436 It Audit Jobs - Page 4

Introduction We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. We d be thrilled to receive applications from exceptional individuals like yourself. Gallagher, a global industry leader in insurance, risk management, and consulting services, boasts a team of over 50,000 professionals worldwide. Our culture, known as The Gallagher Way,is driven by shared values and a passion for excellence. At the heart of our global operations, the Gallagher Center of Excellence (GCoE) in India, founded in 2006, upholds the values of quality, innovation, and teamwork. With 10,000+ professionals across five India locations, GCoE is where knowledge-driven individuals make a significant impact and build rewarding, long-term careers. Overview As a team Manager you will participate in the planning, fieldwork, and reporting phases for allocated Sarbanes Oxley (SOX) IT audit assignments. This will involve designing the required tests for execution, performing the detailed testing, and vetting the potential findings with key business liaisons. How youll make an impact Working knowledge on IT General Controls (ITGC) and IT Automated Controls (ITAC) including detailed testing on Logical Access, Change Management, Backup Restoration, and Incident Management. Experience in validating Test of Design (TOD) and Test of Effectiveness (TOE). Basic understanding of professional audit standards, COSO, SOX, and risk assessment practices. Good interpersonal skills, including listening, verbal, written and presentation communication skills, with the ability to communicate effectively with a range of stakeholder. Strong critical thinking, analytical, and problem-solving skills with excellent attention to detail. Working knowledge in Microsoft applications. Participate in initiatives in a fast paced environment and comfortable implementing and assimilating to change. Good customer service focus and the ability to strike a balance between oversight and getting buy-in from the businesses. Execute on individual performance goals. Maintain knowledge of current information technology and auditing practices through continuing professional education. Highly motivated with ability to meet deadlines and ensure quality in every aspect of assigned work. Good organizational and project management skills. Ability to manage/balance multiple priorities. About you Advance degree or certification (e.g. CISA), preferably in information technology or related field. Bachelor s degree, preferably in information technology or related field. Minimum total of 5 years in SOX ITGC Experience Minimum of two years of work experience direct end to end Team Management. (i.e. they should have direct reportees wherein they are involved in end to end management of review cycle, performance management etc.) Years of experience: 5 + (candidates with 5+ years of experience in SOX ITGC and minimum 2 years of experience in end to end team management experience) Must haves: C ISA Certified Minimum 5 years of experience in SOX ITGC Minimum 2 years e nd to e nd Team Management (should be involved in performance management, review cycle, appraisal cycle etc.) Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the commu nities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out Th e Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color , religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business. ","

Hi, We are having an opening for Lead Audit & Compliance Specialist -IT at our Mumbai location. Job Summary : The Lead Audit & Compliance Specialist plays a strategic and hands-on role in managing IT audits, compliance requirements, and risk mitigation initiatives across Sun Pharma's global IT landscape. This role is responsible for planning, coordinating, and executing internal and external IT audits, ensuring adherence to global compliance standards including SOX, GxP, and other regulatory frameworks. The incumbent will work across functions and geographies to embed a culture of compliance, maintain audit readiness, and strengthen IT governance. Key Responsibilities: Audit Lifecycle Management Lead and coordinate global IT audits, including preparation, evidence gathering, walkthroughs, and response submission. Manage the end-to-end lifecycle of audit findings, including tracking, remediation, and closure validation. Compliance & Regulatory Adherence Ensure IT compliance with GxP, SOX, ISO, and other applicable frameworks across infrastructure and service domains. Collaborate with internal stakeholders to implement global policies and ensure readiness for inspections. Documentation & Governance Maintain comprehensive documentation for IT controls, SOPs, risk registers, and mitigation actions. Establish audit dashboards and maintain compliance scorecards by geography and function. Internal Awareness & Training Drive audit and compliance awareness across IT teams through workshops, readiness drills, and role-based training. Continuous Improvement Identify compliance gaps and propose process enhancements or automation opportunities to reduce risk exposure. Specialized Knowledge Requirements Strong understanding of global regulatory standards including SOX, GxP, and ISO 27001 Experience with IT general controls (ITGC), audit frameworks, and risk management tools (e.g., Archer, ServiceNow GRC) Familiarity with ITSM/ITIL processes and audit mapping across Change, Incident, Problem, and Asset Management Exposure to Pharma or highly regulated industries is preferred Internal Stakeholders and Nature of Interaction CIO / Head of IT Service Assurance: Strategic guidance, audit governance, and risk updates Service Assurance, Infra, Cloud, and Application Leads: Evidence coordination, control implementation, RCA collaboration ITBPs, PMO, and HR Compliance: Policy alignment, audit readiness training, and data consistency External Stakeholders and Nature of Interaction Internal & External Auditors: Direct interaction during audit planning, walkthroughs, and evidence presentation Regulatory Inspectors: Respond to inspection findings and ensure documentation and controls are validated Consultants / Third-party Advisors: Best practices adoption, controls benchmarking, and co-sourcing guidance External Interaction % Approximately 3040% of role involves active engagement with auditors, regulatory bodies, and external advisors Nature of Communication Highly structured communication involving formal documentation, audit reports, control narratives, and risk dashboards Strategic presentation of findings to senior leadership and external stakeholders Tactical and operational interactions across teams to ensure data accuracy and audit response readiness Role Played in Negotiations Key influencer in discussions around audit scoping, remediation timelines, and closure sign-off Collaborates with Legal and Compliance teams on the language and commitments in control response narratives Key Decision-Making Expected Assessment of audit risk severity and prioritization of remediation actions Selection and implementation of compliance tools or frameworks for specific geographies or domains Recommendation of policy updates based on new or evolving regulatory standards Key Challenges for the Role Managing diverse compliance obligations across multiple jurisdictions Ensuring consistent and timely audit responses across distributed IT teams Driving cultural shift toward proactive compliance ownership Addressing historical non-compliance in legacy systems Extent and Nature of Innovation Required for the Role High degree of innovation required in designing automation for compliance workflows, dashboards, and evidence management Leveraging analytics to detect non-compliance trends and trigger preventive controls Enhancing audit readiness using AI-enabled documentation checks and control testing tools Job Requirements Educational Qualification: Master's in Information Technology, Risk Management, or related field Certifications: CISA, CRISC, or equivalent certifications are preferred ITIL and GRC platform certification (ServiceNow, Archer, etc.) Skills: Risk-based audit planning and control design Cross-functional collaboration and stakeholder management Tools-based audit management and compliance analytics Experience : 12-15+ years of experience in IT audit, risk, and compliance roles. Exposure to global audit environments and regulated industries (pharma/healthcare preferred)

