42 It Controls Jobs

As an Internal Audit IT - Professional I at Fiserv, you will efficiently conduct audit projects in compliance with The Institute of Internal Auditors standards and Fiserv global Internal Audit framework. Working under the guidance of the Audit Lead, you will contribute to audit planning, execute field work including scheduling interviews, reviewing materials, designing and conducting audit testing, analyzing results, and drawing conclusions. Additionally, you will assist in documenting test results, preparing draft and final audit reports, and summarizing findings. You will be responsible for a variety of audits, including operational, compliance, or IT focused, under various financial or info-security/cyber security regulations in different international locations. To excel in this role, you are required to have a BSc/MSc-IT / BCA/MCA degree with an emphasis in information technology or equivalent, along with 2 to 4 years of experience in assessing technology/IT controls, preferably in Banking and Financial services domain. It is preferred that you have experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, and Network security control risk reviews. Good client interfacing skills, communication, interpersonal skills, and proficiency in Microsoft Office products are essential for this position. Thank you for considering employment with Fiserv. To apply, please use your legal name, complete the step-by-step profile, and attach your resume. Fiserv is committed to diversity and inclusion. Please note that Fiserv does not accept resume submissions from agencies outside of existing agreements and warns against fraudulent job postings not affiliated with Fiserv that may be used by cyber criminals. Any communication from a Fiserv representative will come from a legitimate Fiserv email address.,

You will be joining Reckitt, a company known for housing the world's most beloved and trusted hygiene, health, and nutrition brands. The core purpose of Reckitt is to protect, heal, and nurture in the continuous pursuit of a cleaner, healthier world. As part of our global team, united by this purpose, you will play a crucial role in ensuring access to top-quality hygiene, wellness, and nourishment is a universal right rather than a privilege. In the domain of Information Technology & Digital, Reckitt is currently seeking a proficient IT Controls professional to become a part of our 1st Line of Defence (1LOD) team. This role will involve implementing, rectifying, and ensuring compliance with IT controls across various systems, with a specific emphasis on the SAP environment. Your primary responsibilities will include collaborating with different business units to proactively address IT General Control (ITGC) issues, ensuring prompt remediation, and sustaining a compliant IT landscape. Your key responsibilities will encompass implementing IT controls, remediating control deficiencies in partnership with control owners, tracking and reporting issues, particularly related to SAP systems expertise, coordinating with control owners for timely execution of remediation actions, managing documentation, and supporting the risk acceptance process for unresolved issues. The ideal candidate should possess a minimum of 5 years of experience in IT controls, IT audit, or a related field within the 1LOD, with a total of 9+ years of experience. A strong grasp of IT General Controls (ITGC), IT control frameworks like COBIT/NIST/ISO 27001/SOX, hands-on remediation of IT control deficiencies, and managing risk acceptance are essential. Proficiency in SAP systems and knowledge of control requirements specific to SAP environments, including SAP Change Control processes, are crucial. Demonstrated ability to collaborate with cross-functional teams, influence stakeholders effectively, and fluency in German, Polish, or Spanish (depending on the role and region) are highly desirable. Possession of relevant certifications such as CISA, CISM, or CISSP will be considered a plus. At Reckitt, inclusion is at the core of our operations. We prioritize supporting our employees throughout their career journey, assisting them in achieving success in their unique ways.,

You are an experienced IT Audit Manager responsible for leading and overseeing comprehensive IT & Cybersecurity audits. Your role involves supporting the Engagement Lead in planning and executing engagements effectively. You will be preparing IT and Cyber audit programs targeting high-risk areas, ensuring engagements are in line with the Corporate Audit Methodology. You will collaborate with external/internal auditors to eliminate duplication of effort and enhance audit efficiency. Supervising team members, providing feedback, and guiding them to ensure timely execution of engagements are also part of your responsibilities. Additionally, you will assess identified gaps, evaluate their significance, and propose potential business impact solutions. Your duties include finalizing audit findings discussions with the audit team and management, preparing audit reports, and educating process owners on internal controls. Driving follow-up for timely implementation of corrective actions and escalating when necessary are crucial aspects of this role. Location Preferred: PAN India Certifications Required: CISA / CISSP / CISM,

