555 Hitrust Jobs - Page 9

About The Role As a Senior Consultant, your responsibilities will include standard project execution and client service activities, focused on IT compliance assessments (e.g., SOC 2 and ISO engagements). You will have the opportunity to gain project experience with clients ranging from start-ups to enterprises, across a variety of industries. As an added benefit, A-LIGN does not require Delivery Consultants to report time or sell work! Reports to: Delivery Manager and Senior Manager Pay Classification: Full-Time Responsibilities Plan and execute various IT compliance assessments (e.g., SOC 2, ISO 27001, and other similar engagements), under the direction of a member of the management team Perform IT compliance testing for various IT compliance assessments, under the direction of a member of the management team Create agendas for IT compliance assessments Perform IT compliance testing under the direction of the management team Communicate effectively to the management team, prior to, during, and post fieldwork (i.e., testing phase) Review manager’s planning meeting minutes, and prepare as appropriate for meetings Prepare testing lead sheets throughout the project Review evidence uploaded by the client for appropriateness Provide feedback regarding appropriateness of evidence uploaded by the client Provide detailed project status reports weekly to management Organize client information on A-LIGN’s Shared Drive Proactively communicate any potential issues to the management team Experience Minimum Qualifications At least 3 years of experience in IT audit, preferably with the Big 4 or a mid-tier audit/consulting firm Knowledge of various IT compliance standards including SOC 2, ISO 27001, PCI Experience using Microsoft Office suite including Word, Outlook, PowerPoint, and Excel Skills Ability to meet deadlines with a high degree of motivation Thrives in a fast-paced environment Ability to effectively multitask Ability to work individually as well as collaboratively Demonstrate capabilities with moderate supervision Ability to determine appropriateness of evidence provided by the client Strong interpersonal skills with a service-oriented mindset who can work well within a team as well as independently Must be detail oriented and organized in completing tasks Must be proactive, anticipate roadblocks, and offer solutions Ability to utilize the Microsoft Office suite including Word, Outlook, PowerPoint, and Excel Must have a sense of urgency around completing tasks and the order and priority of tasks based on business needs Strong composition, grammar, and business language skills Strong communication and interpersonal skills with the ability to effectively communicate with the management team and colleagues. Ability to work independently, set priorities and handle multiple tasks with a high level of efficiency About A-LIGN A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com Come Work for A-LIGN! Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn A-LIGN is an Equal Opportunity Employer! Minorities, women, disabled, and veterans encouraged to apply

Job Description #KGS Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Preferred Technical & Functional Skills Flair to be abreast with emerging Technology / innovations like Cloud computing, Agile, Blockchain, AI etc. Proficient with MS Office suite of applications [MS Word, MS Exec, MS PowerPoint, Power BI]. Certifications like CISA, CISSP, HITRUST,ISO etc. Key behavioral attributes/requirements Critical thinking and analytical ability. Excellent written and verbal communication skills. Flexibility to adapt to a variety of situations and multitask. Ability to work both independently and as part of a team. Personal drive and positive work ethic. Innovative mindset. Collaborate and build rapport with onshore and offshore teams Uphold the firm’s code of ethics and business conduct Responsibilities Roles & responsibilities Conduct external audits in accordance with the PCAOB (Public Company Accounting Oversight Board) Auditing Standards Lead team in conducting Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes Lead team in evaluating and documenting the design and operating effectiveness of technology controls (GITCs and ITACs) pertaining to Client’s Internal Controls over Financial Reporting Lead team in performing SOC 1 and SOC 2, SOC 2+ (HITRUST), SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants) Demonstrate strong project management skills for all engagements being led Demonstrate the ability to identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations Contribute to the Automation agenda of the practice by assisting in developing/testing for different bots and tools Conducting IT audits to assess the effectiveness of internal controls, risk management, and compliance with regulations Collaborating with cross-functional teams to ensure IT controls are integrated into business processes Documenting audit findings, preparing reports and recommendations for the management Provide opportunity to junior team members and coach them on day-to-day tasks Contribute to the Knowledge Management agenda of the practice by assisting in technical knowledge development and trainings Possess knowledge of tools and techniques to drive audits for different industries or sectors Review work of junior team members for quality as per relevant auditing standards Evaluating IT systems, processes, and policies to identify vulnerabilities, weaknesses, and areas for improvement Developing and executing audit plans, including scoping, testing, and reporting Assessing IT risks and recommending controls to mitigate those risks Mandatory technical & functional skills Experience in evaluating and testing Process level manual, automated controls and General IT Controls. Experience in evaluating risks across a variety of IT platforms (including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2 and popular Cloud Hosted solutions) Experience of industry standards and frameworks such as COBIT, COSO, HIPAA etc. preferred. Strong Understanding of different Industry sectors preferred. Qualifications This role is for you if you have the below Education Qualification: BE/B.Tech, B.Com, BCA, B.Sc, MBA, M.Sc, MCA, M.Tech, CA. Work Experience: The candidate must have 3-6 years of relevant experience in a similar role, preferably with a Big 4 firm.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Bachelor's degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. #njp

Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. Responsibilities As a Senior Data Protection Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 4+ years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. Join and hustle with the India's fastest privacy and information security consulting company. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Location: Gurgaon (Hybrid) Looking for Immediate Joiners only. About the Role This role is critical to ensuring compliance with HITRUST, HIPAA, and other regulatory requirements while securing healthcare operations and mitigating risks across business, IT, and security domains. Responsibilities HITRUST & HIPAA Compliance Management: Establish and oversee a HITRUST CSF and HIPAA-aligned management system across business processes, applications, IT infrastructure, and security technologies. Security & Compliance Documentation: Develop and guide teams in creating security policies, procedures, and controls documentation for HITRUST and HIPAA compliance. Regulatory & Compliance Assessments: Review the organization’s HITRUST CSF and HIPAA Security & Privacy controls posture and manage evidence collection for certification and compliance. HITRUST & HIPAA Audits: Support and manage internal & external audits for HITRUST CSF certification, HIPAA, and healthcare compliance, ensuring IT and security technologies align with regulatory needs. Training & Awareness: Conduct training sessions for internal teams on HITRUST CSF and HIPAA controls, ensuring awareness and adherence to security and privacy regulations. Risk Management & Assessments: Collaborate with business, IT, and security teams to drive risk assessments and ensure compliance with HITRUST and HIPAA across applications, infrastructure, and operations. Continuous Compliance Monitoring: Ensure ongoing compliance with HITRUST & HIPAA controls by regularly evaluating security and privacy measures across business processes, IT systems, and security infrastructure. Contractual & Client Security Compliance: Interpret business contractual security & privacy requirements (Technology & Information Security) to ensure HITRUST & HIPAA-compliant client delivery environments. Client & Regulatory Audits: Respond to client security & compliance audits, regulatory reviews, and HITRUST & HIPAA assessments, ensuring timely and effective resolutions. Security Risk Communication: Communicate security, privacy risks, vulnerabilities, and compliance assessment findings to senior management and stakeholders, ensuring timely mitigation and governance. Qualifications Strong understanding of HITRUST CSF, HIPAA, HITECH, and security/privacy compliance for business applications, IT systems, and security technologies. Good knowledge of IT security technologies. Hands-on experience in SOC1, SOC2, HITRUST, or supplier risk management audits. Working knowledge of NIST, ISO 27001, and security frameworks for IT and business security alignment. 5+ years of experience in security, privacy, and compliance, with preferred 2+ years in HITRUST CSF & HIPAA Compliance. Strong analytical, problem-solving, and stakeholder communication skills. Preferred certifications: CISSP, CISA, CRISC, CISM, HCISPP, CIPP/IT, or equivalent.

