234 Isms Jobs

As an experienced professional in the field of Information Security, you will be responsible for the implementation and auditing of various industry standards such as ISO 27001, ISO 22301, PCI DSS, HIPPA, and SOC2. Your role will involve supporting teams in planning and executing internal and external audits against these standards. Additionally, you will be tasked with conducting Risk Assessments for internal functions and departments, identifying and communicating risks, and associating them with ISMS controls. Ensuring compliance to business agreements, policies, procedures, and regulations will be a key part of your responsibilities. You will need to have the ability to map controls and compliance requirements, support remediation efforts with the business, maintain metrics, and report on them. Aligning security policies and standards with IT infrastructure frameworks will also be essential. Prioritizing and organizing your work to meet deadlines, executing compliance programs, and conducting regular ISMS audits based on business requirements are crucial aspects of this role. Conducting ISMS awareness sessions for employees, knowledge of application security assessment using OWASP methodologies, and familiarity with compliances such as PCI DSS, HIPPA, GDPR, and SOC 2 are also required skills for this position. Infogain, a human-centered digital platform and software engineering company based in Silicon Valley, focuses on engineering business outcomes for Fortune 500 companies and digital natives across various industries. They leverage technologies like cloud, microservices, automation, IoT, and artificial intelligence to accelerate experience-led transformation in the delivery of digital platforms. As an Infogain team member, you will be part of a global organization with offices in multiple locations and a strong emphasis on digital innovation and customer success.,

You will be responsible for conducting ISMS or Third-Party Risk Assessments. Your role will involve effectively liaising with clients and managing stakeholder expectations. Additionally, you will work closely with client teams from various departments, such as compliance teams, auditing, and regulators, to identify and document various requirements and obligations. Your duties will include conducting risk assessments and audits related to people, processes, and technology. You will be tasked with identifying gaps, observations, risks, opportunities, and areas for improvement in policies, processes, procedures, and standards. You will also document information security risks, recommendations, and compensating controls in assessment and audit reports. Collaboration with other members of the engagement team will be essential to plan and develop relevant work papers and deliverables for vendor information security reviews. You will define the approach for vendor assessments and develop a vendor evaluation model. Furthermore, you will be responsible for handling key activities throughout the assessment and audit life cycle, including planning, execution, reporting, quality review, and tracking within the Third-Party Risk Management (TPRM) framework. As part of your role, you will provide guidance, share knowledge with team members, and participate in performing procedures, focusing on complex, judgmental, and specialized issues. You will also prepare detailed risk assessment reports that include findings and actionable recommendations for stakeholders and senior management.,

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It’s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you’re always ready to act ahead. Learn more about Technology & Transformation Practice Your work profile As a Consultant in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible for conducting clients vendors risk assessment and providing a holistic view of clients risk exposure due to outsourcing Responsible for conducting Information Systems audits covering IT infrastructure assets Works on projects with clearly defined guidelines as team member with responsibility for project delivery Works under general supervision with few direct instructions Performs development and customization work on larger security and privacy implementation projects Understands basic business and information technology management processes. Demonstrates knowledge of firm's methodologies, frameworks and tools. Desired qualifications 2-3yrs of relevant work exp in Cyber security, Information Security, related domains. B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification preferred Strong communication skills (written & verbal) Understanding of basic business and information technology management processes Basic knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, identity management, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection Location and way of working Base location: Kochi This profile involves frequent travelling to client locations. Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Consultant across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Role & responsibilities 1.Conduct audits and assessments of the organization's information security management system to ensure compliance with ISO 27001 standards and best practices. 2. Collaborate with the GRC team to identify risks and vulnerabilities and develop and implement strategies to mitigate them. 3. Develop and maintain policies, procedures, and documentation related to the organization's ISMS. 4. Provide guidance and support to other teams within the organization on information security matters. 5. Monitor and report on the effectiveness of the organization's ISMS and identify areas for improvement. 6. Maintain knowledge of industry trends and best practices related to information security and regulatory compliance. 7. Provide training and awareness-raising activities for employees on information security and compliance matters. Preferred candidate profile 1.Bachelor's degree in computer science, information security, or a related field. 2. ISO 27001 Lead Auditor L2 certification or equivalent 3. Should ka profound knowledge on SOC 2 Audit 4.Experience working in a regulated industry such as healthcare, finance, or government. 5. Familiarity with other relevant standards and regulations, such as GDPR, HIPAA, or PCIDSS. 6.Experience with GRC tools and software. 7. Certification in related fields such as CISM, CISSP, or CRISC

Key Responsibilities: As a part of our Cyber strategy team, you will build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. • Government & Public Sector - Infrastructure Security/Audit, Network Security. • ISMS • ISO 27001 Audit • Cyber Security Policy • Network Security Desired qualifications • B. E/ B-Tech (Tier 1/2) or MCA. • Professional certifications such as CEH, ISO 27001 • 2+ years of relevant experience.

