82 It Controls Jobs - Page 3

Position: IT Audit Skills Required: IT Audit, ITGC, ITAC • Possesses extensive experience in IT Audit, IT Risk & Control Assurance space • Core Technical Skills: Hands on experience in executing and delivering audits/assurance engagements of IT General Controls around Applications, Database, Operating Systems, Middleware, Networks, IT Application Controls, IT Attestation (SOC1,SOC 2 etc.), IT Regulatory Compliance, Third Party Risk Assurance etc. • Exposure to business development in consulting (Pre-sales support, proposals, RFP responses) • Possess strong domain knowledge, understanding of business processes and possible risks in operations of at least two industry sectors • Consistent display of leadership skills • Have experience in process consulting/ internal audit/ risk consulting at a project manager level role • Strong analytical and problem solving skills. • Strong written and verbal communication skills • Ability to work well in teams • Ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours • Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic and lead by example.

Position: IT Audit Skills Required: IT Audit, ITGC, ITAC • Possesses extensive experience in IT Audit, IT Risk & Control Assurance space • Core Technical Skills: Hands on experience in executing and delivering audits/assurance engagements of IT General Controls around Applications, Database, Operating Systems, Middleware, Networks, IT Application Controls, IT Attestation (SOC1,SOC 2 etc.), IT Regulatory Compliance, Third Party Risk Assurance etc. • Exposure to business development in consulting (Pre-sales support, proposals, RFP responses) • Possess strong domain knowledge, understanding of business processes and possible risks in operations of at least two industry sectors • Consistent display of leadership skills • Have experience in process consulting/ internal audit/ risk consulting at a project manager level role • Strong analytical and problem solving skills. • Strong written and verbal communication skills • Ability to work well in teams • Ability to work under pressure stringent deadlines and tough client conditions which may demand extended working hours • Willingness to travel within India or abroad for continuous long periods of time. Demonstrate integrity, values, principles, and work ethic and lead by example.

Desired Profile : Experience into ITGC, ITAC, SOC, SOX is must Should have excellent communication skills and MS- Office skills Candidate with extensive experience in cyber security will not be fit for this role Candidate should be ok to travel to client places and work from office from Day 1. Roles & Responsibilities- Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding projects progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status

Role & responsibilities IT Control Testing - Test internal controls in relation to Encores SOX Compliance program , a requirement for publicly traded companies in the Unites States and India ICoFR requirements as per requirements of India Companies Act. Assess the effectiveness of internal controls assessing whether the controls are appropriately designed, implemented and operating effectively. IT Audits - Assist in IT specific or other audits covering computer operations, security, change management and other IT areas as per the audit plan for the year. IT Audit related Special Projects - Assist in special projects involving review of system migrations, software changes, any other management requests and investigations. Preferred candidate profile EDUCATION: Bachelor's FIELD OF STUDY: IT, Computer Science EXPERIENCE: 1 year CERTIFICATION(S): KNOWLEDGE, SKILLS, ABILITIES, AND OTHER ATTRIBUTES: 1. Basic knowledge of SOX and IT general controls. 2. Proficient in written and oral communication 3. Logical and analytical approach with a keen eye on detail. 4. Basic knowledge with MS Office products (Excel/Visio/PowerPoint/Access), databases, etc Perks and Benefits Transportation Services : Convenient and reliable commute options to ensure a hassle-free journey to and from work. Meal Facilities : Nutritious and delicious meals provided to keep you energized throughout the day. Career Growth Opportunities : Clear pathways for professional development and advancement within the organization. Captive Unit Advantage : Work in a stable, secure environment with long-term projects and consistent workflow. Continuous Learning : Access to training programs, workshops, and resources to support your personal and professional growth. Apply Now at https://encore.wd1.myworkdayjobs.com/externalnew/job/Gurgaon---Candor-Tech-Space-IT---ITES-SEZ/Associate-Information-Technology-Audit_HR-18726 And Share your CV at shobhana@mcmcg.com or anjali.panchwan@mcmcg.com

