64 Grc Tools Jobs

At EY, you are part of a globally connected powerhouse of diverse teams that will shape your future with confidence. Join us in building a better working world through Compliance Risk Consulting in Regulatory Compliance and Internal Audit within the Financial Services sector. As a Manager in the Financial Services/Internal Audit & Regulatory Compliance team, you will lead risk-based audits, regulatory compliance reviews, and governance assessments for financial institutions across the MENA region. Your role involves helping clients align with evolving regulatory expectations such as CBUAE, SAMA, and CBE, and strengthening their control environments. Key Responsibilities: - Lead internal audit and compliance engagements for banks, insurers, and fintechs across MENA. - Conduct regulatory gap assessments (e.g., AML/KYC, Basel III, IFRS 9, FATCA/CRS). - Develop audit plans, risk control matrices, and testing strategies tailored to local regulatory frameworks. - Present findings and recommendations to CXOs and audit committees. - Support regulatory remediation programs and enterprise risk transformation initiatives. - Mentor junior consultants and contribute to proposals, thought leadership, and regional campaigns. Qualifications: - CA/CPA/CIA or equivalent with 7-10 years of experience in internal audit or regulatory compliance. - Strong understanding of MENA financial regulations and supervisory expectations. - Experience with risk-based audit methodologies and GRC tools. - Excellent stakeholder management and report writing skills. - A valid passport for travel. Skills and attributes for success include: - Exceptional command of spoken and written English. - Globally mobile and flexible to travel to onsite locations at short notice. - Highly analytical, organized, and meticulous consulting skills. - Strong project management skills, inspiring teamwork and responsibility. - Ability to multi-task, work well under pressure with a commitment to deliver under tight deadlines. - Strong organizational skills with the ability to prioritize effectively. - Attention to detail and quality assurance. - Proficient in MS-Office Suite, data analysis & validation. At EY, you will have the opportunity to work on inspiring and meaningful projects. We provide support, coaching, and feedback to help you develop new skills and progress your career. Embrace the freedom and flexibility to handle your role in a way that suits you best. Join us in building a better working world by creating new value for clients, people, society, and the planet.,

As a Senior Manager, Finance Risk and Controls at our Finance Risk and Controls team in Bangalore RMZ Infinity office, you will be responsible for creating and maintaining a controls framework to effectively handle risks and meet strategic objectives. Your role will involve championing a risk-first mindset and fostering a robust controls culture within the Finance department. Additionally, you will play a crucial part in ensuring compliance with regulatory requirements such as the UK Corporate Governance Code, especially during the ongoing multi-year transformation journey known as the Beacon Programme. Reporting directly to the Head of Finance Risk and Controls, you will lead a team of three to four individuals and contribute to setting the team's priorities and performance targets. Your duties will include providing assurance to senior management on the adequacy of controls, developing key performance indicators (KPIs), and key risk indicators (KRIs) to assess control effectiveness, and engaging with various committees and forums for reporting and governance coordination. Furthermore, you will promote a risk-first approach, cultivate a strong controls culture through training and role modeling, and support various compliance requirements such as Annual Risk and Control Assessment and Corporate Certification. You will also act as a key point of contact for internal and external stakeholders, including auditors and the Cyber and Engineering team, and leverage innovative technology to enhance control design and operational effectiveness. In terms of qualifications, you are expected to hold a professional qualification or membership of a professional body (e.g., CPA, ICAEW, ACCA) and have a deep understanding of the COSO framework and prior experience in a SOX environment. Strong stakeholder management skills, knowledge of cash out processes and IT controls, as well as experience in enterprise risk management, are essential. Additionally, familiarity with Oracle EBS, Oracle Fusion, ORMC, and prior experience with GRC tools like MetricStream and SAP GRC are highly desirable. Joining London Stock Exchange Group (LSEG) means being part of a global organization dedicated to driving financial stability, empowering economies, and fostering sustainable growth. Operating in 65 countries with 25,000 employees, LSEG values individuality, promotes a collaborative culture, and encourages new ideas. By working at LSEG, you will contribute to re-engineering the financial ecosystem to support sustainable economic growth, including the transition to net zero and the growth of the green economy. LSEG offers a range of benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. If you are considering applying for a role at LSEG, please read the privacy notice provided to understand how your personal information may be used and your rights as a data subject.,

