171 Hitrust Jobs - Page 6

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. As an IT Security Risk Manager, you would support information security policies, standards, and procedures to secure and protect data. Work directly with user departments to implement procedures and systems for the protection, conservation, and accountability of proprietary, personal, or privileged electronic data. Primary Responsibilities Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyse business requirements and ensure that solutions meet established security policies and controls Maintain metrics and report them. Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Bachelor's degree or higher level of education 4+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Proven auditing skills and the ability to manage risk assessments / projects independently Proven excellent communication skills both verbal and written Proven good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) Responsibilities: Strong understanding of IT General Controls domains such as Change Management, User Access Management, IT Operations, Back and Recovery Management etc Strong understanding of the third-party risk management Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc Understanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycle Interview client stakeholders and conducts walkthrough meetings and develop assessment artifacts Should understand complete assessment lifecycle from assessment scoping to project deliverables Great communication skills and the ability to break down and explain complex data security problems Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education: Minimum Qualification: BE/ BTech/MBA/Mtech/MCA Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills - both written and oral Certifications: CIA/CISA/CISM will be added advantage Mandatory Skill Sets: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Preferred Skill Sets: ISO 27001 Reviews, HIPAA/ HITRUST Reviews Years Of Experience Required: 2-8 Education Qualification: BE, B.tech, ME, M.tech, MCA, MBA, Mcom, CA, CS Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Master of Business Administration, Bachelor of Engineering, Chartered Accountant Diploma, Master of Engineering Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills Compliance Reviews, Controls Testing, Health Insurance Portability & Accountability Act (HIPAA), Internal IT Audit, ITGC Optional Skills Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Associate Consultant Roles and Responsibilities: Assist the project management team in analysing project data and generating reports to track progress and identify areas for improvement. Assist the Business Operations head with financial budgeting, forecasting and revenue tracking Obtain quarterly client feedback and customer testimonials. Collaborate with cross-functional teams to gather and analyse data, ensuring accuracy and completeness. Participate in governance meetings and track client issues to avoid escalations. Identify and escalate project risks and issues to the project management team. Collaborate with team members to identify opportunities for process improvement and implement solutions. Help track contract timelines, renewals and upsell opportunities. Qualifications: Bachelor's degree and an MBA in Operations/Finance or a related field. 1-3 years of experience in a Business Operations/PMO department or similar role. Strong analytical and problem-solving skills. Proficient in Microsoft Office Suite, particularly Excel and PowerPoint. Excellent communication and interpersonal skills. Ability to work independently and collaboratively in a team environment. Detail-oriented with strong organizational skills. CAPM, PMP certification is a plus.

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech. The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally. Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States. It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment's notice, and mastering consistency in an ever-changing world. What We Offer: At TaskUs, we prioritize our employees' well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First. Senior Security Compliance Analyst Senior Security Compliance Analyst do? Think of yourself as someone who provides a pivotal role in the oversight and implementation of system-wide information security strategies and solutions. You will have a significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings. Imagine yourself going to work with one thing on your mind: to manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation. As a Senior Security Compliance Analyst, you will: Evaluate and design security solutions Work with technicians throughout the company in implementing, maintaining and constantly improving information security practices, while managing and maintaining efforts in the areas of Information Security, Governance, Risk and Compliance. Manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation. Support the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001. Responsible for policy assessment of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of internal and external security audits and recommendations. Serve as audit liaison, compiling all evidence/documentation requests and reporting on the progress of audits to InfoSec and IT leadership. Key administrator for Cloud Access Security Broker policy management; support in the development and implementation of a corporate security & compliance awareness program Develop training and awareness efforts for employees, contractors and visitors - to establish a "culture of security" to prevent or mitigate security incidents. Conduct research on emerging practices, services, protocols, and standards - in support of system security and compliance enhancement and development efforts. Ensure security compliance with applicable regulations and other state and federal laws, keeping current on US, Philippines and international laws of operating countries, and industry regulations regarding data privacy and security. Assist in the development and maintenance of security operations procedures and processes and work with the business units outside of InfoSec to formally document policies and procedures recommend and support the deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises. Will work with security engineers for the optimal configuration of the network and host-based security platforms - aligned with compliance requirements Provide Incident Response support, as needed, for information security related events Participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies, based on security platform reporting, network traffic, log files, host-based and automated security alerts. Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. This may include participation in DRP exercises and continuous improvement processes; assisting in the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements. Do you have what it takes to become a Senior Security Compliance Analyst? Requirements: Bachelor's degree in MIS/Computer Science or Business and/or combination of education and relevant experience Must have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP ,CCIE or CEH. At least 5 years of experience, two of which are focused on IT security and/or IT audit In-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001 Must possess a strong understanding of enterprise, network, system and application level security issues; functional awareness of both Linux-based and MS Windows-based system platforms Has a strong IT technical understanding and aptitude for analytical problem-solving; understand enterprise computing environments, distributed applications, and understanding of TCP/IP networks Previous background working on system hardening processes, tools, guidelines and benchmarks Experience in DLP policy and vulnerability management scanning platforms Experience in Cloud Access Security Broker solutions is a distinct advantage Has knowledge of Business Continuity Management (BCM) and Business Impact Analysis (BIA) Has good Project Management skills with the ability to self-start projects Can handle sensitive and/or confidential material and information with suitable discretion About TaskUs TaskUs is a leading provider of outsourced digital services and next-generation customer experience to the world's most innovative companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery and ride-sharing, Technology, FinTech and HealthTech. As of March 31, 2023, TaskUs had a worldwide headcount of approximately 47,700 people across 27 locations in 13 countries, including the United States, the Philippines and India. In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics and circumstances. Inclusive and equitable practices is our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodation in any part of the hiring process, please let us know. "Please take note that TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs." How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs. DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know. We invite you to explore all TaskUs career opportunities and apply through the provided URL https://www.taskus.com/careers/ . Show more Show less