The GRC Security Analyst will plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data. The GRC security analysts will stay up-to-date on the latest cybersecurity intelligence, including hackers' methodologies, in order to modify standards and controls that govern cybersecurity across the corporation. About the Role Essential Duties & Responsibilities: Performing control assessments against corporate cybersecurity frameworks Perform review of policies and supporting procedures/processes Perform assessments of adherence to standards Customer Security Questionnaire assistance Work closely with management on security practices Assess 3rd party vendors for adherence to standards Develop routine reports in accordance with GRC metrics Stay on top of changes in the industry as it relates to security. Other security-related projects that may be assigned according to skills Ensure compliance with policies and procedures Develop and test Disaster Recover Plans Help align company with HITRUST CSF Qualifications Bachelor’s Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of Cybersecurity 3+ years of relevant work experience in: compliance/systems engineering/cybersecurity role Experience in a healthcare setting preferred Possess current security certifications (e.g., Security+, CISSP, CEH, SANS) or be willing to obtain within 1 year of assignment. Required Skills 3 – 5 years experience in building an Information Security Risk Management program Experience supporting the development of Disaster Recovery Plans (DRPs). Proven ability to coordinate, execute, and document Disaster Recovery Plan tests, including analysis and reporting of results. Understanding and familiarity with information system standards Understanding and familiarity with cybersecurity frameworks (ISO, NIST, HiTrust, COBIT, etc…) Assist in maturing the Information Security Risk Management Program by helping to define an IS risk register which includes identifying threats and risks to the organization Meet with business stakeholders to identify top security risks Assist in performing IS self-assessments to ensure systems and applications are complying with corporate policies, applicable regulatory and legal requirements, and leading industry practices Assist in developing and driving the implementation of security best practices and standards to mature the overall IS Risk Management Program which includes defining security system and application standards of control Provide solutions to identified issues and risks Work with the CISO to determine the acceptable level of risk for enterprise computing platforms. Coordinate with key functional teams such as HR, IT, Marketing, Finance, Product Management, Development, General Counsel, and the Business to identify new applications and service providers in use and the associated security controls to secure the data. Assist in performing Third Party Risk Assessments for new and existing vendor tools, on premise implementations, and third parties with access to the environment. Assist in maturing the Third Party Risk Management program by defining security controls based on tiers of vendors. Articulating identified risks to the business for remediation, mitigation and sign off. Investigates incidents and events that include potential HIPAA and other data breaches, data leakage, brand reputational risks, malware propagation, system compromises etc. Mature the Data Loss Prevention Program by defining DLP rulesets in existing tools such as Varonis, CASB, Next Generation Firewalls etc. and review outputs to determine the appropriate action required. Assist with maturing the Data Governance Program which includes defining a Data Classification and Handling Program, identifying Data Owners, and assisting with the design and implementation of a Data Classification and Rights Management tool. Assist in developing and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the Data Governance Security Program and initiatives. Assist in the management and maintenance of the enterprise wide IS Security Awareness Program which includes phishing simulations, computer based training, proactive communications on latest threats, workshops and newsletters. Assist in developing enterprise and functional team specific presentations to promote a security mindset Work with the CISO to ensure the Information Security team stays abreast of new regulatory, legal and/or compliance data security requirements. Ensure compliance with HIPAA, HITRUST, and applicable legal and regulatory requirements. Strong documentation and communications skills Pay range and compensation package This position is primarily a sedentary job and requires that the associate can work in an environment where they will consistently be seated for the majority of the work day. This role requires that one can sit and regularly type on a keyboard the majority of their work day. This position requires the ability to observe a computer screen for long periods of time to observe their own and others’ work, as well as in-coming and out-going communications via the computer and/or mobile devices. The role necessitates the ability to listen and speak clearly to customers and other associates. The work environment is an open room with other associates and noise from others will be part of the regular work day.

You will be responsible for auditing medical billing, coding, and documentation processes. Your role is vital in identifying billing errors, reducing denial rates, and ensuring adherence to CMS, HIPAA, payer-specific guidelines, and internal SOPs