Hi, We are having an opening for Senior Project Manager -Infrastructure, Service Delivery & Cloud at our Mumbai location. Job Summary : The Project Manager Infrastructure, Service Delivery & Cloud is responsible for end-to-end planning, execution, and delivery of enterprise-scale IT programs across infrastructure, service assurance, cloud modernization, and endpoint transformations. This role spans multiple geographies and involves direct coordination with global business and IT teams, system integrators, OEMs, and managed service providers. The incumbent ensures alignment to timelines, budgets, and business outcomes while maintaining governance across internal and partner-led tracks. Key Responsibilities: Program Planning & Mobilization Lead scoping, effort estimation, and resource planning for large-scale transformation programs. Define project charters, detailed WBS, and RACI aligned to global delivery models. Execution & Delivery Management Drive execution of infrastructure and service delivery projects including: - Global data center transitions - Active Directory and network consolidations - Cloud migrations (IaaS/PaaS/SaaS) - Infrastructure tool deployments (ITSM, Patch, Monitoring, etc.) Conduct daily standups, weekly reviews, and issue resolution forums. Governance, Reporting & Risk Management Track milestones, dependencies, and delivery metrics through PPM tools. Report status to executive stakeholders and ensure escalation frameworks are triggered. Maintain risk registers, mitigation plans, and change logs. Vendor & Partner Coordination Liaise with OEMs, SIs, and MSPs to align project timelines, SoWs, and service commitments. Monitor vendor SLAs and enforce delivery expectations. Budget & Commercial Control Manage project budgets, procurement timelines, and invoice validations in collaboration with Finance and Procurement teams. Documentation & Compliance Maintain project artefacts, SOPs, meeting notes, and audit logs. Ensure compliance with ITIL, GxP, SOX, and internal governance models. Specialized Knowledge Requirements In-depth understanding of enterprise infrastructure, cloud technologies, and ITSM delivery models Experience in managing large cross-border IT projects and global rollouts Expertise in program management tools (MS Project, ServiceNow PPM, Smartsheet) Understanding of ITIL, Agile/Waterfall delivery methods, and compliance frameworks Familiarity with pharma or regulated environments is preferred Internal Stakeholders and Nature of Interaction Global CIO / Head of Infrastructure / Head of Service Assurance: Program reporting, prioritization, escalations IT Business Partners & Regional IT Heads: Coordination of business alignment, site readiness, stakeholder engagement Cybersecurity, Compliance & Quality Teams: Risk approvals, GxP validations, audit support Finance, PMO & Procurement: Budget planning, invoice sign-offs, commercial tracking External Stakeholders and Nature of Interaction System Integrators (SIs), Managed Services Providers (MSPs): SoW delivery, workstream updates, escalations OEMs & Technology Partners: Technical workshops, onboarding support, deployment reviews External Auditors / Consultants: Project evidence submission, controls validation External Interaction % ~40% of time involves collaboration with vendors, partners, and consultants across geographies Nature of Communication Executive status reports, steering committee presentations, RCA documentation Vendor SoW walkthroughs, project onboarding kits, change request documentation Tactical coordination through daily reviews, dashboards, and trackers Role Played in Negotiations Co-leads contract discussions, SoW finalization, change request evaluations with vendor partners Partners with Procurement and Legal to close commercials and delivery terms Key Decision-Making Expected Timeline commitments, phase-wise delivery splits, and budget allocation per stream Risk acceptance levels and mitigation triggers Technology stack choices and tool rollout plans within project guardrails Key Challenges for the Role Managing multi-country deployments with differing infra maturity and timezone alignment Coordinating across internal teams and external vendors with varying delivery cultures Driving compliance across regulated and non-regulated environments concurrently Balancing schedule pressure with resource availability and change impact Extent and Nature of Innovation Required High: Includes driving agile delivery within traditional infra programs Integrating project analytics dashboards and predictive issue management Leveraging automation and templates to streamline onboarding and governance Enabling cross-tower project transparency and digital program management maturity Job Requirements Educational Qualification: Bachelors or Masters degree in Information Technology, Engineering, or equivalent Certifications: PMP or PRINCE2 Certified (mandatory) Agile/Scrum Master certification preferred ITIL Foundation/Intermediate beneficial Experience: 10+ years of project/program management experience, with at least 5 years in infrastructure/cloud/enterprise tool projects Skills: Strong project planning, stakeholder engagement, and risk management Experience working across cultures, vendors, and geographies Excellent verbal and written communication skills Comfort with executive reporting and multi-project dashboards Travel Requirement: Up to 30% based on deployment, review meetings, and partner coordination Educational Qualification : Masters in Information Systems, Engineering, or related field Specific Certification : PMP, PRINCE2, Agile/Scrum Master certifications (mandatory). SAFe or PPM tooling certifications (preferred) Skills : Strong project planning, stakeholder engagement, and risk management Experience working across cultures, vendors, and geographies Excellent verbal and written communication skills Comfort with executive reporting and multi-project dashboards Experience : 12-15+ years of experience in IT audit, risk, and compliance roles. Exposure to global audit environments and regulated industries (pharma/healthcare preferred)

