436 It Audit Jobs

What is the Role? As an ITGC Testing Analyst, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts.. More specifically, your role will include: ITGC Testing : Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing : Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Test Scripts : Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation : Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting : Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management : Advise IT operations on risk management and contribute to remediation plans for deficient controls. Collaboration : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication : Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management : Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. What We Need from You? Experience: IT Audit Expertise : 3+ years of experience in ITGC testing Education: Academic Background : Bachelors Degree in Technology is highly desirable. Certifications : Preferred certifications include those in IT security and Risk Management. Technical Skills: Certifications : Relevant certifications like ISO 27001, CISA, CISM, and CRISC or having a strong desire to work towards obtaining such certifications. Information Risk Management : Good understanding of information risk management and associated processes. Application Proficiency : Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement : A mindset geared towards continuous improvement and project management experience. Soft Skills: Team Player : Should be a strong team player and display the same by volunteering where one can extend support. Proactive Problem-Solving : Skilled in identifying potential challenges and proposing effective solutions. Learner Mindset : Demonstrates professional curiosity and a strong desire to learn. Team Collaboration : Highly motivated team player who volunteers support and collaborates effectively. Work Schedule: Mid-Shift : Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization policy.

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages are tailored to client needs and budgets, with external threat analysis provided at no costdemocratizing access to enterprise-grade cybersecurity for all. We are looking for a high-energy, results-oriented GRC professional with 6 to 10 years of experience , combining expertise in IT and Governance, Risk, and Compliance (GRC) . The candidate will report directly to the CISO’s office and contribute to internal audits and projects executed under CISO’s instructions . Key Responsibilities: Serve as a subject matter expert on information and cybersecurity governance, risk, and compliance (GRC) services and solutions. Execute security assessments of on-premise/cloud IT environments aligned with business objectives and regulatory requirements. Conduct testing and validation of IT security controls, documenting findings and preparing detailed reports. Manage and perform internal audits as per the CISO’s directives , contributing to risk posture improvements and present the metrics to the CISO on a regular basis. Apply knowledge of the Digital Personal Data Protection Act, 2023 , and other global data protection laws. Utilize and manage GRC tools and platforms. Conduct security control assessments for web/mobile applications and enterprise systems. Drive third-party risk management and support client-facing initiatives. Deliver complex GRC projects in dynamic, fast-paced environments. Engage in knowledge-sharing forums to strengthen team capabilities. Continuously enhance the cybersecurity strategy based on evolving threats and technologies. Job Requirements: 1. Qualifications: Bachelor’s degree in Engineering or a related technology discipline. Mandatory Certification : Must possess CISA or ISO 27001 Lead Auditor certification. Additional certifications preferred: ISO 27001 Lead Implementer CISSP, CIPP, CCSK, or CCSP Public Cloud certifications (AWS, Azure, GCP) 2. Experience: 6 to 10 years of total experience with proven exposure to both IT and GRC functions . Experience in internal audits, consulting, and cybersecurity risk advisory. 3. Desired Skills: Deep understanding of information security principles and compliance frameworks. Strong understanding of the IT topology and application development principles Hands-on experience with security tools (e.g., vulnerability scanners, code review platforms). Strong exposure to IT/cybersecurity standards: ISO 27001/27005, NIST CSF, PCI DSS, SOC 1/2, GDPR, COBIT. Excellent communication skills, documentation abilities, and stakeholder engagement. Experience in program and project management within cybersecurity initiatives. 4. Personal Attributes: Self-starter with strong problem-solving skills. Highly motivated and able to work with minimal supervision. Strong prioritization and multitasking abilities under pressure.

