2 Iso 270012 Jobs

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Risk consultant, you'll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for Senior Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Participating in IT Risk and Assurance engagements. - Working effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. - Helping prepare reports and schedules that will be delivered to clients and other parties. - Developing and maintaining productive working relationships with client personnel. - Managing reporting on assurance findings and ensuring control owners take remediation action as required. - Identifying, leading, and managing the continuous improvement of Internal Controls through the implementation of continuous control monitoring and automation. - Reviewing evidence of compliance for adherence to standards. - Understanding key domains of compliance controls, including change management, access to system, network and data, computer operations, and system development. - Staying current with and promoting awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. - Understanding Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Conducting performance reviews and contributing to performance feedback for staff. - Adhering to the Code of Conduct which sets the standards of behavior, actions, and decisions expected from EY's people. Skills and attributes for success include: - Experience in application controls and Information security experience. - Understanding of risk management systems and processes. - Ability to build relationships with key stakeholders across different levels of seniority. - Strong written and verbal communication skills. To qualify for the role, you must have: - Preferably a bachelor's degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA. - Minimum of 1-2 years of experience in internal controls and Internal Audit. - Enterprise risk services with a specific focus on IT and related industry standards. - IT Risk Assurance framework. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Preferred security skills related to a broad range of operating systems, databases, or security tools such as UNIX, Linux, Windows 2000 and NT, firewalls, and IDS systems. - Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM. - Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT. - Experience of security testing methods and techniques including network, operating, and application system configuration review. - Application controls and security experience: sensitive access and SOD testing, controls testing. - Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. - Preferred Certifications: CISA. What we look for: We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

The role is based in Bengaluru, Kolkata and is a part of Grant Thornton, a global organization with 62,000 people across 135 countries. Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd. with revenues exceeding $1.87 billion. Grant Thornton operates 58 offices in the U.S., with 623 partners and over 10,000 employees in the United States and in Bangalore and Kolkata, India. GT INDUS, the in-house offshore center for GT US, based in Bangalore, consists of over 2000 professionals in Tax, Audit, Advisory, Client Services, and Enabling functions. The culture at GT INDUS is focused on empowered people, bold leadership, and distinctive client service. It offers a transparent, competitive, and excellence-driven environment with opportunities for significant contributions and growth. The professionals at GT INDUS are actively involved in community service initiatives. The Cyber Risk Advisory practice at Grant Thornton provides risk management consulting and advisory services to clients. This role involves engagement planning, directing, and completion of Security Framework assessment, GRC Management, Third Party Risk Assessment, and Information Security architectural design. The responsibilities include working on audit engagements from beginning to end, developing and supervising other engagement staff, and assisting in client management and practice development activities. The ideal candidate should have a working knowledge of cybersecurity industry best practices, project management experience, and the ability to communicate security technology issues effectively to clients at all levels. Desired skills for this position include supporting engagement management, fieldwork documentation, training team members, attending professional development sessions, and staying updated on cybersecurity trends and risks. The candidate should hold a Bachelor's and/or Masters degree in Information Technology, Computer Science, or a related field. Preferred certifications include Certified Ethical Hacker (CeH v9 & above), CISSP, OSCP. Grant Thornton INDUS offers various benefits to full-time employees including insurance benefits, wellness programs, parental support, mobility benefits, retirement benefits, and a hybrid work model. Grant Thornton INDUS comprises GT U.S. Shared Services Center India Pvt Ltd and Grant Thornton U.S. Knowledge and Capability Center India Pvt Ltd, supporting the operations of Grant Thornton LLP. Established in 2012, Grant Thornton INDUS employs professionals across disciplines to seamlessly support U.S. engagement teams, increase access to talent, and improve operational efficiencies. The culture at Grant Thornton INDUS is driven by empowered people, bold leadership, and distinctive client service, emphasizing transparency, competitiveness, and excellence.,