436 It Audit Jobs - Page 7

Role & responsibilities: This job is actively involved in the execution of audit activities related to information technology security, system implementations, and data privacy to determine whether Highmark Health and its subsidiaries' network of risk management, control, and governance processes, as designed and operated by management, are adequate and functioning. Assesses whether the processes and controls provide reasonable assurance that information technology and security risks are identified and managed, and that significant financial, operational, and protected information is secure, accurate, reliable, and processed timely. Determine and assist with the development of recommendations to improve the implementation of business process and systems changes and project management controls. Execute the IT Assurance and Advisory programs aligned with the overall Internal Audit strategy. Comply with the Health Insurance Portability Accountability Act of 1996 (HIPAA) as it pertains to disclosures of protected health information (PHI) as described in the Notice of Privacy Practices and Privacy Policies and Procedures. As a component of job roles and responsibilities, employees in this role may have access to covered information, cardholder data, or other confidential customer information which must be protected at all times. In connection with this responsibility, employees in this role must adhere to all data security guidelines established within the Companys Handbook of Privacy Policies and Practices and Information Security Policy. Preferred candidate profile:

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant & Senior Assistant Department BAS -IT Risk Assurance Experience At least 1 to 3year of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

About The Role : Experience in Risk, Compliance, Assurance and Regulatory areas. Preferred candidate with professional consulting experience in risk management ideally with a Big4 or similar large consulting firm. Good understanding of Technology Risk and Compliance frameworks is preferred. Ensure strategic objectives are implemented, risks managed, and benefits realised. Advise the projects and programs on how to identify, monitor, measure and manage existing and emerging risks. Provide independent oversight and challenge the effectiveness of risks and controls during pre and post implementation of projects. Good communication and presentation skills with a proven track record in stakeholder engagement and influencing skills. Ability to plan and prioritise to manage multiple work streams/tasks simultaneously. Candidates with certifications like CISA, CRISC, and PRINCE2/Agile will be preferred. Primary Skills Risks and Controls Management within technology space Technology Insight (Infrastructure, Data, Cloud and Service Management) Project Lifecycle Management Stakeholder engagement Secondary Skills Team Management Presentation skills Inclusive Communication Multi-Tasking