AVIVYS is a platform where talent meets opportunities to unlock their potential. A place to learn, upskill, showcase their talents, gain CV points & get hired while unlocking their true potential. This enables professionals to eventually get hired by their dream employers. AVIVYS believes that you can unlock your dreams with genuine efforts Opportunity to work with our esteemed client Finnish IT software and service company providing IT services and product engineering services We are seeking an experienced Internal Auditor Manager to lead and execute internal audits,with a strong focus on SOX compliance, IT General Controls (ITGC), Information Security, and Cloud Security audits. The ideal candidate will have over seven years of hands-on experience in evaluating risks, assessing controls, and ensuring compliance with regulatory standards. Key Responsibilities: 1. SOX Compliance & IT General Controls (ITGC) - Plan, execute, and manage SOX audits, including control design assessments, testing, and remediation tracking. - Evaluate IT General Controls (ITGC) related to financial reporting, including access controls, change management, and data integrity. - Collaborate with finance and IT teams to ensure compliance with SOX 404 requirements and other financial regulations. - Identify control deficiencies and recommend improvements to strengthen the control environment. 2. Information Security Audits - Conduct information security audits to assess compliance with ISO 27001, NIST, CIS benchmarks, and other security frameworks. - Evaluate the effectiveness of organizational security policies, procedures, and technical controls. - Identify vulnerabilities in IT systems and recommend security enhancements. - Perform risk assessments and ensure alignment with industry best practices. 3. Cloud Security Audits - Audit cloud-based infrastructure (AWS, Azure, and Google Cloud) to ensure compliance with security best practices. - Assess cloud service providers\u2019 controls and adherence to CSA (Cloud Security Alliance) guidelines. - Evaluate data privacy, encryption, identity & access management (IAM), and cloud governance frameworks. - Ensure cloud environments meet regulatory and internal security requirements. 4. Risk Management & Reporting - Prepare detailed audit reports with findings, risks, and actionable recommendations. - Present audit results to senior management and stakeholders. - Monitor remediation efforts and validate control improvements. Qualifications and Skills: - 5+ years of experience in internal audit, IT audit, or risk management, with a focus on SOX, ITGC, and security audits. - Strong knowledge of SOX compliance, IT General Controls, and financial reporting risks. - Experience auditing information security frameworks (ISO 27001, NIST, CIS benchmarks). - Familiarity with cloud security (AWS, Azure, GCP) and related compliance standards (CSA, SOC 2, etc.). - Preferred certifications: CISA (Certified Information Systems Auditor), CISSP, CIA, or equivalent. - CA (Chartered Accountant) qualification is a plus but not mandatory. - Strong analytical, communication, and project management skills.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about cybersecurity and looking for an exciting role where you can make a difference? If so, we have an opportunity for you! As a Security Specialist at Kyndryl, you will play a crucial role in enabling and securing our customer organizations, cultures, and ecosystems. Your responsibilities will be varied and dynamic, spanning asset classification models, risk assessment reports, information security policies, security solution scenarios, implementation plans, organization models, procedures, security services, security effectiveness evaluation reports, and security awareness workshops. You will be tasked with configuring, monitoring, and managing the performance of networks to maintain the quality of services, while also protecting organizational infrastructure from malicious cyber-attacks. As a key member of our team, you will assess, predict, prevent, and manage the risk of IT infrastructure and data, helping our customers stay ahead of the curve and ensure their systems are secure. You will develop and implement security policies and procedures, working closely with other departments to ensure that all security measures are in place and operating effectively. But that is not all – at Kyndryl you will have the opportunity to explore innovation in CyberSecurity data science – taking information that has been gathered and looking for areas to have that “Ah Ha” moment. Drawing conclusions and patterns from the data across single and multiple clients. Creating new ideas in the area of risk management and risk quantification. In addition to your technical responsibilities, you will also play a key role in raising awareness of potential security threats through technical security training on best practices. This is an exciting opportunity to help shape the culture of our clients' organizations and make a tangible impact on their security posture. If you have a passion for cybersecurity – governance, risk and compliance, are looking for a challenging and dynamic role, and want to work with a team of like-minded individuals, then we want to hear from you! Join us as a Security Specialist and help us secure the future of our clients' organizations. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are Required Technical and Professional Experience 5+ years in IT security profile. Education : MCA / B.E. / B. Tech Project Experience : Minimum of 3+ years in security requirements, cyber security, IT security audits, certifications, etc., in at least 2 IT projects Certifications : ISO 27001 & CISSP (Certified Information Systems Security Professional) Responsibilities Facilitate review of the data security architecture as per the requirements. Facilitate review of the configuration of the required IT security infrastructure as per the law or as requested by the client against the acceptance criteria. Monitor activities related to periodic security testing/audits as per client requirements. Implement any new or existing guidelines/policies/acts issued by the Government of India on IT Security. Location : Requires working from Client location in Delhi Preferred Technical and Professional Experience CISSP (Certified Information Systems Security Professional) certification. ISO 27001 Certification. Other relevant certifications like CISM (Certified Information Security Manager) or CEH (Certified Ethical Hacker) can be beneficial. Excellent communication skills to effectively interact with stakeholders and educate employees on security best practices. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

