167 Hitrust Jobs - Page 7

Identifying, assessing, and solving complex business problems for area of responsibility, where analysis of situations or data requires an in-depth evaluation of variable factors Overseeing the development of Security solutions, architecture, design, asset documentation etc. Experience in assessment and implementation of security industry and regulatory compliance standards like ISO 27001, NIST, HIPAA, GDPR, CSA STAR compliance, PCI DSS, GDPR, CCPA, HITRUST Drafting policies, procedures and assist with security process development Experience in cloud assurance. Building security strategy, security operating model for cloud- based solutions, deployments, or migration Leading Security RFP response and security solutioning specific to client needs Experience in Gap, risk and maturity Assessments, Remediation recommendations and drafting To-Be Security architecture for clients Exposure to risk management, risk quantification Helping solve key business problems and challenges by enabling a security architecture transformation, painting a picture of, and charting a journey from the current state to a "to-be" enterprise environment Experience in participating in client presentations & orals for proposal defense etc. Implementing programs/interventions that prepare the organization for the implementation of new business processes Assisting our clients to build the required capabilities for growth and innovation to sustain high performance Managing multi-disciplinary teams to shape, sell, communicate, and implement programs Provide thought leadership to the downstream teams for developing offerings and assets Mentoring and developing our people Professional certifications like CISSP, CISA, CISM, CEH, ISO27001, CRISC, CCSK Qualifications TBC

Skill: IAM Automation & Governance Specialist Location: [Remote / Hyderabad] Experience: 3-8 Years We’re looking for an IAM expert with hands-on experience in Microsoft Entra ID (Azure AD) and HRIS integrations (preferably UKG) . You'll lead identity automation, lifecycle governance, and compliance in a security-focused environment. Must-have skills: IAM governance & automation Azure AD / Entra ID (PIM, access packages, Conditional Access) HRIS integration (UKG ideal) Compliance knowledge (SOC 2, HIPAA, HITRUST) Bonus: Scripting (PowerShell), Microsoft Sentinel, Defender, Purview Join us to build a secure, scalable, and automated identity ecosystem. Show more Show less

Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. We are seeking a talented and dynamic Senior Infosec Consultant to join our team who has a good exposure towards managing the projects relating to Information security domain and privacy protection from scratch. Experience: 2+ years Location: Noida Key Objective And Responsibilities As an Assistant Manager, you will be entrusted with the following key responsibilities: Experience in leveraging industry standards and frameworks such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Data Audits and Assessments: Conducting regular data protection impact assessments (DPIAs) and audits to identify and mitigate privacy risks associated with data processing activities. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Requirements To be considered for this role, the candidate must meet the following requirements: Hold relevant qualifications such as CIPP/E, CIPM, FIP, DCPLA, CDPO/IN, CDPO/P, ISO 27001 LA/LI, ISO 27701 LA- preferred. Minimum 2 years of related work experience; or a master’s or MBA degree in business, computer science, information systems, engineering and/or data protection. Possess a sound knowledge of fundamentals of information security systems. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Showcase excellent communication skills, both written and verbal. Proficiency in Microsoft Office Suite (Word, Excel, Power point). Benefits Opportunity to work with a dynamic and innovative team. Career growth and development opportunities. Competitive salary and benefits package. A supportive work environment that values creativity and initiative. Join and hustle with the India's fastest privacy and information security consulting company. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) Responsibilities: Strong understanding of IT General Controls domains such as Change Management, User Access Management, IT Operations, Back and Recovery Management etc Strong understanding of the third-party risk management Implementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etc Understanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycle Interview client stakeholders and conducts walkthrough meetings and develop assessment artifacts Should understand complete assessment lifecycle from assessment scoping to project deliverables Great communication skills and the ability to break down and explain complex data security problems Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education: Minimum Qualification: BE/ BTech/MBA/Mtech/MCA Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills - both written and oral Certifications: CIA/CISA/CISM will be added advantage Mandatory Skill Sets: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Preferred Skill Sets: ISO 27001 Reviews, HIPAA/ HITRUST Reviews Years Of Experience Required: 2-8 Education Qualification: BE, B.tech, ME, M.tech, MCA, MBA, Mcom, CA, CS Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering, Chartered Accountant Diploma, Master of Engineering, Bachelor of Technology, Master of Business Administration Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills Compliance Reviews, Controls Testing, Health Insurance Portability & Accountability