As the Cyber Security Manager, you will be responsible for protecting the company's digital landscape by designing and implementing comprehensive security programs and cybersecurity strategies. Your role will include securing cloud environments, conducting vulnerability assessments, and managing endpoint security solutions to ensure optimal performance of security tools. Staying updated on the latest security threats and best practices will be crucial to continuously improving the security posture of the organization. Furthermore, you will play a key role in building a culture of security awareness by developing security policies, procedures, and training programs to educate employees. Collaborating with stakeholders and other teams to define and implement effective security measures aligned with industry standards and regulations will be essential in maintaining a secure environment. In addition, you will lead incident response activities, perform risk assessments, and drive root cause analysis to address underlying causes of security incidents. Managing compliance with standards such as ISO 27001 and conducting regular audits to assess the effectiveness of information security management systems (ISMS) will be part of your responsibilities. To be successful in this role, you should have a Bachelor's degree in computer science, Information Security, or a related field, along with a minimum of 10+ years of experience in Information and Cybersecurity. A deep understanding of cybersecurity frameworks and standards, as well as knowledge of cybersecurity technologies and relevant VAPT tools, is required. Strong problem-solving, decision-making, and communication skills are essential, along with the ability to communicate complex technical information to both technical and non-technical audiences. Professional certifications such as CEH, ISO27001, ISMS, CISM, or related certifications are preferred for this position. If you are looking for a challenging opportunity to make a significant impact in the field of cybersecurity, this role could be the perfect fit for you.,

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Risk Advisory is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Your work profile As a Manager in our Cyber - Extended Enterprise team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You will: Role Description Lead ISMS or Third-Party Risk Assessments Lead engagement team in delivering client engagements Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements Should be able to work as independently on short term engagements Perform quality reviews of work performed by team members Desired qualifications 8+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits and Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Location and way of working Base location: Pune This profile involves frequent / occasional travelling to client locations OR this profile does not involve extensive travel for work. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As an Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Role Description ISMS or Third-Party Risk Assessments Ability to effectively liaise with clients and manage stakeholder expectations Work with client teams from various departments such as compliance teams, auditing and regulators to identify and document various requirements/obligations Conducting risk assessments and audits with respect to people, process and technology Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures and standards Documenting information security risk, recommendation and compensating controls in the form of assessment/audit reports Collaborate with other members of the engagement team to plan and develop relevant work papers/deliverables for vendor information security reviews, define approach for vendor assessment and develop vendor evaluation model Handle key activities of assessment/ audit life cycle: planning, execution, reporting, quality review and tracking Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues Desired qualifications 8+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Location and way of working Base location: Bangalore Professional is required to work from office Your role as an Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

About The Role : Job Title: Information Security Officer (ISO) LocationBangalore, India Corporate TitleAS Role Description The role of an Information Security Officer (ISO) is of a role holder aligned to a portfolio of applications (Application ISO). The ISO has the responsibility for the operational aspects of ensuring compliance with the Information Security Principles. The ISO is the primary contact for information security relevant matters within their area of responsibility. The ISO has a disciplinary reporting line into their Line Manager and a functional reporting line into the Divisional CISO. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities To assume the ownership and responsibility for the assigned IT assets, in line with the DB Group Information Security management processes and the Divisional ISMS. To support the development and maintenance of Information Security policies and procedures pertaining to the Unit in accordance with the Information Security policies and procedures of DB Group. To support the management of IS Risks within the Risk Appetite defined by the ISR. To execute the IS Risk assessments and compliance evaluations for assigned IT assets To ensure the execution of information security risk management requirements in their area of responsibility as additionally defined by the Divisional ISO (e.g., conducting risk assessments on an organizational basis, preparing and implementing management action plans to mitigate identified risks) To ensure the implementation of Identity and Access Management Processes and the execution of a periodic recertification of User Access Rights in their area of responsibility To provide timely updates to the Divisional ISO regarding the aforementioned information security management tasks To ensure that application entries regarding information security (e.g., Data Protection and Data Privacy fields) in the Groups inventory of applications are accurate and up to date To implement Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach Keep oneself informed of the Information Security Principles and its subordinate documents and liaise with any other necessary parties to accomplish their tasks. These resources may be e.g., the TISO, ITAO or any other subject matter experts To ensure appropriate documentation of information security risk management in area of responsibility. This includes major decisions including identified and assessed risks as well as risk mitigation measures To deliver all items requested during regulatory and internal Information Security related audits Your skills and experience Essential Candidate should have a minimum of 8 years of business experience in an operation management / risk management capacity, working knowledge in various banking products with strong communications skills Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within Banking Operations Good understanding of Regulatory, Compliance, Risk & Control Knowledge Have sound knowledge of Identity and Access Management Process Ability to multitask and manage multiple deliverables / projects that are highly visible and of strategic importance to our clients Ability to effectively communicate with clients internally and externally Must be a team player and facilitator Desirable Solid technical understanding of the business (CB Operations) including strong knowledge of application security related processes. Knowledge of electronic banking products and flow of instructions Computer proficiency in MS Office and ability to utilize IT initiatives to achieve a high degree of operational efficiency, optimize costs and add value to the service provided Innovative approach to work and continuously identify and implement process improvements Seek opportunities to improve service processes, minimize operational risk and reduce costs Strong analytical skills, detail orientation, service commitment and solid people management skills Strong awareness of risk control Education / Certification Graduation degree CRISC DesiredCISA/CISM/CISSP How well support you