We are looking for an experienced governance personal in our Information Technology Team. JOB ROLE The IT Governance specialist is responsible for ensuring the effective management and oversight of IT systems, services, and processes within the organization. This includes developing, implementing, and maintaining IT governance frameworks, policies, and procedures to ensure alignment with industry best practices, regulatory requirements, and organizational objectives. Highlights of this role is to ensure the governance across various area for IT functions, e.g. Information Security compliance, Change management, Agreement Tracking, Incident Management, Software License Management, BCP/DR, Obsolescence Tracking, etc. KEY RESPONSIBILITIES Information security and compliance Develop and maintain IT Governance frameworks, policies and procedures 1. Ensure compliance with relevant laws, regulations, and industry standards (e.g. COBIT, ITIL, ISO 27001, ISO 22301, etc.) 2. Conduct risk assessment and develop mitigation plans to ensure IT Systems and services are secure and resilient. 3. Monitor and report on IT governance metrics 4. Facilitate internal audits and external assessments (e.g. ISO 27001, ISO 22301, etc.) 5. Stay up-to-date with emerging trends and best practices in IT governance. Change Management 1. Manage and coordinate changes through the entire change lifecycle (assessment, planning, implementation, and review) 2. Ensure changes are properly assessed, approved, and prioritized before implementation 3. Develop and maintain change management policies, procedures, and documentations. 4. Communicate changes to stakeholders, including IT staff, management and end-users. 5. Ensure change comply with organizational policies, procedures, and regulatory requirements. 6. Collaborate with IT teams, stakeholders, and vendors to ensure smooth implementation of changes. 7. Develop and maintain change management metrics and reports to measure performance and identify areas of improvements Agreement Tracking 1. Maintain centralized repository of agreements, contracts, and licenses 2. Track and monitor agreement renewals, expirations, and terminations 3. Ensure accurate and up-to-date records, including agreement terms, conditions, and obligations. 4. Provide regular reports and insights to stakeholders on agreement status and performance. 5. Identify and alert stakeholders to potential risks, opportunities, and compliance issues. 6. Collaborate with legal, finance and business teams to ensure agreement alignment and compliance 7. Develop and implement agreement tracking processes and procedures. 8. Ensure compliance with organizational polices, legal requirements, and regulatory standards. 9. Conduct regular audits and quality assurance checks on agreement records. Incident Management 1. Lead the response to critical incident management and ensure effective coordination and communication among all the stakeholders and drive incident call, providing clear direction and updates to all involved parties. 2. Collaborate with IT teams, business unites and external vendors to troubleshoot the incidents. 3. Document all incident details, action taken and resolution in the incident management system and maintain the tracker. 4. Conduct root cause analysis for critical incidents and ensure that corrective actions are implemented to prevent the recurrence. 5. Prepare the monthly and weekly reports and share the same with senior management and Internal Audit team. Software License Management 1. Manage software license and ensure compliance with licensing agreements. 2. Track and monitor software usage, identifying areas of inefficiency and waste. 3. Develop and implement strategies to optimize license utilization. 4. Conduct regular audits to ensure software compliance and minimize risk. 5. Collaborate with IT teams to ensure software deployments align with licensing agreements. 6. Collaborate with finance teams to ensure accurate budgeting and forecasting for software licensing. Business Continuity and Disaster Recovery 1. Develop and maintain business continuity and disaster recovery plans. 2. Develop and maintain BCP/DR calendar, collaborate with cross-functional teams to ensure alignment. 3. Develop and maintain crisis communication plans and protocols. 4. Continuously monitor and update plans to ensure relevance and effectiveness Obsolescence Tracking Maintain a database of components and products with potential obsolescence risks. Collaborate with cross-functional teams to develop and implement obsolescence management strategies Provide regular reports and updates to stakeholders on obsolescence risks and mitigation efforts. Develop and implement processes and procedures for obsolescence tracking and management. Collaborate with design and engineering teams to ensure design-for-obsolescence considerations MANDATORY SKILLS REQUIRED Bachelors degree in Computer Science, Information Technology, or related field. Strong understanding of IT governance frameworks, standards, and best practices. Ability to work with complex data and provide actionable insights. Ability to analyze complex technical and business issues and develop effective solutions. DESIRABLE SKILLS Strong understanding of supply chain management, or a related field. Professional certifications (e.g. CISA, CISM, CISSP, COBIT). Experience with change management tools and software (e.g., ServiceNow, JIRA, etc.) Experience with data analysis and reporting tools (e.g. Excel, Tableau, etc.)

Quest is seeking a motivated self-starter with excellent interpersonal, communication, and presentation skill to join the IT Security Risk and Assurance team to work with internal and external customers to address IT Audit and assurance related requests in the areas of IT, IT security and privacy and compliance. This role will be primarily responsible for responding to, coordinating, and managing IT Security assessment and audit inquiries from our clients and regulators.

This role is for one of the Weekday's clients Min Experience: 1 years Location: India, Mumbai, Gurgaon JobType: full-time We are looking for a dedicated and detail-oriented IT Auditor with a passion for technology, process improvement, and risk management. This opportunity is specially crafted for candidates with special abilities who aspire to build a career in IT audit and compliance. You will be part of a supportive and inclusive environment that encourages growth and values your unique perspective and talents. Requirements Key Responsibilities: Perform audits of information systems and technology infrastructure to assess controls, risks, and compliance with internal policies and external regulations. Evaluate the design and effectiveness of IT controls related to applications, databases, networks, and operating systems. Assist in the planning, execution, and reporting phases of IT audits, including the development of audit scope, objectives, and testing procedures. Document audit findings, prepare audit reports, and communicate results and recommendations to relevant stakeholders. Collaborate with business units and IT teams to understand processes, identify risk areas, and recommend improvements. Monitor the implementation of audit recommendations and follow up to ensure timely resolution. Participate in assessments related to cybersecurity, disaster recovery, access management, and data privacy. Stay up to date with the latest trends and developments in IT audit, security frameworks, and regulatory requirements such as ISO 27001, NIST, COBIT, and GDPR. Required Skills and Qualifications: Bachelor's degree in Information Technology, Computer Science, Accounting, or a related field. 15 years of relevant work experience in IT audit, IT controls testing, information security, or risk management. Strong understanding of IT general controls (ITGC), system development life cycle (SDLC), and audit methodologies. Familiarity with compliance standards and industry best practices (e.g., SOX, ISO, COBIT, ITIL). Good analytical, problem-solving, and documentation skills. Ability to communicate clearly and effectively with technical and non-technical stakeholders. Proficiency with MS Office tools, and optionally audit or data analysis tools (e.g., ACL, Tableau, Power BI). Preferred Certifications (Not Mandatory): CISA (Certified Information Systems Auditor) CIA (Certified Internal Auditor) ISO 27001 Lead Auditor CompTIA Security+, CEH, or similar IT certifications Our Commitment to Inclusion: We are proud to be an equal opportunity employer. This role is exclusively reserved forPersons with Special Abilities (PwD)as part of our effort to create a more inclusive and accessible workplace. We provide reasonable accommodations, accessible workspaces, assistive technologies, and a culture that embraces diversity in all its forms.