Act (HIPAA), Internal IT Audit, ITGC Optional Skills Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Emotional Regulation, Empathy, Financial Accounting, Financial Audit, Financial Reporting, Financial Statement Analysis, Generally Accepted Accounting Principles (GAAP) {+ 19 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Company Information At Advarra, we are passionate about making a difference in the world of clinical research and advancing human health. With a rich history rooted in ethical review services combined with innovative technology solutions and deep industry expertise, we are at the forefront of industry change. A market leader and pioneer, Advarra breaks the silos that impede clinical research, aligning patients, sites, sponsors, and CROs in a connected ecosystem to accelerate trials. Company Culture Our employees are the heart of Advarra. They are the key to our success and the driving force behind our mission and vision. Our values (Patient-Centric, Ethical, Quality Focused, Collaborative) guide our actions and decisions. Knowing the impact of our work on trial participants and patients, we act with urgency and purpose to advance clinical research so that people can live happier, healthier lives. At Advarra, we seek to foster an inclusive and collaborative environment where everyone is treated with respect and diverse perspectives are embraced. Treating one another, our clients, and clinical trial participants with empathy and care are key tenets of our culture at Advarra; we are committed to creating a workplace where each employee is not only valued but empowered to thrive and make a meaningful impact. Job Duties & Responsibilities Provides oversight for the information security compliance program for the relevant region, identifying areas of non-compliance and directing corrective action. Consultant and advisor to regional site leadership on information security and related matters. Initiates, facilitates, and promotes activities to foster information security awareness and education within the associated area of responsibility. Fosters a culture of cyber security both with the IT organization and to drive behavioral changes for the business, including reports and communication to regional and site level leadership on security trends and statistics. Assists the CISO, Security Operations Lead, Privacy and Compliance as necessary around incident response for regional security incidents and events including responding to potential breaches of electronic protected health information (ePHI) and electronic personally identifiable information (ePII). Responsible for the development and implementation of associated risk management or corrective action “Plan of Action & Milestones” (POA&M) for the regional or business area of responsibility including the integrity of initial or periodic risk assessment/analysis and the subsequent mitigation and remediation. Coordinates external and internal security and privacy audit controls for that region or business to monitor activity on electronic systems that contain or use electronic protected health information or electronic personally identifiable information and to ensure that activity is appropriate. Such activity would include, but is not limited to, logons and logoffs, file access, updates, edits and printing. Ensure that the disaster recovery, business continuity, risk management and access control needs of the regional or business are documented and addressed. Leads strategic projects as necessary with both regional and national scope, for example Data Leak Protection, Vulnerability Management, Phishing Simulation reporting and others This role will be an individual contributor, with no direct reports. Location This role is open to candidates working hybrid in Bengaluru India. Basic Qualifications Bachelor’s degree in computer science, information systems, related field, or equivalent experience CISSP, CISM certification preferred 5-10 years’ experience leading an information security program and working with a globally distributed information security team Experience in Life Science, Health Care, manufacturing or other highly regulated industries Ability to lead audits and assessments of technology and processes related to ISO27001, HIPAA & HITRUST Experience with vendor and product selections including oversight of enterprise risk assessments Preferred Qualifications CRISC, CGEIT, CISA GSEC, GCIH certifications are helpful but not required Physical And Mental Requirements Sit or stand for extended periods of time at stationary workstation Regularly carry, raise, and lower objects of up to 10 Lbs. Learn and comprehend basic instructions Focus and attention to tasks and responsibilities Verbal communication; listening and understanding, responding, and speaking Advarra is an equal opportunity employer that is committed to diversity, equity and inclusion and providing a workplace that is free from discrimination and harassment of any kind based on race, color, religion, creed, sex (including pregnancy, childbirth, and related medical conditions, sexual orientation, and gender identity), national origin, age, disability or genetic information or any other status or characteristic protected by central, state, or local law. Advarra provides equal employment opportunity to all individuals regardless of these protected characteristics. Further, Advarra takes affirmative action to ensure that applicants and employees are treated without regard to any of these protected characteristics in all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation, benefits, and separation from employment. Show more Show less