This is a lead role to support the risk management product team in identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Risk Management Leadership Support the global risk management and third-party organization in leading a team of risk analysts performing tasks related to the global risk assessment processes. Risk Identification and Assessment: Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring: Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management: Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. Basic Qualifications and Experience Bachelor's degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience 4-6 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments

You are a hands-on Security Architect & Engineer who combines strategic thinking with deep technical expertise. Your role includes designing secure architectures, implementing security controls, and actively supporting security operations across IT and cloud environments. You will define long-term security strategies while engaging in day-to-day engineering and incident response activities. In terms of Security Architecture, you will be responsible for designing secure and scalable architectures that align with business goals and regulatory requirements. Your role involves integrating security solutions seamlessly with existing IT systems and evaluating security technologies across IT, OT, and cloud environments. You will ensure the implementation of access control, identity management, and various security controls. As a Security Engineer, you will apply secure configuration baselines across operating systems, databases, and cloud environments. Automation of security processes is crucial to improve efficiency. Supporting security and vulnerability assessments, assisting IT teams in patch implementations, and promoting infrastructure-as-code and DevSecOps practices are key responsibilities. Regarding Security Operations, collaboration with SOC and IT teams to detect, investigate, and respond to security incidents is essential. You will support threat hunting, root cause analysis, and the evolution of incident response and disaster recovery plans. Risk, Compliance & Governance tasks involve identifying and assessing security risks, developing mitigation strategies, enforcing security policies, and ensuring compliance with various frameworks and regulations. Your role includes providing security input into vendor assessments and staying informed about emerging regulatory requirements. Your Collaboration & Communication responsibilities include acting as a trusted advisor to internal teams, translating complex security topics for technical and business stakeholders, and participating in architecture boards and security steering committees. Key Requirements: - Bachelor's degree in Information Security, Computer Science, or related field - 8-12 years of cybersecurity experience with architectural and hands-on engineering background - Experience in designing and implementing IT/cloud security architectures - Strong knowledge of Microsoft Azure, AWS, or OCI security services - Familiarity with NIS2, GDPR, and regulatory compliance requirements - Practical experience with SIEM, EDR, vulnerability scanners, and IAM concepts - Understanding of regulatory frameworks and GRC tools - Relevant certifications such as CISSP, CISM, or CEH are a plus Nice to Have: - Advanced knowledge in cloud security architecture and automation tools - Experience with scripting to enhance security processes This role may include remote work options and requires collaboration in a fast-paced environment with various teams. You will have the opportunity to work on critical security initiatives.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. Your unique voice and perspective are essential in helping EY become even better. Join us to build an exceptional experience for yourself and contribute to creating a better working world for all. As a Senior in the EY Assurance Technology Risk Team, you will play a crucial role in developing innovative solutions for clients by leveraging your knowledge of IT environments, industry trends, ERP, and Risk Management technology. Your responsibilities include assessing, building, and sustaining risk management and governance programs for clients. You will support EY teams in transforming risk functions and implementing leading technology solutions. Additionally, you will collaborate with teams to deliver quality services related to controls, security, and IT risk solutions. Your key responsibilities involve: - Delivering assessments on Oracle Cloud/EBS/EPM/Risk Management Cloud (RMC) client implementation projects. - Actively participating in a team-oriented work environment. - Providing high-quality client services within expected timeframes and budgets. - Offering training and knowledge transfer to team members on client delivery baselines. - Staying updated on current business and industry trends relevant to clients. - Building relationships with client personnel to enhance information systems" security. - Assisting in cultivating business development opportunities. To excel in this role, you must have a bachelor's or master's degree and around 3-6 years of related work experience. Additionally, experience with Oracle Fusion Cloud/EBS, internal controls within Oracle Applications, and strong project management skills are crucial. Travel may be required to meet client needs, including international travel. Industry-related certification (e.g., CISA, CPA, CIA, CA) is preferred. We are looking for passionate self-starters with a strong vision and a desire to stay updated on Oracle NetSuite and GRC technology trends. Autonomy, initiative, and a willingness to tackle complex client issues are key aspects of this role. Working at EY offers inspiring projects, education, coaching, and personal development opportunities. You will work in a collaborative environment that encourages high quality and knowledge exchange. Support, coaching, feedback, and opportunities for skill development and career progression are provided. EY is committed to building a better working world by creating long-term value for clients, people, and society through trust, data, and technology-enabled solutions across various service areas.,