TransUnions Job Applicant Privacy Notice What Well Bring: TransUnion works with businesses and consumers to gather, analyze, and deliver critical information needed to build strong economies around the world. Protection of that information is critical to our customers and business. As part of our 2020 transformation journey, we became Global Audit & Advisory (GAA), formerly Internal Audit. As a Specialist III you will be part of the GAA team and be responsible for conducting Cybersecurity and IT audit engagements throughout the organization that support business objectives, best practices, and regulatory requirements. The incumbent will be responsible for the planning, execution, reporting, and follow-up on all audit engagements by participating on an audit team or at times independently leading engagements under the direction of GAA Management. This position will report directly to the Senior Lead and will work closely with other GAA Team Associates on key projects and initiatives as well as coordinate closely with our external auditors. The Global Audit & Advisory team is an independent and objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of TU. GAA assists the organization in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the organizations risk management, control and governance processes. GAA collaborates with the Business Units, Functional leadership and their Associates in developing strong, professional and independent relationships to ensure a comprehensive understanding of the business to enable value added recommendations that improve efficiency and effectiveness. What Youll Bring: Perform detailed examinations of cybersecurity and IT practices and controls throughout the organization using an established assessment process and framework. The essential duties are as follows: Independently perform Information technology (IT) security reviews. Initiate, scope, plan, research and conduct IT controls assessments and audits. Lead and coordinate with process owners to initiate, scope, plan, and execute periodic controls assessments as part of the internal audit function, focusing on identifying risks by evaluating the design and operating effectiveness of internal controls. Actively support security audit initiatives by aligning audit procedures with cybersecurity frameworks (e. g. , NIST, ISO 27001 etc. ), conducting control walkthroughs, testing IT security and IT general and application controls, and assessing compliance with internal security policies. Document the results of audit procedures performed that support the conclusions reached. Prepare audit reports based on the adequacy and effectiveness of controls evaluated. Support external audits and regulatory examinations as needed. Analyze information security areas including ( but not limited to these ) governance and risk management, access and password controls, cloud security, cybersecurity, physical security, system security architecture and design, BCP and Disaster Recovery, network security, application and operations security, Incident Management, data migrations and system implementations etc. Lead engagement and communicate issues to process owners, ensuring understanding of risks and actions needed to remediate risks and subsequently track remediation activities. Cross train members of the Global Audit Team, including new hires and mentor junior IT staff. Continuously monitor emerging security trends and evolving threat landscapes through ongoing research and professional development. Insights gained are integrated into the audit universe to ensure risk assessments and audit planning remain current and aligned with the organization s security posture. Perform risk assessments and assist in the development of the annual audit plan. Participate in departmental initiatives, administrative matters, and special projects. Assist with other audit engagements as needed to broaden exposure across various risk areas and support the timely execution of the overall audit plan. Impact Youll Make: What You Will Bring: 6 - 10 years of experience in an IT/Security Audit and Assessment, or Information Security Technical, Management and/or Governance role. Bachelor s or Master s degree in computer science/information technology, management information systems or related field. Industry certification such as CISSP, CISA, CISM, CEH and/or CIA required. Experience with Cloud Security audits (AWS, Azure, GCP). Knowledge of data protection laws and industry standards. Familiarity with GRC platforms (e. g. , AuditBoard, Onspring, Archer). Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cybersecurity, physical security, security architecture and design, business continuity/disaster recovery, network security, application and operations security and compliance/incident management. Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks. Strong technical and/or IT and Security audit background with practical knowledge of a wide variety of technologies including server infrastructure and operating systems, network and web infrastructures, database architecture, vulnerability and penetration testing assessment and Intrusion Detection/Prevention Systems. Good understanding of SOX legislation and IT and Security frameworks including COSO and COBIT. Self-starter with the ability to manage and prioritize responsibilities. Team player with proven skills in influencing people without having direct management authority. Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately. Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person. Strong risk analysis and problem solving skills. Must be flexible to ensure assessments are performed timely and manage multiple assessments simultaneously. This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week. TransUnion Job Title Consultant, Audit and Advisory