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance, and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. You will work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Collaborate with clients to assess cybersecurity strategies and maturity, develop aligned roadmaps, and guide integration into business processes and digital transformation. Assessments experience: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons, and vendor evaluation. Frameworks experience: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, FFIEC, ISO, FedReg, FedRAMP, COBIT etc. and vendor evaluation. Must have hands-on experience and proficiency in creating, writing, and maintaining cybersecurity standards and policies. Assessing the maturity of clients’ current cybersecurity program and identifying areas for improvement. Develop presentations and reports to communicate cybersecurity strategies to client leadership and support the engagement team in planning and executing multi-domain cybersecurity initiatives. Stay informed about emerging cybersecurity technologies, threats, and best practices, conduct research on industry trends and regulatory changes affecting cybersecurity, and advise on the adoption of cybersecurity frameworks and tools (e.g., NIST, ISO, COBIT) that align with clients' needs. Stay informed about emerging cybersecurity technologies, threats, and best practices, conduct research on industry trends and regulatory changes affecting cybersecurity, and advise on the adoption of cybersecurity frameworks and tools (e.g., NIST, ISO, COBIT) that align with clients' needs. Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Desired Knowledge Excellent written and oral communication skills, presentation skills, strong analytical and problem-solving skills can express thoughts clearly, knows how to listen and is able to contribute to a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Assessing or implementing cybersecurity processes and governance, and experience in working independently or as part of a large team to deliver cybersecurity services on its own or within large complex projects. Knowledge in cloud security, network security, and endpoint protection, combined with proficiency in utilizing threat intelligence and developing effective incident response practices to anticipate, identify, mitigate, and swiftly recover from potential cyber threats. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology, and threat posture. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), ISO 27001 and other relevant cybersecurity certifications. Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 4 - 8 years Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job description: Senior Manager TPRM Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal. You’ll work in high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world. We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation. Create innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Demonstrate strong project management skills Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Review status updates and prepare management presentations/audit committee presentations etc. Actively contribute to improving operational efficiency on projects & internal initiatives. Your people responsibilities: Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Drive performance management for self and team. Driving the quality culture agenda at GDS Manage the performance management for the direct reportees, as per the organization policies Training and mentoring of project resources Participating in the organization-wide people initiatives Mandatory skills: Strong knowledge of information security concepts, risk and controls concepts Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Strong knowledge of OS (Windows / Linux) security, Database security Sound familiarity with OWASP and Secure SDLC standards / frameworks Strong knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.) Strong knowledge of Security architecture design and review Sound experience in LAN/WAN architectures and reviews Good knowledge on Privacy, Governance and reporting Sound knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.) Knowledge of incident management, disaster recovery and business continuity management Knowledge of Cryptography Knowledge of physical and environmental security Knowledge of Asset Security and Identity and Access Management CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer BE/BTech/MCA with a sound industry experience of 10 to 12 Yrs Preferred skills: Deep domain experience in a specific sector Prior Client facing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description About Us : Tsaaro is dedicated to Data Privacy and Security as its core focus. Our team comprises specialized data privacy consultants, information security experts, and penetration testers, all working to empower our clients with seamless and highly efficient security solutions. Our approach is centered around customization, understanding the unique needs of each organization, and finding solutions that align with their budget and resource constraints. At Tsaaro, we adopt a pragmatic, risk-based strategy to deliver practical and effective advice. By providing real-world guidance, support, and actionable recommendations, we confidently equip our clients to address a broad spectrum of security and privacy challenges. Responsibilities As a Senior Data Privacy Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 2-3 years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job description: Senior Manager TPRM Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal. You’ll