About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT ? ? Mandatory Skills: Security Information Event Management. Experience5-8 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT ? ? Mandatory Skills: Zscaler Web Security. Experience5-8 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT ? ? Mandatory Skills: Bluecoat Proxy. Experience5-8 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSEWIT, BSE507685, NSEWIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role _x000D_ Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? _x000D_ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? _x000D_ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? _x000D_ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? _x000D_ Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Cloud Security Posture Management_x000D_. Experience8-10 Years_x000D_. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSEWIT, BSE507685, NSEWIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Saviynt. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSEWIT, BSE507685, NSEWIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: ForgeRock Identity Manager. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT ? ? Mandatory Skills: Saviynt. Experience5-8 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos AI Gigafactory, our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI, our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation, our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn, X, YouTube, and Facebook. We are inviting applications for the role of Senior Manager, IT-SOX In this role, you will be responsible for delivering solution offerings primarily related to IT & Application Controls Assurance. Demonstrate IT operational risk knowledge/experience including design of effective control processes, development of test requirements and/or testing controls for effectiveness Responsibilities . Ensure client service delivery per the quality guidelines & methodologies. . Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. . Contribute to people and knowledge development initiatives by developing training material and conducting training . Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties . Demonstrate superior relationship building and relationship management skills Qualifications we seek in you! Minimum qualifications / skills . B.E., BTECH, MTECH, MCA, MBA . IT SOX, ITAC experience . SAP controls/audit experience . SOC and interface controls experience . IT audit experience preferred . CISA/CISM/ other risk certification including cloud security preferred Preferred qualifications / skills . Experiences in providing Risk & Advisory services to clients on SOX readiness, SOC, Internal audits, ITAC&rsquos, across Business Processes and ERPs and across Operating systems (Windows, UNIX, Mainframe), databases (HANA, Oracle, SQL), key reports. . Conducted SOC1 / SOC2 Readiness Assessment, compliance to COSO & COBIT Frameworks, IPE testing and interface controls testing . Supported clients / projects pertaining to Data Security & Privacy involving HIPPA, GDPR and PCI DSS . Performed Risk assessment, Controls Design, implementation, operating effectiveness reviews, including experiences of Control Rationalization and Automation . Reviews / Benchmarking of Policies and Procedures pertaining to SDLCs, Change management, Access Management, Backup management, etc . Built / reviewed Third-Party Risk Management Frameworks, including focused on Information Security, carried out Supply Chain Security assessments . Assisted organizations to set up process for data subject access rights in coordination with GDPR regulation, and mitigate risk with respect data leakage . Significant experience in managing large projects around IT and application controls assurance . Good understanding of ITGC and application control framework around ERPs and complex IT environment such as the system of engagement, digital tools, cloud application infrastructure . Able to lead a team and lead client conversations in recommending controls around digital implementation and regular status updates . Experience in working with the implementation team specifically to implement application configuration, interface, and business process controls . Experience in solution and practice development, lead conversations with internal business leads and sales partners to identify opportunities and avenues to embed required solution . In-depth knowledge/experience of business processes (AP/RTR/AR etc.), systems, and infrastructure including project management, change management, access management, and data processing operations such as job scheduling and monitoring, problem management, and backups Why join Genpact . Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation . Make an impact - Drive change for global enterprises and solve business challenges that matter . Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities . Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day . Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Advisor, you will provide enterprise-level advice to make organizations cyber resilient. Your typical day will involve engaging with various teams to assess and address cyber threats, developing strategies for digital asset protection, and ensuring that stakeholders maintain trust in the organization's security posture. You will also be responsible for staying updated on the latest cybersecurity trends and best practices to effectively guide your organization in navigating the complex landscape of cyber threats. Roles & Responsibilities:-Perform required audits and tests related to the Business Continuity Plans-Develop plans to safeguard data and intellectual property against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs-Work with Accenture's global asset and security organizations to develop solutions for clients unique problems and help implement business continuity plans and align resources, as appropriate-Deliver on key metrics (SLAs and KPIs) and contractual requirements successfully to execute run and transform projects to ensure the quality of functioning of teams to optimize security measures-Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of risk management frameworks and compliance standards.- Experience in developing and implementing security policies and procedures.- Ability to conduct security assessments and audits.- Familiarity with incident response planning and execution. -Active participation in hiring of talent, operating of projects in various type and scale, execute concepts and implementation strategies for various systems to ensure practical implementation of security standards across client and industries.-Understands requirements and participates in Solution Review, Client orals, Client visits etc. to represent Accenture to help client and provide solutions to clients needs.-Document and deliver security and emergency measures policies, procedures, and tests.-Conversant on multiple CyberSecurity domains like:Identity and Access Management, Network Security, Vulnerability Management (Infra and Applications), Cloud Security, Endpoint and Email Security, SOC\SIEM, Network Security, Risk & Compliance, Data Security independent of various tools, technologies and processes. Additional Information:- The candidate should have minimum 12 years of experience in Security Governance.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Convene the IS group meeting on a frequent basis Maintain minutes for all the IS group meetings and ensure the closure of action items Initiate and monitor the internal security audits on defined frequencies Analyze and verify findings and action plans of internal audit Present the findings and trend to top management Verify and analyze the information security incidents along with respective team and take appropriate action. Identify, measure, and analyze information security objectives of all the departments and projects Ensure information security risk assessment and action plan initiation are conducted on a regular basis for all the departments and projects. The critical information security risks and the status to be updated to top management Analyze and approve special permissions which are requested by the employees Ensure the regular reviewing of ISMS documents and make sure that the approved changes are updated in document. Monitor IT related events regularly and ensure that appropriate actions are taken. Ensure the network issues and glitches in the system are addressed on time by IT Monitor the Information security performance and execute the action plans where ever necessary and ensure that the proposed actions are taken care. Ensure the ISMS Awareness among employees are developed. Develop information security policy and get it approved by top management Develop a Business Continuity Plan along with the team members and get it approved by top management Frequently test the BCP and ensure appropriate actions are taken Ensure appropriate external Information Security communications are conducted by relevant team. Ensure applicable acts and policies of the organization are identified, detailed and appropriate actions taken to implement the same Ensure all department related security activities are taken care and support in case of any issues/ clarifications.

