127 It Governance Jobs - Page 3

Wipro Limited (NYSEWIT, BSE507685, NSEWIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role Senior Deal Execution Manager - CLS role will support critical large deals in Americas 1 Region. R?oles & Responsibilities Lead and architect large strategic deals, both for Reactive and Proactive opportunities Understand the competition landscape and arrive at win strategy and value proposition Work with the Wipro ecosystem to come up with the best-in-class solution approved by delivery Optimize the pricing to make it attractive for customers- value to win Lead the solution review calls with Wipro senior leadership Lead solution defense during final client presentations Prepare compliance check list for RFP's and coordinate with writers and other team members/stakeholders to get the sections ready Support content development activities and develop exec summary, value proposition for the responses Provide writing and editorial review of content for messaging, usability, and readability, including synthesizing content brought together from multiple sources Providing oversight to Presales team on ongoing activities along with leading critical pre-sales threads. K?ey Qualifications MBA from Tier 1 and 2 B-Schools preferred Understanding and experience in value-based selling Experience in solutioning for and enabling sale of IT/ITES (mandatory) Experience in Consumer/LifeSciences/Retail Industry (preferred but not mandatory) In-depth knowledge around Business Process & IT Transformation concepts Strong verbal and written English communication skills. Must have creative mindset towards articulating the solution via presentations and demonstrations. Proficiency with Microsoft Office Suite, especially Word and PowerPoint Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : SAP Governance Risk and Compliance (SAP GRC) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years of full time education Summary : 8+ years work experience in SAP Authorizations, Users & Access Management Services in S/4 HANA, BW 4/HANA, Fiori, GTS, PO, BO/BOBJ and SAP GRC Access Control 10 and/or later versions. Good technical skills and ability to support ERP Systems; IT transformation experience in a global company, preferably in a FMCG and/or FMCH context having understanding of modern User & Access Management concepts and best practices; Demonstrate understanding in formulating strategies, alternatives and recommendations in information security management. Ability to evaluate risk and communicate it in a fact-based manner. Proficient in Application Management Methodologies and IT Governance. Can communicate solutions, ideas, suggestions to a variety of stakeholders effectively and comprehensibly, ability to defend the Core Model position. Strong experience in IT general controls (ITGCs), Sox Audits and Internal Control best practices. Significant experience in IT service management and tools (ITIL, ServiceNow, Jira) Team coordination/management skills; Proven ability to lead and work independently in multi-cultural environment and facilitating workshops; Experience in Project Management, involving Agile and Digital methodologies. At ease with Microsoft Office tools, and in general with IS tools. Experience with multi-geography, multi-tier service design and management. Knowledge of technological trends. Qualifications 15 years of full time education

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. Are you a forward-thinking, high-energy, dynamic driver who wants to get directly involved in the daily business with our international teams, develop your own abilities, and manage responsibility? Join us as a Process Expert- Governance & Enablement Key Responsibilities: SPOC respectively Bridge Head to central IT, CYS and LC for all general Service-related topics. Definition of rules and regulations leading to a standard conform operation of GBS offered IT Services Supporting GBS business Lines for contract and technical related topics around Carve Outs/Ins Ensuring wide-spread know-how about existing IT-portfolio Support & monitoring GBS BLs in implementing Governance defined IT rules & regulations Offer IT related trainings for GBS BLs focusing relevant rules and regulations Management & support of ISO topics for DS services & Products Qualification: Bachelor"™s degree in information technology or a related field. Knowledge of ITIL, COBIT or other IT governance standards and requirements. Strong organizational and project management skills. Proven but basic knowledge in CYS topics, mainly focusing on IT 5-7 years of experience in Information technology with at least 3 years in IT governance or related area. Good communication and networking skills in an intercultural environment and across all management levels Knowledge of ISO 9001, 27001 principles, DevOps, and Project Management methodologies will be an advantage Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers atwww.siemens.com/careers

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. We are looking for Asst. Manager- Governance & Enablement Job Summary: We are seeking a dedicated Information Security Professional to join our team. The ideal candidate will focus on maintaining and managing our ISO27001 certification. This role involves handling the overall Information Security Management System (ISMS), managing internal stakeholders, conducting internal audits, facilitating external audits, and overseeing the information security program management. Key Responsibilities: Implements IT governance strategy and guidelines, and develops/defines functional specific policies, processes and/or methods for general services for organizational units and the business in responsibility from a technical and governance perspective. SPOC, respectively Bridge Head to central IT, CYS and LC for all general Service-related topics. SPOC for GBS ASP community reg. all IT and CYS related governance and standardization topics. Coordinates resources and monitors and reports progress and milestones regularly to all stakeholders. Offer Governance related trainings for GBS BLs focusing relevant rules and regulations. Management & support of ISO topics for DS services & Products. Represent GCI ASP Lead in the various regional bodies and communities. Qualification: Bachelor"™s degree in information technology or a related field. Strong knowledge of ITIL, COBIT or other IT governance standards and Cybersecurity standards. Bais understanding in the CYS (IT) and identify potential threads Strong organizational and program management skills. 8-12 years of experience in Information technology with at least 5 years in IT governance or related area. Good communication and networking skills in an intercultural environment and across all management levels. Certified Lead auditor/Implementor in ISO 9001, ISO 27001 will be an advantage Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers atwww.siemens.com/careers

