5 Ffiec Jobs

At Broadridge, we have created a culture that aims to empower individuals to achieve more. If you are enthusiastic about advancing your career while supporting others in their journey, we invite you to become a part of the Broadridge team. Your role involves providing expert guidance for the implementation and advancement of secure cloud and container architectures, controls, and best practices across various cloud services such as IaaS, PaaS, SaaS, and hybrid configurations. You will collaborate closely with developers, system administrators, and IT management to drive proactive solutions. Additionally, you will be responsible for identifying, suggesting, and assessing new technology options to enhance process efficiency, automation, security, visibility, developer support, and operational streamlining in cloud and container environments. Furthermore, you will contribute to the enhancement of continuous monitoring solutions to verify systems against security standards and address policy breaches. Analyzing the latest attacker tactics and implementing strategies to mitigate associated risks is also a key aspect of your role. You will provide insights into the design and implementation of automated security solutions and work closely with product and development teams to ensure alignment with company directives and objectives. In terms of technical skills, you should have demonstrated expertise in cloud-native architectures, microservices, and operational best practices related to cloud and container orchestration. Experience in integrating enterprise-scale security solutions in AWS and/or Azure, including user, security, and networking configurations, is essential. Proficiency in full-stack cloud automation using tools like Git, Terraform, Ansible, and Jenkins is required. Previous programming experience is necessary, with a preference for familiarity with Python. A Bachelor's degree or higher in Computer Science, Engineering, or a related field, or equivalent certifications and practical experience, is expected. You should have at least 5 years of experience in network, application, or infrastructure security. A solid understanding of IT Risk Management, Security Policies and Procedures, Internal Audit, and Compliance Standards is vital, along with familiarity with SOC, FFIEC, CSA, and FedRAMP. Experience in aligning security programs with benchmarks and standards such as NIST, CIS, FIPS, PCI DSS, HIPAA, and FIPS 140-2 is advantageous. Regarding soft skills, excellent communication skills in both oral and written English are crucial. You should be able to articulate complex ideas effectively to ensure clear direction and outcomes. Adaptability to changing technology landscapes and requirements is also a key attribute for this role.,

As a Director Technology Testing Specialist at Morgan Stanley, you will play a key role in planning and executing full-scope and other tests related to Technology Risk within the Global 2LOD Non-Financial Risk Testing organization. Your responsibilities will include executing and documenting test activities, attending engagement kickoff meetings, interviewing stakeholders, proposing appropriate test activities, developing test scripts, and preparing test reports. You will be expected to bring to the role at least 8 years of audit/risk/compliance experience in the financial services industry or a regulatory organization, along with expertise in executing/conducting Technology reviews. Knowledge of global regulatory requirements such as GLBA, GDPR, Part 30 Information Security, NYDFS, and technology control standards like NIST, FFIEC, COBIT, CIS is essential. Strong analytical, organizational, and problem-solving skills, as well as investigative skills and the ability to prioritize and work effectively on multiple reviews, are also required. In addition to the technical skills, you must have excellent written and oral communication skills, a high degree of organization and attention to detail, and the ability to work independently as well as in a team. Proficiency with tools like Microsoft Word, Excel, PowerPoint, Adobe, SharePoint, and Bloomberg is expected. Chartered Accountant (CA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designations are highly desirable. A BA/BS degree with a concentration in Computer Science, Information Technology, or Cyber Security is required, and other relevant industry certifications in the Technology field such as CISSP or cloud certifications are a plus. Your coverage will be Monday to Friday from 11:30 AM to 8:30 PM, with flexibility required based on business needs and during some Indian holidays. You can expect a supportive and inclusive environment at Morgan Stanley, where diversity and inclusion are valued, and employees are encouraged to maximize their full potential. As part of a global leader in financial services, you will have the opportunity to work with trusted colleagues, committed mentors, and a culture that values diverse perspectives and cross-collaboration.,

