436 It Audit Jobs - Page 3

Privacy Analyst , Enabling Functions General Counsel We are looking for a Privacy Analyst to join our growing team of privacy experts, who will be a key component in ensuring our global privacy program is improved and implemented across the organization. In this role, you will focus on ensuring that our data privacy practices meet regulatory requirements and reflect best practices, with a primary emphasis on managing data subject rights requests and improving the associated processes. If you are a detail-oriented and organized individual with a passion for data privacy and a strong understanding of regulatory requirements, we encourage you to apply for this exciting opportunity. About the Role In this opportunity as Privacy Analyst , you will Managing and responding to data subject rights requests, such as access, correction, and deletion requests Improving and streamlining the data subject rights request process to ensure efficiency and compliance with regulatory requirements Supporting the development and implementation of global privacy policies and procedures Assisting with day-to-day matters of the privacy office, including: Conducting privacy risk assessments and impact assessments Monitoring and informing about the latest developments in privacy laws and regulations Coordinating with internal stakeholders to ensure compliance with privacy regulations and policies Maintaining records and documentation related to data subject rights requests and other privacy-related activities About You You're a fit for the role of Privacy Analyst if your background includes Bachelors degree in Law, Information Technology, Business, or a related field. 2-5 years of experience in data privacy, data protection, or a related role. Excellent analytical and problem-solving skills. Effective communication and interpersonal skills. Relevant certifications are a plus. #LI-KG1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 09 The Role This position is an individual contributor within the Internal Audit team responsible for performing audit engagements including U.S. Sarbanes-Oxley (SOX) Compliance testing. This position will contribute significantly to SOX testing efforts and evaluating compliance with corporate policies, assessing risks over the IT operating environment and identifying operational efficiencies. The Impact The IT SOX Specialist will work closely with your direct manager and the process owners to gain an understanding of key processes, key controls, identify control gaps by strengthening and monitoring the internal control environment to provide assurance in the accuracy of reported financial information for a leading data provider worldwide. Whats in it for you You will interact with key process owners and colleagues across the Company. You will also be responsible for completing the audits and projects as outlined in the Internal Audit Plan and play a critical role in assessing the effectiveness of the control environment and providing value added recommendations across the organization. You will gain a robust understanding of the operations of all divisions and functions within the company. Ability to collaborate with a global team of seasoned financial services/audit professionals and access to the latest technological and data analytic tools Competitive compensation package with excellent benefits, including generous paid time off, tuition reimbursement, parental leave and more Advancement opportunities in a global company with presence in 30+ geographies The Team / The Business We have teams made up of people that work effectively together, while working with the larger group of auditors. Opportunities are presented every day to work with people from a wide variety of backgrounds and to develop a close team dynamic with coworkers from around the globe. The Internal Audit function is a global team with presence in all regions (Americas, EMEA and Asia Pacific). The function is independent and reports functioning to the Audit Committee. Responsibilities Lead and perform IT audits focused on compliance with Sarbanes-Oxley (SOX) regulations, ensuring that IT general controls and IT automated controls are effectively designed and operating. Develop, document, and execute test plans for IT controls, ensuring that they meet SOX requirements and are functioning as intended. Utilize GenAI, data analytics and automation tools to enhance audit processes, identify trends, and uncover anomalies in IT systems. Evaluate the SDLC processes to ensure proper controls are in place during system development, implementation, and maintenance. Stay updated on emerging IT risks and controls, including cloud computing, cybersecurity threats, and data privacy regulations. Participate in projects across the internal audit department, including risk-based audits and project assurance initiatives, to enhance overall audit effectiveness and efficiency. What Were Looking For You will be an effective communicator, in both verbal and written form, and an analytical thinker who employs logic and persuasion to influence with diplomacy and tact. You will be a proactive, innovative, collegial team player who can be accountable and absorb/integrate ideas from diverse views, create partnerships and collaborate with others. You will be nimble in learning and support the implementation of agile techniques. You will be responsible for balancing stakeholders and building/fostering relationships with stakeholders. You have a strong interest to learn, embrace agile auditing techniques, adoption of data analytics and emerging tools to strengthen quality of audit execution and SOX controls testing. Basic Qualifications: The ideal candidate must be an experienced audit professional with skills in IT SOX, internal audit, or related roles in control function organizations. Experience/exposure with different data analytics tools (such as Tableau, Alteryx, Power BI, etc.). Agility to support different Internal Audit capabilities such as business/data/IT auditing and SOX compliance. Minimum 3-5 years of relevant experience of IT controls-based testing through planning audits, conducting audit procedures, and preparing audit reports. Understanding and operational application of Sarbanes-Oxley Section 404 Public Accounting experience. Knowledge of or experience with providing audit support during integrated financial and operational audits. Knowledge or experience with information security controls. Experience with electronic work papers and standard productivity tools Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field. Willing to travel (domestic and international), limited to 10 - 15% Professional certifications preferred but not required (CISA, CIA, CPA, etc.). #L1-RS2 Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 203 - Entry Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), FINANC202.1 - Middle Professional Tier I (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