Join a role that is central to our technological resilience, offering a unique opportunity to shape the firm's tech risk strategy and enhance industry compliance. As a Tech Risk & Controls Director in Corporate Sector, you will play a pivotal role in shaping and implementing the firm's technology risk management strategy. Leveraging your advanced knowledge and expertise in technology-risk disciplines, you will identify, oversee, and mitigate compliance and operational risks in line with the firm's standards. You will collaborate with various stakeholders, including Product Owners, Business Control Managers, and regulators, to develop and maintain a comprehensive view of the technology risk posture and its impact on the business. Your ability to make calculated decisions, manage large teams, and drive strategic projects will be crucial in ensuring the firm's adherence to regulatory obligations and industry best practices. Your work will contribute to the long-term success and resilience of the organization in an ever-evolving technology landscape. Lead Audit Leadership & Coordination: Serve as a control assessments expert, managing relationships with internal control testing teams, internal assessment teams, audit teams and external auditors to facilitate smooth audit execution and delivery. Lead preparation efforts for major audits (SOX, PCI, SOC, etc.) by ensuring appropriate controls, documentation, and evidence are in place. Act as the primary liaison between audit teams, technology, and business units to align audit findings and ensure timely remediation of identified risks and gaps. Provide Regulatory & Industry Assessment Expertise: Provide subject matter expertise in regulatory assessments, ensuring that the organization adheres to applicable frameworks such as SOX, PCI DSS, GLBA, SOC1/2, and other relevant standards. Lead efforts to ensure audit compliance with Information Technology General Controls (ITGC) testing methods and facilitate assessments of our practices overall. Oversee the evaluation and design of assessment frameworks methodologies in partnership with various stakeholders, and processes to ensure consistent, efficient, and high-quality outcomes. Serve as a Strategic Risk & Control Advisor: Partner with senior stakeholders to provide risk-based guidance on control design, operational effectiveness, and audit preparedness. Lead efforts to enhance the firm's risk assessment and control environment, identifying areas of improvement and advising on control implementation to mitigate regulatory risks. Monitor regulatory trends and audit findings to proactively address emerging risks and influence control strategies across the enterprise. Drive Program Execution & Governance: Influence efficient and effective execution of assessment programs, ensuring alignment with organizational objectives, risk appetite, and regulatory compliance. Establish audit readiness programs, ensuring the continuous enhancement of the firm's control environment and audit documentation process. Lead the governance of issues raised from our assessments, tracking concerns, and resolution of findings, and ensure timely and effective closure of identified control deficiencies. Lead Stakeholder Engagement: Collaborate with business, technology, and risk teams to ensure alignment of assessment processes with organizational priorities. Maintain strong relationships with internal audit functions and external audit firms, ensuring transparency and facilitating successful audit cycles. Represent the organization in meetings with regulators as needed, external auditors, and other stakeholders on matters related to regulatory assessments and audits. Drive Leadership & Development: Lead, mentor, and develop our practice and assessment professionals, fostering a high-performance culture and encouraging professional growth. Build and manage a team focused on audit readiness, regulatory assessments, and risk control functions to support the organization's global compliance goals. Ensure the team stays abreast of changes in regulatory requirements, audit standards, and best practices in risk management. Required qualifications, capabilities, and skills: - 10+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation - Experience in audit, risk management, or compliance, with deep experience leading audit functions within a large organization - Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry - Extensive knowledge of audit principles, regulatory standards (SOX, PCI DSS, GLBA, SOC), IT General Controls, and best practices for audit readiness - Proven ability to lead large teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy in communications with senior executives - Proven experience managing relationships with internal and external auditors and leading large-scale audit and assessment programs - Advanced knowledge and experience leading data security, risk assessment & reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies - Experience with GRC tools, audit management platforms, and data analytics to enhance audit efficiency and insight - Ability to drive change and continuous improvement in audit practices Preferred qualifications, capabilities, and skills: - CPA, CIA, CISA, or other relevant certifications preferred.,