work in high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world. We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation. Create innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Demonstrate strong project management skills Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Review status updates and prepare management presentations/audit committee presentations etc. Actively contribute to improving operational efficiency on projects & internal initiatives. Your people responsibilities: Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Drive performance management for self and team. Driving the quality culture agenda at GDS Manage the performance management for the direct reportees, as per the organization policies Training and mentoring of project resources Participating in the organization-wide people initiatives Mandatory skills: Strong knowledge of information security concepts, risk and controls concepts Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Strong knowledge of OS (Windows / Linux) security, Database security Sound familiarity with OWASP and Secure SDLC standards / frameworks Strong knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.) Strong knowledge of Security architecture design and review Sound experience in LAN/WAN architectures and reviews Good knowledge on Privacy, Governance and reporting Sound knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.) Knowledge of incident management, disaster recovery and business continuity management Knowledge of Cryptography Knowledge of physical and environmental security Knowledge of Asset Security and Identity and Access Management CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer BE/BTech/MCA with a sound industry experience of 10 to 12 Yrs Preferred skills: Deep domain experience in a specific sector Prior Client facing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Role & responsibilities Understanding applicable regulations, standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCI-DSS, etc.) and industry best practices to manage risk and ensure compliance Perform process definition/update and deployment across all teams in consultation with the respective functions Identify best practices, drive continuous information security related process improvement and facilitate deployment of information security process changes Document the identified Information Security Policies and processes to ensure compliance with legal, regulatory and security standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCIDSS, etc.) and maintain the Information Security Management Systems. Perform due diligence for third party contracts and perform periodic 3rd party Risk Assessments. Drive and complete Information Security Assessments assigned to MRO by its clients. Manage and support Information Security Risk Management Lifecycle across MRO. Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspective. Own and drive the Information Security Incident Management Program at MRO. Be responsible for security audits performed at MRO based on HITRUST, HIPAA, PCI-DSS, TX-RAMP, etc. Drive the phishing simulation program at MRO and focus on its continual improvement. Drive Business Impact Analysis, Privacy Impact Analysis across MRO to determine and update applicable RTOs and RPOs. Technical/Domain Skills : Must have hands on experience of HITRUST based policy/process definition, implementation and participation in at-least one (1) full end to end HITRUST audit cycle Desirable: Knowledge/work experience on SOC2, HIPAA, PCI-DSS, TX-RAMP and NIST Cybersecurity Framework

32072BR Bangalore - Campus Job Description Senior Database Administrator / SQL Developer Job Summary: We are seeking a highly skilled and experienced Senior MS SQL Server Database Administrator to manage and support mission-critical, customer-facing environments. The role involves implementing and maintaining high-availability and disaster recovery solutions, including Always On Availability Group Cluster and replicated (OLTP/ODS) environments deployed in both private cloud datacenters (VMWare) and AWS EC2 instances. The candidate will ensure optimal performance, security, and scalability for our customers environments. Role And Responsibilities: Design, implement, and maintain MS SQL Server databases in a hybrid cloud environment. Support multiple hosted customer SQL Server environments from SQL Server 2014 -2019. Manage and support Always On Availability Groups for high availability and disaster recovery. Configure and manage OLTP (Online Transaction Processing) and ODS (Operational Data Store) replicated environments. Monitor database performance, identify bottlenecks, and apply optimizations to ensure high availability and scalability. Perform regular backups, restores, and database maintenance tasks to ensure data integrity and availability. Implement database security best practices to ensure data protection and compliance with industry standards (e.g., HIPAA, HITRUST). Collaborate with development, infrastructure, and DevOps teams to support database architecture, tuning, and deployment strategies. Troubleshoot and resolve complex database issues, providing 24x7 support for production environments as needed. Participate in on call support and after-hours rotations for customer upgrades, script executions, and maintenance. Create and maintain database documentation, including configuration, processes, and runbooks. Assist with ad hoc and custom reporting using T-SQL for customers including management and collaboration with offshore reporting team. Develop and implement automated processes for monitoring, backups, and failover to improve efficiency. Develop custom Stored Procedures and SQL Agent Jobs Automate repeated DBA tasks using SQL Agent Jobs and PowerShell. Respond to customer requests via Jira tickets and work directly with customers on solutions to issues and custom processes. Qualifications Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience). 