About the Company: VISO TRUST is the only SaaS third party cyber risk management platform that delivers the security intelligence needed for modern companies to make critical risk decisions at the speed of business. Assessing the risk of data breach third party relationships pose to their customers is a traditionally complex and labor intensive process that slows business, frustrates stakeholders and leaves security teams branded: the department of “no.” With VISO’s AI-based system, practitioners can instantly and continually assess any number of third parties while achieving on average a 90% boost in operational efficiency. At VISO, we are excited to be enabling customers to reduce risk and accelerate business at the same time. VISO TRUST is a venture-backed startup with a fully remote workforce based in North America. When hiring, we look for signs that a candidate will thrive in our culture, where we put people first and value ownership, curiosity, honesty and humility in the pursuit of excellence. We also value our differences, employing a team rich in diverse perspectives and experiences. We are dedicated to equal employment opportunities regardless of status or membership in a protected class or lack thereof. About the Job As a Third Party Risk Auditor at VISO TRUST, you will be responsible for analyzing security documents, conducting third-party risk assessments, and ensuring the accuracy of our AI-driven platform’s automated due diligence. You’ll collaborate with Product, Engineering, and Machine Learning teams to improve risk assessments and enhance platform efficiency. This role is ideal for someone with strong analytical skills and experience in cybersecurity frameworks, excited to work with AI to streamline third-party risk management. Key Responsibilities Analyzing security program related language and documents, recording text annotations for the training of machine learning models and ensuring quality assurance on the conclusions drawn by automated assessments Conducting domestic and global third party risk assessments including coordinating intake of new third parties and new engagements, third party security reviews, interacting with internal and external stakeholders, reporting on assessment outcomes and tracking remediation efforts Working closely with Product, Engineering, Customer Success and Machine Learning teams to contribute to automation logic and model training and ensure the success of reviews performed on the platform Apply VISO TRUST methodology to to evaluate control presence and determine risk Document assessment procedures for subsequent automation Review business and technical assessments, questionnaires and related documentation Schedule and conduct review calls with third parties: ensure and track questionnaires sent to third parties, track and report on abandoned third parties, receive and review questionnaires responses and finalize reports Coordinate other due diligence that needs to be done in addition to security questionnaire when needed Collaborate with VISO Audit, Product, Engineering and Machine Learning personnel to develop continued program process and platform improvements Report on assessment outcomes, risk levels, and remediation progress Key Skills, Qualifications & Experience Strong analytical/critical thinking skills Excellent written, verbal communication and organizational skills Ability to perform policy and standard gap analyses based on leading security frameworks Knowledge of common control and policy taxonomies and hierarchies and related language Knowledge of common third party assurance related documents, their structure and analysis, such as AICPA SOC reports, PCI DSS ROC, HiTrust, ISO 27001 Statements of Applicability, etc. Deep knowledge and experience with regard to the VISO TRUST technology platform and it’s unique approach to text extraction and automated risk determination Bachelor’s degree with a major in Information Security or equivalent combination of education and experience, ie. CISSP, CISA, CIPP, CRISC, CEH, and/or CISM 2-5 years of experience with third party cyber risk management Have performed IT risk assessments against OWASP, PCI, GLBA, NIST, ISO, SIG/AUP or other standards Strong knowledge base in information security, risk management, privacy, operations, enterprise networking, systems evaluation, and architecture Ability to discern business relevant risk associated with technology control deficiencies, and to identify the corresponding remediation which is required to mitigate the business impact Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary. Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary Show more Show less

Infosec Third Party Risk Senior Manager Designation: Senior Manager Experience: 15 to 20 years (Relevant) Mandatory Skills: TPRM, Supply Chain Risk Assessments, Risk Assessment, ISO 27001, NIST CSF Good to Have: GRC, CISSP, ISO Qualifications Bachelor's degree in Computer Science, Engineering or related field or equivalent work experience CISA, CRISC, CISM, or CISSP certifications (one or more) preferred Demonstrated advanced verbal and written communication skills Excellent organization skills and be a self-motivated learner Hands-on experience building out Information Security third-party risk management program Shifting timings: 2pm to 11PM Mode: WFO Location- Bangalore (Brookefield/ JP Nagar) The Senior Manager, Information Security Third-party Risk Management position will be an integral member of the Information Security and Risk Management team. This role will be responsible for design, development, implementation and monitoring of risk management program. Work in Chief Information Security Officer (CISO) office under Associate Director, Information Security Governance, Risk and Compliance, this role serves as an information security technology professional for Grant Thornton to support the design, implementation, and maintenance of a cohesive information security governance, risk and compliance program. The successful candidate will have a good mix of deep technical knowledge, understanding of industry best practice, frameworks and regulations, and a demonstrated background in information security risk management program. An experienced and motivated risk and compliance individual contributor is needed to work across a matrixed team in place today and growing in the future. The successful candidate has a track record of developing strong relationships, collaborating across teams, coordinating multiple timelines, and managing complex, cross discipline projects. The ideal candidate: is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve. possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies. possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role. global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly. thinks strategically at a global level and effectively develop key processes, procedures and communications that facilitate cross-functional implementation of risk management processes and risk reporting. Responsibilities: Advance the information security third-party risk management framework and develop risk appetite Develop effective strategies for addressing high-risk suppliers. Oversee and perform security risk assessments, business impact analyses, and security control evaluations across third-party vendors in OneTrust. Prepare risk register in OneTrust to monitor and track risks. Provide supply chain security assessment remediation oversight and facilitate development of CUECs to document shared responsibility model. Perform supplier MSA security terms and conditions review and provide feedback to legal team. Ensure compliance with relevant firm security policies. Support iterative review of assessment results, working with appropriate stakeholders across the lines of defense Establish risk reporting and escalation processes Remain up to date with emerging threats, best practices and relevant legislation Work and communicate hand-in-hand with both external and internal stakeholders on critical issues that are directly impacting the business. Contribute to the development of scalable models and tools that speed up both decision making and accuracy for the organization. Meet with stakeholders to gather and integrate feedback and evangelize the program Perform and facilitate the collection, review, and assimilation of risk assessment data and reporting into concise and meaningful reports/dashboards for leadership. Take leading role in drafting and presenting deep-dive documents, including responses to senior executives. Experience Experience with information security risk management framework, assessment, audit and controls based on industry standard frameworks (i.e. NIST; ISO; COSO; HiTrust, FAIR) Experience with regulatory requirements (i.e. PCI; GDPR; HIPPA; Privacy; CCPA; etc.) Experience using GRC tools and technologies in support of the assessment/audit process (OneTrust, Security Scorecard, Bitsight, etc.) Experience gathering information from a range of different sources to help identify weaknesses in security controls Expert with security control design, development, implementation, and monitoring Demonstrated experience across multiple information security domains preferred Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description Network Security, Cloud Security, ITGC Reviews, Compliance Reviews, ISO 27001 Reviews, Department Risk Consulting Purpose of the Job /Role We are seeking an experienced Cybersecurity Project Manager to oversee and lead projects aimed at enhancing organization's cybersecurity posture. The ideal candidate will have a strong background in cybersecurity principles, project management, and leadership. This role requires a detail-oriented individual with excellent communication skills and a proactive approach to managing cybersecurity projects with clients across sectors. Responsibilities Client Engagement: Serve as the primary point of contact for clients, understanding their unique cybersecurity needs and objectives, and tailoring project plans to meet those goals. Project Execution: Oversee and execute cybersecurity projects for various clients, ensuring timely delivery within the agreed scope and budget. Advisory and Strategy Development: Advise clients on best practices and collaborate to develop cybersecurity strategies that align with their business objectives and industry standards. Stakeholder Communication: Facilitate clear and effective communication with client stakeholders, providing regular updates on project progress, challenges, and outcomes. Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Technical Areas for project management: The projects will cover wide variety of Cybersecurity projects including Strategy development, policies and procedures, risk assessments, ITGC, VAPT, Cloud security, third party assessments, etc. Business Development: Lead/ contribute in the business development activities including opportunity identification, proposal writing, and client discussions/presentations. Specific experience in one or more of the following areas are essential: Security strategy - assess, design and implement security strategy, governance frameworks over processes, controls, organisation and infrastructure to management of cyber security Security transformation programmes – review and management of security solution implementations and / or remediation programmes to address risks Breach and incident management – review the implementation of breach and major incident management practices Security policies and procedures – Create and review of security policies, procedures, standards and controls in line with regulation and/or industry standards. Resilience – review the implementation of programmes to improve IT Disaster Recovery, Business Continuity Security architecture – creating secure architecture designs for solutions, reviewing the security architecture of the network Cloud Security – Review secure architecture/configuration/Process implemented on cloud. Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc IT General Controls domains such as Change Management ,User Access Management, IT Operations, Back and Recovery Management etc Education Minimum Qualification: BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills - both written and oral Certifications CISA/CISM/ISO will be added advantage Mandatory Skill Sets-ISO 27001 Preferred Skill Sets-Data Privacy Years of Experience-7- 10 years Education Qualifications-BE /MBA Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master of Business Administration Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Data Privacy Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis {+ 21 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description Network Security, Cloud Security, ITGC Reviews, Compliance Reviews, ISO 27001 Reviews, Department Risk Consulting Purpose of the Job /Role We are seeking an experienced Cybersecurity Project Manager to oversee and lead projects aimed at enhancing organization's cybersecurity posture. The ideal candidate will have a strong background in cybersecurity principles, project management, and leadership. This role requires a detail-oriented individual with excellent communication skills and a proactive approach to managing cybersecurity projects with clients across sectors. Responsibilities Client Engagement: Serve as the primary point of contact for clients, understanding their unique cybersecurity needs and objectives, and tailoring project plans to meet those goals. Project Execution: Oversee and execute cybersecurity projects for various clients, ensuring timely delivery within the agreed scope and budget. Advisory and Strategy Development: Advise clients on best practices and collaborate to develop cybersecurity strategies that align with their business objectives and industry standards. Stakeholder Communication: Facilitate clear and effective communication with client stakeholders, providing regular updates on project progress, challenges, and outcomes. Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Technical Areas for project management: The projects will cover wide variety of Cybersecurity projects including Strategy development, policies and procedures, risk assessments, ITGC, VAPT, Cloud security, third party assessments, etc. Business Development: Lead/ contribute in the business development activities including opportunity identification, proposal writing, and client discussions/presentations. Specific experience in one or more of the following areas are essential: Security strategy - assess, design and implement security strategy, governance frameworks over processes, controls, organisation and infrastructure to management of cyber security Security transformation programmes – review and management of security solution implementations and / or remediation programmes to address risks Breach and incident management – review the implementation of breach and major incident management practices Security policies and procedures – Create and review of security policies, procedures, standards and controls in line with regulation and/or industry standards. Resilience – review the implementation of programmes to improve IT Disaster Recovery, Business Continuity Security architecture – creating secure architecture designs for solutions, reviewing the security architecture of the network Cloud Security – Review secure architecture/configuration/Process implemented on cloud. Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc IT General Controls domains such as Change Management ,User Access Management, IT Operations, Back and Recovery Management etc Education Minimum Qualification: BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills - both written and oral Certifications CISA/CISM/ISO will be added advantage Mandatory Skill Sets-ISO 27001 Preferred Skill Sets-Data Privacy Years of Experience-7- 10 years Education Qualifications-BE /MBA Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master of Business Administration Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Data Privacy Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis {+ 21 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date Show more Show less

About Milliman Independent for over 70 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world’s most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation. Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance, and financial services, and property and casualty insurance. Job Summary You will be a member of the Global Data Privacy Team, which is part of Milliman’s Legal and Compliance General Corporate Services, led by the Chief Compliance Officer. You will focus on international data privacy and product counseling. You will collaborate with Data Privacy Counsels in charge of regional privacy matters. Primary Duties & Responsibilities Develop internal guidelines for product data privacy compliance, including privacy-by-design checklists and best practices. Lead privacy reviews for new and existing products and product features, focusing on data collection, storage, processing, and sharing. Serve as the primary compliance advisor for privacy matters in product development. Review AI-driven data processing within the product for ethical and compliance implications. Partner with product, engineering, and security teams to embed privacy-by-design principles into the development of products. Conduct data protection impact assessments (DPIAs) for new products or new product features, where required. Advise on product data flows, third-party integrations, cross-border data transfer compliance, and data sovereignty requirements. Develop privacy compliance frameworks for products, including privacy notices, consent forms, retention policies, and user rights management, in collaboration with data privacy counsels where appropriate. Guide the implementation of privacy-enhancing technologies (PETs) such as encryption, pseudonymization, and differential privacy. Monitor regulatory updates and their impact on products, ensuring continuous compliance. Conduct training sessions for product managers and developers on privacy best practices. Proactively identify privacy risks in processes and propose mitigations. Monitor the implementation of data privacy recommendations, including collaboration with internal data privacy and contract counsels for associated product contract management. Maintain a database of products with documentation about Privacy-by-Design processes. Advise on cookie-less tracking, federated learning, and other privacy strategies. Train product managers and engineers on privacy-by-design