Greetings, We are currently looking for a candidate to fulfill the resource requirement for SOX Documentation at our esteemed organization. The ideal candidate should possess an undergraduate degree or master's degree with 2-10 years of consulting/industry experience in operational risk management. It is essential to have experience in handling, leading, or being a team member in end-to-end compliance review, risk, or assurance reviews/engagements. The candidate should be proficient in process mapping, process walkthroughs, test of design & operating effectiveness, creating findings memos, and updating GRC tools. Prior exposure to SOX testing in the FS sector will be given preference. Familiarity with Business Optix, Airtable, MS Teams, etc., is also required for this role. The indicative years of experience required for this position range between 2-12 years. Applicants must be adaptable to working in the UK time zone within a slot of 12:00 PM to 12:00 AM IST for 10 hours within this timeframe. Please note that the engagement will not be shift-driven and may occasionally require extra hours based on project needs. The candidate should be prepared to start in January 2025, with the on-boarding process commencing around mid-December. If you meet the qualifications and skills mentioned above and are enthusiastic about this opportunity, we encourage you to apply for this position. Thank you.,

1. Job Title: Security Manager (Cybersecurity & Infrastructure Security) ( CPass Audit Spoc for BFSI customers ) Location: [Nagpur] Department: IT Security & Compliance Reports To: Sr. Director IT Infrastructure Experience Required: 5 - 15 Role Overview: The Security & Compliance Manager will lead the organizations IT security and compliance initiatives, acting as the Single Point of Contact (SPOC) for all third-party audits, especially from BFSI clients. This role ensures adherence to regulatory, data protection, and industry standards. Key Responsibilities: 1. Act as the Single Point of Contact (SPOC) for all BFSI customer audits, third- party assessments, and compliance reviews. 2. Maintain and enforce security policies, risk registers, audit trails, and compliance documentation. 3. Ensure ongoing compliance with ISO 27001, SOC 2, RBI, GDPR, TRAI, and other applicable BFSI regulations. 4. Conduct internal audits, gap analyses, and drive remediation plans to closure. 5. Coordinate with legal, IT, DevOps, and business teams to ensure audit readiness and evidence collection. 6. Lead incident response planning, security drills, and business continuity testing. 7. Manage vendor risk assessments, NDAs, and third-party compliance documentation. 8. Perform regular risk assessments and maintain an up-to-date risk register. 9. Conduct vulnerability scans across infrastructure, APIs, applications, and endpoints. 10. Coordinate with external vendors for annual penetration testing and ensure timely remediation. 11. Track, prioritize, and patch vulnerabilities based on CVSS scores and business impact. 12. Develop and maintain a compliance calendar to track all audit and certification timelines. 13. Own and manage the Information Security Management System (ISMS) lifecycle. 14. Prepare and present audit reports, dashboards, and risk summaries to senior leadership. 15. Ensure data privacy and protection controls are implemented across all CPaaS services. 16. Conduct security awareness training and phishing simulations for employees. 17. Review and approve security controls for new projects, vendors, and cloud deployments. 18. Maintain incident logs, RCA reports, and ensure timely closure of security incidents. 19. Collaborate with product and engineering teams to embed security-by- design principles. 20. Stay updated with regulatory changes in the BFSI sector and translate them into actionable controls. 21. Lead external certification audits (e.g., ISO, SOC 2) and manage evidence collection and walkthroughs. Required Skills & Qualifications: • Bachelor’s degree in information security, IT, or related field. • 6+ years of experience in IT security, audit, and compliance. • Strong knowledge of BFSI regulatory frameworks and data privacy laws. • Experience with GRC tools, audit frameworks, and documentation. • Certifications: CISA, CISM, ISO 27001 Lead Auditor, or equivalent preferred. Excellent communication and stakeholder management skills.