Job Objective: JiBe is a cloud based fully integrated ERP system for the shipping industry. Our goal is to allow shipping companies to improve productivity, efficiency and safety levels, while reducing costs. JiBe ERP enables increased automation and streamlining of processes, creating pre-defined work flows and reducing the usage of email and paper. Job Responsibilities: Strong troubleshooting skills on the Windows platform & Network administration. Address user tickets regarding hardware, software and networking Installing and maintaining hardware and computer peripherals. Good knowledge and experience of administering on-prem Active Directory & Azure Active Directory. Monitor the system daily and respond immediately to security or usability concerns Good Networking knowledge (IP, Subnets, VPN). Troubleshooting networking and connection issues. Administration of Email ID on Office 365 Analysing system logs and identifying potential issues with computer systems. Upgrade systems and processes as required for enhanced functionality and security issue resolution Other common computer hardware troubleshooting skills Knowledge of VLAN, VPN & Network Security. Working on the ticketing tool and resolving tickets as per the SLA IT Asset Procurement and Vendor Management. IT-Assets up-to-date Inventory Management, Asset In/Out records management. IT- Audit compliance adherence as per IT Policies, maintaining IT-related records Managing relationships with vendors for hardware purchases, software licenses, and IT support services Qualification & Skills Any Graduate or equivalent with a minimum of 2+ years of relevant experience. MSCE and CCNA certifications will be an added advantage Excellent English Writing skills with a grip on nonverbal (mail) communication Problem-solving skills; Ability to prioritise tasks. Self-motivated, independent and meticulous with an eye for details. Shipping knowledge is preferred Team player with good interpersonal and communication skills Basic knowledge of networking & cloud services. Good memory of how software and operating systems work. Excellent listening and questioning skills

The role is to provide both the Business Units and IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way. In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods. Responsibilities Direct Responsibilities Conduct periodic controls assessments across process areas in scope. Raise any non-compliance, and follow up of the corrective actions until closure. Liaise with global and local IT control areas to ensure their certification is timely and appropriate. Perform periodic Root Cause Analysis of process issues and non-compliances at Project and Application Domain level. Ensure that the exercise is planned, executed effectively and reported to appropriate level. Participate in minimising production risks and issues, including but not exclusively, by helping to devise, and by implementing, sufficient regular controls. Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified. The enforcement of Permanent Controls, providing ongoing risk & controls self-assessment status of the control environment. Contribute all relevant management information (KPIs/KRIs) to the various scope reports/dashboards. Assist with Historical Incident management process, including liaising with various stakeholders involved, root cause analysis and impact evaluation. Contributing Responsibilities Contribute to the upkeep and maintenance of the ISPL Permanent Control Framework Maintaining relevant Operational Permanent Control (OPC IT) processes and procedures Technical & Behavioral Competencies Good knowledge of IT Risk & Audit domain with focus on Internal and/or External Audits. Good understanding of IT Controls Framework and experience executing controls. Understanding of IT Software, IT Infrastructure and IT Service Management domain is a value add. Strong analysis & problem solving skills Structured and methodical mindset Proactive approach with a strong ability to work on own initiative Ownership of work and commitment to delivery Can do attitude Team oriented (both local and global) Good interpersonal and communication skills Big picture awareness make relationships between tactical issues and strategic options Client focused Pragmatic and creative approach Specific Qualifications (if required) Skills Referential Behavioural Skills : (Please select up to 4 skills) Attention to detail / rigor Communication skills - oral & written Personal Impact / Ability to influence Critical thinking Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to develop and leverage networks Ability to develop and adapt a process Education Level: Bachelor Degree or equivalent Experience Level At least 5 years Other/Specific Qualifications (if required) None

Interested Candidates can directly send their CV on the email ID given below: hr@infinzi.in / hr2@infinzi.in We are hiring for Statutory Audit Executive, Assistant Manager and Audit Manager role for Mumbai (Fort,CST) Location. Job Description - Chartered Accountant To carry out the Statutory Audits of Companies. To devise audit plan and schedule To take initiative in finalising the Final report To act as a coordinator between the client and the firm To handle and train the fellow articled assistants. Extensive experience in auditing of listed and unlisted companies. Audit of NBCF and Insurance company will be an added advantage. Good knowledge of Accounting Standards/ Ind AS standard, Auditing standards. Working knowledge of applicable laws and regulations. Computer skills with MS Office application, tally, ERP package such as SAP etc. Strong verbal and written communication skills. Strong time management Budget - Upto 9 -19 LPA Location - Mumbai , CST/Chruchgate Fort Working days - Monday to Friday