The Second line of Defense Controls Testing partner for the Cyber and Technology Risk Management (CTRM) division will be a team leader who will work closely with peers, stakeholders, and their manager on Second Line s Controls Testing program focused, on Cyber and Technology Controls Testing/Validations as well as Cyber and Technology related assessments. Responsibilities will include: Lead 2LOD Cyber and Technology Risk Management team in India focused on controls testing/validation, assessments, and overall support to Cyber and Technology Risk Management initiatives Manage testing/validation requirements for controls testing team, monitor progress, and ensure timeliness and quality of team s work Test, Validate, and Assert to Business and Application Owner control testing methodology and test procedures Perform 2LOD validation work, including plan preparation, workpapers, finding, and report results to risk committees Manage day-to-day risk issues, design, and implementation of new controls with various teams Examine cyber risk controls, evaluate the design and operational effectiveness, determine exposure to risk, and work with business to develop remediation strategies Assess risk as a Second-Line governance role through the Risk and Control testing; Risk Identification; and Change Initiative Risk Assessment processes, as applicable Provide Second-Line risks and control testing findings to Risk Management leadership and risk committees Understanding of the Three Lines of Defense governance model Ability to assess and effectively communicate the operational, and technical findings and control issues to executive and business leadership, using language that is relevant to and understandable by the business Strong risk assessment framework knowledge and experience performing risk assessments covering key risks and controls Strong project management skills, including the ability to adapt to change quickly, multi-task and demonstrate flexibility in prioritization based on requested tasks Strong working knowledge of banking/financial regulatory requirements to perform and ensure an appropriate level of testing Qualifications - External 10-12 years of IT Audit experience to include but not limited to: Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit 3+ years leading controls testing and/or audit teams CISSP, CISM, CISA, CRISC, or equivalent certifications highly preferred Familiarity with the NIST Cybersecurity Framework Strong working knowledge of the inherent cyber risks in the financial services industry Cloud, MFA, Password vaulting (e.g. CyberArk), and Secure SDLC experience Analytical and communication skills required to summarize and analyze information Organizational skills required to coordinate risk related activities with peers and senior executives Advanced Microsoft Office 365 skills

Dear All, We are presently looking for Auditor/Lead Auditor - IT for Hyderabad location. EXPERIENCE :- Min. 6-8 years out of which min. 2-4 years in the relevant scheme/industry sector. QUALIFICATION :- Graduate (Degree/Diploma) in Engineering (e.g. Electronics, IT, etc), Technology (e.g. Software, Hardware, Artificial Intelligence, etc) or equivalent. Minimum ISO 9001 LA training/qualification is required JOB RESPONSIBILITY :- Preparation of Audit Plan as per schedule Auditing as per applicable accreditation rules, scheme-owner requirements & KPIs (where applicable) and TUV India/TNCERT procedures (as relevant) Timely Audit Reporting, including closure of nonconformities within defined time frames Ensure audit workflow completion (incl. OPE workflow) within the specified timelines and within the Excellence tool. Address technical review comments on priority to facilitate efficient & timely certificate issuance to the clients. Attend Exchange of Experience/Calibration meet and ensure CPD compliance as required by the respective schemes, including ensuring the timely renewal of qualifications Develop and enhance competence over a period in various sectors. Support in Key Account Management for the clients assigned for value added services Support to Marketing team by generating business leads for new certifications, second party, training & sustainability schemes. Support on collections by coordinating with client representative. ATTRIBUTES :- Knowledge of Applicable regulatory framework and Statutory compliances. Good written and spoken English (knowledge of local language is advantageous). Excellent communication and presentation skills Flair for Client Relationship Management Good Listening ability Good Analytical skills Good Team Player If interested please share your updated profile on smayuri@tuv-nord.com.