principles. Education Strong IT security knowledge, with an IT Degree, or relevant IT Certification (such as CISSP) Good knowledge of HITRUST, ISO 27001, and equivalent standards. Ideally, a law Degree or Bar Exam. Deep knowledge of international data privacy laws, including GPPR, HIPAA, and CCPA. CIPP/E, CIPP/US or CIPT certification. Required Knowledge And/or Experience 7+ years of experience in privacy compliance and product counseling Strong analytical skills Global mindset with experience working in international environments Ability to deal with various laws and standards across several countries Ability to simplify complex issues for technical and non-technical stakeholders Ability to process, progress and complete matters independently, seeking guidance when needed. High level of organization and planning skills, with the ability to create plans and diligence to follow through and monitor plans through execution and completion. Collaborative workstyle Strong written and oral communication skills Adaptability to embrace a dynamic and fast-paced environment Good interpersonal skills Ideally: good contract drafting and negotiating experience, with experience in drafting data privacy clauses. This role will be located in India, with Gurugram being the preferred location. You will be supervised by the Global Data Privacy Director and be part of a supportive Legal & Compliance team led by the Chief Compliance Officer. This role is an opportunity for a Data Privacy Advisor/Counsel to develop, with evolution perspective to evolve as the International Product Privacy Lead. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security - Strategy, Risk, Compliance and Resilience – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description ORACLE: As the provider of the world’s most complete, open and integrated business software and hardware systems, Oracle is dedicated to unleashing innovation by simplifying IT. With more than 30 years of information technology innovation, Oracle is the recognized industry leader in enterprise application and technology solutions. ORACLE CLOUD: Oracle Cloud is a Generation 2 enterprise cloud that delivers powerful compute and networking performance, a comprehensive portfolio of infrastructure and platform cloud services, and the world’s only self-driving autonomous database. Built from the ground up to meet the needs of mission-critical applications, Oracle Cloud supports all legacy workloads while delivering modern cloud development tools—so enterprises can bring their past and build their future. The comprehensive nature of Oracle Cloud is a key selection consideration for customers. Oracle has the broadest cloud portfolio in the industry, delivering a complete range of production-level, cross-functional business applications for each part of an organization with information and data shared seamlessly across Oracle Cloud Applications and other systems. Business users have the latest innovations at their fingertips across sales and marketing, customer service, finance and accounting, supply chain management, human capital and talent management—all enriched with social engagement and collaboration tools and an intuitive user interface that works on any mobile device. These applications have been architected on a modern and open cloud platform and infrastructure to simplify integration needs and lower an organization’s total cost of ownership. With such extensive functionality across business processes, customers can solve their business problems with complete solutions that give them end-to-end execution and complete visibility. Oracle IaaS is clearly differentiated, being far more performant, more secure, more reliable and cost efficient as compared to others in the market. Oracle has fundamentally innovated in the IaaS space and continues to gain market share aggressively. Oracle PaaS is anchored by Oracle Autonomous Database (ADB), which offers the most innovative “self-driving” capabilities in the data tier in the marketplace. Combine with ADB, Oracle cloud also offers a complete application development platform that includes app dev, security, integration, identity management, analytics, big data and AI/ML amongst other far broader capabilities. Partners with customers, sales, engineering and product teams to design, demonstrate and deploy Oracle Cloud architectures that address customer business problems. Drives Oracle Cloud customer consumption by accelerating the adoption of Oracle cloud services including discovery, design and deployment. Engages with strategic customers, builds leadership relationships at multiple levels within organizations in order to design and implement solutions. Works directly with customers to gather requirements, develop architectures and translates business needs into solutions. May implement solutions and ensure successful deployments through code development and scripting. Displays product/application understanding through highly customized presentation demonstrations to customers, and at conferences, and events. Supports customer from Proof of Concept (POC) through production deployment of services via resource configuration, planning, and customer education/training. Creates and distributes technical assets (white papers, solution code, blog posts, and video demonstrations). Serves as a leading contributor for customers and sales on technical cloud solutions and customer success. Identifies gaps and enhancements to influence engineering roadmaps for customer driven features. Leading contributor, may provide direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. May interact with C level. Maintains expertise by staying current on emerging technologies. Minimum qualifications include: 8 years experience with computer applications and tools required. Ability to travel 50% international and domestic. Preferred but not required qualifications include: Bachelor of Science-level university degree in Computer Science, Math, Engineering from accredited university; and/or relevant 8 years technical experience. Advanced degree in relevant field of studies highly desirable. Expertise in and an in depth and thorough knowledge of competitive and industry knowledge in the field of computer applications and tools; System and application design; Implementation of advanced product features; Project management; Solving technical problems with customers in technical environments; Written and verbal communication and interpersonal skills; Needs analysis, positioning, and business justification. 8 years experience and expertise in the clear communication of technical information to others through presentations, demonstrations, written communication and consultative solutioning experience. Career Level - IC4 Responsibilities The SecDevOPS team is focused on delivering secure OCI service delivery and helping customers establish operational controls through deep knowledge of cloud-native application development, event-driven architectures, microservices, DevOps, Infrastructure-as-code, continuous integration, and automated deployment. This role is a mix of being a developer, a technical delivery architect, and an evangelist. In this role, you will actively engage with customers and deliver architecture to support secure design standards, industry-specific compliance requirements, implementation of cloud-native technologies, serverless application development, integrations with OCI or third party software around logging, monitoring, threat management, asset management solutions, write technical blogs, presentation to customers. The qualified candidate will have deep technical knowledge of cloud-native technologies, and the ability to translate complex technical requirements into architecture & service delivery. Additionally, the ideal candidate will have software development, evangelism, instructional design, and cloud security experience. Above all, you will have a passion for learning new technologies and sharing them with a wider audience, and developing automation for repeatable patterns across customers. While much of the focus of this role will revolve around the delivery of security and operations related to cloud security technologies, a large portion of the work will also involve adjacencies including securing and configuring tenancies, networking, encryption, and key or Certificate Management, Web Application Firewalls, SIEM technologies, vulnerability scanning, monitoring & observability, etc. While also interacting directly with customers the role involves regular work with the development organization to drive product improvements and innovations. This is a senior technical Cloud Delivery role, so the Cloud technical experience is the higher priority. A Cloud Engineer in our team is responsible for the successful implementation of non-routine and complex business solutions ensuring high quality and timely delivery within budget to the customers’ happiness. Analyze business needs to help ensure Oracle’s solution meets the customer’s objectives by combining industry-standard methodologies and product knowledge. Effectively applies Oracle’s methodologies and policies while adhering to contractual obligations, thereby minimizing Oracle’s risk and exposure. Exercises judgment and business acumen in selecting methods and techniques for effective project delivery on small to medium engagements. Provides direction and mentoring to junior resources on the delivery team. Ensures deliverables are acceptable and work closely with the Project Management Team to understand and manage project expectations. Collaborates with the consulting/delivery sales team by providing domain credibility. Helps with Technical solution scoping of project Comfortable working in a matrix management environment. Good communication skills to deal with internal collaborators, customers, and vendors. This individual should have a solid technical background and excellent problem-solving skills. Minimum Qualifications Minimum of 8 years of experience in progressively responsible information technology including. 