control testing job descriptions . They will be the same key roles and responsibilities, but each headcount will have specific focus/expertise as outlined in 1-4 below. This should give high level summary of specific qualification/experience in resources that we look for. Information Security/Cyber Security Infrastructure, cloud platform, network, and service management, software engineering/SLDC Data ITGC and business application controls Key Role & Responsibilities Conduct and document thorough walkthrough of IT controls Design test plans and document test steps to assess the control design and operating effectiveness Create/prepare a document request list and work with control owners/performers to obtain evidence supporting the control execution and validation that the control is working as intended. Complete control testing workpaper and maintain detailed records of testing results, findings, and recommendations. Address workpaper review comments and independent review and challenge from the Second Line of Defense Specific Skillsets & Experiences Experience with IT internal audit or other risk assurance functions Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP Strong understanding of risk management methodologies, and security control testing techniques. Strong verbal and written communication skills, with the ability to lead walkthroughs with control owners/performers, and construct questions and follow-ups. Focus on each headcount: Information Security/Cyber security focus - Technical skills and experiences with particular focus/familiarity on the following control areas or tools, but not limited to: Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.) Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva) Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust) Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence Cloud platform security Application and API security – OWASP principles, SAST, SCA, DAST, secret scanning Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea) Infrastructure, cloud platform, and network, and service management, software engineering/SDLC focus - Technical skills and experiences with particular focus on the following control areas/concepts, but not limited to: Server and Directory service management – Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build template Platform and application observability Disaster recovery – Data center DR test, High availability, cloud recovery Service management – Hardware/software asset management, software licensing, CMDB, change management, incident and problem management SLDC – DevSecOps concept, Coding services (IaC, service mesh etc.), Code repository, CI/CD, Quality engineering and quality assurance Data focus - Technical skills and experiences with particular focus on the following areas/concepts, but not limited to: Database administration – Database design/structure, access controls, build, configuration, backup, jobs, and other maintenance and security measures (i.e., SQL, PostgreSQL) Data warehouse platform/data development/transformation – Design/architecture, Data modeling, ETL, data obfuscation and masking (i.e., Snowflake, Coalesce) Data transit/exchange connection/data file transfers – Monitoring, Logging, Secure file transfer/protocols, error handling Data governance and quality management – Metadata management, Data lineage, Data quality rules, Data defect management (i.e., Collibra) ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts Testing of SOX ITGC / IT general controls Testing of business applications controls – Automated application interface and integration, system/application Please share your profile at surbhi.malhotra@nlbtech.com

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Hiring for SOX Audit Level - SME Location - Hyderabad Timings - US Night shift Mode - (Hybrid/On-site) Notice period - Immediate - 30 Days Notice Period - Immediate to 30 Days CTC - Upto 10 LPA SME - 4 to 8 years in SOX/Internal Audit About the Role Were seeking a SOX Audit SME to strengthen our risk and compliance team. If you thrive in auditing financial processes, designing controls, and partnering with global stakeholders, this role is for you! Key Responsibilities Lead SOX 404A/404B compliance testing, internal audits (SSAE 18, RCSA, operational audits), and risk assessments. Perform end-to-end process risk analysis for banks / financial institutions. Test and validate business + IT controls, ensuring alignment with COSO/COBIT frameworks. Drive risk reviews, control remediation, and process optimization. Develop audit reports with actionable insights for senior leadership. Collaborate cross-functionally to enhance governance and compliance standards. Ideal Candidate 4-8 years in SOX, internal audit, or risk management (financial services preferred). Expertise in SOX frameworks, risk controls, and audit methodologies. Strong analytical skills to map complex business processes. Excellent communication (written/verbal) and stakeholder management. Certifications like CA, CIA, CISA, or CPA are a plus. Interested Candidates contact HR Dinesh@ 8655512320 dinesh@careerguideline.com