Job Description: Conduct regular risk assessment to identify key IT and Cybersecurity risk areas and ensure those are appropriately covered in the annual IT audit plan. Advanced Networking principles/ software engineering principles/ information security principles, Additional knowledge and domain expertise specific to the job profile. (knowledge of information security management, auditing skills, network/systems/application security). Ensure that all audit work is thorough, complete, and has been performed in accordance with TVS Credit's Internal Audit standards, Regulatory guidelines (RBI) and other relevant industry standards, depending on the focus area of the review. Build strong working relationships with TVS Credit's leadership and their respective teams. Execute various IT/IS audit engagements including risk assessments, audit planning, audit testing, control evaluation, audit report drafting, and follow-up and verification of issue closure. Be accountable for meeting deliverable deadlines, adhering to department and professional standards and utilizing consistent methodology. Communicate audit findings to management and identify opportunities for improvement in the design and effectiveness of key controls. Required Qualifications, Capabilities And Skills: At least 5 years of relevant experience Must have experience with core cybersecurity operations and one or more cyber security tools/process areas (e.g. network security, end point security, email security, cloud security, attack simulation, cyber threat modelling etc.) Must have demonstrated knowledge of technology processes, such as change management, security operations, technology operations, and business resiliency, as well as application and infrastructure controls. Knowledge of various cybersecurity functions such as cybersecurity operations, attack simulation (red team, blue team), vulnerability management, cybersecurity tools/processes across network, endpoints, cloud environments, cyber threat modeling (knowledge of MITRE ATT&CK framework), etc. Analytical skills and a thirst for knowledge and new experiences. Ability to effectively manage multiple, concurrent projects and meet deadlines while working both independently and in a team environment. Good verbal and written communication; and presentation skills. Ability to adapt to a fast-paced culture, changes in the environment and shifts in priorities. Highest professional standards, integrity, and ethical behavior. Enthusiastic, self-motivated, effective under pressure and willing to take personal responsibility/accountability. Rigor in tracking and follow up of IS audit open points Basic knowledge of AL-ML models and the embedded risks and the audit testing procedures to be carried out for testing the controls. Data Analysis skills on complex and voluminous data.

Location: Bangalore or Hyderabad Senior Digital Risk Advisor - DRG Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will have first-line responsibility for ensuring an effective and efficient risk and control framework is implemented across the different IT domains at Swiss Re. Whats more, youll be working in a hybrid setup, perfectly balancing work from home and the office premises. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who can define and develop an efficient first-line risk and control framework that supports a strong risk-aware culture within the company. In your role, you will Actively manage the implementation of the digital and technology risk framework Maintain oversight o n the quality of internal measures implemented to address digital risk, ensuring controls, processes and standards are appropriately designed and operating effectively Ensure compliance with rules, regulations, and policies - making sure we meet our risk appetite and driving corrective actions where opportunities exist Actively collaborate with key stakeholders across the three lines of defense to automate, measure performance and continuously improve our risk position U nderstand complex concepts and identif y solutions to problems Be someone who believes in continuous innovation, is curious and relentless in finding a better way every day Your qualifications A track record of successful delivery in IT risk and control -related roles, such as IT Governance, IT audit, or digital risk management Practical knowledge of external IT good practices - particularly NIST - but also others , such as ISO and COBIT Qualified in an appropriate discipline such as CISA, CGEIT, CRISC Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within and across different teams The ability to effectively communicate with a broad spectrum of stakeholders - from s enior m anage rs to IT engineers , developers and operations staff Be curious, proactive, result-oriented and confident in decision making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134243

Location: Bangalore or Hyderabad Digital Risk Advisor Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will be responsible for the first-line digital technology operations risk and control activities - ensuring risks are identified, controls applied, and performance is monitored, measured, and reported to our technology and business leaders. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who will help to drive the companys risk culture. In your role, you will Be part of a team of digital risk experts supporting Applications and Business stakeholders with applying digital risk governance principles and standards Actively contribute to the implementation of the digital risk framework as the trusted digital risk partner Ensure IT threats and risks are understood, issues handled timely, and IT controls designed and operating effectively Embed controls into operational procedures by collaborating with our digital technology teams to automate, measure performance, and continuously improve our risk position Build operational transparency with continuous monitoring and assessment of controls so that we meet our risk appetite and drive corrective actions where needed Be someone who believes in continuous innovation, is curious and adamant in finding a better way every day Your qualifications Nobody is perfect and meets 100% of our requirements. If you, however, meet some of the criteria below and are curious about the world of risk and control activities, well be more than happy to meet you! First experience s in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management CISA, CGEIT, CRISC or similar qualifications are an advantage Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within the team and across teams Capability to continuously build and maintain a strong collaborative network within the IT domains Be curious, proactive, result-oriented and confident in decision-making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134238