You will play a crucial role as an Information Technology General Controls (ITGC) Audit Manager within American Express's Internal Audit Group (IAG). In this position, you will contribute to the Technology audit portfolio by assisting in various audit tasks. Your responsibilities will include collaborating with audit teams to understand key processes, risks, and controls, developing analytic control tests, analyzing results, and presenting findings to senior management. As part of IAG's Resource Centre of Excellence in India, you will work across multiple audit portfolios, focusing on ITGC audit coverage and technology governance. The role will involve engaging with global and regional audit teams, leading audit execution, supervising junior staff, and ensuring audits are conducted efficiently within professional standards and timelines. Your expertise in evaluating IT and IS controls, along with a minimum of 7 years of experience in the retail banking financial services industry, will be essential for this role. You should have a solid educational background in Information Systems, Computer Science, Accounting, Finance, Business, or a related field. Additionally, having a professional certification such as CIA, CISA, CPA, or equivalent is expected. To excel in this position, you must possess strong communication skills to articulate risk insights effectively, collaborate with diverse teams, and deliver high-quality feedback to management. Your ability to work independently, adapt to evolving risk landscapes, analyze data effectively, and resolve complex risk issues will be key to success in this role. Experience with emerging technologies, data analytics tools, and cybersecurity concepts will be advantageous. American Express offers a supportive work environment with competitive salaries, bonus incentives, financial benefits, comprehensive medical coverage, flexible working arrangements, parental leave policies, career development opportunities, and wellness programs. As part of a global and diverse community, you will have the opportunity to grow professionally while contributing to the company's mission of delivering the best customer experience every day. If you are passionate about utilizing data and technology in a collaborative environment, share the company's aspirations, and possess the required qualifications and experience, we invite you to join Team Amex and lead the way towards a successful career journey.,

The IT SOX ITGC Compliance Lead is responsible for overseeing and ensuring compliance with Sarbanes-Oxley (SOX) 404 IT General Controls (ITGCs). This role plays a critical part in assessing IT risks, evaluating IT control frameworks, and working closely with IT, finance, and internal audit teams to strengthen compliance and security postures. The ideal candidate will have expertise in IT controls, risk management, cybersecurity frameworks, and regulatory compliance. Your role in our mission Lead the design and implementation of IT General Controls (ITGCs) to ensure SOX 404 compliance. Evaluate IT processes related to access controls, change management, system development, IT operations, and cybersecurity. Perform IT risk assessments. Work with stakeholders to develop remediation plans. Participate in walkthroughs, control testing, and documentation of IT systems and applications. Ensure IT compliance with COSO, COBIT, and other relevant frameworks. Support internal and external auditors during IT SOX audits and facilitate control testing activities. Collaborate with finance, IT, security, and risk management teams to ensure effective IT governance. Monitor compliance trends, regulatory updates, and emerging risks to ensure IT control alignment with best practices. Lead initiatives to automate, optimize, and improve IT control processes to enhance compliance efficiency. Act as a liaison between IT, internal audit, and external auditors to ensure smooth execution of SOX compliance audits. Provide guidance and training to IT teams on SOX ITGC requirements and risk mitigation strategies. Qualifications & Experience: Education: Bachelors degree in Information Systems, Cybersecurity, Accounting, or a related field. Certifications (Preferred): CISA, CISSP, CRISC, CPA, CIA, or equivalent. Experience: 19+ years of experience in IT audit, SOX compliance, ITGCs, or risk management. Strong knowledge of ITGC frameworks, financial reporting systems, SAP S4/Hana ERP systems, and cloud environments. Hands-on experience with GRC tools, security controls, IT risk assessments, and AuditBoard. Familiarity with cybersecurity frameworks, identity and access management (IAM), and IT process automation. Skills & Competencies: Strong understanding of IT controls, compliance, and risk management. Proficiency in ITGC testing, control documentation, and remediation. Excellent analytical, problem-solving, and stakeholder management skills. Ability to work cross-functionally with IT, finance, audit, and executive leadership. Detail-oriented with a strategic approach to process improvement and automation.,