We are seeking an experienced Engineering Manager to lead and grow a high-performing team of software engineers. This role combines people management with technical leadership. You will be responsible for strategic initiatives, overseeing product delivery, and ensuring high code quality and team productivity. The ideal candidate brings a strong technical background, deep project delivery experience, and a passion for mentorship and team culture. Key Responsibilities Lead a team of 5-10 engineers across one or more product verticals. Own delivery for large-scale, high-impact software projects end-to-end. Collaborate closely with Product Managers, Designers, QA, and other stakeholders to define and execute the roadmap. Participate in hands-on coding if need be Ensure timely delivery, high quality, and scalability of software systems. Conduct regular 1:1s, set goals, perform performance reviews, and support career growth. Drive engineering excellence through code reviews, design discussions, and best practices. Participate in architectural decisions and guide the team on technical direction. Identify and resolve performance bottlenecks and system reliability issues. Influence hiring, onboarding, and team structuring to scale the team effectively. Qualifications 12+ years of total experience in software development, including 3–5 years in engineering management or technical leadership. Strong experience with modern backend technologies such as Java, Spring Boot, REST. Hands-on experience in designing distributed systems, microservices, cloud-native applications (AWS). Deep understanding of SDLC, Agile/Scrum methodologies, CI/CD pipelines, and DevOps principles. Strong interpersonal and communication skills; ability to influence cross-functional teams. Proven track record of building and mentoring high-performing engineering teams. Nice to Have Experience in the [Healthcare / FinTech / SaaS] domain. Exposure to frontend frameworks (React). Familiarity with data platforms (Kafka, Spark, MongoDB, Elasticsearch). Prior experience in scaling teams from startup to mid-sized orgs. Knowledge of compliance and security frameworks like HITRUST, SOC2, GDPR.

Risk and Compliance Sr. Analyst Location: USI Hyderabad Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology. We are curious and life-long learners focused on technology and innovation. Work you will do This role supports audits and assessment programs of the Deloitte Technology Cyber Security Risk & Compliance team which includes risk management, audits, and assessments for on premises as well as cloud hosted IT applications and infrastructure. This position is specifically responsible for helping drive SOC 1 and SOC 2 audits and manage the day-to-day responsibilities of gathering evidence, scheduling resources, coordinating with business owners and external auditors, and identifying potential audit issues/operational improvements. Role is to also have an understanding of and ability to assess technology and operational risks related to internal and cloud technology solutions and at times, provide input to ITS personnel on appropriate controls to address audit risks. The position will also work with external and internal auditors, serving as liaison between ITS and non-ITS auditees, gathering and presenting evidence as required. Key Tasks / Essential Job Functions: Understand technology controls, testing of controls, and supporting evidence. Understand technology controls that impact on premises and cloud technology, operational risk to the Information Technology Services organization as well as related laws, regulations, and industry standards, specifically related to internal and cloud technology solutions. Recommend policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure. Manages audit gaps; identifies those within the organization responsible for remediating or closing audit findings, negotiate dates for closure, and track/report progress. Represent Information Technology related to internal and external assessments and/or audits of information technology systems and processes, interpret results, and develop and communication recommendations to management. Work with the appropriate Information Security, Office of General Counsel, Risk Management, and engagement leaders to determine scope of onsite visits, audits, and assessments as defined by contracts and regulatory requirements. Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization for on premises as well as cloud hosted IT applications and infrastructure. Other duties as assigned The team Deloitte Technology helps power Deloitte’s success. It’s the engine that helps to drive Deloitte, which serves many of the world’s largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence. The ~3,000 professionals in Deloitte Technology deliver services internally including: Cyber security Technology support Technology & Infrastructure Application development and management Relationship management group Strategy Deployment PMO Financials Basic Qualifications: B.tech/ B.E 3- 5 years of directly related experience in the following: information technology audits, assessments, remediation management, creating risk assessment programs. Minimum 2 years of experience with various industry standard frameworks such as: SSAE 18 SOC 1 and SOC 2, Shared Assessment Program Agreed Upon Procedures, HIPAA, HITRUST, CSA, CCM, and ISO 27001. Preferred Qualifications: Industry certification (e.g., CPA, CISA, CISSP, CISM etc.) Experience leading IT internal audit, external audits, and or service organization control reporting and activities Solid understanding of IT general controls and activities Familiarity with privacy laws, data protection/security regulations, and cloud security frameworks Possess a general understanding of IT security technologies, including network, application and database security, access management and cloud security, Required Licenses, Certifications, and Other Excellent communication, listening, and facilitation skills (preferred) Excellent time management and related organizational skills, including appropriate sense of urgency, a proactive approach, and a suitable ability to anticipate and manage project lifecycle events, issues, and obstacles (preferred) Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India. Benefits to help you thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 307457