As a Senior Executive-Admin at Birlasoft Office in Hyderabad, India, your primary responsibility will be to oversee various aspects of physical security, access control, CCTV monitoring, and general administration. You will be tasked with ensuring the safety and security of the office premises by deploying and monitoring security guards, conducting physical security audits, and maintaining compliance with ISMS/ISO standards. Your duties will include monitoring employee, visitor, vendor, and material movement, preparing SEZ gate passes, maintaining access control systems, and collaborating with the campus security team for day-to-day operations. Additionally, you will be responsible for managing parking areas, implementing physical security policies and procedures, and working with the transport team to ensure employee safety. In terms of access control and CCTV management, you should have hands-on experience with applications such as Honeywell and Siemens. Your tasks will involve activating/deactivating employee access, providing access cards to all employees, handling internal and external audits, and maintaining CCTV recording and backup systems. You will also be required to prepare monthly reconciliation reports and ensure compliance with SEZ/STPI procedures. Furthermore, you will oversee general administration and facilities activities, including repair and maintenance, stock management of printing and stationary items, generating MIS reports, processing invoices, managing seating capacity, and coordinating housekeeping and pantry services. Your role may also involve event management, guest handling, CLRA compliance for third-party staff, and knowledge of EHS and EOHS requirements. Ideally, you should have a strong understanding of security protocols, access control systems, CCTV technologies, and general administrative procedures. Experience with SEZ/STPI campus operations, SAP SCM, and event management will be advantageous in fulfilling your responsibilities effectively. The ability to collaborate with various teams, maintain compliance with regulations, and prioritize safety and security measures will be essential for success in this role.,

Jul 24, 2025 Location: Pune Designation: Assistant Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The Team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As an Assisstant Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Youll : Role Description : 1. ISMS or Third-Party Risk Assessments 2. Lead engagement team in delivering client engagements 3. Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities 4. Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations 5. Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology 6. Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements 7. Should be able to work as independently on short term engagements 8. Perform quality reviews of work performed by team members Desired qualifications 1. 3+ Relevant years of experience in Third party risk management 2. Relevant years of experience in IT Audits, Cloud security 3. Experience with ISO22301 implementation and audits 4. Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ 5. Understanding of Third party/vendor/supplier risk management considerations 6. Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management 7. Excellent written/verbal communication 8. Excellent documentation and presentation skills 9. Highly motivated and willing to work in local and global environments 10. Security certifications like CISSP, CISA, CISM, CEH, ISO27001 11. Work experience in Infrastructure / Application Security 12. Work experience in IT Audit 13. Work experience in Information Risk Management Location and way of working Base location: Pune 5 days work from Office Your role as an AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Assistant Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Job Description: Job Title: Risk and Controls Specialist, VP Location: Bangalore, India Role Description: The 1st line GTI Risk and Controls function is part of Group Technology Infrastructure (GTI), which is a division of Technology, Innovation and Data (TDI) of Deutsche Bank Group. As part of the GTI Risk and Controls team, you will contribute towards DB strategic goals to improve operational resilience and reduce risk. Specifically, you will support a proactive risk management function. As such, your role will be focused on risk identification and remediation activities. Additionally, you will use your expertise to plan and execute thematic risk assessments as well as supporting risk scenario testing and macro threat assessments. What we ll offer you: As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities: GTI Risk Management (InfoSec) Serve as the IT Security delegate for the CIO Unit (i.e. GTI), managing a team of Analysts / Associates / AVPs. Drive InfoSec Controls compliance activities / InfoSec Controls implementation facilitation management responsibilities. Steer IT Security initiatives and programs. Interface with application-level teams and app owners to facilitate and support remediation activities and consequent adoption of compliance solutions for the GTI applications estate across the CSO mandated security control domains. Manage stakeholders across InfoSec Control areas and multiple InfoSec Governance Forums. Orchestrate periodic reporting activities and deliverables governing the InfoSec controls compliance space. This role holds the ownership of various InfoSec reporting outputs / work-products. Coordinate closure actions related to SII/Findings within the Findings Management space. Provide GTI ERTs with InfoSec SME support wherever required. Work with the associated D-CISO (Divisional Chief Information Security Officer) for maintenance of Divisional ISMS (Information Security Management System) over IT assets and processes. Support the implementation of IT Security requirements and ensure overall Information Security posture is within agreed Risk Appetite. Work in close collaboration with the CIO area (i.e. GTI) level application teams and the technical security structure embedded within the CIO-1 units namely the DTISOs/TISOs (Divisional Technical Information Security Officers). Steer IT Security initiatives and programs. Ensure all members of the IT Security organization are trained and have completed the curriculum specific to their assigned roles. Advise and report on Technical Information Security topics. Report regularly on the status of IT Security to the CIOs, relevant IT senior management and to key stakeholders. Additionally, Report to the associated Divisional CISOs on handling of information security topics, issues and risks. Support the Divisional CISO in managing Information Security topics for Technical Security Matters. Ensure effective and efficient communication of all IS requirements and decisions within their IT Security organization. Stakeholder Management Identify, Partner, and Collaborate Establish relationship with the DTISO/TISO community within GTI to ensure effective and robust support towards InfoSec realm of activities. Partner with the CSO teams to ensure alignment towards Group wide CSO mandated InfoSec controls and standards. Collaborate closely and proactively with the DTISO teams to manage the alignment towards InfoSec control requirements. Promote and support proactive IT risk culture at the Bank. Your skills and experience: Desired experience 15+ years of experience as Risk and Control Lead in designing and implementing Technology risk framework in a global organization. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001. Knowledge of Agile change delivery methodology, DevOps and Shift left concepts. Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains. Other professional qualifications and certifications in Technology risk management. Desired behaviors A strong team player able to operate in a cross-cultural and diverse operating environment. Result oriented and ability to deliver under tight timelines. Proven ability to lead a team Ability to successfully resolve conflicts in a globally matrix driven organization. Excellent communication and collaboration skills. Desire to learn about new and emerging technologies and continuous upskilling. Must be comfortable with navigating ambiguity to extract meaningful risk insights. How we ll support you: Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