Designation : IT Contracts Analyst Location : Hyderabad Work mode : Work from office (Hyderabad) Interested candidates with relevant experience only share us your updated resume on ashwin.kumar@globaldata.com We are seeking a detail-oriented, technologically proficient IT Contracts Analyst to join our dynamic Legal and Procurement team, working closely with the Information Security function. In this role, you will be responsible for reviewing, analyzing, and managing a wide range of IT-related contracts, including compliance requirements, service agreements, SaaS/cloud agreements, NDAs, and vendor contracts. This position plays a key role in supporting risk management, legal compliance, and alignment with our internal IT and security policies. Key Responsibilities: Review and analyze IT contracts and SLAs to ensure compliance with internal policies, legal standards, and information security requirements. Collaborate cross-functionally with Legal, IT Security, and Procurement teams to review, negotiate, and finalize contract terms. Track and manage the full lifecycle of IT contracts, ensuring timely renewals, amendments, and terminations. Identify key clauses, compliance gaps, risks, and client-specific requirements, aligning them with internal IT and security policies. Maintain a structured repository of all contracts, amendments, and associated documentation using contract management tools. Conduct risk assessments, perform compliance checks, identify critical clauses, and prepare concise contract summaries and reports. Remain current with industry trends, regulatory changes (e.g. data protection laws such as GDPR and CCPA), and best practices in IT contracting. Support the continuous improvement of contract review processes and contribute to internal documentation and policy alignment. Ideal Candidate Profile: Strong analytical skills with a keen eye for detail and the ability to interpret complex legal and technical terms. Technologically proficient, with a solid understanding of IT terminology, particularly relating to SaaS, cloud services, cyber security, and data privacy. Proactive, well-organized, and capable of managing multiple contracts and priorities in a fast-paced environment. Excellent written and verbal communication skills, with experience collaborating across departments. Qualifications: Bachelors degree in Business Law, Information Technology, or a related field (technical certifications are a plus). 2+ years of experience reviewing and managing IT/Technology contracts, ideally within a legal, procurement, or corporate compliance environment. Solid understanding of IT contracting concepts, including SLAs, SaaS agreements, and third-party vendor risk. Working knowledge of data protection regulations (e.g. GDPR, CCPA) and their implications in IT contracting. Familiarity with contract lifecycle management tools (e.g. DocuSign, Icertis, Jira, or AI-based review tools). Proficiency in Microsoft Excel, PowerPoint, and other documentation tools. Ability to work both independently and collaboratively across legal, IT, and procurement functions.

