790 Grc Jobs - Page 2

IT Business Analyst GRC/RCSA/OPS RISK Good domain knowledge on banking processes Experience in Agile methodology , User story writing , Sprint delivery, Jira, confluence etc GRC concepts and BRD / FSD for the project deliverables.

Role & responsibilities GRC Manager, inter alia, be responsible for the following: Plan and establish organization-wide Information security Management System (ISMS) in accordance with ISO/IEC 27001 Standard, and other relevant security standards, Evaluate compliance with respect to legal and regulatory requirement for information security. Perform information security audit at least annually or whenever significant changes have been made in IT systems/ Infrastructure. Prepare information security audit report along with recommendations for improving information security. Monitor and manage information security risks and highlight them to various stakeholder Monitor information security measurement metrics and other key performance / risk indicators on regular basis Review information security / IT polices, standards, procedures, guidelines and processes. Review products / application for various information security risks and suggest control measure to mitigate them Help in defining / documenting information security presentation to various stakeholders Giving information security awareness training to employees and third parties Help in defining and monitoring cloud security controls Enforce and Monitor implementation of approved information security policies, procedures, guideline and ISMS etc. Design and Issue alerts and advisories with respect to new vulnerabilities / threats to all concerned. Continuous monitoring of security incidents. Take remedial action to reduce the same. Cyber Security Incident Response and Recovery Management. Competencies: Good communication and writing skills. High energy professional. Technical & functional expertise Familiarization with emerging technology Knowledge of relevant legislative or regulatory requirements such as IT Act and associated Rules, Privacy legislations etc

We are seeking a highly motivated Business Analyst with expertise in analyzing and documenting requirements for ServiceNow security modules. The ideal candidate will possess a strong background in vulnerability management, security incident response, and ServiceNow capabilities. This role entails close collaboration with stakeholders, developers, and solution architects to ensure accurate requirements gathering, gap analysis, and solution design. Collaborating with business and technical teams is a key responsibility of this role to gather, analyze, and document detailed business and functional requirements effectively. The candidate must be adept at writing clear user stories in ServiceNow JIRA, following Agile SDLC processes. Creating process flows using Visio and defining expected outcomes based on stakeholder communication are essential tasks. Moreover, working closely with developers and solution architects to translate business needs into technical solutions is a vital aspect of this position. The candidate will conduct requirement validation sessions with stakeholders to ensure clarity and alignment, contribute to process improvements, and identify opportunities to enhance current implementations. Thorough documentation, strong attention to detail, and timely communication throughout the project lifecycle are crucial. Required Skills & Qualifications: - Bachelor's degree in Computer Science, Engineering, Business, or a related field. - 3 years of hands-on experience in Requirement Analysis. - Strong analytical and problem-solving skills. - Excellent verbal and written communication skills with a high level of attention to detail. - Experience working in Agile environments, with tools like JIRA, Visio, etc. ServiceNow Expertise (Preferred): - Hands-on knowledge of ServiceNow modules: Vulnerability Response (VR), Security Incident Response (SIR), Threat Intelligence. - Good to have exposure to GRC (Governance, Risk, and Compliance), Security Operations Center (SOC), Service Portal & Workspaces. - Basic understanding of REST APIs and ServiceNow integrations. - Certifications preferred: ServiceNow Admin Certification, CIS Vulnerability Response (CIS-VR), CIS Security Incident Response (CIS-SIR). Key Attributes: - Ability to recognize implementation gaps, risks, and potential improvements. - Strong stakeholder engagement and coordination skills. - Capable of balancing multiple priorities in a dynamic, fast-paced environment.,

The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" Director, Cyber Security. What Youll Contribute 3+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.