If youre looking for an exciting opportunity to work with a team of talented colleagues who enjoy both work and life. Westernacher is the perfect place. We are seeking an Information Security coordinator for our growing team in India. Your Responsibilities Take on a role of our global Information Security Team within the Global Compliance area, supporting our Solutions and Consulting Divisions Support the establishment and implementation of an ISMS globally Monitor and optimize the Information Security Management System (ISMS) to ensure high security standards Assess risk management, vulnerabilities, and threats Maintain policies, processes, and security controls Support activities in the Business Continuity Management Prepare and support our regular ISO27001 internal and external audit cycles Prepare and conduct training sessions Your Experience and skills Completed studies in Information Security, Computer Science, or Business Informatics Over 3-5 years of professional experience in the area of Information Security, preferably in consulting/system integration projects Experience in internal and external ISO27001 audit cycles Extensive experience in maintaining an ISMS according to ISO27001, vulnerability management, risk management, and a problem tracking system (e.g., JIRA) Experience in Business Continuity Management (optional) Fluent English - both verbal and written Why Westernacher ? Inspiring and exciting, innovative working environment. Competitive remuneration package (salary, bonus, benefits). International company culture and minimal hierarchical structure. Chance to work on complex projects from different industries and add to your business process know-how. Flexible working hours and hybrid working model. This is WE: Committed to innovation, since 1969 Westernacher Consulting operates worldwide, with more than 1000 consultants in Europe, Asia and the Americas. We provide global business and SAP consulting, serving medium to large sized enterprises striving for innovation, operational excellence and profitable, sustainable growth. Headquartered in Heidelberg, Germany, Westernacher Consulting is the global leader in business process and technology innovation.Living , working, and operating in partnership. We are inquisitive, creative thinkers with a strong entrepreneurial spirit. We question new ways of working, think differently and are willing to try out new approaches to create value and innovation for our customers. All of this makes us pioneers in our field and keeps us responsive, quality-focused and results-oriented. Westernacher is a diverse work environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetics, disability, age, or veteran status. Westernacher is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

content="Experience : 4 5 years Responsibilities:Maintain and manage of current IT infrastructureMaintain and Manage current computer Network and SeversProvide right solution for user based query / requirementHandle day to day IT related query / issue in given timelineGiving status report to Respective supervisor / Manager on daily basisAdherence to the expected roles and responsibilities w.r.t ISMS and QMS standardsRequired Skills:Network and servers installation and managementFirewall managementWidows and Linux system managementHardware and software installation and managementO365 and Gsuite workspaceVendor communication, follow upTicketing ToolEducational Qualifications & CertificationsKnowledge of Windows server, Networking TechnologyCertification: CCNA(Preferred), MCSA (Preferred)Graduation: Any discipline (Graduation in Computer Science or related field will be a big plus)">