7+ years Database Administration Experience. Extensive experience with MS SQL Server 2016/2019, including installation, configuration, and troubleshooting. Strong expertise with Always On Availability Groups and high-availability architectures. Proficient in managing large databases in a hybrid cloud environment. In-depth knowledge of database replication, performance tuning, and query optimization techniques. Experience with backup/recovery strategies and disaster recovery planning. Strong scripting skills (T-SQL, PowerShell) for automation and database maintenance. Familiarity with monitoring tools (e.g., SQL Sentry, DataDog, Prometheus, Grafana) and cloud management platforms (AWS RDS, EC2). Excellent problem-solving skills, with the ability to troubleshoot complex issues under pressure. Experience with security and compliance standards (HIPAA, HITRUST) is a plus. Strong communication and collaboration skills required as this is a customer facing position. Knowledge of Windows Server, command line, and PowerShell. Knowledge of SSIS and installing and executing SSIS packages. Preferred AWS Certified Solutions Architect or AWS Certified Database – Specialty. Familiarity with DevOps practices and CI/CD pipelines. Experience in database administration/management for large-scale, high-traffic environments. Working Hours: US EST hrs (8 am - 5 pm EST) Qualifications BE Range of Year Experience-Min Year 8 Range of Year Experience-Max Year 10 Show more Show less

Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. Responsibilities As a Data Protection Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded.Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement.Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance.Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws.Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices.Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level.Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents.Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs.Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality.Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701.Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems.Have 1-2 years of relevant experience in the field.Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc.Exhibit a good understanding of GDPR, CCPA, or other privacy laws.Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks.Hold relevant qualifications such as CIPM, CIPT, CIPP/E.Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications.Flexible working hours.Collaborative and inclusive work environment.Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. Join and hustle with the India's fastest privacy and information security consulting company. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Seeking a Cybersecurity Risk & Compliance Analyst to manage vulnerabilities, support audits (SOC2, HITRUST, PCI DSS), assess risks, and guide security best practices. Help strengthen our security posture and reduce cyber risk exposure. Required Candidate profile 3+ yrs in cybersecurity with focus on risk & compliance. Skilled in vuln mgmt, NIST RMF, ISO 27001. Hands-on with SOC2, HITRUST, PCI DSS. Strong analytics & cross-team collaboration (IT/DevOps).

About Us Decisions is a software development company headquartered in Virginia Beach, Virginia, USA, and it provides a no-code automation platform for all types of business processes. With the no-code automation platform, you can fix the customer experience, modernize legacy systems, ensure regulatory compliance, and automate anything in your business. We help people who know what to do, get it done, and change their world. Role Summary As a Compliance/Security Analyst, your daily work ensures organizational operations meet industry compliance standards to increase customer confidence in Decisions' platform, people, and processes. This role is directly responsible for collaborating with leadership, training employees on industry standards, developing policies, evaluating compliance, and communicating the security posture of Decisions with customers and Decisions leadership. You will strive to elevate the security of customer data as well as internal systems and tools by fighting the status quo of “security theater” to extend our culture of safety and security as a lifestyle in all facets of our business. Key Objectives Objective #1: Bolster Public Brand Trust Support Customer Growth Eliminate internal and external threats to our business Manage vulnerability scanning, reporting, and mitigation activities Identify and understand current organizational policies and practices Communicate with prospects, customers, and team members to continually increase confidence Contribute to the timely completion of accurate customer security questionnaires Observe and act as needed to advance our mission and who we are as an Organization Objective #2: Drive Business Alignment Steward a shared company culture of data security awareness Serve as Incident Response Coordinator during threat events Administer quarterly phish tests and implement remediation strategies Partner with IT to maintain principle of account least privilege Contribute to the org-wide Risk Register to proactively monitor, manage, and resolve business threats Advise on developing and implementing