Job Summary We are seeking a detail-oriented and compliance-savvy professional to join our growing security and governance team. In this role, you will be primarily responsible for managing and responding to customer-initiated vendor risk assessments , security questionnaires, and compliance inquiries. This position will serve as a subject matter expert on our organizations security, privacy, and compliance posture, ensuring timely, accurate, and complete responses to customer risk management requests Key Responsibilities Customer Security Assessments Respond to incoming vendor security questionnaires, risk assessments, and due diligence requests from customers and prospects. Coordinate across internal teams (e.g., IT, DevOps, Product, Legal) to gather accurate information and documentation. Maintain and update standard response documentation such as SIG, CAIQ, VSA, and other common assessment formats. Security & Compliance Documentation Management Maintain a library of up-to-date compliance documents, certifications, and standard responses (e.g., SOC 2, ISO 27001, GDPR data maps). Assist with streamlining the response process by building knowledge bases and improving automation where possible. Cross-functional Collaboration Partner with Legal, Sales, Security, and Product to support customer RFPs and security discussions. Participate in security and compliance reviews during customer onboarding or procurement cycles. Policy and Process Development Contribute to the creation and revision of internal policies, procedures, and control narratives as needed to support security posture transparency. Identify opportunities for process improvement in the vendor response lifecycle. Qualifications Required: 3+ years of experience in compliance, customer assurance, GRC, or security operations. Direct experience responding to customer security questionnaires and vendor risk assessments. Solid knowledge of security and privacy frameworks such as SOC 2, ISO 27001, NIST CSF, GDPR, and/or HIPAA. Strong communication and technical writing skills with the ability to translate complex concepts for diverse audiences. Familiarity with tools like OneTrust, Whistic, SecurityScorecard, Drata, Vanta, or similar. Preferred: Industry certifications such as CISA, CCSK, CIPM, or similar. Experience supporting enterprise customers and working closely with Sales or Customer Success teams. Background in SaaS, cloud-native environments, or cybersecurity. Why Join Us? Make a direct impact on customer trust and enterprise security posture Collaborate in a supportive, high-performing team environment Enjoy competitive compensation, certification support, and growth opportunities Show less

Hiring a Senior Cybersecurity GRC Consultant, you will play a pivotal role in helping organizations manage and improve their Governance, Risk, and Compliance (GRC) frameworks. You will be responsible for setting up and leading assessments, implementing strategies, and advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements. 8+ Years of Experience in cybersecurity, risk management, and governance, with a proven track record of leading GRC initiatives. Educational Background: Bachelors or Masters degree in Information Technology, Cybersecurity, Computer Science, Business Administration, or a related field. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or similar. Must have experience in customer facing projects (onsite / offsite); Should be able to lead the junior team members. In-depth Knowledge of Cybersecurity Frameworks: Expertise in implementing and advising on security frameworks such as Unified Cybersecurity Framework, NIST/RBI/IRDAI/SEBI Cybersecurity Frameworks, ISO 27001/2, CIS Controls etc. Project Management: Proven ability to manage and lead multiple GRC projects simultaneously, with strong organizational and time-management skills. Client-Focused: Demonstrated ability to build and maintain relationships with clients, providing expert advice and ensuring customer satisfaction. Cloud Security: Knowledge of cloud environments (AWS, Azure, Google Cloud) and their associated risks and compliance requirements. Penetration Testing & Vulnerability Management: Familiarity with vulnerability assessment, penetration testing, and ethical hacking practices. Incident Management: Experience in developing or improving incident response plans, business continuity plans, and disaster recovery strategies.

This technical position sits inside the Global SAP Center of Excellence is responsible for managing the health of our Global SAP Architecture consisting of a number of Key Systems including SAP ERC, GRC, PO, BPC This position will also work with other IT Staff to ensure successful SAP connections to various business connectors and applications. This hands-on role will ensure that all projects and system support areas are implemented and maintained to quality by adopting best practice configuration and technology. This technical role will be involved with analysis and design, system configuration, integration, testing, maintenance and support for the delivery of projects and minor/major releases of SAP. The successful candidate will work closely with SAP technical analysts and functional consultants to understand the business requirements and deliver solutions that support the ongoing Global IT and business strategy. Skill Requirements Performs SAP software application installation, configuration, integration, upgrades, enhancement-pack upgrades, support pack and kernel patch updates Experience in SQL Server database installation, upgrade and patch updates Experience working with SAP NW Portal, Webdispatcher, Webapplications and SCPI (SAP Cloud Platform Integration) Experience working with BSI Tax factory and release updates Installation, setup and configuration of open text archive server, experience in Designing and executing archiving of standard objects in areas like FI/MM/SD/PP and archiving custom tables, provides support for SAP Archiving using Opentext components Provide SAP & third party interface software version updates and coordinate implementation of fixes/changes to application interfaces and application client installations Collaborates with the business departments in analyzing and defining requirements Manages projects and ensure deadlines are met. Plans system sizing (capacity planning), disk / storage / server layout Completes performance monitoring of the SAP system landscape Coordinates SAP QA system refreshes, backups and client copy administration Knowledge on networks, VPNs, encryption, Web-Services, SFTP, Authentication SSO, SAML, LDAP, Integration with identity manager, Collaborates with other IT teams on SSO implementation and support Ensures high availability of SAP systems and databases Perform daily monitoring of SAP production systems, review system logs to identify signs of potential problems Experience working with Solution Manger 7.2, EWA config, CCMS and other monitoring tools Experience working in DR (Disaster Recovery) process Demonstrates high level of communication skills (verbal and written) Keeps well-informed of the latest SAP technologies, system releases to determine compatibility and enhancements. Researches and implements enhancements and new technologies as required. Defines, creates, reviews, updates, and maintains standard-operational-procedure documentation relating to SAP application support and processes Leads process improvement in the SAP Basis area

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Consulting. Experience: 5-8 Years.