5+ years of experience in developing, implementing, or architecting cloud solutions. 3+ years of technical architecture experience integrating software into cloud infrastructure with hands on programming experience using one of popular programming languages such as in JAVA or Python. Bachelor’s degree in Computer Science, related technical field or equivalent practical experience. Service delivery experience in a cloud-related environment. Ability to speak and write in English fluently Preferred Qualifications Deep technical domain knowledge in one or more of the following: cloud-native application development, event-driven architectures, SecDevOps, Infrastructure-as-code, continuous integration and deployment, container technologies such as Docker and Kubernetes, Observability Experience with continuous integration tools (e.g. Jenkins) Hands-on familiarity with Infrastructure-as-code technologies (e.g. Terraform) Experience with configuration management platforms (e.g. Chef, Puppet, or Ansible) Strong scripting skills (e.g. PowerShell, Python, Bash, Ruby, Go, etc.) Strong practical application development experience on Linux and Windows-based systems Knowledge and/or hands-on experience with OCI, including current OCI Certification (Developer, Solutions Architect, Operations) Coding experience in one or more of the following languages, Java, .Net, Python, or PHP Knowledge and hands-on experience with AWS, Azure, or Google Cloud preferred. knowledge of industry-specific compliance such as PCI, HIPAA, ISO 27001, HITRUST, CIS preferred. Delivery experience with leading security frameworks such as CIS, NIST, Zero Trust, etc. Experience with REST APIs and related development. Self-motivated, team-oriented, and focused on exceeding customer expectations About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

As a Renewals Manager, you will play a pivotal role in driving the success and satisfaction of our clients on a worldwide scale. Your primary objective will be to foster strong, enduring relationships with customers, understanding their unique needs and aspirations, and providing unwavering support and guidance throughout their journey with our products or services. Working collaboratively with cross-functional teams, you will champion the voice of the customer, promoting adoption, retention, and expansion opportunities, thereby contributing significantly to the overarching growth and prosperity of our organization across diverse global markets. Key Responsibilities: Renewals: Own and streamline the customer renewal process, ensuring timely and efficient execution. Develop and implement strategies to maximize renewal rates and minimize churn, collaborating closely with business stakeholders and CS management teams. Proactively identify and address renewal risks, working to resolve issues and secure customer commitments for continued partnership. Debt Recovery Support: Assist in managing overdue accounts and support effective debt recovery strategies to minimize financial losses. Collaborate with finance and legal teams to establish and execute robust debt recovery processes. Maintain proactive communication with customers regarding outstanding payments, negotiating suitable payment plans to facilitate debt resolution. NPS Management: Conduct and analyse Net Promoter Score (NPS) surveys to evaluate customer satisfaction and loyalty. Develop actionable insights from NPS feedback to drive continuous improvement in the customer experience. Regularly report NPS trends and insights to senior management, highlighting areas for focus and improvement. Change Control and Presales Coordination: Manage customer change requests, ensuring their effective evaluation and implementation. Coordinate with internal teams to assess the impact of changes on product and service delivery, facilitating seamless execution. Collaborate closely with the presales team to align customer needs with product capabilities, ensuring a smooth transition from presales to post sales phases. Facilitate clear and timely communication of changes and presales information to customers, ensuring transparency and alignment. Support to Account Management Team: Provide administrative and operational support to the Account Management team, assisting in the execution of account management initiatives. Collaborate on the implementation of account management tools such as HubSpot, contributing to improved efficiency and effectiveness. Support the preparation and analysis of reports on account management metrics, providing valuable insights for decision-making and strategy development. Engagement with Partners and Indirect Customers During Renewal Cycle: Serve as a liaison between the company and its partners, supporting indirect customers renewal to ensure a consistent and positive experience. Coordinate with partners to align on customer needs and expectations, facilitating effective collaboration and service delivery. Information Security Responsibilities: It is your responsibility to assist Sycurio, manage and maintain certification for the following frameworks: ISO27001 PCI (Data Security Standard, Payment Application Data Security Standard, Software Security Framework, Secure Software Lifecycle.) Cyber Essentials HITRUST Personal Attributes: Strong interpersonal and communication skills, with the ability to build rapport and trust with customers and with internal teams. Excellent problem solving and critical thinking abilities, with a focus on finding creative solutions to meet customer needs. Ability to adapt quickly to changing circumstances and embrace new challenges with a positive attitude, maintaining resilience and composure under pressure. Enthusiasm to learn the company's products and services, including features, functionalities, and value propositions. Sets high standards for performance and accountability, consistently striving to achieve and exceed targets and KPIs related to account management and satisfaction. Knowledge and skills: Proven experience in account management or a similar client-facing role, preferably in a global or multinational environment. Experience working with SaaS or technology-based products/services. Comprehensive understanding of account management principles and methodologies, including customer lifecycle management, retention strategies, and advocacy programs. Demonstrate strategic thinking and the ability to anticipate customer needs and trends, contributing to the development of long-term account management strategies. Skilled in analyzing customer data and metrics to derive actionable insights, identify trends, and make data-driven decisions to enhance the customer experience and drive business growth. Ability to collaborate effectively with cross-functional teams such as sales, marketing, product development, and support, to ensure alignment on customer needs and successful outcomes. Familiarity with change management principles and practices, including managing customer change requests, assessing their impact, and facilitating smooth transitions to minimize disruptions. Proficiency in negotiation techniques and conflict resolution strategies, enabling effective resolution of customer issues, disputes, and concerns to maintain positive relationships. Strong organizational skills, capable of managing multiple tasks, priorities, and deadlines efficiently Sycurio secures data and protects reputations. Sycurio are the industry-leading pioneer and provider of innovative solutions and services for simplifying, securing and analysing digital interactions. Check us out on Linkedin and our company website below for our latest news and updates. Show more Show less