new compliance policies and procedures as required Collaborate with security champions within each department Complete timely and accurate Cloud Cost reporting and SLA reporting requests Objective #3: Maintain Regulatory Adherence Support real-time, collaborative audit readiness Complete internal and external security and privacy audits (ex: SOC2, HITRUST, PCI DSS, ISO27001, etc) Communicate with auditors and follow up on action items in a timely manner Contribute to internal audits to assess operational and procedural compliance Research industry regulations and policies Required Specialized Experience or Skills Technical adeptness and proficiency (if you’ve never used a computer, this is not the role for you) Experience prioritizing and completing multiple tasks on tight timelines Strong problem-solving skills as well as excellent process discipline, milestone management, and time management skills Ability to take in information and summarize the most important content Ability to listen attentively to others and communicate effectively both verbally and in writing Experience working on teams that require high levels of cooperation, flexibility, cross-group collaboration, and real-time response Ability to independently seek and find answers to complete tasks under narrow deadlines Attention to detail without losing sight of the big picture Preferred IT (Helpdesk, Technical Support, SysAdmin) and/or Customer Service Experience COMPTIA A+, Network+, and/or Security+ Exposure to performing key Information Security operational activities Experience with EDR/XDR, IDS/IPS systems Experience contributing to internal and external audits (ex: SOC2, ISO 27000, PCI DSS, HITRUST, FEDRAMP, etc) Experience using Public Clouds (bonus points for Azure or AWS certifications) Linux experience Other Industry certifications: CAP, CCSK, CISA, CCSP, CRISC, Linux+

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) Responsibilities: Strong understanding of IT General Controls domains such as Change Management, User Access Management, IT Operations, Back and Recovery Management etcStrong understanding of the third-party risk managementImplementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etcUnderstanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycleInterview client stakeholders and conducts walkthrough meetings and develop assessment artifactsShould understand complete assessment lifecycle from assessment scoping to project deliverablesGreat communication skills and the ability to break down and explain complex data security problemsExcellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education: Minimum Qualification: BE/ BTech/MBA/Mtech/MCAPostgraduates in any stream would be preferred (not mandatory)Prior Big 4 experience would be an added advantageExperience in IT Risk Advisory/ Assurance for varied industry segments preferredExcellent communication skills - both written and oral Certifications: CIA/CISA/CISM will be added advantage Mandatory Skill Sets: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Preferred Skill Sets: ISO 27001 Reviews, HIPAA/ HITRUST Reviews Years Of Experience Required: 2-8 Education Qualification: BE, B.tech, ME, M.tech, MCA, MBA, Mcom, CA, CS Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Chartered Accountant Diploma, Master of Business Administration, Bachelor of Engineering, Master of Engineering Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills Information Technology General Controls (ITGC), Internal IT Audit, ITGC Optional Skills Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Perform IT Assessment Reviews which includes IT General Controls, Internal Audits, Controls Testing, Compliance Reviews (such as ISO 27001, HIPAA, HITRUST etc.) Responsibilities: Strong understanding of IT General Controls domains such as Change Management, User Access Management, IT Operations, Back and Recovery Management etcStrong understanding of the third-party risk managementImplementation and assessment knowledge of various industry standards, frameworks, and compliances such as ISO 27001, HIPAA, HITRUST, ISO 22301, ISO 27701 etcUnderstanding of the IT Risk Assessment methodologies and ability to comprehend and apply the knowledge during IT assessment lifecycleInterview client stakeholders and conducts walkthrough meetings and develop assessment artifactsShould understand complete assessment lifecycle from assessment scoping to project deliverablesGreat communication skills and the ability to break down and explain complex data security problemsExcellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Education: Minimum Qualification: BE/ BTech/MBA/Mtech/MCAPostgraduates in any stream would be preferred (not mandatory)Prior Big 4 experience would be an added advantageExperience in IT Risk Advisory/ Assurance for varied industry segments preferredExcellent communication skills - both written and oral Certifications: CIA/CISA/CISM will be added advantage Mandatory Skill Sets: ITGC Reviews, IT Internal Audits, Controls Testing, Compliance Reviews, ISO 27001 Reviews, HIPAA/ HITRUST Reviews Preferred Skill Sets: ISO 27001 Reviews, HIPAA/ HITRUST Reviews Years Of Experience Required: 2-8 Education Qualification: BE, B.tech, ME, M.tech, MCA, MBA, Mcom, CA, CS Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Master of Business Administration, Bachelor of Engineering, Chartered Accountant Diploma, Master of Engineering Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills Compliance Reviews, Controls Testing, Health Insurance Portability & Accountability Act (HIPAA), Internal IT Audit, ITGC Optional Skills Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date