Role Purpose The purpose of this role is to provide solutions and bridge the gap between technology and business know-how to deliver any client solution Do 1. Bridging the gap between project and support teams through techno-functional expertise For a new business implementation project, drive the end to end process from business requirement management to integration & configuration and production deployment Check the feasibility of the new change requirements and provide optimal solution to the client with clear timelines Provide techno-functional solution support for all the new business implementations while building the entire system from the scratch Support the solutioning team from architectural design, coding, testing and implementation Understand the functional design as well as technical design and architecture to be implemented on the ERP system Customize, extend, modify, localize or integrate to the existing product by virtue of coding, testing & production Implement the business processes, requirements and the underlying ERP technology to translate them into ERP solutions Write code as per the developmental standards to decide upon the implementation methodology Provide product support and maintenance to the clients for a specific ERP solution and resolve the day to day queries/ technical problems which may arise Create and deploy automation tools/ solutions to ensure process optimization and increase in efficiency Sink between technical and functional requirements of the project and provide solutioning/ advise to the client or internal teams accordingly Support on-site manager with the necessary details wrt any change and off-site support 2. Skill upgradation and competency building Clear wipro exams and internal certifications from time to time to upgrade the skills Attend trainings, seminars to sharpen the knowledge in functional/ technical domain Write papers, articles, case studies and publish them on the intranet Mandatory Skills: GRC Process. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Process. Experience: 3-5 Years.

Key Responsibilities: Perform audits and assessments of internal controls (regulatory compliance Audits, ISO 27001, NIST, GDPR, HIPAA, etc.). Conduct risk assessments and develop mitigation plans across IT and business processes.

Key Responsibilities: Lead and manage end-to-end delivery of cybersecurity consulting engagements including regulatory assessments, technical reviews, and risk advisory. Conduct and review audits and assessments aligned to frameworks such as ISO 27001, RBI, SEBI, IRDAI, and other applicable standards. Oversee evaluation of IT General Controls (ITGC) and IT Application Controls (ITAC), and support gap remediation strategies. Collaborate with client stakeholders to define cybersecurity objectives, identify risks, and implement actionable solutions. Support technical/business development activities, including responding to RFPs/RFIs, developing solution proposals tailored to client requirements, defining delivery models, and preparing supporting materials such as data capture questionnaires (DCQs), scoping documents, and client-specific value propositions. Work closely with internal leadership to build service capability decks, participate in opportunity planning, and contribute to strategic client conversations. Support ongoing project operations, including maintaining project delivery, team operations and other delivery documentation / templates to ensure team efficiency and reporting accuracy. Mentor junior team members and contribute to the knowledge development of the practice. Candidate Requirements: 56 years of experience in cybersecurity consulting with strong exposure to both delivery and client engagement. Proficiency in standards and regulatory frameworks such as ISO 27001, RBI, SEBI, IRDAI, ITGC, and ITAC. Ability to translate client requirements into executable cybersecurity solutions and delivery plans. Experience supporting technical/BD activities, including solutioning for proposals, drafting scoping documents, and collaborating with cross-functional teams. Strong documentation and coordination skills with the ability to create and maintain organized repositories of project delivery assets. Strong communication and stakeholder management skills, including the ability to present to senior leadership. Certifications such as ISO 27001 Lead Auditor, CISA, or CISM are desirable. Exposure to Vulnerability Assessment and Penetration Testing (VAPT), Red Teaming or other offensive testing areas will be an added advantage.