Team Manager SOX ITGC 5+ Years – [Bangalore] Are you a certified IT audit professional with extensive experience in SOX ITGC and team management? Location: Bangalore Your Future Employer Join a global organization committed to strong internal controls, compliance excellence, and a collaborative work environment. Responsibilities: Lead planning, fieldwork, and reporting phases for assigned SOX ITGC audit engagements. Design and execute detailed testing for IT General Controls and Automated Controls. Validate Test of Design (ToD) and Test of Effectiveness (ToE) for key control areas including Logical Access, Change Management, Backup & Restoration, and Incident Management. Manage and mentor a team, taking full responsibility for performance reviews, appraisals, and goal setting. Ensure audit documentation meets professional standards and internal quality benchmarks. Collaborate with stakeholders and effectively communicate findings and recommendations. Participate in internal initiatives and support continuous process improvements. Maintain updated knowledge on IT auditing best practices, COSO, and SOX regulations. Requirements: CISA certification is a must. Bachelor’s or advanced degree in Information Technology or a related field. Minimum 5 years of experience in SOX ITGC audits. At least 2 years of hands-on team management experience, including appraisal and performance management. Strong knowledge of IT General and Automated Controls. Proficiency in validating ToD/ToE documentation. Excellent interpersonal and stakeholder communication skills. Strong analytical thinking and attention to detail. Proficient in Microsoft Office Suite. Ability to manage multiple priorities in a fast-paced environment. What’s in it for you: Competitive salary and perks. Hybrid working model (1 week/quarter from office). Opportunity to lead high-impact IT compliance audits. Work in a growth-driven and evolving audit environment. Reach us: If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at sonaly.sharma@crescendogroup.in Crescendo Global specializes in Senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging, memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note: We receive a lot of applications on a daily basis so it becomes a bit difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted in case you don't hear back from us in 1 week. Your patience is highly appreciated. Keywords: SOX ITGC, CISA, IT General Controls, Audit Manager, Team Management, Risk Assessment, Change Management, Logical Access, IT Audit

Job Title: Cybersecurity Analyst - IT Risk and Control Analyst Location: Chennai Experience: 9 - 15 years Notice Period: 0 - 30 Days Work Mode: Hybrid Interview Mode: 1st round is Virtual interview & 2nd round is F2F is Must Position Purpose: The IT Risk and Control Analyst plays a critical role in strengthening the risk culture within WMIS by driving the adoption of IT Risk frameworks, ensuring regulatory compliance, and reducing IT-related risk exposure. This role exists to proactively identify, assess, and monitor IT risks, perform IT control assessments, and report risk metrics to senior stakeholders. The position directly supports the APAC region and contributes to global risk visibility and risk mitigation initiatives. Responsibilities: Direct Responsibilities: IT Risk Management Identify, assess, and monitor IT risks related to WMIS activities. Record and maintain risk registers; provide regular reporting. Oversee the execution and monitoring of risk mitigation plans. Assess IT risks across the project lifecycle and track until resolution. IT Control Conduct IT control testing aligned with the Groups internal control framework. Monitor corrective action plans arising from control deficiencies. Ensure compliance with group-wide control standards. Shadow IT Governance Maintain and assess the Shadow IT inventory for the APAC region. Coordinate assessments to ensure non-compliant IT assets are identified and managed. Operational Incident Risk Management Evaluate operational risks from production and project-related incidents. Ensure proper recording, escalation, and handling of incidents. Maintain historical records for risk measurement and trending analysis. Contribute to lessons learned and prevention measures. Reporting Generate timely and accurate IT Key Risk Indicator (KRI) reports for regional and global management. Contribute to management dashboards and executive summaries of IT risk posture. Technical & Behavioral Competencies: Deep understanding of IT Risk Management principles and practices. Familiarity with IT System Development Life Cycle (SDLC) methodologies. Strong knowledge of banking industry IT systems and compliance requirements. Proficiency in Microsoft Office Suite , especially Excel and PowerPoint. Experience with ServiceNow GRC or other GRC platforms (preferred). Excellent communication skills in English (both written and verbal). Strong interpersonal, coordination, and analytical abilities. Team-oriented with a collaborative mindset. Value-added Competencies High integrity and confidentiality in handling sensitive information. Awareness of data governance , data protection , and relevant regulatory frameworks (e.g., MAS, GDPR). Strong management reporting capabilities. Ability to respond to ad hoc executive requests with agility and precision. Understanding of risk measurement metrics and dashboards. Qualifications Bachelors Degree in Information Technology , Computer Science, or related field. 10 to 15 years of relevant experience in IT Risk Management, IT Audit , or IT Security , preferably in a banking environment . Risk Management certifications such as CRISC , ISO 31000 , CISA , or equivalent are preferred. Experience with project management is a plus.