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

ITGC -Hyderabad They will be the same key roles and responsibilities, but each headcount will have specific focus/expertise as outlined in 1-4 below. This should give high level summary of specific qualification/experience in resources that we look for. Information Security/Cyber Security Infrastructure, cloud platform, network, and service management, software engineering/SLDC Data ITGC and business application controls Key Role & Responsibilities Conduct and document thorough walkthrough of IT controls Design test plans and document test steps to assess the control design and operating effectiveness Create/prepare a document request list and work with control owners/performers to obtain evidence supporting the control execution and validation that the control is working as intended. Complete control testing workpaper and maintain detailed records of testing results, findings, and recommendations. Address workpaper review comments and independent review and challenge from the Second Line of Defense Specific Skillsets & Experiences Experience with IT internal audit or other risk assurance functions Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP Strong understanding of risk management methodologies, and security control testing techniques. Strong verbal and written communication skills, with the ability to lead walkthroughs with control owners/performers, and construct questions and follow-ups. Focus on each headcount: Information Security/Cyber security focus - Technical skills and experiences with particular focus/familiarity on the following control areas or tools, but not limited to: Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.) Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva) Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust) Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence Cloud platform security Application and API security OWASP principles, SAST, SCA, DAST, secret scanning Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea) Infrastructure, cloud platform, and network, and service management, software engineering/SDLC focus - Technical skills and experiences with particular focus on the following control areas/concepts, but not limited to: Server and Directory service management Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build template Platform and application observability Disaster recovery – Data center DR test, High availability, cloud recovery Service management – Hardware/software asset management, software licensing, CMDB, change management, incident and problem management SLDC – DevSecOps concept, Coding services (IaC, service mesh etc.), Code repository, CI/CD, Quality engineering and quality assurance Data focus - Technical skills and experiences with particular focus on the following areas/concepts, but not limited to: Database administration – Database design/structure, access controls, build, configuration, backup, jobs, and other maintenance and security measures (i.e., SQL, PostgreSQL) Data warehouse platform/data development/transformation – Design/architecture, Data modeling, ETL, data obfuscation and masking (i.e., Snowflake, Coalesce) Data transit/exchange connection/data file transfers – Monitoring, Logging, Secure file transfer/protocols, error handling Data governance and quality management – Metadata management, Data lineage, Data quality rules, Data defect management (i.e., Collibra) ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts Testing of SOX ITGC / IT general controls Testing of business applications controls – Automated application interface and integration, system/application Please share your profile at surbhi.malhotra@nlbtech.com

7 years’ experience in IT SOX/ITGC, SOC1/SOC2, ITACs, and Information Security Audits Knowledge of IT infrastructure, preparation of Risk & Control Matrix Audit Knowledge of Emerging Technology-Cloud infrastructure, Regulatory compliance requirements Required Candidate profile IT SOX/ITGC, SOC1/ SOC2 and Information Security Audits. Certifications: CISA, CISM, ISO 27001 LA/ LI, CCSK, Certification son Data Privac

Big 4 Hiring in large number IT AUDIT PROFESSIONALS - ACROSS INDIA MEGA DRIVES Call on : 9359055605 /7208835287 Call: 7738402343 Mail: divyani@contactxindia.com Mail : zeenat@contactxindia.com Role & responsibilities Minimum Degree Required: Chartered Accountant or Bachelors Degree Required Fields of Study: Accounting, Finance, Management Information Systems, Computer Science, Economics, Business Administration/Management, Engineering, Mathematics, Statistics , and/or other relevant degree. Minimum Years of Experience: Four years of experience in IT auditing, auditing, consulting and/or implementing experience. Oral and written proficiency in English required. Preferred Knowledge/Skills: Demonstrates thorough knowledge of providing services related to controls around the financial reporting, compliance and operational processes, including business process and IT management controls, which includes a proven record of success with facilitating and completing deliverables involving the following: Financial reporting and information technology risks, processes and controls; Current and emerging technologies which may include: Oracle, SAP, Oracle Database, web development tools, virtualization, UNIX, Linux, and security technologies; COSO Framework, CoBIT and/or other leading business and IT control frameworks; and, Key domains of information technology general controls, including change management, access to programs and data, computer operations and systems development. Identifying key risks and controls, knowledge of Sarbanes Oxley readiness, controls optimization, including the configuration of controls around security, business process and within IT environments; Applying internal control principles and business/technical knowledge working experience applying professional skepticism skills; Leading the execution of a work program and practice aid, as well as perform assessments, using Company proprietary or other relevant tools to evaluate controls, security, SOD, and potential for optimization; Exhibiting project management skills, including developing project plans, budgets, and deliverables schedules; Creating a positive environment, monitoring workloads of the team while meeting client expectations, and respecting the work-life quality of team members. This includes providing candid, meaningful feedback in a timely manner and keeping leadership informed of progress; and, Interacting with clients on solutions and executing projects on client engagements, forming client relationships and demonstrating an understanding of the client's business. Preferred candidate profile