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytms mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. Job Summary: We are seeking an experienced and highly analytical professional to join our Internal Audit team. This role is critical in providing independent assurance, enhancing the control environment, and leveraging data analytics to identify anomalies, control gaps, and potential fraud risks. The ideal candidate will have a strong background in internal audit, forensic investigations, and data analytics with extensive exposure to fintech or large service-based organizations. Key Responsibilities: ‚ Lead and execute risk-based internal audits, including operational, financial, and compliance reviews. ‚ Design and implement data analytics frameworks and continuous auditing techniques to enhance audit efficiency and coverage. ‚ Conduct forensic reviews and investigations into suspected fraud, misconduct, or control failures. ‚ Collaborate with cross-functional teams to understand key business processes and identify risks and controls. ‚ Develop automated dashboards and data-driven tools to monitor key risk indicators and red flags. ‚ Report audit findings to senior management and stakeholders with actionable recommendations. ‚ Oversee documentation of working papers, audit procedures, and evidence in line with professional standards. ‚ Mentor junior audit staff and build analytics capability within the team. ‚ Liaise with external auditors, regulators (as needed) on investigations or audits. ‚ Monitor regulatory and industry developments to ensure audit approaches are up to date. Required Qualifications ; Skills: ‚ Chartered Accountant (CA), Certified Internal Auditor (CIA), or Certified Fraud Examiner (CFE) preferred. ‚ 2"“10 years of relevant experience in internal audit, forensic investigations, or risk advisory in a fintech, BFSI, or large service industry setup. ‚ Strong command of data analytics tools (e.g., SQL, ACL, IDEA, Power BI, Python, R). ‚ Proficient in audit management systems and GRC platforms. ‚ Exceptional analytical, investigative, and report-writing skills. ‚ High ethical standards, sound judgment, and the ability to handle confidential information with discretion. ‚ Excellent communication and stakeholder management abilities. Preferred Attributes: ‚ Exposure to digital lending, payments, or financial services platforms. ‚ Experience in automating audit processes and developing audit analytics strategy. ‚ Managing multiple project and execution at a very faster speed. ‚ Go to person for any audit / review SME skills ‚ Hustler and managing end to end projects with minimal handholding.

Educational Requirements MCA,MTech,Bachelor of Engineering,BCA,BSc,BTech Service Line Enterprise Package Application Services Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to get to the heart of customer issues, diagnose problem areas, design innovative solutions and facilitate deployment resulting in client delight. You will develop a proposal by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise. You will plan the activities of configuration, configure the product as per the design, conduct conference room pilots and will assist in resolving any queries related to requirements and solution design You will conduct solution/product demonstrations, POC/Proof of Technology workshops and prepare effort estimates which suit the customer budgetary requirements and are in line with organization’s financial guidelines Actively lead small projects and contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Additional Responsibilities: Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability Good knowledge on software configuration management systems Awareness of latest technologies and Industry trends Logical thinking and problem solving skills along with an ability to collaborate Understanding of the financial processes for various types of projects and the various pricing models available Ability to assess the current processes, identify improvement areas and suggest the technology solutions One or two industry domain knowledge Client Interfacing skills Project and Team management Technical and Professional Requirements: Primary skills:EAM-IBM Maximo Preferred Skills: Technology-EAM-IBM Maximo

Educational Requirements Bachelor of Engineering Service Line Enterprise Package Application Services Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation and design and deployment You will explore the alternatives to the recommended solutions based on research that includes literature surveys, information available in public domains, vendor evaluation information, etc. and build POCs You will create requirement specifications from the business needs, define the to-be-processes and detailed functional designs based on requirements. You will support configuring solution requirements on the products; understand if any issues, diagnose the root-cause of such issues, seek clarifications, and then identify and shortlist solution alternatives You will also contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Additional Responsibilities: Ability to work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data Awareness of latest technologies and trends Logical thinking and problem solving skills along with an ability to collaborate Ability to assess the current processes, identify improvement areas and suggest the technology solutions One or two industry domain knowledge Technical and Professional Requirements: 2+ years of experience in SAP CPQ, hands-on experience in coding as part of SAP CPQ. Good experience in Python scripting and good to have experience in Java scripting and NodeJS. Good to have experience with HTML, CSS etc. Good experience in writing global scripts. Good experience in Quote document creation. Knowledge of SOAP and REST APIs, iFlows. Experience in setting up workflow rules and actions. Experience in CPQ Quote configuration, quote tables, Custom quote tabs, and quote and quote item fields. Experience in product catalogue configuration which includes products, catalogues, attributes, product types, custom tables etc. Good experience in setting up pricing of CPQ. Good to have experience in the integration of C4C and CPQ. Good to have experience in the integration of SAP and Non-SAP systems. Preferred Skills: Technology-SAP Technical-SAP C4HANA-SAP CPQ