About The Role As a Senior Consultant, your responsibilities will include standard project execution and client service activities, focused on IT compliance assessments (e.g., SOC 2 and ISO engagements). You will have the opportunity to gain project experience with clients ranging from start-ups to enterprises, across a variety of industries. As an added benefit, A-LIGN does not require Delivery Consultants to report time or sell work! Reports to: Delivery Manager and Senior Manager Pay Classification: Full-Time Responsibilities Plan and execute various IT compliance assessments (e.g., SOC 2, ISO 27001, and other similar engagements), under the direction of a member of the management team Perform IT compliance testing for various IT compliance assessments, under the direction of a member of the management team Create agendas for IT compliance assessments Perform IT compliance testing under the direction of the management team Communicate effectively to the management team, prior to, during, and post fieldwork (i.e., testing phase) Review manager’s planning meeting minutes, and prepare as appropriate for meetings Prepare testing lead sheets throughout the project Review evidence uploaded by the client for appropriateness Provide feedback regarding appropriateness of evidence uploaded by the client Provide detailed project status reports weekly to management Organize client information on A-LIGN’s Shared Drive Proactively communicate any potential issues to the management team Experience Minimum Qualifications At least 3 years of experience in IT audit, preferably with the Big 4 or a mid-tier audit/consulting firm Knowledge of various IT compliance standards including SOC 2, ISO 27001, PCI Experience using Microsoft Office suite including Word, Outlook, PowerPoint, and Excel Skills Ability to meet deadlines with a high degree of motivation Thrives in a fast-paced environment Ability to effectively multitask Ability to work individually as well as collaboratively Demonstrate capabilities with moderate supervision Ability to determine appropriateness of evidence provided by the client Strong interpersonal skills with a service-oriented mindset who can work well within a team as well as independently Must be detail oriented and organized in completing tasks Must be proactive, anticipate roadblocks, and offer solutions Ability to utilize the Microsoft Office suite including Word, Outlook, PowerPoint, and Excel Must have a sense of urgency around completing tasks and the order and priority of tasks based on business needs Strong composition, grammar, and business language skills Strong communication and interpersonal skills with the ability to effectively communicate with the management team and colleagues. Ability to work independently, set priorities and handle multiple tasks with a high level of efficiency About A-LIGN A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com Come Work for A-LIGN! Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn A-LIGN is an Equal Opportunity Employer! Minorities, women, disabled, and veterans encouraged to apply Show more Show less

Reporting To: Vice President- Solutions COMPANY OVERVIEW: AGS Health is more than a revenue cycle management company - we are a strategic partner for growth. With expert services complemented by AI-enabled technologies and high-touch support, AGS Health is the premier revenue cycle partner for leading health systems, physician groups, and academic medical centers in the U.S. With expert insight into modern revenue cycle practices, the company pairs cutting-edge technology with college-educated, trained RCM experts to help clients optimize workflow, maintain compliance, prevent revenue leakage, and achieve a high-performance revenue cycle. AGS Health employs more than 13,500+ team members globally and partners with more than 150 clients across various care settings, specialties, and billing systems. For more details, please visit http://www.agshealth.com You can also visit us at https://www.linkedin.com/company/ags-health SCOPE OF WORK: AGS is looking to fill a GM–Solutions role, reporting to the company’s Vice President of Solutions. This individual will be a key member of the leadership team and will be responsible for leading the solution design team, which is responsible for triaging, designing, and costing solutions at the scoping stage of the engagement in line with the company’s broader goals. The leader will collaborate with marketing to define/refine GTM content to ensure that value creation for the customer is positioned optimally. He/she will be responsible for supporting the revenue & profitability targets of existing and new service/product offerings launched. In addition, the GM–Solutions will collaborate with Senior Operations Leaders, with the CXOs, Sales, Customer Success, and Corporate Development being his/her key internal stakeholders. At the same time, Clients and Investors will serve as the key external stakeholders. JOBS-TO-BE-DONE (JTBDs): Work with a team of solution designers, serving as a subject matter expert and increasing the usage of technology/automation in standard solutions of the RCM services provided. Develop and deliver automation-first solutions that align with customer objectives and pain points outlined by the Sales team and through RFPs. This includes effort and staffing estimation, designing delivery models with the Operations and Product teams, finalizing pricing models with Finance, and removing legal hurdles with Legal and Compliance. Design, develop, and implement detailed 'to-be' process designs, which will be implemented by the internal Transitions team and executed by Operations. Continue to refine the solution design framework in collaboration with Sales, Transitions, and Operations. Collaborate with Marketing on sales content and case studies to ensure optimal positioning of business drivers and value propositions. Ensuring content remains current with new service offerings and solutions, delivery locations, partnerships, and acquisitions. Work alongside Sales to influence the senior client buyer and client solution owner on AGS’ service capabilities and the solution offered to address their business needs. Lead the creation of Solutions-related content for presentations to AGS Leadership (e.g., board meetings, senior staff meetings, etc.) and lead the presentations where appropriate. Responsible for leading and mentoring the solutions design team to enable them to work independently to develop solutions to client requirements and align with the company’s objectives and goals. Support Revenue targets for the overall service lines, including New Service Line (NSL) targets in association with fiscal year goals by improving: The percentage of RFPs down selected. The percentage of RFPs won. KEY SELECTION CRITERIA: Candidate qualifications : 10-12 years of experience in RCM services with a global service provider with a preferred professional history of reputable companies. Strong grounding in revenue cycle-related technology and delivering technology-led solutions to customers. Proficient in automation tools and processes to streamline workflows, improve efficiency, and reduce manual effort across various tasks and systems. Strategic outlook – deep knowledge of the healthcare industry, including a broad understanding of the payor and provider ecosystems and how they interrelate. Firm grasp of RCM vendors / services / trends / disruptions / service differentiators. Strong commercial acumen – experience in structuring sales opportunities, developing compelling go-to-market collateral, structuring pricing arrangements to maximize revenue/margin, and participating in RFP responses. Takes the initiative to continuously update sales collateral to demonstrate the breadth of AGS offerings and market differentiators effectively. Initiative-taker who strives for excellence for him/herself and his/her (direct or matrixed) team. Does not wait for instruction and proactively takes initiative. Ability to constantly learn and synthesize – Active listener with intellectual curiosity – motivated to gather market intelligence/trends and customer feedback and distill how those data points should shape the Solutions framework and intellectual property for the service line. Ability to engage CXO-level customer contacts in strategic discussions – Synthesize complex/disparate data, hone in on the root problem(s), stitch it into a solution, and link it together in an AGS offering. Product knowledge – Broad understanding of AGS products/services and their interplay, coupled with a strong knowledge of technology solutions and platforms. Excellent influencer – passion for challenging the status quo, natural ability to work and influence broader groups across business verticals/regions, and drive change management initiatives. Superb people skills and high EQ – Committed to a culture of humility. High emotional IQ, with the ability to inspire internal teams and clients. Ability to develop and lead a large, high-performance team. Experience in driving transformation through process excellence (Lean, Six Sigma), digitization (platforms, tools, technologies), and automation. Strong financial and analytical skills – comfortable with P&L management and standard financial reporting. Proficient with data analysis and interpretation. A BS/BA is required; a graduate degree in health, medicine, technology, or engineering is preferred. A formal qualification in RCM and/or an MBA would also be an advantage. COMPLIANCE: Awareness and adherence to all applicable organization-wide policies and procedures, including but not limited to Information security, HIPAA, and HR policies. Should adhere to applicable Do’s & Don’ts of implemented Information Security Management System including HIPAA, HITRUST, and NIST regulations. Adherence to the rules and regulations as outlined by the management. JOB LOCATION: India – Preferred Location – Chennai. Hyderabad or Bengaluru could also be options. Show more Show less