Role & responsibilities Review of the IT Governance processes IT policies, SOPs, etc; Operating effectiveness testing of the IT policies and SOPs and reporting the same to IT management; Assisting the IT management in fixing the issues. Keeping track of the key action points agreed in the IT Steering Committee and IT Strategy Committee meetings and coordinating with the IT management to ensure that the action points are implemented. ITGC testing for the business-critical applications and risk and control matrix to be prepared accordingly; Key findings to be reported to IT management; Assisting the IT management in fixing the issues. Review of the system controls of the business critical applications end to end system walkthrough and negative testing in the test environment; Carrying out data analysis for the areas where system control gaps identified. Result of the above reviews to be reported to IT Management; Assisting the IT management in fixing the issues. Periodic review of the IT policies and SOPs and recommending changes to IT management wherever applicable. Preferred candidate profile Prior experience of IT audits is mandatory Knowledge & experience of IT environment and the key risks embedded in different IT processes and technology. Good command over both IT process audits and IT functionality testing (System validation testing)

Job Posting Title: Internal Audit IT Location: Thane What does a successful Internal Audit IT do at FISERV? Efficiently manage and conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Project Management Working as a team leader & resource management. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Conduct comprehensive Cyber and Technology controls audits, IT General controls (ITGC) audits. Planning, conducting technology domain/controls related walkthroughs, drafting, and reviewing process understanding and its controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Reviewing Test of Designs and Test of Effectiveness controls Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Validations of audit issues. Conducting special reviews / investigations. Carrying out audit planning including scheduling and resource allocation Conducting discussions with Management representatives on the audit observations/ findings and preparation of Audit Committee Submissions. Conducting internal staff trainings Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., What will you need to know: Experience: At least 5 years of managerial experience (overall 10 years of IT Audit experience) in the areas of IT Internal Audit, ITGC, Cyber security, Infrastructure/Network, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Should possess strong understanding, capability and skillsets in auditing IT controls, IT risk mitigation and technology related processes reviews. Should be proficient and have good knowledge in testing IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, team management and drafting skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals Qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree]

Location: Remote / Pan India- Delhi / NCR,Bangalore/Bengaluru,Hyderabad/Secunderabad,Chennai,Pune,Kolkata,Ahmedabad,Mumbai Timezone: IST (Overlapping US timezone for Stand-up calls) Duration: 3-6 month to start with (extendable) iSource Services is hiring for one of their client for the position of CPQ BA. About the Role - We are looking for a CPQ Business Analyst with strong knowledge of Quote to Cash, Service Contracts, and Entitlement processes using SFDC and NetSuite. The ideal candidate will have prior experience with CPQ Cloud, a good understanding of the Opportunity to Invoice process, and strong functional knowledge of SFDC. Have prior experience of CPQ cloud (mandatory for CPQ BAs). Good understanding in Opportunity to Invoice process Good functional knowledge about SFDC system Strong knowledge on Quote to Cash,Service contract,Entitlement using SFDC and NS. Translate the requirement to the technical team. Facilitate User Testing, Planning and execution. Good listener, Willing to learn new things and thrive in a fast paced team environment Work closely with global and regional stakeholders, development teams, and architects to solve business problems Writing user stories, acceptance criteria as per business needs Driving Agile modeling sessions and leading the sprint demos and backlog grooming sessions Manage customer relationships and day-to-day interactions & escalations. Develop business case documents, business processes diagrams, and use cases Analyze business requirements perform gap analysis and root cause analysis Work with cross-functional teams to identify dependencies Ensure compliance with SOX, business controls, and IT general controls