JOB SUMMARY Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associates career development. Additionally, senior associates daily activities are closely supervised by the management teams of their assigned projects. Senior associates may supervise associates and/or senior associates when serving as a member of a project management team. There is no typical day for our SOC teams. While our lead focus is on SOC examinations, our clients also rely on us to perform multiple types of attestations similar to SOC across a variety of network, application, or cloud environments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest technologies. Our teams are mostly remote (yet extremely collaborative) and work together to utilize their unique backgrounds and experience to provide the high level of quality service that our clients have come to expect. In addition to the hands-on knowledge youll develop with each project, client also promotes a continuous learning environment. Team members are encouraged to attend at least one training event every year to build upon their skills and acquire new certifications. A Senior Associate will hold the following roles and responsibilities as part of their role: • Demonstrate proficiency in client's Methodology • Guide associates and peers • Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.) • Successfully run a project from fieldwork through completion • Understand and demonstrate ability to speak to client's service lines at a high level and their leaders • Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria • Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2 • Know all four report opinion outcomes and ability to draft modified opinions • Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion • Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly • Client's Methodology o Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.) o Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide o Review and demonstrate ability to apply concepts of EWP WP Guidance” • Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP) • Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2 • Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc. • Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories • Ability to articulate qualified vs unqualified opinion; know all four types of opinions • Learn client's services and service line leaders • Adhere to and complete all matters included in the Associate Score Card • Accurately manage and report time worked to each project / initiative Essential Functions: • Complying with client's code of ethics and professional conduct, methodologies, policies, and procedures • Adhering to the professional and regulatory standards relevant to assigned service line specialization(s) • Promoting client's company culture and exemplifying client's values • Establishing high quality relationships and rapport with client personnel • Managing client expectations to ensure expectations are exceeded • Completing assigned duties in a timely manner and with a high attention to detail • Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project • Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks • Escalating issues internally in a proper and timely manner • Using discretion and decorum in the timing, form, and content of all client communications • Booking travel reservations in a timely manner and in accordance with client's travel and expense policies and procedures • Performing the essential functions of other service delivery positions when qualified and called upon to do so • Attending project kick-off and closing meetings • Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable • Drafting project deliverables • Serving as a contact for clients' basic questions regarding an engagement • Participating in recruiting and candidate interview activities • Training project team members • Acclimating newer team members to client • Contributing to client's practice development efforts • Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s) • Contributing to client's thought leadership (e.g., articles, webinars, public speaking, etc.) Knowledge, Skills, and Abilities: • Working knowledge of client's services, methodology, and relevant professional standards • Requisite knowledge of applicable technology and security domains • High level of attention to detail and quality of work product • Client service oriented • Excellent time management, organizational, and verbal and written communication skills • Ability to work on-site or remotely as a valuable contributor to a collaborative team • Capable of simultaneously managing assigned tasks for multiple projects • Proficient using Microsoft Word, Excel, and PowerPoint, as well as client's service delivery applications • Full understanding and application of ethics, independence and client's values Education, Work Experience and Certifications • Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified • 2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls • Ability to work well independently, within a team and with clients as well as travel ~40-50% (MTh) • Maintains (preferred) or working towards obtaining least one certification relevant to client's services (i.e. CPA, CCSK or CISA)

Roles and Responsibilities: Take end-to-end ownership over advisory and validation of residual risk issues Lead and execute formal risk reviews and assessments Review and challenge risk exception requests Collaborate with internal stakeholders to ensure remediation dependencies are captured and managed Identify and act upon opportunities to improve Risk Governance processes Participate in global and regional governance committees Act as a role model for Risk Excellence Interface Regulator Exams (RBI/IFTAS/SEBI/NPCI) Identify/Assess/Manage Risks against LRR and internal policies, and Track them to closure through Issue Management Experience Required: Bachelor's degree in Information Technology, Risk Management, Audit, or related field Experience in Technology Risk & Control, Risk Assurance, IT Security or Technology Operations Ability to break complex problems down into manageable action plans Ability to effectively balance multiple tasks through careful prioritization Ability to work independently while sharing expertise with others Strong communication and stakeholders management skills Preferred Qualifications: A minimum of 5 years of experience in IT Risk, IT Audit, IT Security, Project Management or Technology Operations. Consulting experience is a plus. Evolving expertise in several of the following areas: financial services, information technology, information security, systems development, change / release management, access security and physical access controls and procedures Proven experience in risk assessment and measurement Proven experience in IT security remediation, implementation of technical safeguards and validation of automated controls Risk / Security Certification (CRISC, CISA, CISM, CISSP) Practical knowledge of risk analysis methodologies, frameworks, standards, and best practices (NIST, COBIT)