Join Barclays as a Analyst SOx role, where core responsibility is to execute design assessment and operating effectiveness testing of controls in accordance with testing plans and aligned to relevant policies, procedures and quality standards providing assurance to Management that the processes and controls within the reviewed Business Unit are effectively designed and operating to mitigating the identified risks. At Barclays, we don't just anticipate the future we're creating it.. To be successful in this role, you should have below skills:. Qualified CMA or ACCA with articleship experience in a reputed firm / MBA Finance with relevant work experience.. Understanding of SOx and Risk Management practices including but not limited to Internal Audit.. Ability to communicate internal control concepts clearly, in a business context.. Ability to interpret, analyze and derive logical conclusions on data patterns.. Verbal and written communication skills to deal with internal and external stakeholders. Keeps stakeholders (including Auditors) up-to-date with the progress of the audit work, observation status. Some Other Highly Valued Skills May Include Below. Basic knowledge of internal control and regulatory requirements & practice e.g. Turnbull, Sarbanes-Oxley, COSO.. Basic awareness of the specific current requirements of the US GAAP / IFRS/IAS regimes.. Proficient in use of MS Office packages (Outlook, Word, Excel, Power-point).. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills.. This role is based in our Noida office.. Purpose of the role. To partner with the bank, to provide independent insurance on control processes and advise on improvements to ensure the efficiency and effectiveness of the bank’s internal controls framework.. Accountabilities. Collaboration across the bank to maintain a satisfactory, robust, and efficient control environment through the execution of ad-hoc assessments and testing on the design and operational effectiveness of the internal controls, aligned to control policies and standards.. Development of detailed test plans and procedures to identify weaknesses in internal controls and other initiatives aligned to the bank’s control framework to mitigate any potential risks and issues, prioritised by its severity to disrupt bank operations, potential losses, and reputational impact.. Communication of key findings and observations to the relevant stakeholders and business units to improve overall control efficiency and provide corrective actions to senior managers. Collaboration with other control professionals to resolve complex issues and ensure consistent testing methodologies across the bank.. Development of a knowledge centre containing detailed documentation of control assessments, testing on design and operational effectiveness of procedures, findings, and the distribution of material on internal controls to train and upskill colleagues within the bank.. Analyst Expectations. To meet the needs of stakeholders/ customers through specialist advice and support. Perform prescribed activities in a timely manner and to a high standard which will impact both the role itself and surrounding roles.. Likely to have responsibility for specific processes within a team. They may lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources. They supervise a team, allocate work requirements and coordinate team resources.. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.. OR for an individual contributor, they manage own workload, take responsibility for the implementation of systems and processes within own work area and participate on projects broader than direct team.. Execute work requirements as identified in processes and procedures, collaborating with and impacting on the work of closely related teams.. Check work of colleagues within team to meet internal and stakeholder requirements.. Provide specialist advice and support pertaining to own work area.. Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.. Maintain and continually build an understanding of how all teams in area contribute to the objectives of the broader sub-function, delivering impact on the work of collaborating teams.. Continually develop awareness of the underlying principles and concepts on which the work within the area of responsibility is based, building upon administrative / operational expertise.. Make judgements based on practise and previous experience.. Assess the validity and applicability of previous or similar experiences and evaluate options under circumstances that are not covered by procedures.. Communicate sensitive or difficult information to customers in areas related specifically to customer advice or day to day administrative requirements.. Build relationships with stakeholders/ customers to identify and address their needs.. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.. Show more Show less

As an Associate, you will support the overall research and due diligence within our Compliance Practice, by gathering information to help Kroll’s clients onboard and manage the risks associated with new clients and third parties, ensure we offer the right level of screening and due diligence solutions based on the risks inherent in the opportunity.. At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk and transparency challenges. Apply now to join One team, One Kroll. Responsibilities. Support the overall research and due diligence process for Kroll’s Risk & Compliance practice area.. Manage cases from start to finish, conducting extensive Internet, database, and media research into companies and individuals to provide our clients with an accurate assessment of the status, legitimacy, general background, and overall reputation of a subject company and its principals.. Advise our clients to make informed, strategic decisions that have a huge impact on their organizations.. Work with clients of all sizes and industries, providing a portfolio of services that includes third party screening and monitoring, reputational due diligence solutions. Use the Kroll Compliance Portal, a user-friendly web-based due diligence, governance, and compliance platform. Requirements. 2-4 years of previous work experience (including internships) is highly desirable. A high value on our talent and seek candidates with a high level of conscientiousness, integrity, and professional pride.. Outstanding English reading and writing skills. Meticulous attention to detail, a sense of curiosity, and the ability to learn quickly, and a dedication to customer satisfaction. Undergraduate or graduate degree at an accredited university majoring in: International Relations/Affairs, Regional Studies, Political Science, or other related areas of study required. Ability to quickly and effectively summarize information from multiple sources into concise analytical assessments. Ability to work independently. Ability to prioritize several projects and assignments on multiple topics while meeting tight deadlines. Customer-service orientation with a dedication to quality. Excellent written and verbal communication skills that help represent diverse communities. Experience working with diverse teams. About Kroll-. In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business.. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.. In order to be considered for a position, you must formally apply via careers.kroll.com. Kroll is committed to equal opportunity and diversity, and recruits people based on merit.. Show more Show less