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do - and they push us to ensure we take care of ourselves, each other, and our communities. Job Summary: This job collaborates with internal teams to influence the quality and effectiveness of internal control processes. It involves evaluating and recommending alternative solutions, conducting assessments, and engaging in continuous improvement initiatives. Job Description: Essential Responsibilities: Collaborate with internal teams to influence the quality and effectiveness of internal control processes. Evaluate and recommend alternative solutions to improve internal control systems. May act as a subject matter resource for entry level and developing colleagues Conduct assessments of internal control effectiveness and compliance. Engage in continuous improvement initiatives to enhance internal control practices. Minimum Qualifications: Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience. Preferred Qualification: Your day-to-day: 1. Governance Framework Development: Support the design, implementation, and ongoing maintenance of governance frameworks and control processes for the credit organization, ensuring alignment with corporate governance standards and applicable regulatory requirements through effective cross-functional collaboration. 2. Risk Management and Compliance: Conduct regular risk assessments to identify potential compliance and operational risks within the credit organization, monitor and report on control effectiveness, recommend enhancements to address identified gaps, and ensure adherence to applicable laws, regulations, and internal policies. 3. Control Testing and Monitoring: Collaborate in the development of control testing plans to assess the effectiveness of existing controls, while monitoring control activities and delivering timely reporting on performance and emerging issues. 4. Policy and Procedure Development: Assist in the development and documentation of policies and procedures related to credit governance and controls, ensuring they remain current and aligned with evolving regulatory and business requirements. 5. Stakeholder Engagement: Collaborate with internal stakeholdersincluding risk management, compliance, legal, and audit teamsto ensure a unified approach to governance and controls, while providing training and support to team members on related topics. 6. Continuous Improvement: Identify and implement opportunities for process improvements and operational efficiencies within the governance and controls framework, while staying abreast of industry best practices and emerging trends in credit governance and controls. What do you need to bring: Bachelor's degree in finance, Business Administration, Risk Management, or a related field. 4-6 years of experience in risk management, compliance, or controls within the financial services industry, preferably in a credit-related role Strong understanding of regulatory requirements and industry standards related to credit governance and controls. Excellent analytical and problem-solving skills, with keen attention to detail. Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams. Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint) and experience with governance, risk, and compliance (GRC) tools is a plus. Relevant professional certificates are advantageous. Work Permit and Relocation Prerequisites: Must already possess valid authorization to work in the country where the position is advertised/located. Relocation support will not be provided for this role. Subsidiary: PayPal Travel Percent: 0 PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. To learn more about how to identify and avoid recruitment fraud please visit . For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit . Who We Are: to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at . Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please . We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Information Security Senior Specialist to join our team in banglore, Karn?taka (IN-KA), India (IN). Job Description: The primary function of this role is to conduct activities to support compliance with security, customer, and regulatory requirements. The candidate will also have the opportunity to contribute to other areas within the Security Risk Management and Compliance arena such as Policy Management, Third-Party Risk Management, Security Awareness Training, and various other initiatives. Primary responsibilities include: Respond to customer inquiries for information regarding Enlyte's security controls and completion of security assessments/questionnaires. Conduct access and entitlement reviews for users of internal systems. Perform weekly compliance review for security training assignments and send reminder notifications for out-of-compliance users. Obtain internal documentation and information in support of security compliance audits. Secondary Responsibilities: Maintain the Security team GRC system including building of assessments, reporting, and monitoring dashboards. Create How-to Guides and departmental operating procedure documentation. Update internal policy sites and policy documents as needed. Preferred Qualifications: Experience: Proficiency in Microsoft Word, Excel, & PowerPoint. Proficient grammar, sentence structure, and advanced report writing and technical writing skills. Desired: Knowledge of security/privacy standards and regulatory requirements such as ISO 27001, SOC 1, SOC 2, PCI, HIPAA, HITRUST, etc. Technical Skills & Experience: Experience using Microsoft Azure, O365, and GRC tools is a plus. Licenses or Certifications: CISA, CISSP, CRISC, ISO 27001 Lead Auditor certification is a plus. About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client's needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, . NTT DATA endeavors to make accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at . This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click . If you'd like more information on your EEO rights under the law, please click . For Pay Transparency information, please click.