Big 4 Hiring in large number IT AUDIT PROFESSIONALS - ACROSS INDIA MEGA DRIVES Call on : 9359055605 /7208835287 Mail : zeenat@contactxindia.com Role & responsibilities Minimum Degree Required: Chartered Accountant or Bachelors Degree Required Fields of Study: Accounting, Finance, Management Information Systems, Computer Science, Economics, Business Administration/Management, Engineering, Mathematics, Statistics , and/or other relevant degree. Minimum Years of Experience: Four years of experience in IT auditing, auditing, consulting and/or implementing experience. Oral and written proficiency in English required. Preferred Knowledge/Skills: Demonstrates thorough knowledge of providing services related to controls around the financial reporting, compliance and operational processes, including business process and IT management controls, which includes a proven record of success with facilitating and completing deliverables involving the following: Financial reporting and information technology risks, processes and controls; Current and emerging technologies which may include: Oracle, SAP, Oracle Database, web development tools, virtualization, UNIX, Linux, and security technologies; COSO Framework, CoBIT and/or other leading business and IT control frameworks; and, Key domains of information technology general controls, including change management, access to programs and data, computer operations and systems development. Identifying key risks and controls, knowledge of Sarbanes Oxley readiness, controls optimization, including the configuration of controls around security, business process and within IT environments; Applying internal control principles and business/technical knowledge working experience applying professional skepticism skills; Leading the execution of a work program and practice aid, as well as perform assessments, using Company proprietary or other relevant tools to evaluate controls, security, SOD, and potential for optimization; Exhibiting project management skills, including developing project plans, budgets, and deliverables schedules; Creating a positive environment, monitoring workloads of the team while meeting client expectations, and respecting the work-life quality of team members. This includes providing candid, meaningful feedback in a timely manner and keeping leadership informed of progress; and, Interacting with clients on solutions and executing projects on client engagements, forming client relationships and demonstrating an understanding of the client's business. Preferred candidate profile

Greetings of the day ! Our reputed MNC Client is hiring for Senior IT Auditor role: Shift: Shift starts from 11:30 AM, however, due to nature of work and reporting to US , there might be some hours out of normal shift timings. Notice Period: Upto 60 days Roles and Responsibilities Assist the IT Audit manager in audit engagement planning activities for IT SOX Assessment. Lead a team of 2-3 IT auditors for executing tests of design and operating effectiveness. Monitor audit task assignments and drive completion. Lead conversations with stakeholders and auditees during process walkthroughs. Identify control gaps and accordingly provide recommendations in areas requiring improvement based on tests conducted. Conduct reviews of audit workpapers and provide constructive feedback to team members. Monitor status of audit documentation requests and perform timely escalations, as needed. Work closely with stakeholders to communicate audit status, follow-up requests and audit findings. Provide necessary support to external auditors. Qualifications: Bachelor's degree in accounting, Computer Science, Information Systems or related field. Skills Big 4 experience and IT Auditing experience is a must Team management of minimum 4-5 members. Strong communication & stakeholder management. Thanks & Regards, Gayatri Kumari Email id: gayatri@v3staffing.in V3 Staffing Solutions India P. Ltd.