About Cyber BDO India cyber security practice is one of the fastest growing areas of the business with significant ambition for the future through additional recruitment and acquisition. As part of our cyber team / tech risk you will be managing teams and projects delivering advisory and technical support to help our clients to improve their information / cyber security posture and respond to the dynamic nature of technology risks / cyber security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build and deploy pragmatic security solutions that will provide real and tangible benefits to protect their organisations. Furthermore, often carryout out IT Risk Assessments in line with industry better” practices (NIST / ISF / Cloud Security / etc.), regulatory mandates (RBI / IRDAI), and various compliance standards focusing on data security, data privacy, etc. Details: Position Title Info Security – ISMS Location Gurugram Department BAS Cyber Key Responsibilities: • Implement and maintain the ISMS framework in accordance with ISO/IEC 27001 standards. • Conduct risk assessments and assist in developing mitigation strategies. • Perform internal audits and support external audits for compliance certifications. • Develop and maintain ISMS documentation including policies, procedures, and reports. • Monitor and report on ISMS performance metrics and KPIs. • Coordinate with cross-functional teams to ensure security controls are effectively implemented. • Stay updated with regulatory requirements and industry best practices. • Support incident response and business continuity planning activities. • Implement and maintain framework according to ISO/IEC 42001 standards. • Conduct AI risk assessments, focusing on data privacy, model integrity, bias, and ethical considerations. • Develop and maintain documentation for AI governance, including risk registers, impact assessments, and control matrices

Educational Qualifications Bachelors degree in information technology, Computer Science, or equivalent experience. Certifications & Training (Preferred) ITIL Foundation or higher MCSA/MCSE, particularly with Azure or Microsoft 365 specialization Network certifications like CCNA or equivalent Awareness of ISO 27001 (ISMS) and ITSM processes Key Responsibilities Lead and mentor the offshore IT Service Desk team, promoting collaboration, accountability, and skill development. Foster a positive and inclusive team culture, with a focus on well-being, motivation, and ownership. Monitor and manage incoming support tickets; ensure SLAs and service standards are consistently met. Handle escalations and complex incidents with a solution-oriented mindset. Collaborate with Corporate IT and business units to align offshore operations with overall IT strategy. Act as a liaison between offshore team and local leadership to ensure visibility, transparency, and trust. Draft, maintain, and improve standard operating procedures (SOPs), workflows, and knowledge base articles. Ensure seamless coordination of endpoint support, patch management, hardware/software deployment, and access control. Track trends, analyze recurring incidents, and work proactively with teams to reduce preventable issues. Support Corporate IT in project rollouts, system upgrades, and organizational change efforts. Execute asset management, procurement processes, and vendor coordination as directed by the IT Manager. Prepare reports on service desk metrics, user satisfaction, and improvement initiatives. Technical Skills: Familiar with ISMS and ITMS process and policies Experience in providing critical user support such as support for senior users and management Act as a Team lead who can also interact effectively with local management and Head Office Team Good knowledge on Active Directory, DHCP, DNS, File server, SharePoint, and basic knowledge in Exchange Server, Oracle ERP etc. Good experience in solving Microsoft Office 365 related incidents and requests. Experience in solving End Point Security tools and Endpoint Patching. Basic experience in MDM preferably Intune and Identity and access management. Basic network support including LAN, Wireless and IP Phones etc. Good Knowledge in TCP\IP and basic knowledge on network technologies like firewall, switches, proxy etc. Talking to staff/vendors through a series of actions, either face to face or over the telephone to help set up systems or resolve issues. Support L2 System Team to roll-out of new implementation and change execution as directed by Corporate IT Manager Experience in IT Asset Management and perform procurement process as directed by IT Manager

Responsible for driving Internal Audit ,Internal financial Control (IFC) for the organization and subsidiary. This is a tactical role which contributes to defining the direction of the operating plans based on the business strategy, with a significant mid-term impact on the overall results.Responsibilities Prepare the annual audit calendar and drive internal audit projects as per the calendar. Conduct Internal audit across departments/functions/ subsidiaries as per the timelines. Conduct meetings with the process owners to identify the scope, timeline & SLA of audit report. Interact with audit agencies and facilitate as well as review the auditing process. Review and Monitoring of Action Taken Report (ATR) Prepare the Internal finance control process document and risk & control matrix. Undertake management testing & ensure key controls proposed in the Internal finance document are tested. Identify & evaluate deficiencies in testing. Provide support to statutory auditors in their independent testing based on the requirements of the new companies act. Minimum qualification & experience 3-7 years of post qualification years of experience in internal audit and financial controls testing in a technology industry.Desired Skill sets Hands on experience with relevant Information System for assurance, testing, setting finance controls. Well versed with Excel, Power Bi etc good communication and report writing skills