Role : DevOps Engineer Location : Gurgaon, India. Employment Type : Full-time, Onsite. Company Overview We are a leading Revenue Cycle Management (RCM) company specializing in healthcare billing, claims processing, and payment optimization. Our technology solutions help healthcare providers maximize revenue while reducing administrative burdens. Position Summary We are seeking an experienced DevOps Engineer to build, maintain, and optimize our infrastructure and deployment pipelines. The ideal candidate will have a strong background in cloud infrastructure, CI/CD automation, and experience working with healthcare-related systems. Key Responsibilities Infrastructure Management : Design, implement, and manage cloud infrastructure on Azure using IaC tools (Terraform, ARM Templates) automating resource provisioning and configuration. Implement proper network security controls to ensure HIPAA/regulatory compliance. Monitor infrastructure performance and optimize for cost efficiency. CI/CD Pipeline Development Implementing end-to-end CI/CD pipelines using tools like Jenkins and GitLab CI/CD, reducing deployment time and ensuring code quality. Implement infrastructure validation tests and automated quality gates. Create deployment strategies that minimize downtime for critical RCM services. Automate application testing and deployment across development, staging, and production environments. Design resilient, cost-effective cloud architectures and services. Scripting automation solutions using Bash and Python, saving time and improving workflow efficiency. Leveraging containerization technologies like Docker and Kubernetes to enhance scalability and achieve consistent environments. Monitoring & Incident Response Implement comprehensive monitoring solutions (Application Insights, Log Analytics). Create dashboards and alerts for critical RCM application metrics. Develop and maintain incident response playbooks. Participate in on-call rotation to support production systems. Security & Compliance Implement security best practices across infrastructure and deployment pipelines. Ensure all systems meet healthcare compliance requirements (HIPAA, HITRUST). Conduct regular security scans and vulnerability assessments. Document infrastructure and security controls for compliance audits. Required Qualifications Bachelor's degree in computer science, Information Technology, or related field. 5+ years of experience in DevOps engineering roles. Strong experience with Azure cloud services and Azure DevOps. Proficiency with Infrastructure as Code (Terraform, ARM Templates). Experience with containerization technologies (Docker, Kubernetes). Strong scripting skills (PowerShell, Python, Bash). Experience with monitoring tools and log management solutions. Understanding of networking concepts and security best practices. Preferred Qualifications Experience working in healthcare IT or Revenue Cycle Management. Azure certifications (Azure DevOps Engineer, Azure Administrator). Experience with database operations (SQL Server, MongoDB). Knowledge of HIPAA compliance requirements for infrastructure. Experience with secure coding practices and application security. Familiarity with microservices architecture and API management. Soft Skills Excellent troubleshooting and problem-solving abilities. Strong written and verbal communication skills. Ability to translate technical concepts to non-technical stakeholders. Collaborative mindset and team-oriented work style. Self-motivated with ability to work under pressure and meet deadlines. Benefits Comprehensive health insurance. Professional development allowance. Performance-based bonuses. Flexible work arrangements. Professional certification support. (ref:hirist.tech) Show more Show less

Skill: IAM Automation & Governance Specialist Location: [Remote / Hyderabad] Experience: 3-8 Years We’re looking for an IAM expert with hands-on experience in Microsoft Entra ID (Azure AD) and HRIS integrations (preferably UKG) . You'll lead identity automation, lifecycle governance, and compliance in a security-focused environment. Must-have skills: IAM governance & automation Azure AD / Entra ID (PIM, access packages, Conditional Access) HRIS integration (UKG ideal) Compliance knowledge (SOC 2, HIPAA, HITRUST) Bonus: Scripting (PowerShell), Microsoft Sentinel, Defender, Purview Join us to build a secure, scalable, and automated identity ecosystem. Show more Show less

Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. We are seeking a talented and dynamic Senior Infosec Consultant to join our team who has a good exposure towards managing the projects relating to Information security domain and privacy protection from scratch. Experience: 2+ years Location: Noida Key Objective And Responsibilities As an Assistant Manager, you will be entrusted with the following key responsibilities: Experience in leveraging industry standards and frameworks such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Data Audits and Assessments: Conducting regular data protection impact assessments (DPIAs) and audits to identify and mitigate privacy risks associated with data processing activities. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Requirements To be considered for this role, the candidate must meet the following requirements: Hold relevant qualifications such as CIPP/E, CIPM, FIP, DCPLA, CDPO/IN, CDPO/P, ISO 27001 LA/LI, ISO 27701 LA- preferred. Minimum 2 years of related work experience; or a master’s or MBA degree in business, computer science, information systems, engineering and/or data protection. Possess a sound knowledge of fundamentals of information security systems. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Showcase excellent communication skills, both written and verbal. Proficiency in Microsoft Office Suite (Word, Excel, Power point). Benefits Opportunity to work with a dynamic and innovative team. Career growth and development opportunities. Competitive salary and benefits package. A supportive work environment that values creativity and initiative. Join and hustle with the India's fastest privacy and information security consulting company. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) Responsibilities: Strong understanding of IT General Controls domains such as Change Management, User Access Management, IT Operations, Back and Recovery Management etc Strong understanding of the third-party risk management Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc Understanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycle Interview client stakeholders and conducts walkthrough meetings and develop assessment artifacts Should understand complete assessment lifecycle from assessment scoping to project deliverables Great communication skills and the ability to break down and explain complex data security problems Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education: Minimum Qualification: BE/ BTech/MBA/Mtech/MCA Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills - both written and oral Certifications: CIA/CISA/CISM will be added advantage Mandatory Skill Sets: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Preferred Skill Sets: ISO 27001 Reviews, HIPAA/ HITRUST Reviews Years Of Experience Required: 2-8 Education Qualification: BE, B.tech, ME, M.tech, MCA, MBA, Mcom, CA, CS Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering, Chartered Accountant Diploma, Master of Engineering, Bachelor of Technology, Master of Business Administration Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills Compliance Reviews, Controls Testing, Health Insurance Portability & Accountability Act (HIPAA), Internal IT Audit, ITGC Optional Skills Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Emotional Regulation, Empathy, Financial Accounting, Financial Audit, Financial Reporting, Financial Statement Analysis, Generally Accepted Accounting Principles (GAAP) {+ 19 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Company Information At Advarra, we are passionate about making a difference in the world of clinical research and advancing human health. With a rich history rooted in ethical review services combined with innovative technology solutions and deep industry expertise, we are at the forefront of industry change. A market leader and pioneer, Advarra breaks the silos that impede clinical research, aligning patients, sites, sponsors, and CROs in a connected ecosystem to accelerate trials. Company Culture Our employees are the heart of Advarra. They are the key to our success and the driving force behind our mission and vision. Our values (Patient-Centric, Ethical, Quality Focused, Collaborative) guide our actions and decisions. Knowing the impact of our work on trial participants and patients, we act with urgency and purpose to advance clinical research so that people can live happier, healthier lives. At Advarra, we seek to foster an inclusive and collaborative environment where everyone is treated with respect and diverse perspectives are embraced. Treating one another, our clients, and clinical trial participants with empathy and care are key tenets of our culture at Advarra; we are committed to creating a workplace where each employee is not only valued but empowered to thrive and make a meaningful impact. Job Duties & Responsibilities Provides oversight for the information security compliance program for the relevant region, identifying areas of non-compliance and directing corrective action. Consultant and advisor to regional site leadership on information security and related