You will be joining a company that has been consistently profitable and is experiencing rapid growth, having expanded 4x in the past year. Recently closing a funding round of $30 million in 2025, backed by leading VC firms and strategic investors, the company is on a strong trajectory. The corporate culture at the company is centered around openness, ownership, and collaboration, with a commitment to diversity and equal opportunities for all employees. At Easebuzz, you will collaborate with passionate colleagues who are dedicated to mutual growth. As an experienced Internal Auditor, you will be responsible for ensuring regulatory compliance and information security frameworks within the organization. Your role will involve conducting audits, assessments, and reviews of internal processes and controls to guarantee adherence to standards such as RBI System Audit Report (SAR), ISO 27001, SOC 2, PCI-DSS, and other industry benchmarks. In addition to this, you will lead enterprise-wide risk assessments and provide insights to enhance business processes and internal control systems. Key Responsibilities: Audit & Compliance: - Plan, execute, and report on internal audits across various business functions, focusing on IT and security controls. - Ensure compliance with regulatory guidelines like RBI SAR and identify risks, gaps, and non-compliance areas promptly. - Conduct audits in line with ISO 27001, SOC 2, and PCI-DSS requirements. - Collaborate with external auditors and certification bodies to facilitate third-party assessments and certifications. Risk Assessment: - Lead and coordinate enterprise risk assessments, identifying risks, evaluating their impact, and proposing mitigations. - Maintain and update risk registers following industry best practices. - Conduct regular risk reviews of business units and IT systems. Business Process Analysis: - Analyze end-to-end business processes to identify inefficiencies, control gaps, or compliance risks. - Map processes and suggest enhancements aligned with control and compliance objectives. - Evaluate process documentation and support business process reengineering initiatives. Internal Control Design & Review: - Design, assess, and refine internal control frameworks across business and IT operations. - Offer recommendations for control enhancements to bolster governance, risk management, and compliance. - Conduct control testing and effectiveness reviews for operational, financial, and IT controls. Reporting & Communication: - Prepare comprehensive audit reports and present findings to senior management. - Monitor audit recommendations, ensure prompt implementation of corrective actions, and oversee residual risks. - Maintain transparent and engaging communication with stakeholders. Qualifications & Skills: Education: - Bachelors/Masters degree in Accounting, Finance, Information Systems, or related field. - CA, CIA, CISA, CISM, or equivalent certifications are preferred. Experience: - 3-5 years of experience in internal auditing, risk management, or compliance. - Hands-on experience with RBI guidelines, particularly SAR, ISO 27001, SOC 2, and PCI-DSS audits. - Experience in business process mapping, control testing, and risk assessments. Skills: - Strong analytical and critical thinking abilities. - Profound understanding of regulatory compliance, information security, and internal controls. - Proficiency in utilizing GRC tools, audit software, and Microsoft Office Suite. - Excellent written and verbal communication skills. Preferred Attributes: - Experience in BFSI or fintech industries. - Familiarity with RBIs IT risk guidelines, DPDP Act, and other Indian regulatory frameworks. - Ability to manage multiple audits and projects in a fast-paced setting.,

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.

Any Bachelors degree in IT, Engineering, or related field. 46 A GRC Consultant is an experienced GRC professional who supports enterprise wide GRC initiatives such as assessing current state, developing a strategy, and selecting and implementing GRC tools and frameworks. A Security Consultant assesses, designs, and implements security measures for organizations, identifying vulnerabilities and recommending solutions to protect against threats. They may work internally or as external consultants, advising on security policies, conducting risk assessments, and helping clients improve their overall security posture. This includes tasks like penetration testing, security audits, and implementing security protocols.