We are looking for a proactive and detail-oriented Assistant Manager to join our Business Controls team. As an Assistant Manager, you will work closely with cross-functional teams to support the development, implementation, and continuous assessment of YouGov's internal control environment. Your responsibilities include identifying risks, recommending improvements, and ensuring compliance with financial reporting controls and best practices. Your daily tasks will involve maintaining and updating risk and control matrices for key business and IT processes, executing control testing, documentation, and assessments, collaborating with departments to design effective controls, identifying deficiencies, preparing reports, and presenting findings to management and auditors. Additionally, you will facilitate training sessions to promote control awareness, stay informed about regulatory requirements and industry standards, monitor remediation of control deficiencies, and track progress for timely completion. To excel in this role, you should have several years of external audit experience, preferably in a SOX or SOX-like environment, along with expertise in process mapping, risk assessment, and control testing. Knowledge of financial reporting standards, corporate governance, IT controls, and data flows is essential. Strong communication skills, organizational abilities, project management skills, and the capacity to work efficiently in a dynamic environment are crucial. You should also be a team player with leadership potential and a commitment to professional development. Desirable qualifications include prior experience in Big 4 audit firms, a Bachelor's degree in Accounting, Finance, or related fields, and professional certifications such as ACA, ACCA, CIMA, CPA, or CIA. Hands-on experience with external/internal audits in a UK/US-listed, SOX-compliant environment is highly advantageous. Join our global online research company and contribute to understanding what the world thinks. Discover more about our diverse and inclusive environment and values as an Equal Opportunity Employer. For details on how we collect and use your personal data during the application process, please refer to our privacy notice at https://jobs.yougov.com/privacy.,

As a Senior Associate in the Controls Champion team at Cognizant's Global Controllership function, you will play a crucial role in supporting various SOX/internal control activities. Your responsibilities will include preparing supporting schedules for SOX activities, updating internal control and process documentation, evaluating process and control impacts, and making recommendations to enhance business process and IT controls. You will be responsible for the administration of the SOX application, managing key control changes and user access provisioning, updating control deficiencies and management action plans, and preparing training materials for senior management and business process owners. Additionally, you will maintain documents and records related to SOX activities, participate in internal control initiatives, and contribute to the overall effectiveness of the Company's processes and controls. To qualify for this role, you should have a minimum of 3-5 years of experience in public accounting, internal audit, or internal control functions. A Bachelor's degree in Accounting, Business, or Finance is required, along with experience in financial and IT general controls in a complex, public company environment. Familiarity with the COSO framework (knowledge of the COBIT framework is a plus), understanding of US GAAP principles, effective communication skills, and the ability to prioritize tasks and achieve results are essential. Ideally, you should have experience working with global company operations, hold a professional certification such as CPA or Chartered Accountant, and possess an advanced business degree. If you are passionate about internal controls and eager to make a significant impact in improving processes and controls, we invite you to join our team in Chennai, India, reporting to the Senior Manager, and contribute to our mission of enhancing the Company's internal control environment.,

As an IT Compliance Specialist at our Vadodara, India location, you will play a crucial role in ensuring the effectiveness of IT controls across all Standex businesses. Reporting directly to the Director IT Security, Operations and Compliance, you will be tasked with defining, reviewing, and assessing the control environment within our IT systems, controls, and processes to guarantee efficiency, effectiveness, and compliance with relevant regulations and industry best practices. Your primary responsibilities will include collaborating with management to develop and implement action plans aimed at rectifying any identified control weaknesses. You will also be involved in hands-on implementation of agreed-upon controls, including assisting in the configuration of systems and networks under the guidance of IT management. The ability to work independently in a dynamic environment is crucial for success in this role, which also presents opportunities for advancement within Standex. Key Responsibilities: - Continuously monitor IT systems and processes to ensure compliance with relevant regulations and standards such as GDPR, SOX, NIST 800-53, and NIST 800-171. - Collaborate with the wider IT community to create an IT compliance program for evaluating compliance risks and gaps in IT systems, applications, and processes. - Conduct regular audits to validate compliance with Standex IT policies, procedures, and standards while proactively identifying risks. - Develop and maintain IT compliance policies, procedures, and guidelines. - Provide training and awareness programs to employees on IT compliance requirements and best practices. - Prepare and present compliance reports to senior management and regulatory bodies. - Work closely with IT, legal, and business teams to ensure alignment and integration of compliance activities. - Implement enterprise-wide processes to monitor compliance with policies, procedures, and standards. - Lead IT compliance engagements and projects to ensure the timely completion of the compliance plan. - Coordinate internal and external audits and provide support for external audit requests. - Support operational initiatives by identifying key risk areas and collaborating with management to enhance Company Policies and Procedures. - Assist in executing the enterprise risk management program and ESG audits. - Undertake additional duties and projects as assigned. Requirements: - Bachelor's degree and/or master's in information technology, auditing, or business management. - Certification such as CISA, CISM, CISSP, or in progress of obtaining (or willingness to obtain). - Experience with administrative systems like Active Directory, M365, Windows Server, or networking. - Minimum 3-5 years of IT compliance experience, including corporate processes, IT, and/or Sarbanes-Oxley. - Exposure to a multinational environment and/or manufacturing experience. - Working knowledge of IT control frameworks like NIST 800-53, ISO 27001, or similar. - Willingness/ability to travel internationally up to 20%. Qualifications: - Proficiency in MS Office. - Excellent communication and interpersonal skills, including effective interviewing abilities. - Detail-oriented with a keen eye for accuracy and problem-solving skills.,