Summary Position Summary Risk and Compliance Sr. Analyst Location: USI Hyderabad Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology. We are curious and life-long learners focused on technology and innovation. Work you will do This role supports audits and assessment programs of the Deloitte Technology Cyber Security Risk & Compliance team which includes risk management, audits, and assessments for on premises as well as cloud hosted IT applications and infrastructure. This position is specifically responsible for helping drive SOC 1 and SOC 2 audits and manage the day-to-day responsibilities of gathering evidence, scheduling resources, coordinating with business owners and external auditors, and identifying potential audit issues/operational improvements. Role is to also have an understanding of and ability to assess technology and operational risks related to internal and cloud technology solutions and at times, provide input to ITS personnel on appropriate controls to address audit risks. The position will also work with external and internal auditors, serving as liaison between ITS and non-ITS auditees, gathering and presenting evidence as required. Key Tasks / Essential Job Functions: Understand technology controls, testing of controls, and supporting evidence. Understand technology controls that impact on premises and cloud technology, operational risk to the Information Technology Services organization as well as related laws, regulations, and industry standards, specifically related to internal and cloud technology solutions. Recommend policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure. Manages audit gaps; identifies those within the organization responsible for remediating or closing audit findings, negotiate dates for closure, and track/report progress. Represent Information Technology related to internal and external assessments and/or audits of information technology systems and processes, interpret results, and develop and communication recommendations to management. Work with the appropriate Information Security, Office of General Counsel, Risk Management, and engagement leaders to determine scope of onsite visits, audits, and assessments as defined by contracts and regulatory requirements. Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization for on premises as well as cloud hosted IT applications and infrastructure. Other duties as assigned The team Deloitte Technology helps power Deloitte’s success. It’s the engine that helps to drive Deloitte, which serves many of the world’s largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence. The ~3,000 professionals in Deloitte Technology deliver services internally including: Cyber security Technology support Technology & Infrastructure Application development and management Relationship management group Strategy Deployment PMO Financials Basic Qualifications: B.tech/ B.E 3- 5 years of directly related experience in the following: information technology audits, assessments, remediation management, creating risk assessment programs. Minimum 2 years of experience with various industry standard frameworks such as: SSAE 18 SOC 1 and SOC 2, Shared Assessment Program Agreed Upon Procedures, HIPAA, HITRUST, CSA, CCM, and ISO 27001. Preferred Qualifications: Industry certification (e.g., CPA, CISA, CISSP, CISM etc.) Experience leading IT internal audit, external audits, and or service organization control reporting and activities Solid understanding of IT general controls and activities Familiarity with privacy laws, data protection/security regulations, and cloud security frameworks Possess a general understanding of IT security technologies, including network, application and database security, access management and cloud security, Required Licenses, Certifications, and Other Excellent communication, listening, and facilitation skills (preferred) Excellent time management and related organizational skills, including appropriate sense of urgency, a proactive approach, and a suitable ability to anticipate and manage project lifecycle events, issues, and obstacles (preferred) Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 307457

Information Security Analyst Job Description: Position Summary: The position will support the organizational initiatives and activities on Cyber Security/Information Security. This involves the development, im plementation, and support of various security programs, processes, best practices and controls across the organization. It also requires to continuously monitor, review and report of the compliance & security posture of the organization. Responsibilities: . Conduct Risk assessments, information security internal audits . Provide consultation on remediating controls and follow up . Perform reviews and conduct internal security audits on Cyber Security/Information security and ensure the organizational security controls are appropriate and effective . Ensure compliance to client security requirements . Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc. . Participate in various organizational initiatives and activities to maintain the Information Security Management System (ISMS) based on ISO 27001 . Develop and maintain Information Security policies, procedures, standards and guidelines . Coordinate response to information security incidents . Provide awareness and training in relevant areas . Collaborate with IT, Finance, HR and other departments for various security related activities . Conduct security research and keep abreast of latest security trends and issues Desired Skills/Experience: . 4+ years of experience in Information Security . Knowledge of Information security standards & best practices (e.g., ISO 27001, NIST, etc.), and regulations related to information security and privacy . Strong analytical and problem solving skills . Excellent communication and interpersonal skills . Knowledge of security tools, techniques and methodologies . Professional/Technical Certifications (Security +, ISO 27001 LA, CISA, CISSP, CCSE, CCSP, etc.) desirable