Security Analyst Req number: R5734 Employment type: Full time Worksite flexibility: Onsite Who we are CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise. Job Summary We are looking for a motivated Security Analyst ready to take us to the next level! If you understand ISMS, Information Security, Vulnerability Management and are looking forward to your next career move, apply now. Job Description We are looking for a Security Analyst . This position will be full-time and Onsite Gurugram. What You’ll Do Ensure compliance with security standards and frameworks (e.g., ISO 27001). Assist in the development and enforcement of internal security policies and procedures. Conduct regular audits to ensure compliance with established security protocols and guidelines. Coordination with relevant stakeholders to identify, assess, and prioritize security vulnerabilities across systems and networks. Coordinate in performing vulnerability assessments and penetration testing to ensure system defense are robust. Collaborate with IT teams to recommend and implement patches, fixes, or configuration changes to address vulnerabilities. Continuously monitor network traffic, security logs, and systems for any signs of security breaches or irregularities. Maintain and manage security tools (e.g. Next gen AV, EDR, SIEM). Educate employees on information security best practices, including secure password policies and safe internet use. What You'll Need 3+ years of experience in a Security Analyst or related role. Hands-on experience with security monitoring, vulnerability management, and incident response. AV, EDR/XDR, SIEM, Network protocol. Incident Response. Vulnerability Assessment. Familiar with the Secure SDLC Framework. Strong analytical and problem-solving skills. Excellent understanding of network protocols (TCP/IP, DNS, HTTP, etc.). Experience with vulnerability management and penetration testing tools. Familiarity with risk management and compliance requirements. Windows/Linux administration. Conduct regular system scans, security checks, and updates to ensure the security tools are functioning optimally. Provide guidance on handling sensitive data and maintaining security hygiene. Document security incidents, investigations, and actions taken for compliance and future reference. Contribute to risk assessments and assist in the identification of key risk areas for the organization. Investigate security incidents, respond promptly, and report findings to the management team. Physical Demands Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc. Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor. Reasonable accommodation statement If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 – 8111.

You are an Analyst, Information Risk Management at Omnicom Global Solutions in Hyderabad. Omnicom Global Solutions, a vital part of Omnicom Group, is a top global marketing and corporate communications company with a worldwide presence. In India, OGS plays a crucial role in providing a wide range of services across various domains to global agencies and group companies. With a large and talented team in India, Omnicom Global Solutions is expanding rapidly and seeking professionals like you to contribute to its growth. As an Analyst, Information Risk Management, your role involves spearheading effective cybersecurity and privacy programs within Omnicom. You will collaborate with regional and global stakeholders to decrease information security and IT risks. The primary responsibilities include conducting risk assessments aligned with internal frameworks and regulations, engaging with stakeholders to manage identified risks, presenting risk reports to senior leaders, advising on cybersecurity architecture, assisting global agencies in complying with cybersecurity regulations, monitoring the threat landscape, contributing to the Information Security Management System (ISMS), and participating in risk governance and compliance initiatives. To excel in this role, you should have at least 3-5 years of experience in information risk management, cybersecurity, or GRC domains. Proficiency in risk assessment methodologies, threat modeling, risk mitigation practices, cybersecurity frameworks and standards, preparing risk reports for leadership, stakeholder engagement, and analytical skills are essential. Preferred qualifications include industry certifications like CRISC, CISM, CISSP, ISO 27001 Lead Implementer, exposure to cloud security tools, and experience in enterprise ISMS or regulatory compliance programs. This position offers an exciting opportunity to lead cybersecurity and privacy initiatives, engage with stakeholders globally, and contribute to enhancing Omnicom's enterprise risk posture. If you are passionate about information risk management and cybersecurity, and possess the required skills and qualifications, we invite you to be part of our dynamic team at Omnicom Global Solutions.,

Role :Information Security Exp - 10+yrs (8+Relevant Exp) Must have - GRC, ISO 27001, ISO 23001, Internal and external Audits, IT Audits, SOC 2& GDPR(EU)/HIPAA Loc - Chennai /Bangalore/hyderabad Budget - 22LPA Regards, Ragul 8428065584