Job Summary Join our team as an Infra. Technology Specialist where you will leverage your expertise in vulnerability management to enhance our IT infrastructure. With a hybrid work model and day shifts you will collaborate with cross-functional teams to ensure robust security measures. Your contributions will directly impact our companys mission to provide secure and reliable technology solutions. Responsibilities Oversee the implementation of vulnerability management processes to ensure the security of IT infrastructure. Collaborate with cross-functional teams to identify and mitigate potential security threats. Provide expert guidance on best practices for vulnerability assessment and remediation. Develop and maintain documentation for vulnerability management procedures and protocols. Conduct regular security audits and assessments to identify areas for improvement. Implement automated tools and technologies to streamline vulnerability management processes. Monitor and analyze security alerts to proactively address potential risks. Coordinate with IT teams to ensure timely patch management and system updates. Evaluate and recommend security solutions to enhance infrastructure resilience. Train and mentor team members on vulnerability management techniques and tools. Report on security metrics and trends to inform strategic decision-making. Ensure compliance with industry standards and regulations related to IT security. Contribute to the development of security policies and procedures to safeguard company assets. Qualifications Possess a strong background in vulnerability management with at least 8 years of experience. Demonstrate proficiency in using vulnerability assessment tools and technologies. Exhibit excellent problem-solving skills and attention to detail. Have a solid understanding of IT infrastructure and security principles. Show ability to work collaboratively in a hybrid work environment. Display strong communication skills to effectively convey technical information. Hold a relevant certification such as Certified Information Systems Security Professional (CISSP). Certifications Required Certified Information Systems Security Professional (CISSP)

Job Responsibilities: Understanding the Business Process & implementing SAP module as per the business requirement. Creating business processes document - Blueprint- which lists down all business requirements been gathered before and propose a solution design be realized. Configuring SAP solution as per Blueprint in coordination with Partner team. Planning Projects around the respective module, executing and conducting related communication for the same. Executing Unit Test, System Test, and Integration Test before Final Integration test with stakeholders to make sure that solution is working as expected and performing tasks as requested Preparing end-user manuals which to be delivered to the stakeholders for training. Delivering end-user training for the new process changes in the system. Implement end-to-ends Life Cycle projects: Project Preparation, Business Blueprint, Realization, Final Preparation, and Go-Live, Support. Master Data configurations To define PR & PO document in SAP Upload & maintain all process documents in CHARM. Design & develop BDC & LSMW Implementation of GST compliances as per the new law. Act as liaison with customer for troubleshooting: investigate, analyze, and solve software problems. Handle changes or emergency transports as needed for high priority issues Provide support services on both new implementations and existing support projects. Act as a liaison between the business functions and the Wipro technical team. Configuration & testing of SAP MM Module in new plants. Digitization & Automation of existing process related to PO & PR. Others To face IT Audit. Coordination with Wipro team on technical issues. Day to day ticket closure Coordination with multiple stakeholders within the organization like Plant & Corporate functions.

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply

Dear Candidate, Greetings. We are hiring for the role of Biso Helius Technologies Hyderabad. Work mode – Work from office Project – Singlife Exp – 10 to 15 years Please find the below JD for your reference. Role: BISO Work Location: Hyderabad (ODC) Key Responsibilities Focuses on Core BISO activities: Conduct Information Security Business Impact Assessments (ISBIA) for Projects, Applications, and Third-Party Outsourcing arrangements, aligning with Singlife Standards. Collaborate with Technology and Business units to evaluate the impact of control deficiencies. Lead the implementation of IS standards at the business level, ensuring alignment of procedures and practices with established standards. Collaborate in creating Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) using appropriate tools. Engage with Security Incident Response Teams to guide the resolution and closure of incidents, offering proactive recommendations. Generate periodic IS risk management reports, highlighting critical issues and proposing corrective action plans. Ensure adherence to IS standards and best practices across diverse disciplines. Support the business during audit reviews and regulatory inspections related to IS matters. Maintain vigilant oversight of IS programs, encompassing programs, policies, and associated reporting within the business landscape. Collaborate with business units to rectify non-compliance in processes, applications, and outsourcing activities. 1. 2. Act as a Business Partner Regularly communicate and interact with Management and Employees, enhancing understanding of IS-related programs, policies, and standards. Leverage the ISO network to share resources, extract best practices, and enhance operational efficiency. Validate compliance with security controls within business contracts. Evaluate the alignment of IS processes with business needs, particularly concerning software and internet usage. Conduct Information and Cyber Security Awareness training to fortify organizational preparedness. Partner with application managers or the Technology Information Security Officer (TISO) to address specific technical requirements. Stay relevant to evolving cybersecurity regulations (MAS, CSA, GIA, LIA) to provide subject matter expert feedback. Assess the impact of new and updated regulations promptly by partnering with the ISO, Technology & Operations community. 3. Other Requirements Demonstrate skill in delivering compelling presentations and managing complex programs. Display exceptional aptitude in consulting, problem-solving, and analytical capabilities. Exhibit a proactive, assertive, service-oriented demeanour while effectively functioning as a cohesive team player. Demonstrate the ability to manage concurrent tasks and prioritize effectively, even in conflicting timelines. Key Decisions within the Role Be the gatekeeper of the IS business impact assessments (ISBIA) processes and ensure applications within Singlife adhere to IS standards. Team Direct and indirect accountability for Information Security Officers Requirements Experience Minimum 10 years of experience in Information security. In areas such as security governance, risk management, application security design, security project management or security operation. • Professional Certifications CISSP, CISM, CISA, SANS, Cloud would be preferred. Education Bachelor’s degree in IT, Engineering or equivalent Skill Matirx- Skill Candidate's self- assessment (Score 1-5) Primary: InfoSec experience Secondary: Risk/Governance/Assurance framework Experience in conducting Infosec Training Excellent Communication/Presentation skills Infosec Certifications Primary: Cybersecurity regulations Secondary: Creation of Risk Acceptance/Risk Exceptions/CAPs Monetary Authority of Singapore (MAS) regulations Awareness of Security Control . Compliance Security Audits . Please revert with update profile if you find it interesting. Feel free to reach out for any queries. Role & responsibilities Preferred candidate profile