matters. Initiates, facilitates, and promotes activities to foster information security awareness and education within the associated area of responsibility. Fosters a culture of cyber security both with the IT organization and to drive behavioral changes for the business, including reports and communication to regional and site level leadership on security trends and statistics. Assists the CISO, Security Operations Lead, Privacy and Compliance as necessary around incident response for regional security incidents and events including responding to potential breaches of electronic protected health information (ePHI) and electronic personally identifiable information (ePII). Responsible for the development and implementation of associated risk management or corrective action “Plan of Action & Milestones” (POA&M) for the regional or business area of responsibility including the integrity of initial or periodic risk assessment/analysis and the subsequent mitigation and remediation. Coordinates external and internal security and privacy audit controls for that region or business to monitor activity on electronic systems that contain or use electronic protected health information or electronic personally identifiable information and to ensure that activity is appropriate. Such activity would include, but is not limited to, logons and logoffs, file access, updates, edits and printing. Ensure that the disaster recovery, business continuity, risk management and access control needs of the regional or business are documented and addressed. Leads strategic projects as necessary with both regional and national scope, for example Data Leak Protection, Vulnerability Management, Phishing Simulation reporting and others This role will be an individual contributor, with no direct reports. Location This role is open to candidates working hybrid in Bengaluru India. Basic Qualifications Bachelor’s degree in computer science, information systems, related field, or equivalent experience CISSP, CISM certification preferred 5-10 years’ experience leading an information security program and working with a globally distributed information security team Experience in Life Science, Health Care, manufacturing or other highly regulated industries Ability to lead audits and assessments of technology and processes related to ISO27001, HIPAA & HITRUST Experience with vendor and product selections including oversight of enterprise risk assessments Preferred Qualifications CRISC, CGEIT, CISA GSEC, GCIH certifications are helpful but not required Physical And Mental Requirements Sit or stand for extended periods of time at stationary workstation Regularly carry, raise, and lower objects of up to 10 Lbs. Learn and comprehend basic instructions Focus and attention to tasks and responsibilities Verbal communication; listening and understanding, responding, and speaking Advarra is an equal opportunity employer that is committed to diversity, equity and inclusion and providing a workplace that is free from discrimination and harassment of any kind based on race, color, religion, creed, sex (including pregnancy, childbirth, and related medical conditions, sexual orientation, and gender identity), national origin, age, disability or genetic information or any other status or characteristic protected by central, state, or local law. Advarra provides equal employment opportunity to all individuals regardless of these protected characteristics. Further, Advarra takes affirmative action to ensure that applicants and employees are treated without regard to any of these protected characteristics in all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation, benefits, and separation from employment. Show more Show less

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance, and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. You will work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Collaborate with clients to assess cybersecurity strategies and maturity, develop aligned roadmaps, and guide integration into business processes and digital transformation. Assessments experience: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons, and vendor evaluation. Frameworks experience: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, FFIEC, ISO, FedReg, FedRAMP, COBIT etc. and vendor evaluation. Must have hands-on experience and proficiency in creating, writing, and maintaining cybersecurity standards and policies. Assessing the maturity of clients’ current cybersecurity program and identifying areas for improvement. Develop presentations and reports to communicate cybersecurity strategies to client leadership and support the engagement team in planning and executing multi-domain cybersecurity initiatives. Stay informed about emerging cybersecurity technologies, threats, and best practices, conduct research on industry trends and regulatory changes affecting cybersecurity, and advise on the adoption of cybersecurity frameworks and tools (e.g., NIST, ISO, COBIT) that align with clients' needs. Stay informed about emerging cybersecurity technologies, threats, and best practices, conduct research on industry trends and regulatory changes affecting cybersecurity, and advise on the adoption of cybersecurity frameworks and tools (e.g., NIST, ISO, COBIT) that align with clients' needs. Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Desired Knowledge Excellent written and oral communication skills, presentation skills, strong analytical and problem-solving skills can express thoughts clearly, knows how to listen and is able to contribute to a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Assessing or implementing cybersecurity processes and governance, and experience in working independently or as part of a large team to deliver cybersecurity services on its own or within large complex projects. Knowledge in cloud security, network security, and endpoint protection, combined with proficiency in utilizing threat intelligence and developing effective incident response practices to anticipate, identify, mitigate, and swiftly recover from potential cyber threats. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology, and threat posture. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), ISO 27001 and other relevant cybersecurity certifications. Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 4 - 8 years Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job description: Senior Manager TPRM Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal. You’ll work in high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world. We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation. Create innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Demonstrate strong project management skills Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Review status updates and prepare management presentations/audit committee presentations etc. Actively contribute to improving operational efficiency on projects & internal initiatives. Your people responsibilities: Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Drive performance management for self and team. Driving the quality culture agenda at GDS Manage the performance management for the direct reportees, as per the organization policies Training and mentoring of project resources Participating in the organization-wide people initiatives Mandatory skills: Strong knowledge of information security concepts, risk and controls concepts Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Strong knowledge of OS (Windows / Linux) security, Database security Sound familiarity with OWASP and Secure SDLC standards / frameworks Strong knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.) Strong knowledge of Security architecture design and review Sound experience in LAN/WAN architectures and reviews Good knowledge on Privacy, Governance and reporting Sound knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.) Knowledge of incident management, disaster recovery and business continuity management Knowledge of Cryptography Knowledge of physical and environmental security Knowledge of Asset Security and Identity and Access Management CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer BE/BTech/MCA with a sound industry experience of 10 to 12 Yrs Preferred skills: Deep domain experience in a specific sector Prior Client facing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description About Us : Tsaaro is dedicated to Data Privacy and Security as its core focus. Our team comprises specialized data privacy consultants, information security experts, and penetration testers, all working to empower our clients with seamless and highly efficient security solutions. Our approach is centered around customization, understanding the unique needs of each organization, and finding solutions that align with their budget and resource constraints. At Tsaaro, we adopt a pragmatic, risk-based strategy to deliver practical and effective advice. By providing real-world guidance, support, and actionable recommendations, we confidently equip our clients to address a broad spectrum of security and privacy challenges. Responsibilities As a Senior Data Privacy Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 2-3 years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> Show more Show less