JD IT Senior TEAM: This position will support our IT Audit Group. CohnReznick’s specialized SOC practitioners focus on conducting SOC1, SOC2 and SOC3 audits for third-party service providers, while also conducting internal control assessments, attestations, penetration tests, and firewall assessments. ROLE: Responsibilities include but not limited to: Participates in planning and scoping of IT audits for both SOC engagements and ICFR audits. Comfortable leading technology walkthroughs in IT general controls and application control Develops test procedures for execution and prepares relevant documentation Executes testing of IT general controls and application controls based on internal and industry standards and guidelines. Problem solves and steps in to complete work to meet critical deadlines. Conducts root cause analysis, compensating and mitigating controls, and impact analysis. Communicates engagement status to client and engagement team management. You possess knowledge in ITGCs, IT application controls, cybersecurity as well as IT infrastructure including databases, networks and operating systems. Experience working with both applications and infrastructure supporting financial reporting processes. Being comfortable leading interviews with IT personnel to understand and document the design of IT General Controls (ITGCs). Having experience designing and executed testing for ITGCs. Key focus on Access Management (with related experience in Privileged Access Management and Identity and Access Management), and Change Management (with knowledge of Agile and DevOps methodologies) Possess supervisory skills to supervise, guide and coach activities of other department staff with varying skillsets Working independently or on small teams and possess the ability to multi-task to ensure timely completion of work and managing client and manager/partner expectations. Possess effective planning, coordination, time management, and organization skills. Demonstrate flexibility in prioritizing and completing assignments on time and within budget. Demonstrate attention to detail, strong organization skills, and ability to be agile and adaptable. Being comfortable interacting with clients across different levels of seniority. Experience presenting with a good working knowledge of Microsoft Office applications. EXPERIENCE: The successful candidate will have: 2- 4 years of relevant work experience Bachelor's Degree in computer science or accounting information systems; Experience in IT external audit, IT internal audit, and Technology Risk and / or ITGC assessment for compliance with SOX. ERP Oracle, SAP, JDE) and Cloud security (Azure, AWS, Google Cloud security) knowledge a plus. Must be able to travel, if required and work overtime during busy season Certified Information Systems Auditor (CISA) and/or CPA or working towards it

Position - ITGC Desired candidate Profile is Direct Employment (No Third Party Payroll or CTH) Requirements (including experience, skills and additional qualifications) Technical skills requirements Preferably CA/MBA/M.Sc/B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc. with 1-6 year experience. Knowledge of Information system audit covering areas like ITGC, Application controls, etc. Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. Certifications: CISA Additional requirements Demonstrated track record with a blue chip consulting organization and/or a blue chip organization Strong academic record including a degree (percentage more than 70% throughout) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Position: IT Audit Skills Required: IT Audit, ITGC, ITAC • Possesses extensive experience in IT Audit, IT Risk & Control Assurance space • Core Technical Skills: Hands on experience in executing and delivering audits/assurance engagements of IT General Controls around Applications, Database, Operating Systems, Middleware, Networks, IT Application Controls, IT Attestation (SOC1,SOC 2 etc.), IT Regulatory Compliance, Third Party Risk Assurance etc. • Exposure to business development in consulting (Pre-sales support, proposals, RFP responses) • Possess strong domain knowledge, understanding of business processes and possible risks in operations of at least two industry sectors • Consistent display of leadership skills • Have experience in process consulting/ internal audit/ risk consulting at a project manager level role • Strong analytical and problem solving skills. • Strong written and verbal communication skills • Ability to work well in teams • Ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours • Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic and lead by example.

Position: IT Audit Skills Required: IT Audit, ITGC, ITAC • Possesses extensive experience in IT Audit, IT Risk & Control Assurance space • Core Technical Skills: Hands on experience in executing and delivering audits/assurance engagements of IT General Controls around Applications, Database, Operating Systems, Middleware, Networks, IT Application Controls, IT Attestation (SOC1,SOC 2 etc.), IT Regulatory Compliance, Third Party Risk Assurance etc. • Exposure to business development in consulting (Pre-sales support, proposals, RFP responses) • Possess strong domain knowledge, understanding of business processes and possible risks in operations of at least two industry sectors • Consistent display of leadership skills • Have experience in process consulting/ internal audit/ risk consulting at a project manager level role • Strong analytical and problem solving skills. • Strong written and verbal communication skills • Ability to work well in teams • Ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours • Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic and lead by example.