Educational Requirements Bachelor of Engineering Service Line Information Systems Responsibilities Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, Business Administration, or related field. Basic understanding of SAP ERP systems (SAP ECC or S/4HANA). Familiarity with concepts of risk, compliance, and internal controls. Strong analytical and problem-solving skills. Good communication and documentation skills. Willingness to learn and grow in the SAP GRC domain. Additional Responsibilities: Career Path:This role offers a clear path to becoming a SAP GRC Consultant, Risk Analyst, or Compliance Specialist with opportunities to specialize in areas like audit. Technical and Professional Requirements: Preferred (Nice to Have): Internship or academic project experience with SAP or GRC tools. Knowledge of IT General Controls (ITGC) and audit frameworks (e.g., SOX, ISO 27001). SAP GRC certification or training. Preferred Skills: Technology-SAP Technical-SAP Security

As a managing consultant, you will serve as a client-facing practitioner working collaboratively with clients to deliver high-quality solutions and be a trusted business advisor with deep understanding of SAP Accelerate delivery methodology or equivalent and associated work products. You will lead design workshops, support business development activities and mentor and coach team members to develop their skills and knowledge. There are opportunities for you to acquire new skills, work across different disciplines, take on new challenges, and develop a comprehensive understanding of various industries. There are opportunities for you to acquire new skills, work across different disciplines, take on new challenges, and develop a comprehensive understanding of various industries. Your primary responsibilities include: Strategic SAP Solution LeadershipLeading the technical design, development, and implementation of SAP solutions for simplicity, amplification, and maintainability that meet client needs. Team Delivery leadershipLead and manage high performing team of SAP consultants to deliver work products on time, budget, and quality. Comprehensive Solution DeliveryInvolvement in strategy development and solution implementation, leveraging your functional expertise of SAP with clients and team members and working with the latest technologies Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Overall, 5 - 12 years of relevant experience in SAP BODS/BOIS/SDI/SDQ and 3+ Years of SAP functional experience specializing in design and configuration of SAP BODS/HANA SDI modules. Experience in gathering business requirements and should be able to create requirement specifications based on Architecture/Design/Detailing of Processes. Should be able to prepare mapping sheet combining his/her Functional and technical expertise. All BODS Consultant should primarily have Data migration experience from Different Legacy Systems to SAP or Non-SAP systems. Data Migration experience from SAP ECC to S/4HANA using Migration Cockpit or any other methods. In addition to Data Migration experience, Consultant should have experience or Strong knowledge on BOIS (BO Information Steward) for data Profiling or Data Governance Preferred technical and professional experience Having BODS Admin experience/Knowledge. Having working or strong Knowledge of SAP DATA HUB. Experience/Strong knowledge of HANA SDI (Smart data Integration) to use this as an ETL and should be able to develop flow graphs to Validate/Transform data. Consultant should Develop Workflows, Data flows based on the specifications using various stages in BODS

Role is SAP subject matter expert/architect role for Security. Key responsibilities will involve working with Business Stakeholders, understanding requirements, translating user requirements into SAP IT scope, assessing impact on application & connected systems, estimating high level schedule and efforts to implement solution and ensure successful technical delivery Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Candidate must have min. 2-4 years of solid SAP Security Implementation experience with focus on Role authorizations. Solid implementation and hands-on experience in ECC 6.0 role build. Experience in working with stakeholders and leading SAP security projects. Sound understanding of SOD - segregation of duties. Support technical requirement gathering, develop prototypes/PoCs/recommend solutions with limited information from the business, delivery quality technical specifications and documentation Preferred technical and professional experience SOX/GRC Control experience

Role & responsibilities As a Cybersecurity GRC Specialist, this role plays a pivotal part in safeguarding the organization's information assets through comprehensive governance, risk management, and compliance initiatives. The focus is on ensuring adherence to regulatory requirements, industry standards, and cybersecurity best practices while supporting the design and documentation of cybersecurity control frameworks. Responsibilities include managing risk, evaluating third-party security postures, and ensuring that digital payment systems comply with relevant standards such as NIST, ISO27001, and ITGC. A strong understanding of cybersecurity frameworks and a proactive approach to aligning with global regulatory frameworks, industry best practices, and organizational goals is required to provide robust protection against cyber threats. Key Responsibilities Develop, implement, and manage a comprehensive risk management program to identify, assess, and mitigate cybersecurity risks across IT systems and processes. Continuously monitor the risk landscape, ensuring effective implementation and maintenance of mitigation strategies, while reporting on compliance with relevant laws, regulations, and industry standards. Lead audits and assessments to verify cybersecurity compliance, providing remediation guidance for identified gaps, and staying up to date with regulatory changes. Implement and maintain cybersecurity controls and frameworks, including NIST CSF, NIST 800-53, ISO/IEC 27001, and IT General Controls (ITGCs), ensuring alignment with industry standards and organizational needs. Manage the organizations ISO/IEC 27001 certification process, including the development and maintenance of an Information Security Management System (ISMS), conducting internal audits, gap analyses, and preparing for external audits. Develop and manage a third-party risk management program, including due diligence, risk assessments, and collaboration with other departments to ensure vendors meet cybersecurity requirements and contracts include appropriate clauses. Oversee digital payment system security, ensuring compliance with industry standards like PCIDSS, and collaborate with service providers and internal teams to protect against cybersecurity threats. Design, document, and regularly update a cybersecurity control framework that complies with relevant industry standards and regulatory requirements (e.g., NIST, ISO/IEC 27001, CIS, PCI DSS, RBI, SEBI, IRDA, DPDPA, GDPR, DORA). Conduct workshops with senior stakeholders to appraise them of cybersecurity frameworks and control requirements, ensuring continuous improvement of the organization’s cybersecurity posture. Qualifications Preferred candidate profile Desired qualifications Bachelors degree in information technology, Computer Science, or a related field (or equivalent experience). 3- 7 years of experience in information security, cyber security compliance, risk assessment or a similar role Good understanding of IT control frameworks (PCI DSS, NIST, COBIT, ITIL, CSF, ISO 27001, ITIL, COSO etc.) Good understanding and Indian and global cyber security regulations Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to work independently and as part of a team. Experience with risk management, compliance, and audit processes