We are hiring for ServiceNow IRM Developer role based in Hyderabad, with flexibility for remote work. As a ServiceNow IRM Developer, your responsibilities would include developing and implementing solutions within the ServiceNow platform, collaborating with cross-functional teams to understand business requirements, and ensuring the successful delivery of Information Risk Management (IRM) solutions. Qualifications Proficiency in ServiceNow development and Information Risk Management (IRM). Experience in integrating and configuring ServiceNow modules. Knowledge of GRC (Governance, Risk, and Compliance) processes. Strong understanding of IT security principles and risk management. Excellent problem-solving and analytical skills. Effective communication and collaboration abilities. ServiceNow Developer certification is a plus.

Project Role : Application Designer Project Role Description : Assist in defining requirements and designing applications to meet business process and application requirements. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Servicenow Tools Administration Minimum 5 year(s) of experience is required Educational Qualification : Engineering with ServiceNow Certification Summary :As an Application Designer with expertise in ServiceNow Governance, Risk, and Compliance (GRC), you will be responsible for assisting in defining requirements and designing applications to meet business process and application requirements. Your typical day will involve working with the ServiceNow platform, collaborating with cross-functional teams, and ensuring compliance with industry standards and regulations. Roles & Responsibilities: Collaborate with cross-functional teams to define requirements and design applications to meet business process and application requirements. Develop and maintain ServiceNow GRC applications, ensuring compliance with industry standards and regulations. Provide technical expertise in ServiceNow GRC, including configuration, customization, and integration with other systems. Ensure the quality and integrity of data within ServiceNow GRC applications, including data migration and data management. Provide technical support and troubleshooting for ServiceNow GRC applications, including incident management and problem resolution. Professional & Technical Skills: Must To Have Skills:Expertise in ServiceNow Governance, Risk, and Compliance (GRC). Good To Have Skills:Experience with ServiceNow Tools Administration. Strong understanding of IT governance, risk, and compliance frameworks and regulations. Experience with ServiceNow platform, including configuration, customization, and integration with other systems. Experience with data migration and data management in ServiceNow platform. Experience with incident management and problem resolution in ServiceNow platform. Additional Information: The candidate should have a minimum of 5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC). The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful solutions in ServiceNow GRC. This position is based at our Gurugram office. Qualifications Engineering with ServiceNow Certification

Project Role : Application Designer Project Role Description : Assist in defining requirements and designing applications to meet business process and application requirements. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Servicenow Tools Administration Minimum 3 year(s) of experience is required Educational Qualification : Engineering with ServiceNow Certification Summary :As an Application Designer, you will assist in defining requirements and designing applications to meet business process and application requirements. You will play a crucial role in ensuring the successful implementation of ServiceNow Governance, Risk, and Compliance (GRC) solutions. Your typical day will involve collaborating with cross-functional teams, analyzing business needs, and designing innovative solutions to enhance the overall efficiency and effectiveness of the organization's GRC processes. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Collaborate with cross-functional teams to gather and analyze business requirements. Design and develop ServiceNow GRC applications to meet the organization's needs. Implement best practices and industry standards for ServiceNow GRC solutions. Provide technical guidance and support to the development team. Conduct regular code reviews and ensure adherence to coding standards. Stay updated with the latest ServiceNow GRC features and functionalities. Assist in troubleshooting and resolving technical issues. Create and maintain technical documentation for future reference. Train end-users on the usage of ServiceNow GRC applications. Professional & Technical Skills: Must To Have Skills:Proficiency in ServiceNow Governance, Risk, and Compliance (GRC). Good To Have Skills:Experience with Servicenow Tools Administration. Strong understanding of IT governance, risk management, and compliance principles. Experience in designing and implementing ServiceNow GRC solutions. Knowledge of ServiceNow platform and its various modules. Familiarity with ITIL processes and best practices. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Additional Information: The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC). This position is based at our Noida office. An Engineering degree with ServiceNow Certification is required. Qualifications Engineering with ServiceNow Certification

Assist in activities to implement and monitor enterprise information security risk and control processes to protect patients and company information both internally and at third parties. -Support implementation of security governance principles and processes across functions leveraging enterprise policies, awareness and training programs as well as in-country business partnering. Job Description Key Responsibilities: Collaborate with business to understand threats and ensure Novartis most critical business processes and data is protected. Ensure implementation of the information management framework to safeguard the integrity, confidentiality and availability of information owned, controlled or processed by Novartis. Deliver effective security training and awareness programs and coordinate delivery across functions and countries. Support software asset and records management governance and deliver services to support business operations as well as for mergers, acquisitions and divestitures. Assess security risks around third parties and deliver services to reduce exposure -Perform assessments and verification of achieved quality levels and risks in respect to external legislative and regulatory requirements, as well as internal policies -Establish close collaboration with stakeholders to facilitate alignment with policies, risks as well as internal and external audits. Monitor adherence of the defined governance principles to ensure expected value is delivered -Take responsibility to ensure adherence with Security and Compliance policies and procedures within Information Management Policy scope Essential Requirements Influencing without authority. Relationship Management. Strategy Development. Accountability. Experience working cross-functionally and trans-nationally. Interactions with senior management. Collaborating across boundaries. Desirable Requirements: Business Partnering. Communication Skills. Cyber Security. Influencing Skills. Information Security Risk Management. IT Governance. Stakeholder Management. Skills Desired Business Partnering, Communication Skills, Cyber Security, Influencing Skills, Information Security Risk Management, IT Governance, Stakeholder Management

Assist in activities to implement and monitor enterprise information security risk and control processes to protect patients and company information both internally and at third parties. -Support implementation of security governance principles and processes across functions leveraging enterprise policies, awareness and training programs as we'll as in-country business partnering. Key Responsibilities: Collaborate with business to understand threats and ensure Novartis most critical business processes and data is protected. Ensure implementation of the information management framework to safeguard the integrity, confidentiality and availability of information owned, controlled or processed by Novartis. Deliver effective security training and awareness programs and coordinate delivery across functions and countries. Support software asset and records management governance and deliver services to support business operations as we'll as for mergers, acquisitions and divestitures. Assess security risks around third parties and deliver services to reduce exposure -Perform assessments and verification of achieved quality levels and risks in respect to external legislative and regulatory requirements, as we'll as internal policies -Establish close collaboration with stakeholders to facilitate alignment with policies, risks as we'll as internal and external audits. Monitor adherence of the defined governance principles to ensure expected value is delivered -Take responsibility to ensure adherence with Security and Compliance policies and procedures within Information Management Policy scope Essential Requirements Influencing without authority. Relationship Management. Strategy Development. Accountability. Experience working cross-functionally and trans-nationally. Interactions with senior management. Collaborating across boundaries. Desirable Requirements: Business Partnering. Communication Skills. Cyber Security. Influencing Skills. Information Security Risk Management. IT Governance. Stakeholder Management.

Role & responsibilities To identify regulatory/ statutory requirements pertaining to IT and IS. To formalize actionable and ensure implementation of the requirements as prescribed To review policies/ processes for ensuring adherence to regulatory requirement and minimizing the compliance risk To conduct ongoing review and monitoring of IT & IS department to ensure adherence to the requirements prescribed. To ensure timely reporting of IT related issues to the Board/ Committees/ RBI and CERT IN.

Client interface for understanding the IT Governance, IT Risk & Compliance Management Controls as applicable to Infrastructure operations. Responsible and accountable for driving and maintaining the Compliance Program Which Includes: I. Defining and implementing controls as per Customer defined Security and Privacy policies II. Ensuring measurement and compliance to the policies. III. Drives Internal and External Audits IV. Participate and advise on Security Incident Investigation V. Training and awareness of Employees on Security Policies Well versed and hands-on experience for establishing processes, controls and audits of compliances like ISO 27001, ISO 15408. SOX ITGCs, SSAE 18 SOC 1 & SOC 2, PCIDSS,HIPAA, Data Privacy Standards (GDPR/Schrems) Frameworks. Documentation of IT & risk management Controls as they are currently being executed in client environment and ensuring that the same controls are followed and implemented in service delivery operations Work with the client & technical teams for change request on any risk or control implementation as well as governance process Participate in internal as well as external regulatory audits as well as IT security audits. Understand IT Risks and define audit & governance mechanisms for assets, processes & physical security Point of contact for the client compliance & IT audit team for provisioning audit evidences within the SLAs defined. Provide strategic guidance & consulting support on implementation of IT controls for Networks, Operating Systems, System Security, Backup & Recovery, Storage, BCP/DR Work with the client & team in identifying any process/ control gaps and suggesting the remediation plan& tracking the plan progress till closure. Liaison with Audit Firms and Client for all types of External audits like (ISO 27001, SSAE 16 SOC 1/ SOC 2 etc)

Role & responsibilities Deliver and present control evidence to internal and external auditors. Contribute to the planning and exertion of Audit findings remediation. Control evidence quality analysis. Work among various teams within the Identity and Access Management (IAM) department to validate, analyze and articulate user access controls. Develop automated capabilities that support control monitoring, evidence gathering and reporting. Qualifications Experience as an Internal Auditor is preferred Proficiency in scripting and programming languages (e.g., Python, Java, PowerShell, SQL, etc.) is preferred Hands-on experience with Identity Governance tools such as Saviynt, Aveksa, or Active Directory preferred Experience in data analytics and/or data mining Proficiency in Excel Basic experience working in the fields of Identity and Access Management and Privileged Access Management

Corporate IT Security and Governance, exp. in Information Security, ISO 27001 Implementation , Documentation. risk assessment , 2nd Line of Defense , Control Review, Control Testing, ITGC controls. ,corporate policies and procedures, GAP Analysis,

IT Risk and Governance Selected candidate to support our client, APAC based Investment bank, in IT risk and governance profile. JOB SUMMARY: The client is seeking an experienced and proactive 1st line Risk and Governance candidate. The successful candidate will play a crucial role in Client’s Regional team in driving 1st line IT risk management, and Identity Access Management activities for all business units. KEY RESPONSIBILITIES Drive 1st line IT risk management activities regionally through annual RCSA review, user security awareness campaigns, key risk indicator (KRI) metric reporting, IT issue management, IT dispensation and support management in different steering committee or risk reporting forums. Support client’s compliances to APAC regulatory requirement on Technology Risk Management and Cyber Security through various governance activities. Management and support for Identity Access Management related projects, operations, risk, and compliance activities. Work with Group Information Security team to ensure alignment of local country security controls with regional and group policy/standard/guideline. Manage all internal/external audits and regulatory inspections for Singapore and provide advisory on IT RFIs for Country LBUs. Provide support to third party security risk assessment associated with third party vendors and clients. Work closely with stakeholders from business, IT, 2nd line enterprise/operation risk, and group/external 3rd line auditor to ensure effective security controls in place. EXPERIENCE / QUALIFICATIONS 5-10 years working experiences in information security and/or IT Risk areas, preferably within financial institution, or from consulting firm. Proficiency and in-depth knowledge and experience in identity and access management. Knowledge and experience in IT risk management and an understanding of regulatory requirements particularly in the following domains: security risk management, change management, data leakage prevention, application security, cloud security, vulnerability management, security monitoring, security incident response and 3rd Party Security Risk. A plus to have knowledge on Privacy (PDPA) Ordinance/requirement of APAC countries. Can work independently with ownership and able to work with multiple IT stakeholders/leaders, 2nd line (OPS risk) and 3rd line (IT Audit) stakeholders. Either one or more of below IT security certificates CISSP, CISA, CISM, CCSP OTHER TRAITS Possess excellent communication skills, with the ability to effectively convey messages to diverse stakeholders effectively at all levels in different geographies. Can effectively navigate through a complex environment undergoing change and managing internal and external stakeholders to resolve issues with objectives aligned. Ability to deliver work within tight timescales, to budget and to a high quality. Exhibit proactiveness in identifying, articulating, and remediating gaps and issues.

A minimum of 3 years of experience with large scale cybersecurity-focused solutions providers. 3 years of industry experience as cyber architect, and/or cybersecurity manager, establishing security baselines, phishing simulation, etc. Understanding of key cybersecurity-focused technology and solution concepts (Risk Management Framework, security architecture and engineering, proactive defense, threat modeling, data protection management, network security management, identity and access management, asset management, etc.) Experience with advanced cybersecurity programs, tools and techniques such as Security Operations Centers; Managed Detection and Response; Security Orchestration, Automation and Response; Threat Hunting Modeling and Intelligence; Red Team, Penetration Testing, Attack Surface Management, Vulnerability Management) Experience with Cloud and various Platform-based cybersecurity management, including CSP Cloud Security (GCP, AWS, Azure), PaaS Security (Salesforce, Databricks, Snowflake). Candidate should have good understanding of: Infrastructure and Network security Cloud Security Identity and Access Management Privileged Management (CyberArk) Compliance with Banking Regularity compliance (BFSI), HIPAA, PCI and the NC Identity Theft law. Governance Framework such as NIST, ISO, SOC2, etc. Firewall security IDS/IPS placement SIEM tools Wireless Security End point security Data Loss Prevention Web Application Security Knowledge of ITIL incident and problem management. Knowledge of Security Incident Event Management (Qradar, Splunk SIEM) is a add on Hands on experience on Firewall (Palo Alto, CISCO), VPN (Zscaler), Proxy (forward, Reverse, Transparent and Web 2.0), SSL interception/MITM & Data leakage space, Security Analytics. Implementation, customization, coding, Support Candidate should be able to understand the current system security measures and implement security enhancements in line with organizations goals and objectives Conduct regular system tests and audits by validating and verifying technical controls in minimizing the risk Good understanding of business requirements, identify key security requirements and articulate it to business effectively and efficiently in terms of actual risk and safeguards, risk management An Analytical mindset with excellent communication skills & Problem-solving abilities. Key Responsibilities: Serves as the Cybersecurity Consultant/ Technical architect handling large implementation/ operation programs. Should handle team for 30+ people Supports defining, enhancing, evolving, and demonstrating point of view and delivery approach of cybersecurity-focused services. Supports Infosys strategic business opportunities through technical contribution to sales and business development pursuits Builds and maintains client relationships, developing a strategic vision for clients and internal teams. Interface with Operations Directors, Program Managers and technical staff to develop, architect, and deliver world-class solution. Works with customers IT, software development and enterprise architecture teams to ensure security is foundational and comprehensive throughout product and technology-related solutions. Brings an innovative approach to cybersecurity, bridging commercial best practices and new products/approaches to solving and evolving cybersecurity architectures and solutions for Temasek. Effectively communication risks and system issues to all the stakeholders ahead in time to avoid any program risks/escalation.

Looking for candidate as a Vendor Governance Manager For Aviation Company in Bangalore. Candidate Must Have Working In Aviation Industry Or B.P.O. Company (Travel Process) Stakeholder Management, Service Delivery Exp. Interested Candidate Revert Back Required Candidate profile *Monitor and guide team of Associate Manager to ensure that Vendor Performance parameters are met *Governing Manpower planning & resource allocation to cater peak and lean seasons of business

Project Role : Application Designer Project Role Description : Assist in defining requirements and designing applications to meet business process and application requirements. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Servicenow Tools Administration Minimum 3 year(s) of experience is required Educational Qualification : Engineering with ServiceNow Certification Summary :As an Application Designer, you will assist in defining requirements and designing applications to meet business process and application requirements. You will play a crucial role in ensuring the successful implementation of ServiceNow Governance, Risk, and Compliance (GRC) solutions. Your typical day will involve collaborating with cross-functional teams, analyzing business needs, and designing innovative solutions to enhance the overall efficiency and effectiveness of the organization's GRC processes. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Collaborate with cross-functional teams to gather and analyze business requirements. Design and develop ServiceNow GRC applications to meet the organization's needs. Implement best practices and industry standards for ServiceNow GRC solutions. Provide technical guidance and support to the development team. Conduct regular code reviews and ensure adherence to coding standards. Stay updated with the latest ServiceNow GRC features and functionalities. Assist in troubleshooting and resolving technical issues. Create and maintain technical documentation for future reference. Train end-users on the usage of ServiceNow GRC applications. Professional & Technical Skills: Must To Have Skills:Proficiency in ServiceNow Governance, Risk, and Compliance (GRC). Good To Have Skills:Experience with Servicenow Tools Administration. Strong understanding of IT governance, risk management, and compliance principles. Experience in designing and implementing ServiceNow GRC solutions. Knowledge of ServiceNow platform and its various modules. Familiarity with ITIL processes and best practices. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Additional Information: The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC). This position is based at our Noida office. An Engineering degree with ServiceNow Certification is required. Qualifications Engineering with ServiceNow Certification

The IT Risk and Compliance Lead is a key part of the team ensuring that IT have consistent global policies, processes and standards in place and details include people, process, and technology Responsible for assurance through analysing the current state of IT and recommending opportunities for risk reduction and resource optimisation. The focus of the position is to ensure projects implement adequate and appropriate processes (including but not limited to documentation) to meet our business and external compliance needs. KEY ACCOUNTABILITIES & RESPONSIBILITIES Implement and evolve checklists and blueprint to embed in the Information security framework aligned to ISO27001 Support the delivery of value creation and greater efficiency through the simplification by elimination of unnecessary complexity within business processes as well as identification and adoption of better ways of working Drive process change using techniques such as reporting, document analysis, requirements workshops, surveys, business process descriptions, business analysis and workflow analysis Plan, design, research, write and edit a range of documents, including policies, procedures, user guides and manuals, technical specifications, training materials, and proposals Analyse IT risks and project requirements to propose enablers to process, people and technology, where required re-engineering processes to achieve efficiencies Design and manage the IT document management procedure including implementing automated workflow for review and approval stages for both knowledge base and company policy and procedures documentation Support alignment of external and internal documentation in adherence to contractual terms and conditions Liaise with accountable and responsible parties to define identify and establish governance needs for IT Determine types of documents needed - to be understood by both technical and non-technical stakeholders[DMS1] Collaborate with technical resources to collect and interpret technical information[DMS2] Key Skill: IT governance External compliance Business analysis Technical author Document management Organisational change management ISO27001 and NIST frameworks or similar

Purpose An Information Security Analyst /Consultant will provide expert advice and solutions to organizations to help identify, assess, and mitigate security risks. Consultants may work independently, as part of a company's internal IT infra & security team. Responsibilities Security Risk Assessment & Auditing Conduct security audits and assessments to identify vulnerabilities. Perform penetration testing and ethical hacking to simulate cyberattacks. Evaluate compliance with regulations like ISO 27001, NIST, GDPR, HIPAA, SOC 2 . Security Strategy & Policy Development Develop and implement cybersecurity policies, procedures, and frameworks . Advise organizations on best practices for risk management, data protection, and incident response . Assist in aligning security strategies with business objectives and compliance mandates. 3. Threat Management & Incident Response Help organizations develop incident response plans (IRP) . Conduct forensic investigations in the event of security breaches. Provide real-time threat intelligence and recommend proactive security measures. 4. Implementation of Security Solutions Recommend and deploy firewalls, SIEM, IDS/IPS, endpoint security, and cloud security tools . Guide organizations on zero-trust architecture, identity access management (IAM), and encryption . Assist in setting up secure cloud environments (AWS, Azure etc..) 5. Security Awareness & Training Conduct cybersecurity training sessions for employees and executives. Educate teams on social engineering attacks (phishing, BEC, ransomware defense) . Competencies A Bachelor's/masters degree in computer science or a related discipline, or equivalent work experience Experiencing in reviewing Mobile applications & platforms, with knowledge of Cloud Environment set up, and knowledge of common information security requirements for such platforms is a plus Experience providing and validating security requirements related to information system design and implementation Experience providing and validating security requirements related to a broad range of operating systems and databases Experience conducting risk assessments, vulnerability assessments, vendor and third-party risk assessments and recommending risk remediation strategies Experience in the use of tools and methods to identify security exposures and business risks Familiarity with information system attack methods and vulnerabilities Working experience with the design and engineering of web-based multi-tier information systems and architecture design Working experience with web technologies and programming languages Working experience with operating systems and database platforms Experience 8+ years of IT industry experience with minimum five years of relevant experience in Information Security discipline Technical skills / Certifications Technical Skills: SIEM (Splunk etc..) IDS/IPS, Encryption, IAM EDR (CrowdStrike, Microsoft Defender, Sophos, Eset etc..) Firewalls & Network Security (Cisco ASA, Sophos, Azure WAF etc..) Cloud Security (AWS Security Hub, Azure Sentinel) Ethical hacking & Penetration Testing (Kali Linux, Metasploit, Burp Suite) Programming (Python, Bash, PowerShell) Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT

Job Title: IT Risk, Regulatory & Control Lead - VP Role Description The VP role for IT Risk, Audit Management and Implementation lead is responsible to manage all the IT regulatory audits for the India regulator - RBI (Reserve Bank of India), SEBI, NSE, BSE and all internal audits. This role will be the single point of contact between audit agencies (external/ internal) and all functional Technology teams. The role is expected to manage Risk for IT India, through monitoring, assessing, measuring and managing risk remediation in line with appropriate Risk tolerance levels This role is responsible to manage service continuity for India IT infrastructure and applications. Additionally, this role will cover development of regulatory governance framework for APAC and ensure global consistency. It will include develop and produce reports and regional heat maps based on regulatory activities, correlate with global heat maps and produce regulatory intelligence reporting, aligned with global reporting. Your key responsibilities Regulatory & Audit Management Enhancement and roll out of the regulatory governance framework regionally and ensure global consistency. Participate and represent Country Technology Management in the India regulatory control group for report automation. Review new regulatory communications to determine Country Technology Managements compliance status and to identify actions required for compliance, if applicable. Develop and produce reports and regional heat maps based on regulatory activities. Correlate with global heat maps and produce regulatory intelligence reporting, aligned with global reporting. Manage regulatory engagements, drive work streams, report on progress, escalation of risks and issues when necessary. Manage regulatory requirements around vendor outsourcing for financial and technology outsourcing. Coordinate across TDI (Technology, Data, and Innovation Division) to ensure timely and complete responses to all regulatory inquiries and ad-hoc requests. Expert management of time critical activities. Where required, build business cases for regulatory control related projects and establish appropriate projects to deliver the regulatory requirement. Streamline data collection and quality check processes for regular and predictable data requests to ensure quick turnaround times for regulatory responses. E.g. Critical apps reporting, IT outage reporting, IR treasury reporting etc. Perform quality reviews on regulatory responses for quality, completeness and consistency for all IT activities. Maintain tracking system and centralized data repository of all regulatory requests, responses, and remediation efforts. Establish and manage relationships with key stakeholders across the Bank. Establish and manage relationships with key regulators. Participate in various committees (locally, regionally and globally) as required. Develop, monitor and review the KPIs and KRIs defined for regulatory compliance. Evaluate Country Technology Management initiatives for applicability to regulatory compliance. Act as a single point of contact for all audit related queries relating to technology. Co-ordinate with the audit function to effectively plan and support audit execution. Review self-identified issues, audit points and work with issue owners to plan and track their timely remediation. Risk Management Articulate, monitor and measure information and operational risk through appropriate Self Assessments, KRIs and Enterprise Risk Indicators (ERIs) and by developing appropriate responses to address changing business needs and control requirements. Undertake assessments to proactively identify areas of concern and implement remediation plans as required. Ensure adequate risk remediation to target levels in line with the Divisions risk tolerance. Ensure consistent performance of the control environment across the division, defines and implements improvement plans where required. Ensure availability of Regulatory Risk & Control resources with the appropriate skills and through effective management ensures the consistent application and review of the Regulatory Risk & Control infrastructure. Maintain stakeholder buy-in through the management of partnership relationships with key management and control stakeholders. Represent the division in local, regional and global risk forums and workshops and engage and own IT risk management topics related to the Bank in India. Service Continuity Management Act as the Business Continuity Management and Disaster Recovery (BCM/DR) co-coordinator for country IT. Liaise with the Banks BCM team to implement required BCM/DR controls for the IT infrastructure and applications. Plan, coordinate and conduct BCM/DR tests as per the annual BCM/DR test plan. APAC Support In addition this role will be responsible for IT risk management framework design and implementation for APAC region, IT includes the coordination of IT policy drafting, implementation and monitoring. IT Risk and Compliance lead is responsible to maintain the IT Risk Framework and its associated controls and reporting. This role is responsible to evaluate overall information technology risk, maintain an active view, and report on the actual, mitigated and residual risk in the technology organization. All compliance closure activities are coordinated through this role, including the control and actual submissions for closure. Your skills and experience Added skills University degree in engineering /Post graduate in science qualifications from recognized university, preferably candidate should be from Information Systems or Computer science background. 15+ years of experience in BFSI technology sector covering oversight on multiple Banking business technologies. Excellent domain knowledge in finance sector technology and should be able to build a team of Business analyst, Developers to deliver business goals in Regulatory & Risk reporting. Excellent understanding of IT Risk management, internal and external control, compliance and risk frameworks and preferably a good understanding of IT risk management frameworks Working knowledge of IT infrastructure management including computing, Storage, networks, IT operations, Capacity planning etc. Experience in a high pressured environment and / or a cyclical process involving management of different projects and tasks Experience with managing global stakeholders, deadlines and adhering to Finance/ regulatory / audit requirements. An analytical approach with flexibility and problem solving skills, A strong project management background and experience, preferably PRINCE or PMP certified A team player, flexible, and able to work proactively in a fast-paced and changing environment Excellent verbal and written communication skills in English Required Skills /Experience Adhering to principles & values Capturing requirement & translating them in Tech Product for deliverables Entrepreneurial and Commercial Thinking, Vendor management Build team of Business analyst, Developers to deliver business goals in Regulatory & Risk reporting Applying Expertise &Technology Planning & Organizing Delivering Results & Meeting Bank' Expectations Achieving Personal Work Goals and Objectives Education/ Qualifications Project Management experience ITIL Certification Bachelors Engineering degree/ Post Graduate in Science - Information Technology background preferred Required Skills /Experience Key Business Competencies - Proficiency Level (1 to 5) Industry Knowledge : P3 - Experienced Managing Complexity : P3 - Experienced Product Knowledge : P3 - Experienced Risk Management : P3 - Experienced Communication : P3 - Experienced Key Technical Competencies - Proficiency Level (1 to 5) Business Analysis : P3 - Experienced Process Development & Management : P3 - Experienced Quality Management : P3 - Experienced

This is regarding opening for IT Audit with Leading NBFC Compnay! !! Experience: 2+ Years Location: Mumbai Working Days: 5 Days Working Mode: Work from Office (WFO) Job Description: Role : To perform an audit of information systems. Responsibility : Creating succinct and understandable risk/control matrices and reporting Perform the audit in accordance with the audit strategy. When interacting with IT stakeholders,show professionalism, expertise, and clear communication. Exhibit a reasonable understanding of the sector or industry and be cognizant of any technical difficulties or audit concerns. Graduates with pertinent certifications, including CISA Work Experience: In the banking and financial services (NBFC) industries,experience in internal audit, risk management, regulatory, and compliance roles; Expertise in conducting information systems and security audits; and familiarity with the rules and circulars issued by the regulatory body (RBI). Experience with audit approach in practice Strong communication abilities both in writing and speaking; sound reasoning and logic; the capacity to collaborate well with others; An information systems auditor should possess the following technical skills: A strong foundation in computer hardware and software An understanding of different operating systems Proficiency in databases Practical knowledge of network architecture and other IT infrastructure nterfaces and controls for applications Knowledge of information security governance and computer assisted auditing techniques (CAATs) Understanding of the Disaster Recovery and Business Continuity Framework If you are interested share your updated resume on aayushi@thepremierconsultants.com

Exp. in governance, risk & compliance ISO 27001, ISO27701, HIPAA, GDPR etc. Data Privacy Requirements and Cyber Laws across countries. CISA, CISSP, CISM certifications divya.bhardwaj@silverskills.com

We would like to present an Internship Opportunity in our Information Technology Team. The scope of learning and skills required are mentioned below. Position: Intern - Information Technology Work Structure: Work from office Location: Mahape, Ghansoli, Navi Mumbai. Duration: 6 Months to 12 Months Risk Help identification and evaluation of IT/IS related risks. Assist the information security function in developing and maintaining the security and risk management program, including risk analysis and tracking process. Help in implementation of risk mitigation strategies and monitor the effectiveness of risk controls. Prepare dashboard for the management on periodic basis. Review and track IT & IS exceptions, risks and exceptions and prepare dashboard for the management. Governance Ensure adherence towards implementation of comprehensive IT & IS governance, testing control frameworks to guide decision-making processes. Help drive the Governance activities across the Technology estate of the organization. Key areas of focus would be timely response towards advisories/ compliance towards RBI, CERT-In advisories/ guidelines, Control Testing & Assessment framework, Change Management, Vulnerability & Patch Management, Obsolescence, Asset Management, BCP-DR, Training awareness, TPRA etc. Ensure alignment with organizational objectives, industry standards, and regulatory requirements. (Example: RBI, SEBI, CERT-IN, etc.) App Sec Representative from Security across the organization for performing Risk Assessments for any new projects from IT/Infrastructure/Security point of view. Work with the AppSec team for the Vulnerability Assessment and Penetration Testing on Web Applications, APIs, Mobile Apps and Cloud Environment. Also ensure Application Source Code is scanned as per Security Best Practices. Work along with the Server & Application team for Vulnerability & Configuration Assessment, Firewall Rule Review and Baseline Standards review. Work Along with endpoint and server team for Freeware and License Softwares/applications assessment and installation. Collaborate with the Development Team, IT and Business Stakeholders for tracking, remediation of the open issues and bring to closure. Analytical skills : Ability to assess privacy risks and design effective technological solutions. Communication and interpersonal skills : Strong communication skills and to collaborate with cross-functional teams and explain technical concepts to non-technical stakeholders. Problem-solving : Demonstrated ability to resolve complex technical privacy challenges. Technical Knowledge : Proficiency in using data protection and GRC tools, Excel/Power BI, and knowledge of AI governance.

Project Planning & Execution: Define project scope, objectives, and deliverables Network Deployment: Manage end-to-end implementation, including hardware, software, Network architecture (LAN, WAN, SD-WAN, VPN, Firewalls, Load Balancers).

About the role Role Description: Let’s do this. Let’s change the world. In this vital role you will involve working closely with various groups to ensure that GxP controls are in place, GxP deviations are managed and monitored, and security standards are met. The GxP Specialist will assist in owning and maintaining GxP deviation records, performing GxP assessments, and supporting regulatory compliance efforts. Roles & Responsibilities: GxP Deviation and CAPA Management : Manage and own technology related GxP deviations, CAPA, and CAPA-EV records Manage GxP reporting and monitoring metrics for Technology/IT records Collaborate with record owners and QA to ensure timely record resolution Assist in the identification and evaluation of risks associated with GxP deviation records. Identify and support new record owners across IT/Technology (e.g. office hours, ad-hoc meetings, document management support). Attend enterprise network meetings as needed to represent the Technology / IT function. GxP Deviation Monitoring and Improvements: Recommend deviation management improvement strategies across Technology/IT. Collaborate with Quality, IT application, cybersecurity, and business teams to supervise and resolve identified risks and vulnerabilities associated with deviations and CAPA’s. Assist in conducting CAPA applicability assessments, time studies, and related initiatives to identify impacts and improvement opportunities in IT systems, processes, and policies. Supervise, monitor, and report on the efficiency of existing GxP records, trends, and recommend improvements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GxP, GDPR, SOX, NIST). Assist in proactive measures to facilitate compliance, such as collaborating with collaborators to initiate periodic reviews Assist in the preparation for audits and inspections by internal and external parties, providing documentation and evidence of IT GxP deviation management practices. Support the development and implementation of IT governance, risk, and compliance frameworks and continuous improvements. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Doctorate degree OR 5+ years of experience in IT GxP deviation management, IT quality management, IT auditing, or information security. Hands-on experience with deviation management tools and associated frameworks (e.g., ISO 27001, NIST, COBIT). Master’s degree and 4 to 6 years of information technology, Cybersecurity, Risk Management, or a related field experience OR Bachelor’s degree and 6 to 8 years of information technology, Cybersecurity, Risk Management, or a related field experience OR Diploma and 10 to 12 years of information technology, Cybersecurity, Risk Management, or a related field experience Preferred Qualifications: Skills and Competencies : Good understanding of GxP deviation management, document management, IT infrastructure, systems, and security standard methodologies. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex GxP and risk concepts to non-technical collaborators. Familiarity with regulatory frameworks and compliance standards (e.g., GxP, GDPR, HIPAA, SOX). Technical Knowledge : Proficiency with GxP deviation management tools, GRC (Governance, Risk, and Compliance) software, enterprise change management tools, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Equal opportunity statement Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com