Introduction About IBM IBM is a global technology and innovation company. It is the most extensive technology and consulting employer globally, with a presence in 170 countries. The diversity and breadth of the entire IBM portfolio of research, consulting, solutions, services, systems and software, distinguishes IBM from other companies in the Industry. Over the past 100 years, a lot has changed at IBM in this new era of Cognitive Business, IBM is helping to reshape industries as diverse as healthcare, retail, banking, travel, manufacturing, and many more, by bringing together our expertise in Cloud, Analytics, Security, Mobile, and the Internet of Things. We like to say, be essential. We are changing how we craft, how we collaborate, how we analyze, how we engage. Join the next generation of innovators, inventors, and entrepreneurs who are crafting the very way the world works. We want the brightest minds doing work that encourages an environment where growth is supported. IBMers get to discover their potential, so theyre inspired to build breakthroughs that help our clients succeed. Were building teams with dynamic strengths with people who want their ideas to matter. Join us - youll be proud to call yourself an IBMer. Our Culture : IBM is committed to crafting a diverse environment and is proud to be an equal opportunity employer. You will receive consideration for employment without regard to your race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Your role and responsibilities Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Required education Bachelors Degree Preferred education Doctorate Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Objectives: Upgrade QA process documentation to align with the latest industry standards and project-specific requirements. Control Testing Leverage strong experience in audit controls , particularly in banking and financial services projects , to strengthen QA oversight and compliance. Design and implement a robust QA Support Working Model to deliver consistent, scalable, and standardized QA support across all initiatives. Provide comprehensive QA walkthroughs to new project teams, ensuring effective onboarding and alignment with established QA processes. Conduct monthly QA reviews across all Lines of Business (LoBs) and deliver detailed QA health check reports to stakeholders. Ensure strict compliance with QA standards for all deliverables across the QA CoE and QA-supported projects. Continuously refine and enhance QA assets such as templates, checklists, and process documentation to drive efficiency and improve quality outcomes. Collaborate with the Webster Training Team to deliver targeted training sessions on updated QA processes and best practices. Perform internal controls testing in alignment with regulatory frameworks including SOX, FFIEC, and OCC.

Job Description/What You Will Do: Analyze technology (IT and Cybersecurity) implications for active M&A transactions. Review client investment thesis, company profile and information concerning the business technology environment including but not limited to business applications, IT infrastructure, cybersecurity controls, and privacy related regulatory compliance requirements. Research niche technologies, applicable regulatory obligations and latest technology trends to guide analysis. Participate in discussions with company executives to understand business processes, approach to leveraging technology and strategy to build resiliency against cybersecurity threats. Analyze commercial off the shelf and/or custom developed applications used by a business for sufficiency (e.g., license counts), scalability (e.g., version, implementation model), and maintainability (e.g., support model). Analyze a company's IT infrastructure to determine adequacy of hosting model, hardware inventory, network architecture and business continuity procedures. Analyse technology vendor contracts and compute IT spend through the review of contracts and other financial documents provided by the Company. Analyze the company's cybersecurity maturity through review of cybersecurity governance program/procedures, exposure to regulatory compliance requirements and preventative technical controls. Develop workbooks and reports to capture diligence observations/analysis. Manage and develop members of the RSM USI team. Who We Are Looking For: Ability to conceptualize and summarize key findings in a clear and meaningful way with expertise in drafting critical sections of the technology DD report. Expertise and working knowledge of infrastructure management, network architecture, virtualization, application and data hosting architectures (data center, on-premise, public cloud), and business continuity/disaster recovery (BCDR) best practices. Knowledge of and experience with key IT frameworks (e.g. CMMI, ITIL, ISO 27000, SSAE-18 SOC reporting, NIST Cybersecurity Framework). Knowledge of and experience with key cybersecurity frameworks (e.g. COBIT, ISO 27001, NIST). Exposure to various sectors such as financial services, healthcare, life sciences, power and utility, energy, retail and hospitality, business services and technology. An experience across a wide spectrum of IT and security pillars including IT Strategy, Infrastructure, Business Applications, Cybersecurity, Spend Analysis, etc. Highly proficient with Microsoft office Suite (e.g., PowerPoint, Excel, Word, Visio) Strong skills in critical thinking, problem solving, and process improvement. Excellent interpersonal and communication skills in order to interact effectively with internal team members and external clients of the firm. Demonstrates willingness to invest time in cross-time zone communication with U.S. based teams. Ability to be a self-starter and drive successful client delivery. Able to manage deadlines and take ownership of getting the job done in a timely manner. Evaluated as an exceptional performer in current position. Development Opportunity/What's in It for You: Opportunity to interface with US based private equity and executive level leadership. Develop expertise in technology related M&A disciplines. Grow a strategic mindset and develop executive level perspective on investment towards operational technology. Experience M&A across a variety of industries and option to develop specific industry expertise. Gain an understanding of the approach towards post-acquisition value creation, integration, separation and risk remediation. Minimum Qualifications: Academic Qualification: B.Tech. and MBA from leading technology/business schools. Relevant experience of 4-7 years at a Big 4 or equivalent Advisory Services practice. Knowledge of Microsoft powered AI products such as Microsoft CoPilot or any other GenAI tools is preferred. Preferred Qualifications: Deal experience with onshore team including data room management, document request list preparation, management meeting preparation, workbook analysis, quality of earnings, due diligence reports, client calls and engagement team calls. Experience with post-acquisition/carve-out integration and separation related engagements. Preferred industry experience in one or more of the following: manufacturing, distribution, consumer products, business services, healthcare, financial services, business services, or technology. Knowledge of US based regulatory and compliance frameworks such as FFIEC, NERC CIP, PCI DSS, HIPAA, GLBA, and HITECH is a plus. ERP or supply chain application implementation experience; functional expertise in IT and supporting front/back-office operations preferred IT and cyber related certifications (CISSP, CISM, HITECH, PCI DSS QSA, CEH, Azure, AWS)