About Us. At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.. What are we looking for?. Reporting to the ManagerInternal Audit, this position is a highly visible and impactful role across the company. The Sr. Analyst – IT Internal Audit, based in India and will work with all levels of management to promote business integrity and robust internal control structures, compliance with Sarbanes-Oxley legislation, and recommendation for process improvements and IT internal Audit projects.. What will you do?. Assist in IT SOX 404 planning, scoping, and risk assessment process through close collaboration with external auditors and business process owners. Engage in Internal audit projects, ERM, operational and IT audits.. Participate in the IT risk assessment process and development of the audit plan for assigned entities. Conduct IT walkthroughs and controls testing according to established audit standards. Develop high-quality process and audit testing documentation for design effectiveness and operating effectiveness of ITGCs, ITAC, SOC1 restricted access controls. Perform testing of application controls, key reports, interfaces, integrations, and segregations of duties rules. Develop and maintain comprehensive documentation including flow charts, process narratives and risk and control matrices and any others required. Evaluate audit findings and coordinate remediation of deficiencies. Strong understanding of US GAAP, SOX requirements, and internal audit standards. Understanding of SDLC principles.. Develop business relationships and proactively interact with process owners to gather information, resolve problems, and make recommendations for improvement and optimization. Demonstrate initiative and provide timely updates to internal audit management. Manage multiple tasks effectively and deliver projects timely. Documentation and activities remain current and in compliance with the IIA’s IPPF Standards and are consistent with best practices. Develop metrics for ongoing operational activities and leverage technology and data analytics to enhance IA operations.. Help manage governance of the Internal Audit function and mature and evolve our audit methodology and operational audit program. Perform other tasks and projects as assigned in support of the internal audit team and corporate objectives. What skills and knowledge should you bring?. Bachelor’s degree in Computer Science, Accounting & Finance, Information Systems, or related field preferred CA/CPA/CISA/CIA/CISSP/CISM. Minimum of 5+ years of audit experience, preferably within the technology industry.. Experience with Big 4 accounting firms or global public companies is strongly preferred.. Ability to take direction, learn quickly, work independently, and maintain a level of professional skepticism. Ability to handle multiple priorities and deadlines, with high standards for quality, accuracy, and attention to detail. Working knowledge of data analysis and business intelligence tools is a plus (PowerBI, Tableau). Data Governance and Management. Business Continuity and Planning and Disaster Recovery. Systems Development Life Cycle (SDLC), Project Management Life Cycle (PMLC), and Application Change Management. Websites and Mobile Applications. IT Asset Lifecycle Management. IT Problem Management, Help Desk and Service Level Management. Enterprise Applications including the following control areas:. Application security architecture. Application access, Server-level access and controls, Database-level access and controls. Why us?. You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.. Industry leading gender-neutral parental leave. Paid Company Holidays. Paid Sick Time. Employee stock purchase program. Disability and life insurance. Employee assistance program. Gym membership reimbursement. Cell phone reimbursement. Numerous company-sponsored events including regular happy hours and team building events. SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.. SentinelOne participates in the E-Verify Program for all U.S. based roles.. Show more Show less

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes and for that, we need you to join us.. The Team:. As part of the Information Security Organization, you will be working closely with different departments for their information security compliance. This role will be part of the new and growing Compliance Engineering function. The Information Security team plays a critical role in ensuring Celonis's technology and information assets are appropriately guarded from external and internal threats. The Security GRC Department you'll be joining is responsible for maintaining existing security attestations at Celonis globally, balancing risk with appropriate controls and assessing control effectiveness.. The Role:. This isn't a typical compliance role. It is a technical, hands-on position within our GRC organization, at the critical interface between business operations and technology. Here, you can be a data analyst, an engineer, an auditor, and a builder, using leading technology to design, create, and run automated solutions that test our security controls. In addition to that your analytical skills will contribute to our overall security process intelligence. You will get hands-on experience with our own Celonis platform, modern GRC (Governance, Risk, and Compliance) tools, and low-code automation.. The work you’ll do:. Design and build assets to test and continuously monitor the effectiveness of our internal security controls including continuous evidence collection. Rigorously test and validate the data and logic within your solutions to ensure accuracy, completeness, and reliability.. Participate in and support internal as well as external security compliance audits, applying your technical understanding as well as business acumen to assess control design and effectiveness.. Develop and manage insights to measure program effectiveness. This includes metrics for compliance and offers the opportunity to support broader security performance and risk management analytics.. Work with technical and non-technical teams across Celonis to translate security requirements into automated tests and operational workflows.. The qualifications you need:. Academic background in Computer Science, Engineering, Information Systems, Physics, Mathematics or a related field, or equivalent work experience.. You thrive on big challenges, can anticipate and adapt to changes in direction, and are driven to continuously improve the solution.. A Builder's Mindset: You have foundational experience with data integration and analyzing data using SQL, Python, or similar languages in a database-like environment.. Strong Problem-Solving Skills: You are a self-starter who can troubleshoot issues independently and enjoys tackling open-ended challenges.. Excellent Communication Skills: You can clearly articulate and right-size complex technical issues in English to both technical and non-technical people.. This role requires working in shifts aligned with Central European Time (CET) to collaborate effectively with our global teams.. Preferred Qualifications:. A strong interest in or foundational knowledge of Process Mining, Continuous Controls Monitoring, Evidence Collection, GRC platforms, and IT Auditing.. Knowledge of cloud technologies from different cloud service models and security frameworks ( ISO 27001, SOC 2, NIST etc.). Demonstrated knowledge of technology risks, infrastructure, and information security princip. What Celonis Can Offer You:. Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business.. Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities.. Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more.. Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs.. Connect and Belong: Find community and support through dedicated inclusion and belonging programs.. Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future.. Collaborate Globally: Join a dynamic, international team of talented individuals.. Empowered Environment: Contribute your ideas in an open culture with autonomous teams.. About Us:. Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It’s system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.. Get familiar with the Celonis Process Intelligence Platform by watching this video.. Celonis Inclusion Statement:. At Celonis, we believe our people make us who we are and that “The Best Team Wins”. We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard that's when creativity and innovation happen.. Your Privacy:. Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices. By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.. Please be aware of common job offer scams, impersonators and frauds. Learn more here.. Show more Show less