Senior Information Security Specialist - JD (You ll be the shield behind secure systems) Experience Required: 3-5 years Location: Bangalore, Hybrid Department : Compliance Reporting to: Global DPO About Us Augnito is the next gen Voice AI powering the healthcare industry. Augnito empowers medical professionals and streamlined clinical workflows with cloud-based, AI speech recognition that offers ergonomic data entry with 99% accuracy, without the need for voice profile training, from any device, anywhere. From the outset, Augnito was built in close partnership with clinicians, using human-centered design, to create an AI natural language processing engine to fit your needs not the other way around. As a result, Augnito offers excellent support for a wide variety of clinical vocabulary and workflows and can halve your clinical reporting and admin time, increase revenue, prevent physician burnout, eliminate transcription waiting delays, and enable you to focus your energy on patient care not documentation. Augnito is currently deployed at 300+ hospitals and health systems and has a growing presence in 20+ countries, including the US, UK and Canada Role Overview: We are looking for a detail-oriented and proactive Information Security Associate to assist in maintaining and improving our core compliance and information security standards. You will support the implementation and monitoring of ISO 27001:2022, SOC 2, and HIPAA requirements, working closely with internal SPOCs, external auditors, and the senior InfoSec team Key Responsibilities: Lead the implementation, continuous improvement, and certification of ISO 27001, SOC 2, HIPAA, ADHICS, and GDPR frameworks. Conduct risk assessments and maintain a comprehensive ISMS. Define and review security policies, SOPs, and compliance matrices. Interface with global clients and regulators to address InfoSec requirements, security posture, and data processing controls. Oversee responses to client RFPs, DDQs, and third-party security reviews. Supervise execution of VAPT, access reviews, incident response simulations, and audit closures. Draft standardized responses for client RFPs and security assessments. Help gather security documentation and artifacts for client due diligence. Guide junior team members in operational compliance tasks. Drive cost optimization across security tools and services. Maintain reusable templates, trackers, and compliance artifacts for audits. Plan for future frameworks like ISO42001 India DPDP Act, and industry-specific certifications. Advise on regional compliance nuances pertaining to SFDA, DOH and the like Requirements: 3 5 years of hands-on InfoSec experience, including leading audits and certifications. Deep knowledge of ISO 27001:2022, SOC 2, HIPAA, and ADHICS frameworks. Familiarity with GDPR and other international data privacy laws. Strong stakeholder and vendor management skills. ISO 27001:2022 Lead Implementer or Auditor certification is mandatory Good to Have: Experience in healthcare or AI-based SaaS/tech. Proficiency in cloud security, data flow mapping, and regional data laws. Ability to work independently in a high-growth environment Augnito India Pvt. Ltd. is an equal opportunities employer. We are committed to providing equal opportunities throughout employment, including in the recruitment, training and development of employees (including promotion, transfers, assignments and beliefs). Augnito will not tolerate any act of discrimination in the workplace including but not limited to: Gender, Gender identity, National or ethnic origins, Marital or Domestic Partnership status, Pregnancy Status, Carer s responsibilities, Sexual orientation , Race, Color, Religious belief, Disability, Age, Any other grounds of discrimination. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Augnito will be based on merit, qualifications, and abilities. Our objective is to attract job applications and applications for development from the best possible candidates and to retain the best people In accordance with Augnito s data retention policy, candidate details are retained in our database for a period of five years. This allows us to reach out to candidates in the future for any relevant opportunities within the organization.

Associate Manager - Third Party Risk Management Associate Manager - Third Party Risk Management - 31404 - TMF Associate Manager - Third Party Risk Management We never ask for any kind of payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment or asked to make a purchase, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website. TMF Group is a leading provider of administrative services, helping clients invest and operate safely around the world. As a global company with 11,000+ colleagues based in over 125 offices across 87 jurisdictions, we actively seek out people with the talent and potential to flourish at TMF Group, whatever their background, and offer job opportunities to the broadest spectrum of people. Once on board, we nurture and promote talented individuals, ensuring that senior positions are open to all. Discover the Role The Assistant Manager, Third Party Risk Management, is primarily responsible for developing and managing a third-party risk management process that tracks third-party risks. Work directly with the Manager Third Party Risk Management and the CISO/CSRO Office team to define issues and information needs and translate them into implementable technical enhancements to the TPRM Program. Deliver reporting for the Overall TPRM Program. Employ the analytics features to compile and synthesize data to make grounded recommendations to assess and protect against risk exposure to guide decision making to advise the business with respect to TPRM.Champion and execute updates to the existing reporting and technology framework to reduce risk and enhance efficiency. Oversee and make recommendations about additional add-on features. Assess the Information Security posture of third parties (Sub-contractors and vendors), including their IT applications in the scope of the service provided to TMF, at the time of contracting their service and periodically thereafter. The resource is also responsible for assessing information security risks from third parties and specifying appropriate technical and organizational controls to address the risks to be formally included in the contract with the third parties. The incumbent will check the compliance of the third parties to the specified security requirements on an annual basis / or as and when required by conducting reassessments/audits. Key Responsibilities Review and maintain Third Party Risk Assessment procedure and assessment questionnaire. Review third party responses and ensure required controls are in place. Identify gaps and raise them with sponsors for resolution Identify technical and organisational measures / security controls that need to be included in the contract with the third party. Maintain an inventory of onboarded third parties, along with key contact personnel, and rate them based on access level / risk level / criticality level Conduct periodic (annual) reassessments to verify / validate the security posture of the vendor and compliance to the agreed security controls Share details of vulnerabilities that may affect the applications provided by the vendor and check if the vulnerabilities are remediated in a timely manner. Key Requirements The Candidate needs to possess strong technical and soft skills, as highlighted below: The ideal candidate should have a Computer Science Education Bachelor s or master s degree The candidate should have 5- 8 years of relevant work experience in Information Security, with third party risk management as a primary responsibility. ISO 27001 /ISMS Standard. ISO 31000 Standard / risk assessment Knowledge of security frameworks like NIST Cyber Security Framework and regulations such as GDPR, DORA etc. would be an added advantage Understanding of security in relation to compliance with local legislations and regulations Excellent interpersonal skills. Ability to connect with and communicate appropriately across junior to senior-level staff Excellent written and spoken skills in English. Knowledge of Spanish, Portuguese or any other foreign language would be an added advantage General Skills Requirement Attention to detail Good understanding of the business Ability to work with minimum supervision Ability to work under stress Sense of responsibility What s in it for you Work with colleagues and clients around the world on interesting and challenging work; We provide internal career opportunities so you can take your career further within TMF; Continuous development is supported through global learning opportunities from the TMF Business Academy. You ll be helping us to make the world a simpler place to do business for our clients; Through our corporate social responsibility programme, you ll also be making a difference in the communities where we work. Strong feedback culture to help build an engaging workplace; Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best. Anniversary & Birthday Leave policy Be part of One TMF Paternity & Adoption leaves Salary advance policy Work flexibility Hybrid work model Talk about growth opportunities (we invest in talent) Well-being initiatives We re looking forward to getting to know you!

BASIC INFORMATION ON THE POSITION Position Name: Deputy Manager - ESGC PURPOSE OF THE ROLE To ensure Information Security Management System and Risk management framework including Business continuity are effectively planned & established in line with the business objectives. The job exists to ensure compliance to IS requirements, both from customer and organization. If this role did not exist, ensuring compliance to IS requirements is not possible. KEY RESPONSIBILITIES AND ACCOUNTABILITIES Compliance to client information security requirements as agreed in the MSA by ensuring that requirements are captured, documented, implemented and verified Ensure customer audits are cleared successfully without any critical non-conformances Propose cost effective solution and maintain compliance cost Contain Revenue Leakage by ensuring reduction in revenue leakages resulting from IS incidents and effective implementation of controls Ensure operational excellence through the following: 1. Develop and manage ISMS (Information Security Management System) framework including Business continuity and awareness 2. Identify and implement applicable industry practices (IT act and amendments, Data Privacy and Data Security framework etc) 3. Establish and implement measurement program to assess effectiveness of the framework/system 4. Ensure all internal / external audits are planned and successfully cleared. 5. Monitor and track all internal/external audit findings to closure. Highlight open findings and accepted risks Enable Innovation through Automation and New initiatives Ensure Effective People Management by keeping the team engaged and having diverse workforce, Creating accountability & ownership in the team, handling team members grievances and ensuring team attrition is within targets Ensure Capability Development in the team by upgrading competency (skills) in the team in line with the current industry practices and business objectives including both managerial and technical capability EDUCATION QUALIFICATION Degree: BE/M.tech or MBA Certifications: CISA/ CISM Certification - ISO27001 lead auditors certification MINIMUM EXPERIENCE REQUIRED Overall (in years): 10- 15 years Relevant (in years): 8-12 years DOMAIN/ FUNCTIONAL SKILLS Good understanding of various IS standards, framework such as ISO27001, PCIDSS, HIPAA, NIST, SOC/SSAE16 Standards & ISO27005, ISO 22301 Guidelines - Knowledge of risk management (ISO31000, ISO27005), business processes - Knowledge of IT Security, physical and environmental security and HR security controls - Knowledge of regulatory requirements

Aditya Birla Insulators is looking for MT Ultratechies HR to join our dynamic team and embark on a rewarding career journey Collaborate with cross-functional teams to achieve strategic outcomes Apply subject expertise to support operations, planning, and decision-making Utilize tools, analytics, or platforms relevant to the job domain Ensure compliance with policies while improving efficiency and outcomes

Desired Candidate Profile:Should have good Verbal and Written Communication skill, as well as competency in Microsoft Office applications such as Word and Excel Should possess good interpersonal skill Roles and Responsibilities :Handling visitors, Walk-in candidates, Guests, Vendors You will act as the face of our company and ensure visitors receive a heartwarming welcome Handling Epabx, Conference facility and telecom requirements related to office epabx Accountable for all hygiene factors related to office set up Adherence to Internal Compliances(ISO / ISMS) Coordination with internal customer for requirements Client visit arrangements Handling soft services Bill processing and accounting