Preferred candidate profile Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports

Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (eg NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications - CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk Control Matrix Perform business process walkthrough and controls testing for IT Audits Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables Demonstrate a thorough understanding of complex information systems and apply it to client situations Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status

Location: Thane What does a successful Internal Audit- IT professional do at FISERV? Efficiently conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals

Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff. Required education Bachelor's Degree Required technical and professional expertise Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Preferred technical and professional experience Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff.

KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. IT Audit + SAP experience with knowledge of IT governance practicesPrior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 AuditsGood to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodologyExposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantageStrong project management, communication (written and verbal) and presentation skillsKnowledge of security measures and auditing practices within various applications, operating systems, and databases.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalismPreferred Certifications - CISA/CISSP//CISMExposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantageProficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: . Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster RecoveryPerform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits.Performing planning and executing audits, including - SOX, Internal Audits, External AuditsConducting controls assessment in manual/ automated environmentPrepare/Review of Policies, Procedures, SOPsMaintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed.Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

The Technical IT Auditor is responsible for evaluating and assessing the effectiveness of an organization's information systems, security protocols, internal controls, and compliance with applicable regulations. This role involves detailed technical reviews of IT infrastructure, applications, databases, and networks to ensure integrity, confidentiality, and availability of data and systems. Plan and execute end-to-end IT audits, including risk assessments, scoping, testing, and reporting. Evaluate IT general controls (ITGCs), application controls, and system development lifecycle (SDLC) processes. Assess network infrastructure, databases, and cloud environments for vulnerabilities and compliance. Conduct audits on cybersecurity controls, data privacy mechanisms, and incident response preparedness. Review and assess controls related to identity and access management (IAM), change management, and backup/recovery. Utilize automated tools and scripts for vulnerability scans and data analysis. Ensure compliance with frameworks such as ISO 27001, HITRUST, GDPR, HIPPA, SOC and SOX. Collaborate with IT, security, and business stakeholders to identify risks and recommend mitigation strategies. Develop corporate Information Security policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape. Providing ISMS awareness trainings Responding to the Client SIG questionnaires

MS office installation & Troubleshoot Manage the daily operations of the IT department, including systems administration Network management & support IT-related projects Strong technical expertise & KNWL of it industry Required Candidate profile Knowledge of application & laptop drivers instillation & upgradation & troubleshoot application Antivirus installation Excellent documentation record tracking & data securing skills

Company Description Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues. Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques. At Tesco, inclusion means that Everyone?s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging. Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best. Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues ? who in turn help to build the success of our business and reflect the diversity of the communities we serve. Job Description - Carry out Cyber Risk and Assurance initiatives independently while ensuring quality and timely delivery. - Perform control testing using security frameworks to determine effectiveness of the control and provide recommendations. - Review adequacy of evidence provided by Technology teams as part of control assurance activities. - Define processes to collaborate with Security and Technology teams for remediation of identified system-level control gaps and work closely with them to ensure implementation cyber security safeguards to improve security posture across the organisation. - Identify; evaluate and monitor technology risks as part of Cyber Risk and Assurance programmes. - Review security exceptions raised by Technology teams to manage the risks associated. - Drive reporting across different Cyber Risk and Assurance initiatives; including reporting to Security Leadership and Cyber/Technology governance committees. - Identify; drive and implement opportunities for process improvement across various initiatives within the Cyber Risk and Assurance team. - Build strong relationships with the stakeholders and lead internal meetings with Technology and Business Process teams. Qualifications - 7 to 10 years cyber security experience - IT audit and/or IT risk management - Experience of assessing security controls across a variety of technologies and products; recommending improvements where necessary - Hands on Experience with different security frameworks and standards such as ISO 27001; NIST; CIS; PCI; (e.g. controls testing; gap assessments) - Critical thinking with strong attention to detail and good organisational skills - Strong written; verbal communication and presentation skills; working with all levels of seniority and disciplines within the organisation - Able to build solid working relationships with internal and external stakeholders - At least one professional qualification such as CISA; CISM; CRISC CISSP or equivalent Additional information Important Notice: On behalf of Tesco Bengaluru, we must caution all job seekers and educational institutions that Tesco Bengaluru does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Tesco. Further, Tesco Bengaluru does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Tesco Bengaluru shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution. In the event that you come across any fraudulent activities in the name of Tesco Bengaluru, please feel free report the incident at recruitment_compliance_india@tesco.com Role & responsibilities Preferred candidate profile

Responsible for engineering and proper functioning of the Global Security tooling estate. Security Orchestration and Automation for the Infosys Quartz Security Operations team and Global security tooling landscape to empower Security operational teams to improve their response process. Responsible for on boarding of data sources into the SIEM, ensuring the Threat and vulnerability tooling landscape work correctly and security monitor the right assets and other security tools used in Infosys Quartzl run smoothly and empower the Security Operational teams to have relevant data to understand what is going on in cyber security landscape and are able to make the right priority calls. Continuously improve Integration and automation of the Global Security tooling estate Close collaboration with the Infosys Quartz Security operations and other Operational teams, Architecture and Engineering teams and other Business units to align activities, drive improvements and has the right priorities set for maximum effect. Review and improve security requirements set in policies / standards and guidelines and make sure that these are following industry best practice. We tend to look for people with: Essential:Experience as a Security engineer Experience working with Security Operations, Security engineering and security analysts teams Advanced experience with Security Orchestration, Automation, and Response (SOAR) Solid understanding of DevSecOps, Networking, Security and Monitoring Awareness of security threats and defensive strategies within the critical infrastructure, including techniques, tactics, and procedures (TTPs) that threat actors utilize to attack an organization. Experience with several of the following: SIEM / Splunk (strongly preferred), Kibana / ELK Lacework Wiz Prisma Rapid7, c3m, whitehat (strongly preferred) Imperva, Database security monitoring Anomoli DevOps Azure, GCP, AWS, OSI cloud services MySQL / PostgreSQL PowerShell Strong understanding and hands-on experience in maintaining or security monitoring a number of the below: Microsoft 365, Windows Desktop and Server, Active Directory RedHat Enterprise Linux or derivatives Debian Linux or derivatives Strong understanding and ability to setup various platforms in an advance matter with: Network essentials such as IPv4, IPv6 networking Host and Network firewalls Standard host monitoring via SNMP and tools like Nagios, Cacti, Zabbix etc Experience in working with a wide range of stakeholders in the context of improving security and incident respond. Experience with monitoring and analytics solutions (e.g. Arbor threat mitigation suite, Splunk, Grafana, Elastic Stack etc.). Desirable: Bachelor or Masters Degree in computer sciences or related fields (or equivalent years of experience).