Role Overview As a Compliance Manager, you will oversee and manage the implementation, maintenance, and monitoring of compliance frameworks — including HIPAA , SOC 2 , ISO 27701 , and HiTrust . You’ll collaborate across engineering, legal, operations, and security to ensure our platform and internal practices meet industry, regulatory, and partner standards. This is a critical, cross-functional role for someone who thrives at the intersection of regulation, systems thinking, and fast-moving tech environments. Responsibilities Compliance Program Management: Own the strategy, execution, and tracking of compliance across frameworks like HIPAA, SOC 2, ISO 27701, and HiTrust Audit & Certification Readiness: Lead internal readiness efforts for audits and certifications, partnering with third-party assessors and internal stakeholders Policy Development: Draft, maintain, and implement policies, procedures, and controls aligned with regulatory and industry standards Risk Management: Conduct risk assessments, control gap analyses, and incident investigations to identify compliance weaknesses and mitigate risk Cross-Functional Collaboration: Work closely with engineering, product, security, and legal to ensure new features and systems are compliant by design Security & Privacy Oversight: Support the security team in managing vendor reviews, access controls, data handling policies, and encryption practices Employee Training & Awareness: Develop and lead internal compliance education programs, including onboarding, role-based training, and refreshers Regulatory Monitoring: Stay up to date with changes in relevant laws and standards and proactively adjust company practices to stay in alignment Reporting: Prepare reports for leadership and external stakeholders demonstrating compliance posture, audit findings, and remediation efforts Qualifications 5+ years of experience in compliance, privacy, or security-related roles, ideally within tech, SaaS, or healthcare organizations Deep understanding of HIPAA, SOC 2, ISO 27701, and HiTrust frameworks and certification processes Strong knowledge of data privacy laws (e.g., GDPR, CCPA) and IT security principles Experience working cross-functionally with product, security, legal, and engineering teams Excellent writing, policy drafting, and documentation skills High integrity and attention to detail, able to manage sensitive information and operate with discretion Bonus: Certifications such as CIPP, CISA, CISSP, or HiTrust CCSFP Bachelor’s degree in a related field (Information Security, Law, Business, or equivalent experience)

About Us We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence. As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations. About Business Assurance We help companies ensure compliance, build high-performing management systems, and meet competence needs within a wide range of industries. DNV helps companies understand Working with us, you can be involved in technically challenging and innovative projects worldwide demanding a broad variety of expertise. Our strong focus on research and innovation opens an array of opportunities, and allows you to engage in projects which develop next generation solutions. and manage their risk picture through our management system certification and training portfolios. About The Role DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line. We prefer already qualified candidates, but we are open for candidates with sufficient background. Perform 3rd-party audits and trainings according to TISAX, ISO/IEC 27001, ISO 9001, ISO 27701 Provide timely and accurate reviews of client’s corrective action and closure Provide customers with timely, complete, and accurate reports of their current level of conformity / implementation of their management system x Maintain schedule of audit activity with Management System clients Maintain appropriate auditor credentials and pursues advancement of those credentials and other related credentials as needed. Ensuring compliance with accreditation rules /ENX rules and other internal or external requirements. Ability to manage Key Customers. Supporting the sales team on technical aspects. Familiarity with use of digital tools What we offer Flexible work arrangements for better work-life balance Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) Medical benefits ( Insurance and Annual Health Check-up) Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme) Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) Company bonus/Profit share. *Benefits may vary based on position, tenure/contract/grade level* DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity. About You Bachelor’s degree in computer science, Mechanical, Automobile, or equivalent & ideally a higher-level qualification Lead auditor Qualifcation in ISO 27001:2022(CQI- IRCA) and Lead Assessor Training on TISAX Overall, 10 Years of experience in which at least 4 years FTE of working experience (as direct employee, consultant, etc.) within companies of automotive manufacturing or direct supply chain and 6 years in IT Audit experience in automotive sector (manufacturing or direct supply chain): in the following standards: TISAX, ISO 9001, IATF 16949, A-Spice, ISO26262. Great attitude, Analytical skills and communication skills. Preferred: ITIL Certified, ISO 22301, ISO 20000-1, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. GDPR, ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks.