Role & responsibilities To manage cyber threats and ensure that risks are controlled as per Organisation Risk appetite Manage security projects and day-day operations that involves security activities planned and BAU Manage vendors providing security products and services. Track vendor performance as per deliverables and committed SLAs/ TAT Manage technology / IT risks ensuring that critical security issues and risks are prioritized and fixed as per TAT/ SLA Manage the Vulnerability Management domain in CISO team to ensure that all identified vulnerabilities are fixed in time Manage advanced cyber threat intel tools/ services to ensure that all reported risks are addressed in time Support Business and other functions in audits/ assessments / advisory / implementation of security controls and processes to be implemented Preferred candidate profile Technical and hands on experience in Vulnerability & Risk management using security tools and solutions Technical knowledge on security fundamentals and emerging cyber threats

Apply Experience in privacy compliance and management. Understanding of data protection laws and regulations such as GDPR, CCPA, DPDPA, PDPL etc. Drafting general corporate and commercial contracts experience is must. Strong interpersonal skills & high degree of attention to detail. Certifications in Privacy would be an added advantage.

Responsibilities for Internal Candidates Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Position Purpose A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications (if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certification: in IT Audit - CISA (Certified Information System Audit) required other IT certification: Cybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential Behavioural Skills : Communication skills - oral written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical Ability Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to anticipate business / strategic evolution Education Level: Master Degree or equivalent Experience Level At least 10 years

: Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About the role: As a Vendor Risk Operations team member, you will play a critical role in safeguarding Paytm from potential risks associated with our vendor ecosystem. You will be responsible for conducting comprehensive vendor risk assessments, ensuring compliance with internal policies and regulatory requirements, and actively contributing to the continuous improvement of our vendor risk management framework. This role requires a keen eye for detail, strong analytical skills, and the ability to collaborate effectively with various stakeholders. Conduct end-to-end vendor risk assessments across various risk domains (e.g., Vendor deduplication, information security, financial stability, business continuity, regulatory compliance, data privacy). Collaborate with business units to understand their vendor requirements and associated risks. Review vendor-provided documentation, certifications, and audit reports to identify potential vulnerabilities. Conduct Mystery-shopping wherever required Track and monitor vendor remediation efforts to ensure timely closure of identified risks. Maintain accurate and up-to-date vendor risk profiles and assessment records. Assist in the development and enhancement of vendor risk assessment methodologies, tools, and processes. Contribute to the ongoing development and implementation of Paytm's vendor risk management framework. Generate regular reports on vendor risk posture and assessment progress for internal stakeholders. Participate in ad-hoc projects and initiatives related to vendor risk management as required. Expectations/: Educational QualificationBachelor's degree in Business Administration, Finance, IT, Risk Management, or a related field. Experience2-5 years of experience in vendor risk management, third-party risk management, internal audit, compliance, or a similar risk-focused role. Domain KnowledgeStrong understanding of various risk domains, including information security, data privacy (e.g., GDPR, local data protection laws), financial risk, operational risk, and regulatory compliance. Understanding of Technology and User ExperienceAn appreciation for how technology solutions are built and how they impact user experience will be valuable in assessing vendor capabilities and potential risks. Analytical & Problem-Solving Skills: Excellent analytical and problem-solving skills with the ability to conduct deep dives, identify, assess, and mitigate risks effectively. Advanced Knowledge of Excel is required for data analysis and reporting. Basic knowledge of MySQL would be an added advantage for data retrieval and manipulation. Communication & Interpersonal Skills: Good communication and interpersonal skills, with the ability to present complex information clearly and concisely to diverse audiences. Strong written communication for documentation and reporting. High level of drive, initiative, and self-motivation. Ability to work independently, prioritize tasks, and manage multiple assessments simultaneously in a fast-paced environment. A willingness to experiment, learn quickly, and continuously improve processes and personal skills. Certifications (Preferred but not mandatory)CISA, CRISC, CISM, or other relevant certifications in risk management or information security. Why join us: A collaborative output driven program that brings cohesiveness across businesses through technology Improve the average revenue per use by increasing the cross-sell opportunities A solid 360 feedbacks from your peer teams on your support of their goals CompensationIf you are the right fit, we believe in creating wealth for you with enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it

Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 PolesRISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network. Under the authority of the Poles Manager, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities). The below requirement is for Operational Risk Officer- ICT Controls Testing role which part of the Common ICT LoD2 Controls Execution Platform (CICEP) under Group RISK ORM Network team. The candidate will be part of The Banks 2nd line of defense function, and they will be responsible for testing the deployment, and effectiveness of the IT and Cyber controls globally. The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports to the Head of CICEP (India CoE), plus functionally to Group Head of ICT Controls Testing. Key success of the CICEP relies on building trusted partnerships with stakeholders and particularly with the ORM Network community and globally, with all entities of the Group. Responsibilities Direct Responsibilities Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness, and operating effectiveness of IT and Cyber controls. Contribute to the industrialization and automation of RISK ORM ICT control testing services by development of methodologies / tools for the achievement of assignments. Draft high-quality reports containing the assessors opinion on the ICT control gaps, and recommendations for improvement, post completion of an assignment. Review and assist with the evaluation of control deficiencies and provide practical recommendations for remediation. Identify areas of improvement for ICT control testing and assist with the enhancement of the methodologies / tools for carrying out the ICT controls testing assignments. Ensure completion of the testing and adherence to the internal timelines. Provide IT and cyber risk management consultancy (specific to ICT controls) to business and IT stakeholders. Work in collaboration with other stakeholders from business and RISK ORM teams to contribute towards influencing the ICT risk culture of The Bank. Improve the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities Contributing Responsibilities Collaboration at the India CoE level with Head of India CoE, including but not limited to the CoE level reporting requirements Effectively contribute to the CoE, RISK India Hub and ISPL on Group mandates, Objectives and priorities Help and contribute to build the CoE as a positive place to work Technical & Behavioral Competencies S, EXPERIENCE AND COMPETENCIES Skills Required 3-6 years of experience in IT audit / ITGC controls testing / technical assessments, preferably in the areas of Cyber and Technology domains in a financial institution. Must be able to interface and coordinate work efficiently, and effectively with business partners. Excellent analytical skills being able to come to a thoughtful and business focused conclusion quickly. Good communication, listening and influencing skills, including ability to articulate complex issues and incorporate feedback. Ability to manage their workload independently to meet their targets, and priorities set in conjunction with management. Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done. Being rigorous and thorough especially when logging and tracking issues through to conclusion. Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business. Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate. Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework. Team player focus on the success of the whole team. Working well both with others, as well as individually. Ability to work under strict timelines and at pressure situations to manage the delivery. Open to work under global time zones as required for workshops or stakeholder discussions. Skills Preferred Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements. Is self-aware, anticipates problems, adapts and meets them head on. Strong stakeholder management, relationship building, influencing, facilitating and presenting skills. Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success. Competencies: University degree (technical), and/or certification such as ISO27001, CISA. Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security etc.). Conduct: Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure. Specific Qualifications (if required) University degree (technical), and/or certification on Risk Management Skills Referential Behavioural Skills(Please select up to 4 skills) Attention to detail / rigor Ability to deliver / Results driven Ability to synthetize / simplify Ability to collaborate / Teamwork Transversal Skills: (Please select up to 5 skills)Ability to anticipate business / strategic evolutionAbility to develop and adapt a processAbility to set up relevant performance indicatorsAnalytical AbilityAbility to develop and leverage networksEducation Level:Bachelor Degree or equivalentExperience LevelAt least 3 years Other/Specific Qualifications (if required) Professional qualifications/trainings relevant to Information Security, Risk Management (ISO 27001, ISO 3100, CISA) preferred

Position Purpose A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical & Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications (if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certification: in IT Audit - CISA (Certified Information System Audit) required other IT certification: Cybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential Behavioural Skills : Communication skills - oral & written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical Ability Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to anticipate business / strategic evolution Education Level: Master Degree or equivalent Experience Level At least 10 years

Evaluate IT risks from SOX perspective Experience in performing multiple full round of internal auditing and proficient with SOX regulation. Perform Design and operating effectiveness test of ITGCs as well as application controls Leverages industry knowledge from prior experience. Performs, and is responsible for, reviewing the audit evidences, validating them for completeness and accuracy and documenting the work-papers. A good understanding of IT data center operations and a variety of technology platforms. Perform Design and operating effectiveness test of ITGCs as well as application controls Evaluate Design and performance of automated/configuration controls Liaise with client as well as external auditors for requirements and questions Finalize Issues noted and discuss it with the required stakeholders to bring it to closure Document Test work papers with precision and detail Holds industry certifications such as CISA, CISSP, CISM, CEH, ISO 27001 LA, IA etc.

Position Purpose A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical & Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications(if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certificationin IT Audit - CISA (Certified Information System Audit) required other IT certificationCybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential BehaviouralSkills: Communication skills - oral & written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical AbilityAbility to manage a projectAbility to manage / facilitate a meeting, seminar, committee, trainingAbility to understand, explain and support changeAbility to anticipate business / strategic evolutionEducation Level:Master Degree or equivalentExperience LevelAt least 10 years

Your scope is the entire Maersk. Specific Job RequirementsYou will be responsible for identifying, assessing, and mitigating vulnerabilities within our eco systems and networks. This role requires a deep understanding of security principles, threat landscapes, and vulnerability management processes. The ideal candidate will have a proactive approach to security, excellent problem-solving skills, and the ability to work collaboratively with cross-functional teams. Responsibilities will include but not be limited to: Conduct regular vulnerability assessments and penetration testing on IT systems, networks, and applications. Identify and prioritize vulnerabilities based on risk and potential impact. Develop and implement remediation plans to address identified vulnerabilities. Collaborate with extended cyber teams to ensure timely resolution of issues. Monitor and analyse security alerts and threat intelligence to stay informed about emerging threats. Maintain and update vulnerability management tools and systems. Prepare and present reports on vulnerability status, trends, and remediation progress to stakeholders. Develop and maintain security policies, procedures, and best practices. Provide guidance and training if required on vulnerability management and security awareness. The Candidate A passionate security professional keen to use their technical skills to make a difference in a global, complex and challenging environment. You are not expected to be an expert, but the role requires technical insight (CompTIA Security/CASP+ or equivalent an advantage) Experience of working effectively in an agile environment, confidence with tools such as Confluence and JiraPersonal Profile: Able to think creatively in order to analyse vulnerabilities and provide insights on remediation. Excellent organisation, time management, problem-solving skills and attention to detail Resilient, can-do attitude and ability to work as part of a team Good written and verbal communication skills and able to be understood by both technical and nontechnicalpersonnel Ability to manage conflicting priorities and multiple tasks

Responsibilities: Lead risk-based audits, process & IT audits Ensure compliance with regulatory standards Collaborate with stakeholders on remediation plans Oversee information system audits