The role is to provide both the Business Units and IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way. In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods. Responsibilities Direct Responsibilities Conduct periodic controls assessments across process areas in scope. Raise any non-compliance, and follow up of the corrective actions until closure. Liaise with global and local IT control areas to ensure their certification is timely and appropriate. Perform periodic Root Cause Analysis of process issues and non-compliances at Project and Application Domain level. Ensure that the exercise is planned, executed effectively and reported to appropriate level. Participate in minimising production risks and issues, including but not exclusively, by helping to devise, and by implementing, sufficient regular controls. Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified. The enforcement of Permanent Controls, providing ongoing risk & controls self-assessment status of the control environment. Contribute all relevant management information (KPIs/KRIs) to the various scope reports/dashboards. Assist with Historical Incident management process, including liaising with various stakeholders involved, root cause analysis and impact evaluation. Contributing Responsibilities Contribute to the upkeep and maintenance of the ISPL Permanent Control Framework Maintaining relevant Operational Permanent Control (OPC IT) processes and procedures Technical & Behavioral Competencies Good knowledge of IT Risk & Audit domain with focus on Internal and/or External Audits. Good understanding of IT Controls Framework and experience executing controls. Understanding of IT Software, IT Infrastructure and IT Service Management domain is a value add. Strong analysis & problem solving skills Structured and methodical mindset Proactive approach with a strong ability to work on own initiative Ownership of work and commitment to delivery Can do attitude Team oriented (both local and global) Good interpersonal and communication skills Big picture awareness make relationships between tactical issues and strategic options Client focused Pragmatic and creative approach Specific Qualifications (if required) Skills Referential Behavioural Skills : (Please select up to 4 skills) Attention to detail / rigor Communication skills - oral & written Personal Impact / Ability to influence Critical thinking Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to develop and leverage networks Ability to develop and adapt a process Education Level: Bachelor Degree or equivalent Experience Level At least 5 years Other/Specific Qualifications (if required) None

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Dear Candidate, TEKsystems is hiring for the role with IT Risk Control with Infrastructure experience. Exp - 7+ Years NP - Immediate to 15 days Location - Pune (Hybrid) JD - At least 7+ years of relevant IT experience, including exposure to Technology & Operational resiliency, Service management and Risk & Controls (at least 4 of those years to be devoted specifically to Service Management). Appropriate certification is a plus. Understands the technical landscape and supports the BSO with technical knowledge, insights, and expertise regarding the IBS's IT Service Chain Proactively advises and makes timely recommendations aligned to their IBS. Independently provides insights on risks and vulnerabilities aligned to their IBS. Actively research and investigate new Resilience related technologies and stay abreast of latest in the regulatory and tech architecture field. Experience with Resilience Architecture updates, triggers, solutions, and industry best practices. In-depth knowledge of key IT domains particularly computing platforms (Windows, UNIX and Linux) and networking technologies. Proficient in security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies. Methods and delivery - DevOps processes and experience. Strong understanding of lean and agile methods of software delivery including Scrum, Kanban, Lean UX, XP. Comfortable working with ambiguity and conducting research as well as working with third party vendor(s). Must demonstrate, collaboration, open communication and reaching across functional borders. Requires to be able to lead, engaging stakeholders up to GGM level with positive impact. Excellent in verbal and written communication skills. Experience in managing IT/Technology risk and control projects. Strong grasp of tooling, driving automation within the environment. Close collaboration with Project and Portfolio Management teams on operational metric scorecards. Collaborate with the IT Service Governance team to continuously improve and embed Service Management best practices that helps in achieving stability of IBS. Be flexible to work with wide range of people across globe having diverse cultural and professional background. If interested, please drop an email to sswasti@teksystems.com

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at jyoti.gupta@nlbtec.in

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Dear Candidate, We are hiring an IT Risk Analyst to identify, assess, and mitigate risks to the organization's information systems and data. This role supports compliance initiatives and strengthens the IT risk management framework. Key Responsibilities: Conduct IT risk assessments, gap analysis, and control evaluations. Develop mitigation strategies for identified security and compliance risks. Monitor regulatory changes and ensure adherence to frameworks (e.g., NIST, ISO 27001). Prepare risk reports, scorecards, and presentations for stakeholders. Collaborate with audit, security, and IT teams on risk response plans. Required Skills & Qualifications: Experience in IT risk, governance, or audit. Familiarity with frameworks like NIST, COBIT, ISO 27001, and SOX. Analytical skills to evaluate threats, vulnerabilities, and control gaps. Excellent documentation and stakeholder communication abilities. Certifications such as CRISC, CISA, or CISSP are a plus. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred Key behavioral attributes/requirements Ability to work well independently as well as part of a team Driven and enthusiastic with a can-do attitude and a strong sense of ownership to get the job done in a pragmatic fashion

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Role & responsibilities Conduct audits of IT systems, applications, and infrastructure. Evaluate IT policies, procedures, and controls for effectiveness and compliance. Identify security vulnerabilities and risks in IT systems. Prepare audit reports and recommend improvements. Support compliance efforts (e.g., SOX, GDPR, ISO 27001). Collaborate with IT, security, and business teams to remediate findings.