Job description Overview: We are seeking a highly skilled Attestation Specialist with expertise in SOC1 and SOC2 audits, particularly within cloud environments such as AWS, Azure, and GCP. The ideal candidate will have a strong background in IT audit, risk management, and compliance, with a focus on ensuring the security and integrity of cloud-based systems. Responsibilities Conduct SOC1 and SOC2 audits for clients using AWS, Azure, and GCP environments. Evaluate and test the design and operating effectiveness of controls related to cloud services. Prepare detailed audit reports and documentation to support findings and recommendations. Collaborate with clients to understand their business processes and IT environments. Provide guidance on best practices for cloud security and compliance. Assist in the development and implementation of risk management strategies. Stay updated on the latest industry trends and regulatory requirements related to SOC1 and SOC2. Communicate effectively with clients, team members, and stakeholders to ensure successful audit engagements. Requirements: Bachelor's degree in Information Technology, Computer Science, or a related field. Minimum of 3-5 years of experience in IT audit, with a focus on SOC1 and SOC2. Strong knowledge of cloud platforms, specifically AWS, Azure, and GCP. Experience with auditing cloud environments and understanding of cloud security principles. Relevant certifications such as CISA, CISSP, or CCSK are preferred. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Strong attention to detail and organizational skills. Willingness to travel as needed for client engagements. Preferred Qualifications: Experience with other compliance frameworks such as ISO 27001, HIPAA, or PCI-DSS. Familiarity with automated audit tools and techniques. Prior experience working in a consulting or professional services firm.

EY GDS is actively seeking for IT Audit professionals to join our Technology Risk team at Kolkata, Kochi, and Trivandrum locations To qualify for the role, you must have A bachelors or masters degree and approximately 3-8 years of related work experience At least 3+ years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/MLRole & responsibilities

Job Description We are looking for an experienced Project Manager - Cybersecurity & Internal Audit to lead and coordinate audit-related projects with a focus on SOX compliance, IT controls, and Cybersecurity. This role requires strong project management capabilities, exceptional stakeholder management, and the ability to work seamlessly with cross-functional teams. The ideal candidate will possess deep knowledge of SOX IT control audits, cybersecurity risk frameworks, and have strong communication and coordination skills to drive successful audit engagements and ensure organizational compliance. Key Responsibilities: Manage and oversee internal audit projects, particularly focused on IT general controls, SOX compliance, and cybersecurity audits. Lead end-to-end project planning, including scope definition, resource allocation, timelines, issue tracking, and status reporting. Collaborate with internal audit, IT, Product & Engineering, Cybersecurity, Finance, and Business teams to ensure effective execution of audit plans and remediation activities. Coordinate SOX ITGC (IT General Controls) and process-level control testing, working with internal and external auditors as required. Facilitate the identification, assessment, and remediation of cybersecurity risks, ensuring alignment with frameworks such as NIST, ISO 27001, and COBIT. Develop and maintain stakeholder relationships to ensure transparency and alignment on audit priorities and expectations. Provide clear, concise project status updates to senior leadership and executive stakeholders. Drive continuous improvement in audit processes and control environments through feedback and lessons learned.. Qualifications Bachelor s degree in Information Systems, Business Administration, Accounting, Cybersecurity, or related field. 3 - 7 years of experience in project management,

Role Overview: As a Compliance Specialist, you will: Support the management of the corporate assurance and audit calendar by helping coordinate internal and external audit activities. Assist in the development, maintenance, and communication of Information Security Management System (ISMS) documentation and policies. Gather and organize evidence required for various audits and certifications (such as ISO 27001, SOC 2, PCI-DSS, and others). Work with internal teams to ensure audit readiness and assist with audit follow-ups. Contribute to periodic reporting on compliance status to security and business leadership and governance forums. Your Responsibilities Assist in executing and monitoring Information Technology General Controls (ITGCs). Support user access reviews across infrastructure, applications, and systems, ensuring timely and accurate completion. Help coordinate removal of access for terminated employees or users with changed roles, working closely with HR and IT. Participate in reviewing IT change management, incident tickets, and other control activities to ensure compliance with defined procedures. Support Process Owners, Control Owners, and Operators by providing guidance and documentation related to ITGCs. Collaborate with cross-functional teams to drive operational efficiency and support maturing internal compliance processes. Communicate effectively with stakeholders to ensure clear understanding of compliance requirements and timelines. Qualifications Skills: Bachelor s degree OR High School diploma with 4+ years of experience in IT Audit, IT Compliance, IT Risk Management, or a related field. Experience supporting audits such as ISO 27001, SOC 2, or FedRAMP is preferred. Familiarity with cloud environments and common DevOps tools (e.g., GitLab, Jenkins) is a plus. Detail-oriented with strong analytical, documentation, and organizational skills. Comfortable working in a fast-paced and evolving global environment. Strong communication skills, with the ability to convey technical compliance issues to a wide range of audiences. Company Benefits and Perks: We believe that the best solutions are developed by teams who embrace each others unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Medical, Dental and Vision Coverage Support for Community Involvement Were serious ab out our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.