About RISA Labs Cancer patients face not just a disease, but a broken system where delays in treatment are common due to outdated, error-prone workflows. RISA Labs is changing that with our Business Operating System as a Service (BOSS) - a powerful platform built for the vertical complexity of healthcare, that transforms healthcare operations. Unlike simple automation tools, BOSS breaks down complex workflows into small tasks, managed by smart AI agents like LLMs, digital twins, and reinforcement learners. This creates a digital workforce that doubles the efficiency of healthcare teams, letting a 1,000-person institution operate like it has 2,000 staff overnight. Founders RISA was founded by Kshitij Jaggi and Kumar Shivang, IIT Kanpur alumni with a proven track record from their previous healthcare startup, Urban Health. Their vision is to streamline oncology care through cutting-edge technology. Funding RISA Labs is backed by $3.5 million in seed funding, led by Flipkart co-founder Binny Bansal, with support from Oncology Ventures, General Catalyst, z21 Ventures, Odd Bird VC, and angel investor Ashish Gupta. Role Overview As a Compliance Manager, you will oversee and manage the implementation, maintenance, and monitoring of RISA Labs’ compliance frameworks — including HIPAA , SOC 2 , ISO 27701 , and HiTrust . You’ll collaborate across engineering, legal, operations, and security to ensure our platform and internal practices meet industry, regulatory, and partner standards. This is a critical, cross-functional role for someone who thrives at the intersection of regulation, systems thinking, and fast-moving tech environments. Responsibilities Compliance Program Management: Own the strategy, execution, and tracking of compliance across frameworks like HIPAA, SOC 2, ISO 27701, and HiTrust Audit & Certification Readiness: Lead internal readiness efforts for audits and certifications, partnering with third-party assessors and internal stakeholders Policy Development: Draft, maintain, and implement policies, procedures, and controls aligned with regulatory and industry standards Risk Management: Conduct risk assessments, control gap analyses, and incident investigations to identify compliance weaknesses and mitigate risk Cross-Functional Collaboration: Work closely with engineering, product, security, and legal to ensure new features and systems are compliant by design Security & Privacy Oversight: Support the security team in managing vendor reviews, access controls, data handling policies, and encryption practices Employee Training & Awareness: Develop and lead internal compliance education programs, including onboarding, role-based training, and refreshers Regulatory Monitoring: Stay up to date with changes in relevant laws and standards and proactively adjust company practices to stay in alignment Reporting: Prepare reports for leadership and external stakeholders demonstrating compliance posture, audit findings, and remediation efforts Qualifications 5+ years of experience in compliance, privacy, or security-related roles, ideally within tech, SaaS, or healthcare organizations Deep understanding of HIPAA, SOC 2, ISO 27701, and HiTrust frameworks and certification processes Strong knowledge of data privacy laws (e.g., GDPR, CCPA) and IT security principles Experience working cross-functionally with product, security, legal, and engineering teams Excellent writing, policy drafting, and documentation skills High integrity and attention to detail, able to manage sensitive information and operate with discretion Bonus: Certifications such as CIPP, CISA, CISSP, or HiTrust CCSFP Bachelor’s degree in a related field (Information Security, Law, Business, or equivalent experience)

Location: Hyderabad-WFO Number of roles: 2 Experience: 2–4 years or 5-8 years Notice Period: Immediate preferred; 30 days We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships. What You’ll Do: Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks Conduct DPIAs and respond to data subject requests Build privacy and security policies aligned to ISO 27001 and HIPAA Guide business teams on privacy risks and best practices What We’re Looking For: 2–8 years in privacy, IT compliance, or security consulting Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus Familiarity with ISO 27001, HIPAA, and data security regulations Certifications like CIPP/E, CIPM, CCSFP are advantageous Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

Information Security Analyst Job Description Position Summary: The position will support the organizational initiatives and activities on Cyber Security/Information Security. This involves the development, im plementation, and support of various security programs, processes, best practices and controls across the organization. It also requires to continuously monitor, review and report of the compliance & security posture of the organization. Responsibilities  Conduct Risk assessments, information security internal audits  Provide consultation on remediating controls and follow up  Perform reviews and conduct internal security audits on Cyber Security/Information security and ensure the organizational security controls are appropriate and effective  Ensure compliance to client security requirements  Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc.  Participate in various organizational initiatives and activities to maintain the Information Security Management System (ISMS) based on ISO 27001  Develop and maintain Information Security policies, procedures, standards and guidelines  Coordinate response to information security incidents  Provide awareness and training in relevant areas  Collaborate with IT, Finance, HR and other departments for various security related activities  Conduct security research and keep abreast of latest security trends and issues Desired Skills/Experience  4+ years of experience in Information Security  Knowledge of Information security standards & best practices (e.g., ISO 27001, NIST, etc.), and regulations related to information security and privacy  Strong analytical and problem solving skills  Excellent communication and interpersonal skills  Knowledge of security tools, techniques and methodologies  Professional/Technical Certifications (Security +, ISO 27001 LA, CISA, CISSP, CCSE, CCSP, etc.) desirable

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Company Description Securis360 provides comprehensive Data Privacy and Governance services to protect your organization’s data and systems. Their offerings include vulnerability assessments, penetration testing, and employee awareness training to prepare businesses for cyber threats. Additionally, Securis360 offers end-to-end services such as SOC2 Type 2 audits, ISO27001:2022 readiness, and compliance with GDPR, HIPAA, and HITRUST regulations. They tailor their solutions to meet specific needs, ensuring maximum defense and minimized vulnerabilities. Partner with Securis360 for expert guidance in securing your network and maintaining regulatory compliance. Role Description This is a full-time, on-site role located in Ahmedabad for a SOC L2 Engineer FortiSIEM. The SOC L2 Engineer will be responsible for monitoring and analyzing security incidents, managing and resolving security alerts, and coordinating with other teams to investigate security breaches. They will also configure and maintain FortiSIEM systems, perform vulnerability assessments, and recommend improvements to enhance security posture. Additionally, the SOC L2 Engineer will provide detailed reports and documentation of security incidents and assist in the development of security policies and procedures. Qualifications Experience with FortiSIEM, security incident monitoring, and analysis Skills in managing and resolving security alerts and incidents Proficiency in vulnerability assessments and penetration testing Knowledge of regulatory compliance standards such as GDPR, HIPAA, and ISO27001 Ability to configure and maintain SIEM systems Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work collaboratively with cross-functional teams on-site Bachelor's degree in Cybersecurity, Information Technology, or related field Certifications such as CISSP, CEH, or CISM are a plus

Our technology services client is seeking multiple DevSecOps Security Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: DevSecOps Security Engineer Experience: 5- 7 Years Location: Mumbai, Pune, Hyderabad, Bangalore, Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: Devops Support, GitHub Actions, CI/CD Pipelines, Argocd , Snyk, multicloud (AWS/AZure/GCP) GIT, MS Tools, Docker, Kubernetes, Jfrog, SCA & SAST Job Description: A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming. Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. Strong passion and technical expertise to automate security functions via code. Strong technical expertise with Application, Cloud, Data, and Network Security best practices. Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. Strong technical expertise with SDLC, CI/CD tools, and Deployment Automation. Strong technical expertise with operating security for Windows Server and Linux Server systems. Strong technical expertise with configuration management, version control, and DevOps operational support. Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies such as Snowflake. Role Responsibilities Development & Enforcement Develop and enforce engineering security policies and standards. Develop and enforce data security policies and standards. Drive security awareness across the organization. Collaboration & Expertise Collaborate with Engineering and Business teams to develop secure engineering practices. Serve as the Subject Matter Expert for Application Security. Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Analysis & Configuration Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. Lead security testing, vulnerability analysis, and documentation. Operational Support Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). Develop incident response and recovery strategies. Qualifications Basic Qualifications 5+ years of experience in developing and deploying security technologies. A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. Experience with modern Software Development Lifecycles and CI/CD practices Experience for the remediation of vulnerabilities sourced from Static Analysis (SAST), Open Source Scanning (SCA), Mobile Scanning (MAST) and API Scanning Proficiency in Public Clo\ud (AWS/Azure/GCP) & Network Security. Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). Preferred Qualifications Strong technical expertise with Architecting Public Cloud solutions and processes. Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. Familiarity with OWASP Application Security Verification Standard Experience with direct, remote, and virtual teams. Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, CodeQL, Checkmarx, and Snyk. Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. Education A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. If you are interested, share the updated resume to madhuri.p@s3staff.com

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years