediation efforts. Additionally, you will be expected to develop and maintain a knowledge base to support continuous improvement and team expertise while staying current on emerging threats, tools, and vulnerability management lifecycle advancements to recommend service enhancements. Effective communication of security requirements across the organization and stepping in as an interim team lead when necessary will also be part of your responsibilities. In terms of experience and education, you should have a minimum of 8 years in the field of information security along with a Bachelor's degree in Engineering, Computer Science, Information Technology, or equivalent. Industry certifications such as CISSP, CISA, CISM, CRISC, or CCNA/CCNP/CCIE Security are preferred. You are expected to be proficient in working with vulnerability scanning platforms like Qualys, Nessus, etc., false-positive tuning, and compliance frameworks. Your technical expertise should span across cloud and on-premises systems, network devices such as routers, firewalls, proxies, and various infrastructure components. Skills in risk and threat assessment, as well as security policy enforcement, are essential. Familiarity with containers, DDI (DNS/DHCP/IPAM), WAF/CDN/DDOS solutions (e.g., Infoblox, Zscaler, Imperva) will be advantageous. Knowledge of scripting languages like Python and experience with monitoring tools like Spectrum, SevOne, ThousandEyes, CyberArk, and MS-Entra-ID will also be beneficial. Apart from technical skills, soft skills and leadership qualities are equally important. Excellent analytical, communication, and report-writing abilities are required. Strong organizational and time-management skills are essential for success in this role. Demonstrated leadership abilities, including guiding teams, managing escalations, and fostering a security culture, are expected. As an adaptable self-starter, you should be committed to continuous learning and proactive problem-solving.,

As an IT Application Owner (ITAO) at Home Loan Savings, you will be a crucial part of the team in India, collaborating closely with the existing team in Germany. Your role will involve leveraging virtual collaboration techniques and the diversity within the team to achieve continuous delivery, process improvement, and internalization of technical expertise. Your responsibilities will include working closely with business and operational units, as well as the development team, to ensure the structural stability of applications and compliance with technical, risk, and policy-related processes. You will also be responsible for managing the technical roadmap of applications in alignment with Deutsche Bank's digitalization journey. In this role, you will be responsible for setting up various environments for development, testing, and production, as well as implementing and upgrading system hardware and application software. Additionally, you will lead discussions with the business and vendors for new requirements, product implementation, customization, and enhancements. You will oversee the delivery of application releases, defect fixes, and provide support to more junior team members. Key responsibilities also include ensuring application compliance with Deutsche Bank IT policies and procedures, onboarding applications onto IT risk and control related tools, interfacing with auditors, identifying IT risk and control related gaps, and managing technical projects to deliver required business services. To be successful in this role, you should have a minimum of 8 years of experience in a similar role, basic experience in databases, mid-range technical stack, and open-source skills. Knowledge of ITIL, experience with software development lifecycle tools, application governance, and Agile/SCRUM methodologies is essential. Proficiency in English is required, and German language skills are a plus. Experience in Home Loan Savings and Mortgage Lending is desirable, along with familiarity with GCP or other cloud technologies. You should possess strong analytical skills, problem-solving abilities, and excellent interpersonal skills. Being proactive, detail-oriented, and able to think outside the box are also essential qualities for this role. Furthermore, certifications such as COBIT, ITIL, PMP, CRISC, CSSLP, CISSP, or equivalent are preferred. As part of our team, you will receive training and development opportunities, coaching from experts, and a culture of continuous learning to support your career progression. We value a positive, fair, and inclusive work environment, where everyone is encouraged to excel together and celebrate successes. For more information about our company and culture, please visit our website at https://www.db.com/company/company.htm. Join us at Deutsche Bank Group, where we strive to empower our employees to excel together every day.,