Shell has a requirement for ITGC Analyst . Based on JD, it appears to be more on Risk Management/Environment Governance. Can you suggest a primary skill to be used for this role and add the respective representative from TA team for this role. As an ITGC Testing Analyst, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts.. More specifically, your role will include: ITGC Testing: Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing: Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Test Scripts: Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation: Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting: Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management: Advise IT operations on risk management and contribute to remediation plans for deficient controls. : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication: Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management: Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. Experience: IT Audit Expertise: Proven experience in IT audits or ITGC testing. Technical Skills: Certifications: Relevant certifications like ISO 27001, CISA, CISM, and CRISC or having a strong desire to work towards obtaining such certifications. Information Risk Management: Good understanding of information risk management and associated processes. Application Proficiency: Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement: A mindset geared towards continuous improvement and project management experience. Work Schedule: Mid-Shift: Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization po Shell has a requirement for ITGC Analyst . Based on JD, it appears to be more on Risk Management/Environment Governance. Can you suggest a primary skill to be used for this role and add the respective representative from TA team for this role. As an ITGC Testing Analyst, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts.. More specifically, your role will include: ITGC Testing: Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing: Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Test Scripts: Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation: Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting: Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management: Advise IT operations on risk management and contribute to remediation plans for deficient controls. : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication: Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management: Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. Experience: IT Audit Expertise: Proven experience in IT audits or ITGC testing. Technical Skills: Certifications: Relevant certifications like ISO 27001, CISA, CISM, and CRISC or having a strong desire to work towards obtaining such certifications. Information Risk Management: Good understanding of information risk management and associated processes. Application Proficiency: Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement: A mindset geared towards continuous improvement and project management experience. Work Schedule: Mid-Shift: Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization po

10+ yrs exp IT & IT Security Certified in ISO 27001: 2013 Enterprise IT Governance including knowledge of IT risk management and controls Strong power point presentation creation and design Func as SPOC for IT GRC & Audits Team Leading Exp preferable Required Candidate profile Manage establishment of operate & tech decision-making process to ensure IT svc are align to organization priorities & risk appetite Prep sec dashboards with KPIs, sec metrics for CISO presentations Perks and benefits Mediclaim + additional 10% performance bonus

Job Summary The Internal Auditor plays a key role in a dynamic, Global Financial Technology (FinTech) Company, partnering with the business to ensure risks are recognized and appropriately managed. The role is responsible for executing audits as prescribed in Internal Audits audit plan and works extensively the business to learn, document, and/or test processes to identify opportunities for improvement or gaps in controls and/or company policies. Responsibilities Develop a comprehensive understanding of the Company s business, risk landscape, financials, processes and control environment Conduct audits for compliance with policies, standards, key controls, regulatory requirements etc. ,including testing, analyzing evidence and identifying issues Evaluate the design and effectiveness of controls to manage risk within risk appetite and tolerance Validate exceptions including quantifying risks, investigating root causes, and working with owners to establish action plans Evaluate significant corporate initiatives, processes, operations, implementations, M&A, etc. to ensure appropriate risks and controls have been considered Recommend improvements to systems, procedures and processes to minimize risks, improve efficiency, or generate cost savings Prepare work papers to adequately document audit work performed and to support conclusions reached Prepare formal written reports expressing opinions, review results with management and perform ongoing tracking and monitoring of remediation efforts Maintain knowledge of current information technology, InfoSec, auditing practices, industry trends, etc. Supervise, train, and mentor junior auditors Participate in department initiatives to further advance the Internal Audit function Perform special projects as needed Knowledge, Skills, Abilitie s High ethical standards and values with ability to handle confidential / sensitive issues and information with the highest degree of professional responsibility Ability to handle multiple priorities; work under pressure and time constraints Solid interpersonal skills with the ability to build relationships and gain the confidence and respect of internal and external stakeholders Experience with interviewing techniques that enable primary risk identification Knowledge of IT General Controls auditing; IT Application Controls reviews; auditing concepts, approaches, tools and technique; risks and controls; IT and Security concepts, standards, frameworks and best practices; Business and IT process flows Experience delivering IT audit projects, risk assessments, system reviews, IT controls testing Strong analytical skills with keen attention to detail Ability to define problems, collect data, establish facts, and draw valid conclusions Ability to read, analyze, and interpret technical information, reports, documents and diagrams Strong communications and presentation skills Project management skills with ability to manage multiple projects Willingness to obtain professional certification, such as Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA) Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or similar Proficiency in basic PC applications (MS Excel, Word, PowerPoint, Visio) Ability to travel globally as needed for audits ( Required Experience :3-5Yrs 2+ years of IT Audit, Information Security or other relevant experience Big 4 experience is added advantage Degree OR Post graduate in information technology or other related field (e.g., information systems, business intelligence, computer science, MCA,BCA etc.) IT Internal Audit experience OR experience under Enterprise risk management Years of experience in public accounting, consulting, ERM, Audit, Technology, Information Security, or relevant field Professional certification, such as Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or similar Experience with eGRC tool, technology-based auditing techniques, etc. Experience working in FinTech, Banking or Technology industries We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold: Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave. Well-being: Access confidential one-on-one therapy through our Employee Assistance Program, unlimited personalized coaching via our coaching app, and access to our Gather Groups for emotional and mental support. Medical, life & disability insurance, retirement plan, lifestyle and other benefits* ESG: Benefit from paid time off for volunteering and donation matching. DEI: Participate in multiple DE&I groups for . We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves. Be unique, be exceptional, and help us make a difference at Finastra!

1.Governance and Policy Development oDevelop and implement governance frameworks, policies, and procedures to ensure alignment with industry standards and organizational objectives. oRegularly review and update GRC policies based on regulatory changes, client requirements, and industry best practices. oCreate and maintain documentation for governance, risk, and compliance initiatives, ensuring accessibility and adherence across the organization. 2.Client Due Diligence and Risk Assessment oManage and respond to client due diligence and security assessments, providing accurate, timely information about the organization's risk management, security posture, and compliance practices. oCoordinate with relevant teams to compile necessary documentation and evidence to address client inquiries regarding data protection, privacy practices, and information security controls. oConduct risk assessments based on client requirements, identifying and addressing potential gaps to ensure continued alignment with client security expectations. 3.Vendor Risk Assessment and Management oConduct thorough vendor risk assessments to evaluate the security posture and compliance of third-party vendors. oCollaborate with the procurement and legal teams to review vendor agreements, ensuring they meet the organizations GRC and security standards. oMonitor and maintain the vendor risk register, tracking vendor compliance, and conducting periodic reassessments for critical vendors. 4.Risk Assessment and Mitigation oLead and conduct internal risk assessments, identifying and analysing potential risks to the organizations assets and operations. oDevelop and implement risk treatment plans in collaboration with stakeholders, tracking and reporting on risk mitigation efforts. oMaintain the organizational risk register and work with cross-functional teams to ensure continuous monitoring and timely response to emerging risks. 5.Compliance Management and Regulatory Oversight oEnsure compliance with relevant standards and regulations, such as ISO 27001 (ISMS), ISO 27701 (PIMS), ISO 27017, ISO 27018, ISO 42001 (AI oManagement Framework), CCPA, NIST, GDPR, PCI-DSS, CIS Benchmarks. oSupport internal and external compliance audits, control testing, and regulatory assessments, and coordinate with departments to gather required documentation. oStay updated on regulatory requirements and communicate changes in compliance obligations to relevant stakeholders. 6.Control Implementation and Monitoring oDesign, implement, and assess controls to ensure they align with GRC policies and regulatory requirements. oConduct regular control testing and monitor control effectiveness, identifying and remediating any deficiencies. oCollaborate with teams to improve and strengthen internal controls across the organization. 7.Incident Response and Analysis oSupport the incident response process by providing guidance during incidents and conducting post-incident reviews to ensure alignment with GRC frameworks. oRegularly review and update incident response plans and playbooks, incorporating lessons learned from security incidents to enhance future response efforts. 8.Training, Awareness, and Stakeholder Engagement oDevelop and deliver training sessions on GRC-related topics, increasing organizational awareness of risk, compliance, and security responsibilities. oCollaborate with Legal, IT, HR, and other departments to ensure integrated and effective GRC practices. oCommunicate risk assessment results, policy updates, and compliance requirements to stakeholders and senior management. 9.Documentation, Reporting, and Metrics oMaintain comprehensive documentation for all GRC activities, including client and vendor assessments, internal audits, risk assessments, and compliance reviews. oCreate and present reports, metrics, and dashboards to communicate GRC status, control effectiveness, and compliance progress to senior management. oDocument and track risk assessment outcomes, client inquiries, and remediation actions to ensure transparent and effective risk management practices.

Assist in the development, review, and maintenance of IT security policies, procedures, and documentation. Support internal audits and assessments aligned with frameworks such as ISO 27001, NIST, SOC 2, and GDPR. Participate in risk assessments to identify and track remediation efforts for security and compliance risks. Help maintain compliance registers, risk logs, and GRC tools. Work with cross-functional teams to collect evidence for compliance and audit activities. Monitor changes in regulatory and compliance requirements relevant to the organization. Assist with third-party vendor risk management and due diligence reviews. Contribute to awareness programs to promote a culture of compliance and security.

Job Summary: We are looking for an experienced IT Audit Specialist with a proven track record in Big 4 consulting firms (Deloitte, PwC, EY, or KPMG). The ideal candidate must hold a valid CISA or CISSP certification and demonstrate deep expertise in IT general controls (ITGC), risk management, cybersecurity, and compliance. This role is focused solely on IT audits and advisory, not statutory or financial audits. Key Responsibilities: Lead and perform IT audits, including ITGC testing, automated controls reviews, and application audits across various environments. Evaluate cybersecurity controls, risk mitigation practices, and IT governance processes. Conduct assessments for SOX IT compliance, SOC 1/SOC 2, GDPR, and other regulatory frameworks. Work closely with internal stakeholders and client teams to identify control weaknesses and recommend remediation strategies. Participate in risk assessments, control design evaluations, and implementation of industry best practices. Document findings, prepare reports, and present results to senior leadership or client executives. Stay updated on emerging IT risks, technologies, and industry regulations to enhance audit effectiveness. Required Qualifications: 6+ years of IT audit experience with exclusive background in Big 4 firms (Deloitte, PwC, EY, KPMG). Professional certification: CISA (required); CISSP or other security certifications are a plus. Strong knowledge of ITGCs, application controls, and security frameworks (COBIT, NIST, ISO 27001). Experience in ERP systems audits (e.g., SAP, Oracle) and cloud environment assessments (AWS, Azure, GCP). Strong analytical, documentation, and communication skills. Ability to manage multiple projects and meet tight deadlines in a client-facing environment. Preferred Skills: Experience with SOC 1/SOC 2 reporting, vulnerability assessments, or data privacy audits. Familiarity with tools like Archer, ServiceNow GRC, or audit analytics platforms. Exposure to IT risk advisory or cybersecurity transformation projects.

Headquartered in Canada with locations across the United States and around the globe with a footprint on six continents, Bulletproof, a GLI company has decades of technology, security, and compliance expertise. Bulletproofs work in the security space has been recognized nationally and globally with Microsofts global Security Partner of the Year in 2021 and five Microsoft Canada Impact Award wins from 2019 to present-day. At Bulletproof, our vision is to serve, secure, and empower the world through people and technology; one customer at a time. We believe everyone has the right to feel safe and secure. Our mission is to serve and protect organizations to ensure their success. What we have to offer : Challenging Work - We love solving highly complex problems. Across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they're passionate about. Great People - We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success. Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large. Diversity, Equity and Inclusion - We celebrate each others differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen. Position Summary: This position will work with Bulletproof employees to extract internal requirements for the configuration of an Audit Automation Platform. The candidate will need to define the best approach to configure those requirements within the chosen Audit Automation platform. This includes, but it is not limited to implementing checklists starting from a given technical standard, implementing report and audit plan templates and define workflow logic. Those requirements need to be maintained within the platform as the number of checklists served is increasing and as the audit methodology evolves. This position's main duties are regarding the configuration and maintenance of a chosen Audit Automation Platform. Responsibilities: Configure audit templates and checklists in the Audit Automation Platform Translate compliance frameworks (e.g., ISO 27001, NIST, SOC 2) into structured audit workflows Maintain and update templates based on evolving audit needs Support internal users and troubleshoot platform issues Document configuration guidelines and best practices Liaise with auditors and IT/security stakeholders to ensure audit readiness Develops and reviews security audit reports for quality assurance. Collaborating with clients to develop appropriate remediation plans. Collaborating with colleagues in other lines of services in support of client needs for Information Security Services. Follows, maintains and suggests improvements to standard operation procedures (SOP) Follows, maintains and suggests improvements to workflow and Audit Automation Platform interface Provides clients with exceptional service in a professional, courteous and timely manner. Perform other related duties as assigned. Defines the scope for information security audit assignments. Support the team technical development (e.g. through service development or research) and contribute to technical processes overall. Required Education / Credentials / Qualifications: Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent College Diploma and related experience. Prior experience with audit or compliance automation tools (experience with AuditBoard, Vanta, Drata or Intact Platform is a plus) Familiarity with IT/IS audit and compliance standards (ISO 27001, NIST, SOC 2, etc.) Strong skills in configuring structured templates and workflows Ability to understand and map audit requirements into platform configurations Detail-oriented, organized, and self-motivated Clear written and verbal communication in English Must have in-depth experience designing and implementing information security solutions. The following skills are preferred but not required: Basic scripting or low-code experience (depending on customization features) Experience working with internal IT or security teams Familiarity with other GRC tools or platforms

This will be an Individual Contributor role to start and can evolve over time based on how this function matures. You will play a critical role in the companys tech infrastructure, processes which will be fully aligned with regulatory, security and business continuity standards. Key Responsibilities Draft, coordinate monitor IT processes policies to ensure compliance as per IT Act, regulatory bodies (e.g. RBI, SEBI, GDPR, UIDAI etc.), info security (ISM) guidelines and other applicable laws with respect to Technology, in coordination with internal external stakeholders Prepare update business-wise IT infra details required by the Compliance/Legal teams for regulatory filings and 3rd party audits Conduct vendor risk assessment audits ensure identified gaps are proactively filled Introduce new processes policies by conducting market studies surveys relevant to our business Plan, formulate, coordinate, implement monitor the cyber crisis management plan (CCMP) Incident Management and resolution Interface with external auditors and set up processes to ensure all Infosec audits go smoothly Formulate, implement, review monitor BCP Requirements 4-6 years of experience, including being SPOC for Infosec audits In-depth knowledge of technology, security, risk, and compliance best practices Strong capability in interfacing with both technology and business teams Detailed understanding of security monitoring, threat intelligence vulnerability management A self-driven attitude with a strong sense of ownership Experience with RBI and/or SEBI (preferred) audits is a big plus Assisting the team to conduct Technology Committee Assisting the Risk Officer to conduct independent assessments of the business functions Provide timely data for Risk Management Committee

Manage audits - plan to finish Background 3 yrs in either Telecom software/Protocol, Embedded systems, Mobile Device & Mobile Applications, IOT Blockchain, Artificial Intelligence, UAS software systems, applications /IT system /Software product test Provident fund Annual bonus