Location: Bangalore or Hyderabad Band: D Senior Digital Risk Advisor Join a team of digital risk governance and controls professionals helping Swiss Re to fulfil its mission in making the world more resilient. As a Senior Digital Risk Advisor, you will be responsible for the first-line digital technology operations risk and control activities - ensuring risks are identified, controls applied, and performance is monitored, measured, and reported to our technology and business leaders. About the team The Digital Risk Governance Controls team is a key part of Swiss Res Security Team, focused on defining and managing risks related to digital topics. Were looking for an experienced and highly motivated expert who will help to drive the companys risk culture. In your role, you will Be part of a team of digital risk experts supporting Applications and Business stakeholders with applying digital risk governance principles and standards Actively contribute to the implementation of the digital risk framework as the trusted digital risk partner Ensure IT threats and risks are understood, issues are handled timely, and that IT controls are designed and operating effectively Embed controls into operational procedures by collaborating with our digital technology teams to automate, measure performance, and continuously improve our risk position Build operational transparency with continuous monitoring and assessment of controls so that we meet our risk appetite and drive corrective actions where needed Be someone who believes in continuous innovation, is curious and adamant in finding a better way every day Your qualifications A track record of successful delivery in IT risk and control-related roles, such as IT Governance, IT audit, or digital risk management Industry knowledge of insurance, reinsurance or banking business, and modern technology solutions General understanding of Risk Management Frameworks such as COBIT, ISO 31000 and COSO ERM CISA, CGEIT, CRISC or similar qualifications are an advantage Good teamwork and strong collaboration as well as a willingness to share knowledge and evolve within the team and across teams Capability to continuously build and maintain a strong collaborative network within the IT domains The ability to effectively communicate with a broad spectrum of stakeholders - from senior managers to IT engineers , developers and operations staff Be curious, proactive, result-oriented and confident in decision-making at speed Passion, drive and a belief in the value of digital risk management as an enabler of business performance Fluency in spoken and written English About Swiss Re . If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134239

The IS/IT Internal Auditor is part of a global team and will primarily be responsible for executing IT SOX testing. On occasion, the IS/IT Auditor may also participate in internal audits that are focused on IT, financial, or operational risks globally across Nokia. The candidate will be spending the majority of their time focused on IT controls testing, including but not limited to IT General Controls (ITGCs), as well as IT application controls, operational controls, and other topics as needed. The candidate will be tasked with presenting conclusions related to their testing and will need to be able to present and support the results of their testing to leadership functions across Nokia. You have: Bachelors degree in information technology, Management Information Systems,Computer Science 4-5 years of prior IT SOX experience, and/or 2-3 years of IS/IT experience, and/or 2-3 years of internal or external audit experience required. Hands-on experience in IT General Controls, SOX controls including User access management, Logical access, Change management, Data Protection, and other entity level controls. Knowledge or experience working with, or auditing the SAP Business Suite (e.g. ERP, CRM, SCM, MDM, PLM) is highly desirable. Experience working with Wdesk platform or similar is desirable. It would be nice if you also had: Working knowledge or experience in Information Technology as a developer or tester highly desirable. Engineering, or other IT/business related field most desired. Experience with data analytics and visualization tools (e.g., ACL, IDEA, PowerBI, Tableau, etc) is desirable. Professional certifications helpful- e.g., CISA, or SOX equivalent. Test Internal IT controls identified as relevant for the adherence to Sarbanes Oxley 404. Majority of work will be focused on technology and applications. The candidate will participate in IT system walkthroughs, and request, obtain and test IT SOX related evidence. The individual will perform tests of IT operative effectiveness, all while meeting the deadlines and budget under the direction of the Lead/Manager, IT Internal Audit - SOX. Complete necessary documentation supporting testing conclusions and meeting or exceeding Nokia documentation standards. Assist in evaluating, re-enforcing and/or promoting the IT SOX program standards and approaches as it relates to documentation, control design, evaluation, and effectiveness testing. Assist in IT SOX scoping and risk assessment activities.Candidate is responsible for identifying issues and making recommendations which help drive process improvements and efficiencies. Candidate will follow-up on IT SOX identified issues and test remediation efforts. Provide assurance that operations and processes conform to Nokia policies and procedures. Contribute to the improvement of the IT SOX testing program through automation/analytics.

IT SOX Compliance Analyst - Docusign1 Job Title: IT SOX Compliance Analyst (Second Shift) : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities: Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications: Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.