Job Title: Senior Analyst IT Risk and Compliance Location: Chennai Department: IT Risk & Compliance Reports To: Manager, IT Risk and Compliance Job Type: Full-Time Job Summary We are seeking a highly motivated and detail-oriented IT Compliance Analyst to join our Risk & Compliance team. The ideal candidate will be responsible for performing comprehensive IT compliance assessments, testing IT general controls and IT Automated controls and ensuring the organization adheres to internal policies and external regulatory requirements, including Sarbanes-Oxley (SOX). This role plays a critical part in maintaining a strong internal control environment and driving process improvement across the organization. Key Responsibilities Assist in planning and scoping IT compliance and internal control assessments. Identify risk areas and develop internal control testing programs. Perform end-to-end IT compliance assessments, including evaluating effectiveness of risk and control frameworks. Test IT General Controls (ITGCs) across domains like change management, logical access, SDLC and IT operations. Assess IT Automated Controls across business functions such as payroll, inventory, and revenue. Document control walkthroughs using narratives and flowcharts. Develop, maintain, and present compliance workpapers and reports highlighting control deficiencies and recommendations. Collaborate with management to communicate findings and ensure timely remediation of audit issues. Support external audit activities by coordinating information requests and walkthroughs. Stay up to date with regulatory and industry developments in IT compliance and risk management. Engage in continuous improvement efforts to enhance the efficiency and effectiveness of compliance processes. Qualifications Bachelor's degree in Information Technology, Computer Science etc. Professional certification (or working towards) such as CISA, CRISC, CISSP, or CISM preferred. 7–10 years of experience in IT audit, compliance, or risk management; minimum 3-5 years in a Big 4 or similar professional services firm preferred . Strong understanding of IT infrastructure, applications, and enterprise systems. Knowledge of Sarbanes-Oxley (SOX), ITGCs, automated controls, and internal control principles. Experience with audit and compliance tools (e.g., eAudit, Auditboard, or equivalent). Ability to understand cross-functional business processes and their integration with IT systems. Strong interpersonal, communication, and report-writing skills. Able to work independently and collaboratively under tight deadlines. Demonstrated sound judgment, critical thinking, and attention to detail. Preferred Skills Hands-on experience in documenting business processes and identifying control gaps. Ability to present findings to senior stakeholders and recommend practical remediation steps. Familiarity with GRC platforms and data analytics tools. Understanding of global business practices and regulatory environments.

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 1.5 - 4.5 years JD Roles & responsibilities Responsible for delivering IT Risk & Controls, Assessments/Audits, and Compliance Security Assessments around IT and Business processes. Working with the organization onshore counterparts as part of project/engagement delivery. Supporting client service delivery by consistently meeting quality standards within the established turnaround time and allotted budget for the project. Ensuring personal and the team's compliance with the applicable Organization Risk Management policies & Organization proprietary tools. Mandatory technical &functional skills Control assurance and Risk Management Compliance- Security Assessments IT Internal/External Audit engagements Experience on Control testing of IT Application Controls (ITAC), IT General Controls (ITGC), and Business process controls. - MANDATE Must have significant experience, in depth knowledge and expertise in at least one of the SAP functional modules (SAP PTP, RTR, MM, SD, FICO, etc.) , SAP HANA dB, SAP S/4 Hana ERP. Must have a strong Business process understanding and have the ability to identify risks and control weaknesses and gaps. Experience on Functional testing, Control gap analysis and SDLC reviews. Knowledge of security measures and auditing practices within various operating systems, Applications, and databases. Personal drive and positive work ethic to deliver results within tight deadlines and in demanding situations Flexibility to adapt to a variety of engagement types, working hours and work environments and locations