Desired Profile : Experience into ITGC, ITAC, SOC, SOX is must Should have excellent communication skills and MS- Office skills Candidate with extensive experience in cyber security will not be fit for this role Candidate should be ok to travel to client places and work from office from Day 1. Roles & Responsibilities- Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding projects progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status

Role & responsibilities IT Control Testing - Test internal controls in relation to Encores SOX Compliance program , a requirement for publicly traded companies in the Unites States and India ICoFR requirements as per requirements of India Companies Act. Assess the effectiveness of internal controls assessing whether the controls are appropriately designed, implemented and operating effectively. IT Audits - Assist in IT specific or other audits covering computer operations, security, change management and other IT areas as per the audit plan for the year. IT Audit related Special Projects - Assist in special projects involving review of system migrations, software changes, any other management requests and investigations. Preferred candidate profile EDUCATION: Bachelor's FIELD OF STUDY: IT, Computer Science EXPERIENCE: 1 year CERTIFICATION(S): KNOWLEDGE, SKILLS, ABILITIES, AND OTHER ATTRIBUTES: 1. Basic knowledge of SOX and IT general controls. 2. Proficient in written and oral communication 3. Logical and analytical approach with a keen eye on detail. 4. Basic knowledge with MS Office products (Excel/Visio/PowerPoint/Access), databases, etc Perks and Benefits Transportation Services : Convenient and reliable commute options to ensure a hassle-free journey to and from work. Meal Facilities : Nutritious and delicious meals provided to keep you energized throughout the day. Career Growth Opportunities : Clear pathways for professional development and advancement within the organization. Captive Unit Advantage : Work in a stable, secure environment with long-term projects and consistent workflow. Continuous Learning : Access to training programs, workshops, and resources to support your personal and professional growth. Apply Now at https://encore.wd1.myworkdayjobs.com/externalnew/job/Gurgaon---Candor-Tech-Space-IT---ITES-SEZ/Associate-Information-Technology-Audit_HR-18726 And Share your CV at shobhana@mcmcg.com or anjali.panchwan@mcmcg.com

control testing job descriptions . They will be the same key roles and responsibilities, but each headcount will have specific focus/expertise as outlined in 1-4 below. This should give high level summary of specific qualification/experience in resources that we look for. Information Security/Cyber Security Infrastructure, cloud platform, network, and service management, software engineering/SLDC Data ITGC and business application controls Key Role & Responsibilities Conduct and document thorough walkthrough of IT controls Design test plans and document test steps to assess the control design and operating effectiveness Create/prepare a document request list and work with control owners/performers to obtain evidence supporting the control execution and validation that the control is working as intended. Complete control testing workpaper and maintain detailed records of testing results, findings, and recommendations. Address workpaper review comments and independent review and challenge from the Second Line of Defense Specific Skillsets & Experiences Experience with IT internal audit or other risk assurance functions Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP Strong understanding of risk management methodologies, and security control testing techniques. Strong verbal and written communication skills, with the ability to lead walkthroughs with control owners/performers, and construct questions and follow-ups. Focus on each headcount: Information Security/Cyber security focus - Technical skills and experiences with particular focus/familiarity on the following control areas or tools, but not limited to: Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.) Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva) Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust) Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence Cloud platform security Application and API security – OWASP principles, SAST, SCA, DAST, secret scanning Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea) Infrastructure, cloud platform, and network, and service management, software engineering/SDLC focus - Technical skills and experiences with particular focus on the following control areas/concepts, but not limited to: Server and Directory service management – Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build template Platform and application observability Disaster recovery – Data center DR test, High availability, cloud recovery Service management – Hardware/software asset management, software licensing, CMDB, change management, incident and problem management SLDC – DevSecOps concept, Coding services (IaC, service mesh etc.), Code repository, CI/CD, Quality engineering and quality assurance Data focus - Technical skills and experiences with particular focus on the following areas/concepts, but not limited to: Database administration – Database design/structure, access controls, build, configuration, backup, jobs, and other maintenance and security measures (i.e., SQL, PostgreSQL) Data warehouse platform/data development/transformation – Design/architecture, Data modeling, ETL, data obfuscation and masking (i.e., Snowflake, Coalesce) Data transit/exchange connection/data file transfers – Monitoring, Logging, Secure file transfer/protocols, error handling Data governance and quality management – Metadata management, Data lineage, Data quality rules, Data defect management (i.e., Collibra) ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts Testing of SOX ITGC / IT general controls Testing of business applications controls – Automated application interface and integration, system/application Please share your profile at surbhi.malhotra@nlbtech.com

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Hiring for SOX Audit Level - SME Location - Hyderabad Timings - US Night shift Mode - (Hybrid/On-site) Notice period - Immediate - 30 Days Notice Period - Immediate to 30 Days CTC - Upto 10 LPA SME - 4 to 8 years in SOX/Internal Audit About the Role Were seeking a SOX Audit SME to strengthen our risk and compliance team. If you thrive in auditing financial processes, designing controls, and partnering with global stakeholders, this role is for you! Key Responsibilities Lead SOX 404A/404B compliance testing, internal audits (SSAE 18, RCSA, operational audits), and risk assessments. Perform end-to-end process risk analysis for banks / financial institutions. Test and validate business + IT controls, ensuring alignment with COSO/COBIT frameworks. Drive risk reviews, control remediation, and process optimization. Develop audit reports with actionable insights for senior leadership. Collaborate cross-functionally to enhance governance and compliance standards. Ideal Candidate 4-8 years in SOX, internal audit, or risk management (financial services preferred). Expertise in SOX frameworks, risk controls, and audit methodologies. Strong analytical skills to map complex business processes. Excellent communication (written/verbal) and stakeholder management. Certifications like CA, CIA, CISA, or CPA are a plus. Interested Candidates contact HR Dinesh@ 8655512320 dinesh@careerguideline.com

Team Manager SOX ITGC 5+ Years – [Bangalore] Are you a certified IT audit professional with extensive experience in SOX ITGC and team management? Location: Bangalore Your Future Employer Join a global organization committed to strong internal controls, compliance excellence, and a collaborative work environment. Responsibilities: Lead planning, fieldwork, and reporting phases for assigned SOX ITGC audit engagements. Design and execute detailed testing for IT General Controls and Automated Controls. Validate Test of Design (ToD) and Test of Effectiveness (ToE) for key control areas including Logical Access, Change Management, Backup & Restoration, and Incident Management. Manage and mentor a team, taking full responsibility for performance reviews, appraisals, and goal setting. Ensure audit documentation meets professional standards and internal quality benchmarks. Collaborate with stakeholders and effectively communicate findings and recommendations. Participate in internal initiatives and support continuous process improvements. Maintain updated knowledge on IT auditing best practices, COSO, and SOX regulations. Requirements: CISA certification is a must. Bachelor’s or advanced degree in Information Technology or a related field. Minimum 5 years of experience in SOX ITGC audits. At least 2 years of hands-on team management experience, including appraisal and performance management. Strong knowledge of IT General and Automated Controls. Proficiency in validating ToD/ToE documentation. Excellent interpersonal and stakeholder communication skills. Strong analytical thinking and attention to detail. Proficient in Microsoft Office Suite. Ability to manage multiple priorities in a fast-paced environment. What’s in it for you: Competitive salary and perks. Hybrid working model (1 week/quarter from office). Opportunity to lead high-impact IT compliance audits. Work in a growth-driven and evolving audit environment. Reach us: If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at sonaly.sharma@crescendogroup.in Crescendo Global specializes in Senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging, memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note: We receive a lot of applications on a daily basis so it becomes a bit difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted in case you don't hear back from us in 1 week. Your patience is highly appreciated. Keywords: SOX ITGC, CISA, IT General Controls, Audit Manager, Team Management, Risk Assessment, Change Management, Logical Access, IT Audit

Job Title: Cybersecurity Analyst - IT Risk and Control Analyst Location: Chennai Experience: 9 - 15 years Notice Period: 0 - 30 Days Work Mode: Hybrid Interview Mode: 1st round is Virtual interview & 2nd round is F2F is Must Position Purpose: The IT Risk and Control Analyst plays a critical role in strengthening the risk culture within WMIS by driving the adoption of IT Risk frameworks, ensuring regulatory compliance, and reducing IT-related risk exposure. This role exists to proactively identify, assess, and monitor IT risks, perform IT control assessments, and report risk metrics to senior stakeholders. The position directly supports the APAC region and contributes to global risk visibility and risk mitigation initiatives. Responsibilities: Direct Responsibilities: IT Risk Management Identify, assess, and monitor IT risks related to WMIS activities. Record and maintain risk registers; provide regular reporting. Oversee the execution and monitoring of risk mitigation plans. Assess IT risks across the project lifecycle and track until resolution. IT Control Conduct IT control testing aligned with the Groups internal control framework. Monitor corrective action plans arising from control deficiencies. Ensure compliance with group-wide control standards. Shadow IT Governance Maintain and assess the Shadow IT inventory for the APAC region. Coordinate assessments to ensure non-compliant IT assets are identified and managed. Operational Incident Risk Management Evaluate operational risks from production and project-related incidents. Ensure proper recording, escalation, and handling of incidents. Maintain historical records for risk measurement and trending analysis. Contribute to lessons learned and prevention measures. Reporting Generate timely and accurate IT Key Risk Indicator (KRI) reports for regional and global management. Contribute to management dashboards and executive summaries of IT risk posture. Technical & Behavioral Competencies: Deep understanding of IT Risk Management principles and practices. Familiarity with IT System Development Life Cycle (SDLC) methodologies. Strong knowledge of banking industry IT systems and compliance requirements. Proficiency in Microsoft Office Suite , especially Excel and PowerPoint. Experience with ServiceNow GRC or other GRC platforms (preferred). Excellent communication skills in English (both written and verbal). Strong interpersonal, coordination, and analytical abilities. Team-oriented with a collaborative mindset. Value-added Competencies High integrity and confidentiality in handling sensitive information. Awareness of data governance , data protection , and relevant regulatory frameworks (e.g., MAS, GDPR). Strong management reporting capabilities. Ability to respond to ad hoc executive requests with agility and precision. Understanding of risk measurement metrics and dashboards. Qualifications Bachelors Degree in Information Technology , Computer Science, or related field. 10 to 15 years of relevant experience in IT Risk Management, IT Audit , or IT Security , preferably in a banking environment . Risk Management certifications such as CRISC , ISO 31000 , CISA , or equivalent are preferred. Experience with project management is a plus.

Role & responsibilities Review of the IT Governance processes IT policies, SOPs, etc; Operating effectiveness testing of the IT policies and SOPs and reporting the same to IT management; Assisting the IT management in fixing the issues. Keeping track of the key action points agreed in the IT Steering Committee and IT Strategy Committee meetings and coordinating with the IT management to ensure that the action points are implemented. ITGC testing for the business-critical applications and risk and control matrix to be prepared accordingly; Key findings to be reported to IT management; Assisting the IT management in fixing the issues. Review of the system controls of the business critical applications end to end system walkthrough and negative testing in the test environment; Carrying out data analysis for the areas where system control gaps identified. Result of the above reviews to be reported to IT Management; Assisting the IT management in fixing the issues. Periodic review of the IT policies and SOPs and recommending changes to IT management wherever applicable. Preferred candidate profile Prior experience of IT audits is mandatory Knowledge & experience of IT environment and the key risks embedded in different IT processes and technology. Good command over both IT process audits and IT functionality testing (System validation testing)

Job Posting Title: Internal Audit IT Location: Thane What does a successful Internal Audit IT do at FISERV? Efficiently manage and conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Project Management Working as a team leader & resource management. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Conduct comprehensive Cyber and Technology controls audits, IT General controls (ITGC) audits. Planning, conducting technology domain/controls related walkthroughs, drafting, and reviewing process understanding and its controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Reviewing Test of Designs and Test of Effectiveness controls Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Validations of audit issues. Conducting special reviews / investigations. Carrying out audit planning including scheduling and resource allocation Conducting discussions with Management representatives on the audit observations/ findings and preparation of Audit Committee Submissions. Conducting internal staff trainings Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., What will you need to know: Experience: At least 5 years of managerial experience (overall 10 years of IT Audit experience) in the areas of IT Internal Audit, ITGC, Cyber security, Infrastructure/Network, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Should possess strong understanding, capability and skillsets in auditing IT controls, IT risk mitigation and technology related processes reviews. Should be proficient and have good knowledge in testing IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, team management and drafting skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals Qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree]