5 Iso 270012 Jobs

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Risk consultant, you'll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for Seniors Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities - Participate in IT Risk and Assurance engagements. - Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. - Help prepare reports and schedules that will be delivered to clients and other parties. - Develop and maintain productive working relationships with client personnel. - Responsible for managing reporting on assurance findings and ensure control owners take remediation action as required. - Identify, lead, and manage the continuous improvement of Internal Controls through implementation of continuous control monitoring and automation. - Obtain and review evidence of compliance for adherence to standards. - Key domains of compliance controls, including change management, access to system, network and Data, computer operations and system development. - Stay current with and promote awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. - Understanding on Control frameworks such as COSO, internal control principal and related regulations including SOX and J-SOX. Common IT governance and Assurance standards including NIST, COBIT, Risk IT, ITIL, and third-party reporting standards as SSAE16. - Understanding on independent and risk-based operational audits such as Software Development Life Cycle (SDLC), Business Resilience, Cybersecurity audits, Data privacy, and data protection audits, Network security audit. - Understanding and hands-on experience on data analysis tools such as Tableau, Power Bi, python, etc. - Conduct performance reviews and contribute to performance feedback for staff. - Adhere to the Code of Conduct. The Code of Conduct sets the standards of behavior, actions, and decisions we expect from our people. Skills and attributes for success - Experience in application controls and Information security experience. - Understanding of risk management systems and processes. - Ability to build relationships with key stakeholders across different levels of seniority. - Strong written and verbal communication skills. To qualify for the role, you must have: - Preferably bachelor's degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA. - Minimum of 1-2 years of experience in internal controls and Internal Audit. - Enterprise risk services with specific focus on IT and related industry standards. - IT Risk Assurance framework. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Preferred security skills related to a broad range of operating systems, databases, or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls, and IDS systems. - Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM. - Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT. - Experience of security testing methods and techniques including network, operating, and application system configuration review. - Application controls and security experience: sensitive access and SOD testing, controls testing. - Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. - Preferred Certifications: CISA. What we look for We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

The Auditor, Global IT is responsible for assessing the adequacy of Global Information Technology security and controls for applications and infrastructure throughout Abbott's international and domestic organizations. As an IT auditor, you will execute audit projects using a risk-based approach to ensure effective testing coverage. You will identify control gaps and areas of risk exposure related to controls within IT processes, providing achievable and meaningful recommendations for management to mitigate the identified risks. You should have the demonstrated ability to communicate effectively, present professionally, and collaborate with the highest level of Corporate and Division management, as well as your peer group. As an Auditor, Global IT, your responsibilities will include executing Information Systems audits throughout Abbott's international and domestic organizations, assessing the design and development of security solutions, and presenting audit findings to senior management. You will maintain comprehensive historical audit work paper documentation to support reported audit results and proactively communicate with key stakeholders regarding audit status and findings. To stay informed about current and emerging security risks, you will research new technologies, understand existing processes, and reference recognized standards and frameworks. Working collaboratively with the Corporate Audit team, you will assess organizational IT risks, identify control gaps, and design achievable recommendations for management to mitigate risks within IT processes. You are required to have a BA/BS degree in Business, Computer Science, Management Information Systems, or a related field, or equivalent practical experience. Additionally, 1.5-3+ years of related experience with a top-tier consulting or public accounting firm is necessary in the areas of executing Information Systems audits or conducting information security assessments. Strong interpersonal and communication skills are essential for this role, along with the ability to travel 0-10% to Abbott's International and Domestic locations. Preferred qualifications include experience with auditing major ERP systems like SAP, auditing IaaS, PaaS, SaaS services and solutions, familiarity with SOX audits and compliance requirements, and deep insight into best practice standards and frameworks such as ISO 27001/2 and NIST. Understanding network and system security technology and practices across major computing areas, along with experience in Technology Risk Management/IT Audit function in Enterprise organizations, is beneficial. Certifications like HCISPP, CHPS, CISA, CISSP, CISM, CRISC, CIPP are advantageous, as well as having manufacturing and/or international business experience and foreign language skills.,

As the Lead (BISO) Business Information Security Officer at Computacenter, you will have a unique opportunity to join the Cybersecurity leadership team reporting directly to the Group CISO. Your primary role will involve partnering with senior security professionals to protect Computacenter and its customers from Cyber threats. By ensuring security risk awareness, mitigation, and alignment with the strategic objectives of the business, you will play a crucial role in safeguarding the organization. In this hybrid working role, you will spend two to three days a week in Bangalore, following Computacenter's Strategic Business Partner model. Your responsibilities will include owning the Cybersecurity lens for supporting and guiding the protection of the business from Cyber threats and risks. You will work closely with the broader Group Information Systems and Cybersecurity team to drive the implementation of the evolving Security Strategy under the guidance of the CISO. Your key responsibilities will be divided into four main areas: 1. **Functional Management (40%):** - Develop and implement the business unit security approach in alignment with business goals and objectives. - Define roles and responsibilities of the Lead BISO to meet Strategic Partner and CISO responsibilities. - Establish proactive initiatives to support market trends, business strategies, and compliance requirements. - Build and maintain relationships with senior management for Business Units and regional executives. 2. **CISO deputy (30%):** - Act as a security ambassador and deputize in the region on cybersecurity matters. - Oversee legal Security Compliance requirements within the region. - Support local MDs in adapting business strategy on information and cybersecurity. - Advise on information security, initiate security-related improvements, and support crisis management activities. 3. **Management responsibility (20%):** - Manage, develop, and coach security managers and staff to achieve goals. - Set objectives at individual and team levels and manage performance. - Represent the cybersecurity team on Computacenter topics and projects within the region. 4. **Financial Management (10%):** - Contribute to annual budget planning and manage spend in the budget. - Prepare business cases and controlling mechanisms for major expenditures. - Develop business cases to support investments in Information Security. To be successful in this role, you should possess a completed university degree, preferably a Master's, or comparable cybersecurity education. You should have 5-8 years of professional experience in Information Security/Cyber Security, including experience in Information Security Management Systems. Holding professional certifications such as CISM, CISSP, or CRISC is desirable. Strong knowledge of Information Security frameworks and standards, as well as legislative and regulatory Security compliance requirements, is essential. At Computacenter, with over 20,000 employees globally, we are at the forefront of digitization, advising organizations on IT strategy and implementing technology solutions across 70 countries. We offer leadership training, coaching, mentoring, and international opportunities to support your professional development and personal growth. Join us in driving digital transformation and making a difference in the world of technology. If you are ready to take on a challenging yet rewarding role as a Lead (BISO) Business Information Security Officer and contribute to the cybersecurity initiatives at Computacenter, we welcome your application. Your dedication and expertise will play a vital role in protecting our business and customers from Cyber threats.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Risk consultant, you'll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for Senior Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Participating in IT Risk and Assurance engagements. - Working effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. - Helping prepare reports and schedules that will be delivered to clients and other parties. - Developing and maintaining productive working relationships with client personnel. - Managing reporting on assurance findings and ensuring control owners take remediation action as required. - Identifying, leading, and managing the continuous improvement of Internal Controls through the implementation of continuous control monitoring and automation. - Reviewing evidence of compliance for adherence to standards. - Understanding key domains of compliance controls, including change management, access to system, network and data, computer operations, and system development. - Staying current with and promoting awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. - Understanding Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Conducting performance reviews and contributing to performance feedback for staff. - Adhering to the Code of Conduct which sets the standards of behavior, actions, and decisions expected from EY's people. Skills and attributes for success include: - Experience in application controls and Information security experience. - Understanding of risk management systems and processes. - Ability to build relationships with key stakeholders across different levels of seniority. - Strong written and verbal communication skills. To qualify for the role, you must have: - Preferably a bachelor's degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA. - Minimum of 1-2 years of experience in internal controls and Internal Audit. - Enterprise risk services with a specific focus on IT and related industry standards. - IT Risk Assurance framework. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Preferred security skills related to a broad range of operating systems, databases, or security tools such as UNIX, Linux, Windows 2000 and NT, firewalls, and IDS systems. - Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM. - Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT. - Experience of security testing methods and techniques including network, operating, and application system configuration review. - Application controls and security experience: sensitive access and SOD testing, controls testing. - Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. - Preferred Certifications: CISA. What we look for: We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

The role is based in Bengaluru, Kolkata and is a part of Grant Thornton, a global organization with 62,000 people across 135 countries. Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd. with revenues exceeding $1.87 billion. Grant Thornton operates 58 offices in the U.S., with 623 partners and over 10,000 employees in the United States and in Bangalore and Kolkata, India. GT INDUS, the in-house offshore center for GT US, based in Bangalore, consists of over 2000 professionals in Tax, Audit, Advisory, Client Services, and Enabling functions. The culture at GT INDUS is focused on empowered people, bold leadership, and distinctive client service. It offers a transparent, competitive, and excellence-driven environment with opportunities for significant contributions and growth. The professionals at GT INDUS are actively involved in community service initiatives. The Cyber Risk Advisory practice at Grant Thornton provides risk management consulting and advisory services to clients. This role involves engagement planning, directing, and completion of Security Framework assessment, GRC Management, Third Party Risk Assessment, and Information Security architectural design. The responsibilities include working on audit engagements from beginning to end, developing and supervising other engagement staff, and assisting in client management and practice development activities. The ideal candidate should have a working knowledge of cybersecurity industry best practices, project management experience, and the ability to communicate security technology issues effectively to clients at all levels. Desired skills for this position include supporting engagement management, fieldwork documentation, training team members, attending professional development sessions, and staying updated on cybersecurity trends and risks. The candidate should hold a Bachelor's and/or Masters degree in Information Technology, Computer Science, or a related field. Preferred certifications include Certified Ethical Hacker (CeH v9 & above), CISSP, OSCP. Grant Thornton INDUS offers various benefits to full-time employees including insurance benefits, wellness programs, parental support, mobility benefits, retirement benefits, and a hybrid work model. Grant Thornton INDUS comprises GT U.S. Shared Services Center India Pvt Ltd and Grant Thornton U.S. Knowledge and Capability Center India Pvt Ltd, supporting the operations of Grant Thornton LLP. Established in 2012, Grant Thornton INDUS employs professionals across disciplines to seamlessly support U.S. engagement teams, increase access to talent, and improve operational efficiencies. The culture at Grant Thornton INDUS is driven by empowered people, bold leadership, and distinctive client service, emphasizing transparency, competitiveness, and excellence.,