Job Title: Senior Information Security Engineer (ISO, Compliance) Experience Required: 4-5 years in Information Security Location: Whitefield, Bengaluru -Hybrid Key Areas: SOC 2 Type 1 and Type 2, ISO 27001, GDPR, security governance, vendor security due-diligence, vendor security reviews and assessment, preparation of security checklist, security awareness/phishing simulation, management dashboards, manage key metrics for IT and Infosec. You can apply by filling the form : https://forms.gle/LGarRicG4jcFVWEX6 Roles & Responsibilities: Develop and finalize policies, procedures, and guidelines related to IT and Infosec domains in alignment with industry best practices (ISO 27001 , GDPR and SOC 2). Align internal IT and Infosec processes as per ISO 27001 and SOC 2 standards and security guidelines. Assist in defining and reviewing the key metrics for management reporting. Developing cyber security standards, including incorporating industry practices and applicable compliance requirements. Develop review checklists, questionnaires, and manage evidences to assist the IT vendor risk management process. Perform 3rd party security due-diligence reviews and periodic vendor risk assessments to assess vendor compliance. Coordinate with external stakeholders and auditors for IT and Infosec related reviews Coordinate for conducting periodic penetration testing exercises on in-scope applications and related infrastructure. Coordinate with stakeholders for timely closure of open risks. Assist in imparting security awareness training and executing phishing simulation exercises to employees. Assist IT and Infosec in gathering the metrics data and prepare management dashboards. Coordinate and facilitate SOC 2 audits, acting as the primary point of contact for the external auditor. Gather evidence and documentation to demonstrate compliance with SOC 2 requirements. Address any audit findings and implement corrective actions. Experience Should have 4-5 years of experience in information security domain and minimum Should have 4 of years in overall IT and Infosec governance related activities. Must have sound knowledge in defining processes, developing policies, procedures, and guidelines, and preparing management reporting dashboards. Must have experience in guiding teams with respect to SOC 2 requirements Developing and implementing enterprise governance, risk, and compliance strategy and solutions. Familiarity with industry standards and regulations including PCI, ISO27001, SOC 2, GDPR, CIS, NIST is desired. Candidates from BFSI experience will be preferred Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security implications.

INTERESTED CANDIDATE SHARE CV TO VAIJAYANTHI.M@PARAMINFO.COM Exp: 12+ Years Notice: Max 30 Days Location: Bangalore Domain: Banking is Must Must Required Skills: PMP or equivalent certification Experience managing Unified Contact Center / IVR Projects Strong understanding of Microsoft Solutions , CRM Tools , IVR Implementation Hands-on with cross-functional stakeholder coordination (Compliance, Risk, InfoSec, GRC, etc.) Excellent in reporting , project planning , risk mitigation , and governance Experience working in banking sector mandatory Preferred Skills: Familiarity with Lean / Six Sigma / Process Improvement Exposure to IT Governance & Regulatory Processes Strong decision-making in fast-paced, multi-project environments Job Description: Job Purpose: Project Manager is responsible for managing project related to unified contact centre within the business units. The Project Manager will lead the Unified Contact Centre project and ensure deliverables are in accordance to the business requirements and within the budget (minimize risk and optimize delivery); Projects will be related to lines of businesses, organization growth and service enhancements for the customers Key Result Areas: Responsible for managing projects for lines of businesses. Monitor the development and implementation of project plans which includes design, testing, and implementation of all business requirements. Ensure Project Management Framework is followed, and all the required artifacts are submitted at each stage of the project. Ensure all relevant documentation related to projects are stored in the Central Project repository. Coordinate with the project team and other stakeholders like Compliance, Information Security Group, Operational Risk Management, IT GRC, Procurement, Finance teams to ensure necessary approvals are obtained for the smooth delivery of the projects. Provide accurate reporting to the senior leadership teams and governance forums on the status of the projects. Operating Environment, Framework and Boundaries, Working Relationships: The job holder will need to work across all functions in the organization while ensuring the project management methodologies are followed by technology team members in the Bank for the local & overseas operations. Ensure the project status are accurately reported to the IT Governance forums and senior leadership team. Problem Solving: Will need to deal with all the problems associated with multiple interdependencies that will arise out of multi-disciplinary projects In a fast paced, dynamic environment where time to market is critical, the incumbent will frequently need to make quick decisions on risks associated with the projects / programs Decision Making Authority & Responsibility: Ensure Project management framework is followed, and periodic reporting is done to senior leadership teams on the status of the projects. Responsible to ensure all stage gates as prescribed in the project management framework are followed by the project teams and in case of risks / issues highlight it to senior management Knowledge, Skills and Experience: Masters degree with at least 12 years of experience in banking industry with project management certification (e.g. PMP) or equivalent practical experience Previous experience working in Microsoft solution or any project related to build customer contact centre. Ability to establish and maintain strong working relationships with the stakeholders across the organisation INTERESTED CANDIDATE SHARE CV TO VAIJAYANTHI.M@PARAMINFO.COM

Job Summary The Senior Risk Lead provides technical governance to supplier risk management programs in the governance, risk and compliance functions. Responsible for reviewing security compliance in terms of SaaS configuration, compliance sets such as SOC2 and performing risk assessments. Accountable for security frameworks and adherence to industry best practices and standards. Works with application and infrastructure teams to ensure that policies and standards are integrated and applied appropriately across the environment. The Analyst is expected to have a thorough understanding IT system, experienced in enterprise systems integration and stays up to date with the latest security standards, emerging security technologies, as well as security best practices. The Senior Risk Lead will also assist with facilitating the identification, documentation, review, and mitigation of information security risks to support organizational strategic objectives. This role will analyze information security risks and controls based on established risk criteria and methodology, conduct security risk assessments of information systems to identify vulnerabilities associated with critical assets, recommend controls to mitigate security risks identified through the risk assessment process, and communicate results that are clear and actionable to business stakeholders. The Senior Risk Lead will monitor the risk landscape through emerging threat intelligence, actionable situational awareness, and other sources. While working with the overall Global Security GRC team and other internal business units, the analyst will ensure proper documentation and reporting analytics, including KPIs, through the development and maintenance of appropriate records related to risks, controls, and assessments in the GRC system of record. Duties and Responsibilities Conducts reviews for projects related to infrastructure and general information security to ensure they meet requirements and target-state architecture. Participates in risk assessment activities as subject matter expert for infrastructure and general information security concerns Determines security requirements by evaluating business strategies and requirements; researching information security standards; evaluating risk assessments; studying architecture/platform and identifying integration issues Ensures all risks are documented and updated according to Global Security policies, standards, and processes Engages with technical and security teams to identify and assess risks, driving towards appropriate risk mitigation activities aligned with the enterprise risk appetite Monitors identified risks, reassessing as needed and/or as directed by management Reports on risk remediation status through facilitation of risk metrics, analytics, and scorecards Helps facilitate the annual enterprise information security risk assessment Manages issue resolution due to control breaks and audit findings Analyzes business problems through software, analytical tools and techniques, business processes and technical knowledge to guide in risk-based decisions Organizes and leads GRC-related meetings, prepares meeting agendas, sends out meeting minutes and coordinates follow-up activities as appropriate Manages exceptions to policy and standards Communicate with all levels of technical and executive staff in matters related risk identification and remediation Works with GRC Compliance, Internal Audit, and outside consultants as appropriate on required security assessments and audits Minimum Qualifications Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree At least eight (8) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology related industry including experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required Knowledge in creating architectures (IaaS, SaaS, PaaS) for public, private and hybrid cloud services Ability to demonstrate a strong understanding of various compliance and regulatory areas (e.g., ISO27001, SOC2, DORA) Experience with risk management and managing the risk lifecycle Working knowledge of configuration management, change control, security baselines and frameworks (NIST CSF, NIST 800-171, CIS) Identify gaps in existing and proposed architectures and security controls and provide recommendations for risk resolution Ability to develop security policies and standards and guidelines based on best practices and industry standards Strong oral and written communication skills; including presentation skills Strong analytical and problem-solving skills Ability to work both independently and as part of a team to deliver quality work products in a timely fashion in a fast-paced environment Ability to multi-task and prioritize tasks with little supervision The ability to work well with people from many different disciplines with varying degrees of technical experience The ability to adapt to a dynamic, rapidly changing business and technical environment Ability to exercise skilled professional judgment Ability to maintain confidentiality Ability to oversee all aspects of projects and manage projects through the entirety of the life cycle Preferred Qualifications Information security related training or certifications such as CISSP, CSSP, CRISC or CISA Knowledge of Vulnerability management topics: Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVE), and Open Web Application Secure Project (OWASP) Experience with AI standards (e.g. ISO 42001) and assessing AI risks Experience performing information security risk assessments Experience with KPI/KRI metrics analysis and management Proven ability to drive process improvement through strategic thinking, plan development and implementation

You should have a minimum of 13-15 years of experience in Oracle EBS and at least 2 end-to-end implementations in the cloud. It is essential for you to be well-versed with Risk Management Strategies and Segregation of Duties (SOD). Your expertise should include user and roles definition, as well as knowledge of access-based controls and security. Ideally, you should have a background in Oracle EBS (GRC) or Risk Management Cloud. Possessing a certification in Risk Management would be considered desirable. Additionally, having prior experience working in a cloud environment on a similar engagement would be a definite advantage. About Birlasoft: Birlasoft is a global leader in Cloud, AI, and Digital technologies, blending domain expertise with enterprise solutions. The company's consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft, with its 12,000+ professionals, is committed to continuing the Group's 170-year heritage of building sustainable communities.,

You are a highly skilled and experienced ServiceNow IRM (Integrated Risk Management) Developer with expertise in Governance, Risk, and Compliance (GRC) and Risk Assessment module implementation. Your technical background in ServiceNow platform development, along with your knowledge of designing and implementing IRM solutions, enables you to address enterprise risk management and compliance requirements effectively. Your role involves customizing, optimizing, and expanding the ServiceNow IRM and GRC modules to align with the organization's needs while collaborating closely with stakeholders. Your key responsibilities include: - Utilizing your experience as a ServiceNow Developer, focusing on IRM, GRC, and Risk Assessment modules. - Holding a CAD certification. - Demonstrating proven expertise in implementing ServiceNow IRM and GRC solutions, which involves configuring risk libraries, conducting control testing, and managing issues. - Possessing a strong understanding of ServiceNow platform components, including Flow Designer, Scripted REST APIs, ACLs, and integrations. - Demonstrating proficiency in JavaScript, HTML, CSS, and other programming languages essential for ServiceNow development. - Applying hands-on experience in integrating ServiceNow IRM/GRC with third-party tools and data sources. Preferred Skills: - Holding ServiceNow certifications such as Certified Implementation Specialist (IRM/GRC) or Certified Application Developer. - Showcasing strong analytical and problem-solving skills with meticulous attention to detail. Soft Skills: - Demonstrating excellent communication and collaboration abilities. - Having the capacity to work both independently and in a team setting. - Exhibiting strong organizational and time management skills to effectively handle tasks and projects.,

You have a great opportunity in Pune with a requirement of at least 1+ years of experience in ISMS internal & external audit, Implementation, GRC. Your responsibilities will include: - Demonstrating strong Excel and PowerPoint skills. - Leading medium to large engagements effectively. - Showing willingness to upskill in Cyber Security audit area. - Creating Dashboards for statistical updates on cyber security status and activities. - Having knowledge of the current security environment and industry trends, with a good understanding of Network Infrastructure SDLC Methodology. - Collaborating closely with the engagement manager to execute multiple parts of the engagement delivery. - Conducting Auditing Governance and having a clear understanding of Regulations/standards such as ISO 27001, PCI DSS, GDPR, compliance, and regulatory audits like RBI, IRDAI, NBFC, etc. Additionally, you should have experience in at least one or more of the following areas: - Cybersecurity assessments - Drafting of IT and cybersecurity policies, standards, procedures, and controls - Developing security strategies and roadmaps - Providing Cybersecurity awareness and training - Generating Cybersecurity metrics and reporting Certifications such as ISO 27001 LA, LI / ISO 27701 LA are preferred for this role.,