About NCR Atleos Position Summary At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our companys internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelors or Masters degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 3 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

What You'll Do Avalara is looking for a security risk specialist to join our team reporting to the Senior Manager, Governance Risk & Compliance. We are looking for the ability to conduct risk analysis at a systemic level, working with engineers and architects as they develop Avalaras next-generation services. You understand technical controls and be able to analyze application product security within Avalara, including internal processes and reporting, and risks identified through code and design reviews of both internal and customer-facing software products and solutions. You will report to Senior Manager. What Your Responsibilities Will Be You will perform comprehensive risk assessments aligned with Avalaras risk management framework and develop applicable remediation plans. You will analyze and identify risks across technical environments, with a focus on application design, software architecture, and security tooling configurations. Guide the identification, management, and mitigation of risks within security infrastructure and technical control implementations. Collaborate with teams, including system owners, developers, and architects, to integrate risk management practices into the development lifecycle. Ensure risk and compliance controls are accomplished across teams and within defined Service level agreements. Coordinate the documentation and migration of control information into Avalaras GRC platform. What You'll Need to be Successful Bachelors degree in Information Technology, Computer Science, or equivalent experience. 3+ years of experience in IT Audit, IT Security, or IT Risk Management. Experience conducting systemic risk analysis in, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST. Experience with application security principles, including the ability to assess risk through code and design review processes.

What You'll Do Avalara's Organizational Risk, Resilience, Compliance and Audit team (ORRCA) is responsible for managing various risk and compliance initiatives and is looking for someone to support a growing team to help build out the security compliance function. You will report to Senior Director, Security Operations. What Your Responsibilities Will Be You will be responsible for the overall coordination, execution, and quality control of assigned compliance controls such as access reviews, change reviews, terminated user analysis. You will ensure controls are appropriately performed by all stakeholders within defined SLAs. You will help implement compliance management in ServiceNow. You will perform compliance assessments against frameworks and develop remediation plans. You will work closely with system owners to ensure corrective action plans are in place to remediate gaps or deficiencies. You will identify areas for automation and/or business process improvements. You will assist in collecting and migrating control information into Avalara's GRC platform. You will work strategically and independently with internal and external groups on multiple simultaneous projects. You will apply compliance and security control knowledge within cloud environments such as AWS and GCP. You will identify opportunities to leverage AI and other automation technologies to streamline compliance processes. What You'll Need to be Successful Bachelor's degree in information technology, Computer Science, or equivalent experience 3+ years of work experience in IT Audit, IT Security, or IT Risk Management 3+ years of work experience working with ISO 27001, SOC 1, SOC 2, SOX, NIST etc. AI and automation experience. Basic understanding of risk concepts, including risk identification, evaluation, mitigation, and measurement

We are looking for experienced Asst Manager / Manager IT Infrastructure to supp our Microsoft-based infrastructure.This role demands a strong focus operations,covering Microsoft 365, Azure, SharePoint, and Active Directory, both cloud & on-premises

Skill required: Risk & Compliance - Risk Management Designation: Risk and Compliance Associate Manager Qualifications: Any Graduation Years of Experience: 10 to 14 years What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.Anticipate, plan for, and react to risks and issues to the project, including categorizing their severity, taking into account the likelihood of occurrence, mitigation & contingency planning. Follow an agile approach that builds risk management into scrum roles, artifacts, and events and helps in continuous project delivery. What are we looking for Anticipate, plan for, and react to risks and issues to the project, including categorizing their severity, taking into account the likelihood of occurrence, mitigation & contingency planning. Follow an agile approach that builds risk management into scrum roles, artifacts, and events and helps in continuous project delivery. Anticipate, plan for, and react to risks and issues to the project, including categorizing their severity, taking into account the likelihood of occurrence, mitigation & contingency planning. Follow an agile approach that builds risk management into scrum roles, artifacts, and events and helps in continuous project delivery. Roles and Responsibilities: In this role you are required to do analysis and solving of moderately complex problems Typically creates new solutions, leveraging and, where needed, adapting existing methods and procedures The person requires understanding of the strategic direction set by senior management as it relates to team goals Primary upward interaction is with direct supervisor or team leads Generally interacts with peers and/or management levels at a client and/or within Accenture The person should require minimal guidance when determining methods and procedures on new assignments Decisions often impact the team in which they reside and occasionally impact other teams Individual would manage medium-small sized teams and/or work efforts (if in an individual contributor role) at a client or within Accenture Please note that this role may require you to work in rotational shifts Qualification Any Graduation

What You'll Do Avalara is looking for a Security controls specialist to join our team, reporting to the Sr. Manager, Governance Risk and Compliance. You will collaborate with multiple teams to design an internal control environment for Sarbanes-Oxley compliance. What Your Responsibilities Will Be Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems. Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors. Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls. Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection. Coordinate the documentation and migration of control information into Avalaras GRC platform. Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives. Assist with the performance of ad hoc risk and compliance assessments as needed. What You'll Need to be Successful Bachelors degree in Information Technology, Computer Science, or equivalent experience. 5+ years of experience in IT Audit, IT Security, or IT Risk Management. Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc. Strong understanding of application security principles, including the ability to assess risk through code and design review processes. Deep knowledge of technical controls, including their design, implementation, and effectiveness. Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance. Skilled in identifying business risks and evaluating trade-offs between technical and business objectives. Experience with risk management platforms (e.g., ServiceNow GRC) is a plus. Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision. Strong organizational, planning, verbal, and written communication skills.

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred

Your Impact As part of the third line of defense, you will be involved in independently assessing the firm s overall control environment, and communicating the results to the firm s local and global management the effectiveness of the firm s controls that mitigate current and emerging risks, and monitoring the management s implementation of control measures. In doing so, you are supporting the provision of independent, objective and timely assurance around the firm s internal control structure, and supporting the Audit Committee, the Board of Directors and Risk Committee in fulfilling their oversight responsibilities. Responsibilities You will play a vital role in audit execution focusing on the review of Technology processes and analyzing the risks involved and assessing the design and operating effectiveness of the controls implemented to mitigate the risk. You will be responsible in documenting the assessments and testing conducted and discussing the results with the firms local and global management. In addition, you will also monitor and follow up with management on the resolution of the open audit findings. Basic Qualifications Degree / Certifications in Information Technology 3-6 years of experience as a Technology auditor covering IT applications and processes Strong written and verbal communication skills Understanding of software development concepts and system architecture Basic level understanding of databases, operating systems and messaging Proficiency in data analysis using Excel or SQL Must be highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly Preferred Qualifications Ability to review / develop code (Java, C++, Python, etc) Experience with Data Analytics tools and techniques Relevant certification or industry accreditation (eg CISA) Knowledge of Financial Products and Services

IT AUDIT

Manager / Sr. Manager Revenue Assurance Essential Responsibilities Leading the revenue assurance function for the Company Consolidation and review of all the revenue entries booked from various streams Reconciliation of revenues with the sub systems and documentation of the reasons for any differences Effective management of a team of 4-5,includingtraining and coaching Presentation to the stakeholders of the monthly revenues during month close process Maintaining all the documentation for SOX purposes Assist in facilitating the automation of current processes Maintain/ update summary listing of accounting issues, work with management to summarize key issues and exposure items, and clearly articulate summaries and positions taken Work closely with the external auditors to coordinate audits and reviews Skillset MBA / CA with 6-8 years of experience in the revenue assurance role Understanding of nuances and differences between the billing and revenues Working on multiple tracking systems and reconcile any differences between tracking vs billing vs revenues Link the contractual commitments with the billing and revenues Summarize the impact of any deviations from the normal rev rec methodology like revenues on hold during circumstances like bankruptcies, service delivery issues, delayed payments, etc Tracking the billing against accruals and avoid the revenue leakages Ability to research on market inputs related to the customers like MCA transactions and incorporate those in revenues or count of customers summaries Maintain the deferred revenue schedules and periodically assess the stale items in the schedule Review the variance analysis MoM, QoQ, YoY on all aspects of the revenues including but not limited to customer level, BU level, etc Worked with US technology company in a SOX Automation and process improvement experience, such as integration of subsystems and ERP Extreme comfort and grasp of numbers (customers, business units, revenues, ARPU etc) Experience of presenting the numbers to the stakeholders, proficiency in navigating from the grass root analysis to executive level summary. Experience of working with multiple stakeholders like other accounting functions, FPCA, Business leaders, Auditors Need to be a strong team player with willingness to learn and train the Need to have growth mindset, past experience should only be a starting point, not a constraint

Sales Specialist Meet the Team Indian enterprise sector is going through huge digital transformation. Areas like Cloud adaption, Sophisticated Analytics, AI, IOT, Block chain & Robotic Process Automation, Information Security are key building block towards this transformation. You would be responsible for Building Cisco Security Business pipeline & achieve the Security Annual targets in the large enterprise segment Your Impact Lead Large Customer Engagement with CISO level conversation within Ciscos top enterprises and conglomerate. Support Sales Account Management (AMs) as Cyber Security Sales Specialist in large sophisticated projects (comprising of Zero Trust Architecture, Securing cloud work loads, transforming SOC, Micro segmentation and others) Understand the client/sector requirements and Map Cisco Security products & Services & Build Solution Stack for Sales Account Managers Understand NIST, CERTIN guidelines, mitre att&ck framework, OT Security. Good understanding of Cisco Security products. Well engaged with Tier-1 & Tier-2 SI Drive Cisco Security product sales within commercial segment in Manufacturing, PSU, ITeS, Digital Native and Pharma Who You'll Work With GSSO SE team Account Manager Product Engineering BU across vertical Regional SE Team Regional Channel Team Minimum Qualifications 8-10 Years of experience in Security OEM / Service Provider Environment in managing Sales/ Pre-Sales/Product Management function Good understanding of business scenarios with solution expertise to formulate a realistic and executable strategy for Security adoption among enterprises. Possess blend of technology expertise across various cyber security vendors, enterprise networks, datacenter, cloud networking and Information systems security. Good connects with Cybersecurity decision makers in enterprises

Eviden, part of the Atos Group, with an annual revenue of circa " 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. RoleGRC Consultant Location: Bangalore (JP Nagar), Navi Mumbai (Mahape) Experience: 3+ years Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk & Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web & mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing & cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / CertificationISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk