228 It Governance Jobs - Page 4

Responsibilities: Conduct IT risk assessments & audits. Ensure compliance with ISO standards. Develop & implement ISMS policies & procedures. Manage information security incidents & breaches.

Job Title: ITAO ( IT Application Owner ) AVP Location: Pune, India ITAO is the custodian of the application and is responsible to apply and enable during Life-Cycle of the application the IT policies and procedures with specific consideration to IT management and Information Security. The ITAO ensures a clear separation of the responsibility within the project, aimed at achieving a safe and secure running of the application and compliance to regulations, policies and standards. ITAO is responsible for application documentation, application infrastructure reliability and compliance, and is usually the IT SPOC for audit initiatives. Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Flexible working arrangements Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Strategy & Architecture Enterprise IT governance: Reviews current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy. Provides specialist advice to those accountable for governance to correct compliance issues. Cloud Security & Governance : Migration on Cloud from on-prem setup end to end with ensuring application/infrastructure and Data Security Information security: Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing: Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Specialist advice: Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organisation's planning and operations. Recognises and identifies the boundaries of their own specialist knowledge. Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organisation. Knowledge management: Maintains knowledge management systems and content to meet business needs. Supports others to enable them to complete knowledge management activities and form knowledge management habits. Reports on progress of knowledge management activities. Configures and develops knowledge management systems and standards. Supports changes to work practices to support capture and use of knowledge. Business risk management: Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management: Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management: Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools: Provides support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools. To maintain the Information Security related documentation of assigned IT Assets in the DB Group IT Asset inventory. Change and Transformation Requirements definition and management: Assists in the definition and management of requirements. Uses standard techniques to elicit, specify, and document requirements for simple subject areas with clearly-defined boundaries. Assists in the creation of a requirements baseline and in investigating and applying authorised requests for changes to base-lined requirements, in line with change management policy. Delivery and operation Availability management: Contributes to the availability management process and its operation and performs defined availability management tasks. Analyses service and component availability, reliability, maintainability and serviceability. Ensures that services and components meet and continue to meet all of their agreed performance targets and service levels. Implements arrangements for disaster recovery and documents recovery procedures. Conducts testing of recovery procedures. Service acceptance: Engages with project management to confirm that products developed meet the service acceptance criteria and are to the required standard. Feeds into change management processes. Configuration management: Applies tools, techniques and processes to track, log and correct information related to configuration items. Verifies and approves changes ensuring protection of assets and components from unauthorised change, diversion and inappropriate use. Ensures that users comply with identification standards for object types, environments, processes, lifecycles, documentation, versions, formats, baselines, releases and templates. Performs audits to check the accuracy of information and undertakes any necessary corrective action under direction. Asset management: Applies tools, techniques and processes to create and maintain an accurate asset register. Produces reports and analysis to support asset management activities and aid decision making. Change management: Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change. Security administration: Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard security administration tasks and resolves security administration issues. Application support: Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures. Problem management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Enables development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Analyses patterns and trends. To support key role holders such as ITAOs and ISOs to develop a secure environment by evaluating the IT Security requirements as early as possible in the system development life cycle to select the applicable information security controls for implementation. To guide ITAOs on the implementation of compensating controls in case of deviations from the applicable information security controls. To approve the access control and user authorization approach of the assigned IT Assets. To execute and document periodical recertification of Access Rights in compliance with the DB Group Identity and Access Processes. Incident management: Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process. Your skills and experience Experience 6 to 9 years IT Service Management, IT Governance or IT Project Management background. Excellent communication and presentation skills, highly organized and disciplined. Experienced in working with multiple stakeholders. Ability to create and naturally maintain good business relationships with all stakeholders. Comfortable working in VUCA (Volatility Uncertainty Complexity Ambiguity) and highly dynamic environments. Rounded knowledge and experience of all the following Information Security processes; Application and Infrastructure Security Identity and Access management Information Security Incident and Problem Management Information Security Governance for business and technology Information Security Risk Management Expert knowledge of DB Information Security Principles, Policies, and Procedures Profound experience in business and IT processes and respective Information Security requirements. Extensive experience with financial markets and institutions. Excellent analytical skills, flexibility regarding problem solving. Ability to work in fast paced environment and keep pace with technical/ operational innovation. Open minded, able to share information, transfer knowledge and expertise to team members. Keeps pace with technical/operational innovation & maintains understanding of the CIO technologies, as well as CISO service and technology offerings ITAO will typically have a rather limited technical hands on involvement. A high-level understanding on the products/technologies below is welcomed: Databases: mainly Oracle Application/web servers (like J2EE based, especially JBoss, Tomcat, WebLogic Server, Apache) Management of security certificates. Unix servers very basic administration Microservices and SOA Communication and encryption protocols (mainly HTTP(S), SSL) Networking (firewalls, load balancers, etc) High Availability Architecture. Reasonable understanding and relevant experience in Agile-Scrum delivery and main tools (Jira & Confluence); 4-5 years of work experience in IT; 2-3 years project management or application owner experience. Preferable skills: Experience working with distributed development teams; Experience in finance products Experience on Google Cloud Security and Management Degree in Information Security or a comparable education In addition, the following education/certification attainment will be beneficial: CISSP (Certified Information Systems Security Professional) or equivalent. ISSMP (Information Systems Security Management Professional). CISM (Certified Information Security Manager) or equivalent Skills and quality Quality assurance: Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organisational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences. Conformance review: Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services. Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences. Digital forensics: Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports. To contribute to the Information Security Incident Management Process in the case of a security breach for their IT-Assets, if requested. Relationships and engagement Relationship management: Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information. Experience/Exposure Autonomy: Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level. Influence : Interacts with and influences colleagues. Has working level contact with customers, suppliers and partners. May supervise others or make decisions whichimpactthe work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work. Complexity: Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution. Knowledge: Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organization typically gained from recognized bodies of knowledge and organizational information. Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge. Business skills: Demonstrates effective communication skills. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client. Demonstrates an analytical and systematic approach to issue resolution. Takes the initiative in identifying and negotiating appropriate personal development opportunities. Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work. Cloud Migration and Understanding : Basic Knowledge on IaaS/PaaS/SaaS and migration from different environments to Cloud

Job Summary: The IT Senior Manager will oversee the management and support of IT and OT applications related to pharmaceutical quality control, and laboratory operations. This role is crucial in ensuring seamless operation, maintenance, and enhancements offered to support business objectives and regulatory compliance. Who You Are: We are seeking a highly skilled and motivated IT Senior Manager to oversee the delivery and management of IT services and projects within the CoE Operations, specifically focusing on Pharma Quality, and Laboratories applications. The ideal candidate will ensure that our IT services meet business needs and continuously improve delivery quality. Major Accountabilities: As an IT Senior Manager in Project Management for Pharma Quality and Laboratories Applications, you will oversee the planning, execution, and delivery of IT projects supporting laboratory and quality management systems. Your responsibilities include developing project plans, managing budgets, and coordinating with cross-functional teams to meet project milestones. You will communicate with stakeholders to understand their needs, provide project updates, and ensure alignment with business objectives. Ensuring compliance with regulatory standards and implementing quality assurance processes are key aspects of your role. Leading and mentoring a team of IT professionals, you will foster a collaborative environment and address training needs. You will also manage risks, develop mitigation strategies, and maintain contingency plans. Vendor and resource management are part of your duties, including negotiating contracts and ensuring vendor commitments. You will drive continuous improvement by implementing best practices and staying updated with industry trends. Additionally, you will coordinate Project Management Office (PMO) activities, standardize processes, and ensure adherence to PMO guidelines to enhance delivery quality. Maintaining comprehensive project documentation and preparing reports for senior management are also essential tasks. Finally, maintaining comprehensive project documentation and preparing detailed project reports for senior management are important tasks. You will ensure that all project documentation is accurate and up to date, providing a clear record of project progress and outcomes. Key Requirements: Education: Advanced degree in Information Technology, Computer Science, or a related field. Experience: Minimum of 10 years of experience in IT operations, with a focus on pharma quality, and laboratory applications. Previous consulting experience preferred. Skills: Strong knowledge of pharmaceutical manufacturing processes and quality control standards. Excellent project management skills, with experience in leading cross-functional and geographically distributed teams. Extensive knowledge of IT architecture, IT security, and IT governance Strong analytical and problem-solving abilities. Effective communication and interpersonal skills. Ability to work in a fast-paced, regulated environment. Effective leadership and team management skills. Comfortable operating in a complex, matrix, and ambiguous environment. Ability to anticipate risks and manage escalations. Must be business fluent in English. Preferred Qualifications: Certifications: ITIL, PMP, Lean Six Sigma or other relevant certifications. Experience: Experience with specific pharma applications such as SAP, QMS (Quality Management Systems), LIMS (Laboratory Information Management Systems), LES (Laboratory Execution Systems) and lab equipment systems (Empower, LabVantage, etc.). Experience extracting relevant data and configuring ServiceNow KPIs and SLAs.

At EY, you will have the opportunity to build a career tailored to your unique qualities, supported by a global network, inclusive culture, and cutting-edge technology to help you reach your full potential. Your individual voice and perspective are valued in contributing to EY's continuous improvement. Join us to create an exceptional experience for yourself and contribute to building a better working world for all. As part of EY's Technology Strategy & Transformation (TST) team, you will engage in providing innovative consulting and advisory services to leading enterprises worldwide. The technology practice at EY is renowned for driving strategic business-led, technology-enabled end-to-end transformations. Collaborating with clients from various industries, you will guide organizations of all sizes towards achieving business success by delivering strategic IT value. In this role, you will utilize your expertise as an IT Strategy practitioner to develop creative strategies at the intersection of business, technology, and customer insights. Your responsibilities will include advising clients on resetting and reimagining their business and operating models using cutting-edge, tech-enabled solutions to enhance enterprise performance. You will also play a key role in shaping and driving enterprise technology vision and strategy in alignment with corporate goals, customer focus, and solution teams to maximize technology value. Working closely with Chief Information Officers (CIOs) and Chief Technology Officers (CTOs), you will address critical IT challenges and deliver world-class IT capabilities to support future business needs. Leveraging EY's brand as a trusted advisor, you will offer a range of services such as Tech Strategy & Vision, IT Operating Model optimization, Transformation strategies, Office of CIO functions, Product strategy & management, M&A due-diligence, and Enterprise Architecture Services. Key responsibilities of this role include understanding business strategies, translating them into technology vision, analyzing value chains and business capabilities, identifying optimization opportunities, and guiding clients through enterprise-wide transformations. Your role will involve collaborating with IT and business leadership to shape IT strategic agendas, provide guidance on innovation trends, and leverage EY's global network to develop relevant architecture insights. In addition to client-facing responsibilities, you will lead conversations with stakeholders, build trusted relationships as a strategic technology advisor, develop thought leadership, manage engagement teams, and contribute to the growth of the TST Strategy practice. Your ability to provide structured solutions to complex technology strategy problems, recruit and mentor team members, and develop new solution offerings will be essential in this role. To qualify for this position, you should have a strong academic background with a BE/B.Tech and MBA from a top Tier-1 B-school, along with experience in Strategy Consulting and large-scale enterprise-wide transformations. Industry experience in sectors such as Financial services, Retail, Healthcare/Pharma, Telecom, or e-commerce is preferred. Your expertise in IT governance, business transformation, emerging technologies, and client engagement will be crucial for success in this role. Overall, your success in this role will be determined by your ability to understand industry trends, drive client engagements, deliver executive-level presentations, identify opportunities for sell-on work, and build long-term client relationships. Your experience in managing portfolios of executive-level clients, developing strong teams, and providing strategic insights will be vital in contributing to EY's mission of building a better working world through innovative solutions and trusted advisory services.,

At EY, you will have the opportunity to build a career tailored to your uniqueness, with the global scale, support, inclusive culture, and technology needed to help you reach your full potential. Your voice and perspective are crucial in contributing to EY's continuous improvement. Join us and embark on a journey to create an exceptional experience for yourself while contributing to building a better working world for all. As a Strategy Consultant in the Technology Consulting/Technology Strategy and Transformation department at the Senior level, you will report to the Manager/Senior Manager. EY's Technology Strategy & Transformation (TST) team delivers cutting-edge consulting and advisory services to some of the largest enterprises globally. The team is recognized for leveraging business and technology to drive strategic business-led, tech-enabled end-to-end transformations across various industries. Your role will involve devising creative strategies based on trends, insights, and data to help clients reset, reimagine, and re-think their business and operating models with cutting-edge, tech-enabled solutions. You will work closely with clients to drive enterprise tech vision and strategy in alignment with corporate/business unit goals, customer focus, and solution teams, aiming to optimize technology spend and enhance cost, agility, productivity, and performance. Key responsibilities will include understanding business strategies and translating them into enterprise-wide technology vision and strategy, analyzing business capabilities to develop a clear understanding of strategic objectives, and identifying optimization opportunities across various dimensions. You will guide clients through large-scale transformation initiatives, provide IT leadership, and act as a trusted advisor on innovation, leveraging EY's global network and expertise to develop relevant architecture insights. You will lead client interactions, build trusted relationships as a strategic technology advisor, develop and maintain client relationships, and contribute to the growth of the TST Strategy practice. Additionally, you will develop thought leadership, manage engagement teams, recruit and develop professionals, and support the development of new solution offerings and tools. To qualify for this role, you should have a strong academic background with a BE/B.Tech and MBA from a top Tier-1 B-school, along with a background in Strategy Consulting from top-tier firms and at least 5 years of relevant experience in large-scale enterprise-wide transformations. Experience in industry sectors such as Financial Services, Retail, Healthcare/Pharma, Telecom, or e-commerce is desirable. Overall, this role requires a deep understanding of IT trends, proven delivery skills, the ability to identify opportunities, and expertise in executive-level client communications. Your role will be pivotal in shaping technology strategies, driving business transformations, and fostering long-term trusted advisor relationships with clients.,

You will be responsible for progressing IT Governance required to onboard a vendor or solution. This includes helping to produce artifacts to attain sign-off for vendors and solutions, managing and tracking progress of sign-offs, providing input to delivery plans, managing Risks and Issues to closure, and championing agile and lean principles to create a culture of continuous improvement. You will also manage stakeholders" expectations and work closely with Project Managers and Delivery Managers to ensure that delivery commitments are met. To be successful in this role, you should have proven experience within the Technology sector with knowledge of the following skills: - Familiarization with IT and cloud infrastructure concepts - Proven track record of IT delivery using Agile and/or DevOps methodology within a Digital environment - Prior experience of working with Digital technology and/or large complex systems - Experience of stakeholder management - Experience of using JIRA and Confluence - Ability to take ownership of tasks and seeing them through to conclusion - Ability to explain technical issues to non-technical stakeholders - Excellent communication skills - Attention to detail - Self-starter approach - Organized and methodical About Virtusa: Teamwork, quality of life, professional and personal development are values that Virtusa is proud to embody. When you join Virtusa, you become a part of a team of 30,000 people globally that cares about your growth and seeks to provide you with exciting projects, opportunities, and work with state-of-the-art technologies throughout your career. Virtusa values collaboration and the team environment of the company, providing a dynamic place to nurture new ideas and foster excellence.,

The candidate shall perform comprehensive technical risk assessment which shall assist in identifying and remediating the risks. He/ She shall also have a change to represent ITRO to various stakeholders across IT verticals providing him/her visibility JOB FUNCTIONS AND RESPONSIBILITIES Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference frameworks like COBIT, ITIL and ISO 20000 Conduct IT SOX Testing Work closely with the Enterprise Risk Management team and ensure risks are reduced or maintained at minimum levels Assist in development of IT risk policies, standards, and procedures Ensure policy and procedure artifacts pertaining to IT Risk-Service and Infrastructure Management, (including but not limited to incident response, segregation of roles and responsibilities, risk register, etc). are up-to-date and regularly reviewed by appropriate management EDUCATION / EXPERIENCE: Graduate BE / BTECH with 3-6 years of experience in IT risk assessment

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

POSITION SUMMARY: The candidate shall perform comprehensive technical risk assessment which shall assist in identifying and remediating the risks. He/ She shall also have a change to represent ITRO to various stakeholders across IT verticals providing him/her visibility JOB FUNCTIONS AND RESPONSIBILITIES Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference frameworks like COBIT, ITIL and ISO 20000 Conduct IT SOX Testing Work closely with the Enterprise Risk Management team and ensure risks are reduced or maintained at minimum levels Assist in development of IT risk policies, standards, and procedures Ensure policy and procedure artifacts pertaining to IT Risk-Service and Infrastructure Management, (including but not limited to incident response, segregation of roles and responsibilities, risk register, etc.). are up-to-date and regularly reviewed by appropriate management EDUCATION / EXPERIENCE: Graduate BE / BTECH with 3-6 years of experience in IT risk assessment WORK SCHEDULE 2pm to 11pm

Key Responsibilities: • Define the overall GRC strategy, policies, standards, and procedures. • Oversee the identification, assessment, analysis, and prioritization of enterprise-wide risks, including operational, reputational, and cybersecurity risks. • Develop and implement robust risk mitigation strategies and controls • Monitor the effectiveness of risk management activities and report on the organization's risk posture to senior leadership and the Board. • Ensure the organization complies with all applicable laws, regulations, industry standards, and internal policies (e.g., data privacy regulations like DPDPA, RBI regulatory requirements and compliance) • Develop and manage compliance programs, internal audits, and assessments to identify and address compliance gaps. • Drive a strong governance culture by establishing clear accountability, transparency, and ethical conduct throughout the organization • Develop and implement governance policies and procedures to guide decision-making and operational processes • Develop meaningful GRC metrics, dashboards, and reports for various stakeholders, including executive management and the Board. • Collaborate closely with various departments, including Enterprise Risk, IT Operations, Legal, Finance and HR to integrate GRC principles into daily business operations. • Act as a trusted advisor to business on Infosec Risk and Compliance matters. • Thoroughly review of all incoming information security requests (e.g., user access, system configuration changes, firewall rules creation/modifications, software installations, data access, third-party system integrations) and approve them. • Assess requests for completeness, accuracy, and adherence to established information security policies, procedures, & guidelines and analyse potential security risks, impacts associated with each request, including data confidentiality, integrity, and availability. • Review and approve access requests to sensitive systems, applications, and data and validate justifications, roles, and least-privilege principles prior to approval. • Maintain a comprehensive understanding of evolving security threats, vulnerabilities, and regulatory changes related to upcoming technologies like Blockchain and AI to take informed approval decisions. • Review and recommend exceptions to security policies and standards, identify and document any residual risks associated with approved exceptions, and ensure that compensating controls are in place for recommended exceptions, documenting the rationale, validity period, and expiration tracking. • Communicate clearly and concisely with requestors, providing detailed explanations for approvals, denials, or requests for additional information. • Identify opportunities to streamline the request approval process, enhance efficiency, and improve security controls. • Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements • Provide guidance and mentorship to junior security team members. Technical Skills: • Deep understanding of GRC principles, methodologies, and best practices. • Strong analytical and problem-solving skills with the ability to identify, assess, and mitigate complex risks. • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex GRC concepts to diverse audiences (technical and non-technical, all levels of management). • Proven leadership and team management abilities, including the ability to influence and collaborate across departments. • Strategic thinking with a proactive approach to GRC challenges. • High level of integrity and ethical conduct. • Ability to manage multiple projects and priorities in a dynamic environment. • Proven track record of developing, implementing, and managing successful GRC programs in a complex organizational environment. • Strong experience with risk assessment methodologies, control frameworks, and compliance audits. • Experience with relevant regulatory frameworks (e.g., ISO 27001, NIST, SOC 2, PCI DSS, DPDPA, GDPR etc.). • Strong understanding of security domains (e.g., network security, data security, application security). • Understanding on cryptographic standards, application security, enterprise architecture, software development lifecycle etc. • Experience with security frameworks (e.g., MITRE, NIST, ISO). • Familiar in Vulnerability Management and Configuration Management with a commitment to staying current on emerging security threats and technological advancements. • Knowledge of identity and access management (IAM) concepts and technologies and Familiarity with role-based access control (RBAC) models and approval workflows. • Knowledge of cryptography, secure communication protocols, data encryption techniques, understanding of Key management process. • Deep understanding of security vulnerabilities exploits applications, infrastructure and APIs • Strong analytical and problem-solving skills. • Basic understanding of cloud security principles (AWS, Azure, GCP) is a plus. • Experience with ITSM or request/ticketing systems (e.g., ServiceNow, Jira, Remedy)

O365 controls, Cloud security, Multi cloud hybrid environment security, GRC Information ISO 27001 Auditor, Risk management Risk gap Analysis, Risk Ass., ITGC Control, Control Testing,2nd Line of Defense Creating policies procedures.

About The Role Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Analyst Qualifications: Any Graduation Years of Experience: 3 to 5 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing experience is required What are we looking for Commitment to qualityWritten and verbal communicationRisk managementAbility to work well in a teamAbility to meet deadlinesAutomated/IT control testing experience is must Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

About The Role Project Role : Application Designer Project Role Description : Assist in defining requirements and designing applications to meet business process and application requirements. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : Engineering with ServiceNow Certification Summary :As an Application Designer, you will assist in defining requirements and designing applications to meet business process and application requirements. Your typical day will involve collaborating with stakeholders to understand their needs and translating them into functional application designs. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Design and develop applications based on business requirements.- Collaborate with stakeholders to gather and analyze requirements.- Create technical documentation for developed applications.- Conduct code reviews and provide feedback to team members.- Stay updated on industry trends and best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of IT governance, risk, and compliance processes.- Experience in designing and implementing GRC solutions.- Knowledge of ServiceNow platform and its capabilities.- Hands-on experience in configuring GRC modules.- Good To Have Skills: ServiceNow Certification. Additional Information:- The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Hyderabad office.- An Engineering degree with ServiceNow Certification is required. Qualification Engineering with ServiceNow Certification

The ITAO Associate, based in Pune, India, acts as the custodian of the application, ensuring the application's adherence to IT policies, procedures, and Information Security throughout its Life-Cycle. The role focuses on maintaining a clear separation of responsibilities within projects to achieve a safe, secure operation of the application while complying with regulations, policies, and standards. Additionally, the ITAO is responsible for application documentation, infrastructure reliability, compliance, and serves as the IT Single Point of Contact (SPOC) for audit initiatives. As an ITAO Associate at our organization, you will benefit from our flexible scheme that includes features such as a best-in-class leave policy, gender-neutral parental leaves, and 100% reimbursement under childcare assistance benefit. Furthermore, we offer sponsorship for Industry-relevant certifications, an Employee Assistance Program for you and your family members, comprehensive Hospitalization and Term life Insurance, as well as Complementary Health screening for individuals aged 35 and above. Your core responsibilities will encompass various domains such as Strategy & Architecture, Change and Transformation, Delivery and operation, Skills and Quality, and Relationships and engagement. These responsibilities include Enterprise IT governance, Cloud Security & Governance, Information security, Knowledge management, Incident management, and Digital forensics, among others. To excel in this role, you should possess 6 to 9 years of experience in IT Service Management, IT Governance, or IT Project Management. Excellent communication and presentation skills, organizational discipline, and the ability to develop strong business relationships with stakeholders are essential. Additionally, experience in working with multiple stakeholders, adaptability to dynamic environments, and familiarity with Cloud Migration concepts are beneficial. Furthermore, you are expected to have a high-level understanding of databases (mainly Oracle), application/web servers (e.g., J2EE-based, JBoss, Tomcat, WebLogic Server, Apache), security certificate management, Unix servers administration, Microservices, SOA, communication and encryption protocols, networking, and High Availability Architecture. Proficiency in Agile-Scrum delivery, tools such as Jira & Confluence, and project management or application owner experience are preferred. Our commitment to your professional growth includes training, coaching, and support from experts within the team. We foster a culture of continuous learning and offer a range of flexible benefits to support your individual needs. For more information about our company and teams, please visit our website at https://www.db.com/company/company.htm. At Deutsche Bank Group, we strive to create an inclusive work environment that values and celebrates the success of all individuals, promoting a culture of responsibility, commercial thinking, initiative, and collaboration. Join us to excel together every day as part of the Deutsche Bank Group. We welcome applications from all individuals to contribute to a positive and fair work environment.,

Manage the complete IT Governance and control verification of end user controls for technologies deployed Dashboard and non compliance reporting and closure Audit data collection and handling of all audits Knowledge of scripts , automation and end user controls Understanding of server-side controls for all environments Stakeholder management and team handling Review of access control solution, process and periodic access control reviews for all systems Automation in IS processes

Job Summary GRC Consultant Responsibilities Job Summary We are seeking an experienced IT GRC Manager to lead our Governance Risk and Compliance initiatives The candidate will be responsible for developing and implementing IT GRC strategies ensuring compliance with regulatory requirements and managing risk across the organization This role requires a deep understanding of IT governance frameworks risk management practices and compliance standards Key Responsibilities Governance Develop and maintain IT governance frameworks policies and procedures Ensure alignment of IT strategies with business objectives Oversee the implementation of IT governance initiatives and monitor their effectiveness Risk Management Identify assess and manage IT risks across the organization Develop and implement risk mitigation strategies Conduct regular risk assessments in according with NIST standard and audits to ensure compliance with internal and external standards Compliance Ensure compliance with relevant regulatory requirements eg GDPR HIPAA SOX Develop and maintain compliance documentation and reports Coordinate with internal and external auditors to facilitate compliance audits Leadership Lead and mentor a team of IT GRC professionals Collaborate with crossfunctional teams to promote a culture of risk awareness and compliance Provide regular updates to senior management on IT GRC activities and initiatives Qualifications Strong knowledge of IT governance frameworks eg COBIT ITIL Experience with regulatory compliance standards eg GDPR HIPAA SOX Excellent analytical problemsolving and communication skills Relevant certifications eg CISA CRISC CISM are a plus Skills Strong leadership and team management skills Ability to work collaboratively with crossfunctional teams Proficiency in risk assessment and management tools Excellent organizational and project management skills Strong attention to detail and ability to manage multiple priorities

Responsibilities:- Lead the IT in the organization with major verticals NOC, IT OPS, IT Security, and IT Assets with the commitment to the agreed SLA/TAT. Maintain the CAPEX/OPEX and plan the AOP of the year. Maintain the IT infrastructure and its continuity to achieve a 24/7/365 business environment. Be on edge to use cutting-edge technology and Implement as per the business requirement. Maintain the WAN/ISPs, P2P, MPLS, Cloud, and on-prem Infra. Maintain and Monitor the Network Infrastructure including all the layers of the Network and have good knowledge of OSI layers. E.g. Switching(l2+L3), Firewalls, LAN and WLAN controllers, NAC, SDWAN, etc. Maintain and Monitor the IT OPS Infrastructure including End User support and Expected technologies like Google Workspace (G-suite), AD/LDAP, NGAV, PatchMGMT, ITSM, Ticketing System, etc. Maintain Security of Onprim, DC/Cloud, Endpoint/users, and Email, to ensure a high level of security across the organization. E.g. DLP, Endpoint EDR/NGAV, Firewall, SSL, Crypto, Endpoint Encryption, and Email security. Also, help Internal and external auditors to plan the audits and related mitigations and preventions. Maintain the 70K+ IT assets across the 5K sites along with multiple IT stores across Delhivery including SAM and HAM. Involvement in regular Internal and cross-functional audits, keeping in mind ISO 9001:2013 for quality assurance and 27001:2013 for security things. Manage the on-roll/off-roll of 350 team members along with KRA/KPI and JD. Take responsibility for sudden outages and way forward improvements. Lead the Projects for Upcoming sites with the respect to IT Infrastructure and OPS. Participate in day-to-day meetings with the team, cross-functional team, and vendors to maintain the SLA/TAT. Interact with different stakeholders to understand their requirements and challenges related to OPS and IT. Update management with periodic reporting, updates, announcements, and newsletters related to IT activities.

Any candidate who wants to apply can contact on the given contact number 07303998586 Description The IT Compliance role involves ensuring that the organization adheres to internal and external compliance regulations related to information technology. This position is ideal for freshers/entry-level candidates who are eager to start their career in IT compliance and security. Responsibilities Conduct regular audits to ensure compliance with IT policies and regulations. Assist in the development and implementation of IT compliance programs and policies. Monitor and report on compliance risks and issues. Collaborate with various departments to ensure understanding and adherence to compliance requirements. Support the compliance training programs for IT staff and stakeholders. Maintain documentation related to compliance processes and controls. Skills and Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. Strong understanding of IT compliance frameworks such as ISO 27001, GDPR, or HIPAA. Familiarity with risk assessment and management processes. Excellent analytical and problem-solving skills. Good communication and interpersonal skills. Proficiency in Microsoft Office Suite, especially Excel and PowerPoint. Knowledge of cybersecurity principles and practices is a plus. Any candidate who wants to apply can contact on the given contact number 07303998586

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITRS, Knowledge about regulators RBI, IRDA, SEBI Experience in PCI DSS, ISO 27001, SOC 2, GDPR, RBI guidelines Experience in audits & risk assessments.

Manager (IT) Compliance & Audit The ZS IT Governance, Risk & Compliance (GRC) team is a global function that plays a critical role in aligning with ZS' business strategy and operating model. The team's mission is to empower ZS' 13,000+ employees and their clients with the tools, insights, and frameworks needed to effectively manage operational risk and meet compliance requirements in an increasingly complex regulatory landscape. The GRC team is responsible for ensuring that ZS maintains the highest standards of compliance by managing a diverse portfolio of certifications and audits across multiple domains, including Information Security, Privacy, and Environmental, Social & Governance (ESG) . The team's scope of work includes maintaining compliance with industry-recognized standards such as ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and ESG , providing comprehensive oversight on risk management, security, and privacy practices. By offering independent assurance to both internal stakeholders and external parties, the GRC team ensures that ZS consistently adheres to globally established compliance frameworks, controls, policies, and industry standards. This stewardship strengthens ZS' ability to mitigate risks, meet client and regulatory expectations, and uphold its reputation as a trusted partner across industries. Additionally, the GRC team fosters continuous improvement, not only by responding to evolving regulations but by driving proactive initiatives that embed a culture of compliance and risk awareness throughout ZS operations. This holistic approach helps safeguard ZS assets, data, and relationships in a fast-paced and increasingly interconnected business environment. Manager (IT) Compliance & Audit The Manager, IT Compliance & Audit will be a seasoned leader in the information security compliance domain, driving projects related to critical certifications like ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and others. The individual will play a pivotal role in managing and ensuring compliance with regulatory and operational security standards while collaborating with various stakeholders, including the CISO, CRO, DPO, Head of Cloud Engineering, IT Stakeholders, and other senior leaders. The role requires hands-on technical and functional expertise, along with the ability to manage and develop teams, oversee compliance programs, and report to leadership committees. Key Responsibilities: Compliance & Audit Management: Lead and manage the implementation, maintenance, and certification processes for ISO 27001, 27701, 27017, HITRUST, SOC 2, SOC 3, and similar standards. Oversee and manage internal and external audits, identifying gaps, and ensuring timely closure of audit findings. Collaborate with cross-functional teams, including IT, security, legal, and risk management, to ensure alignment on security compliance initiatives. Drive continuous improvement initiatives to enhance compliance posture, developing and enforcing security policies, procedures, and controls. Stakeholder Collaboration & Communication: Act as the primary liaison between teams and external auditors, certification bodies, and regulators. Build and maintain strong working with key stakeholders, including the CISO, CRO, DPO, Head of Cloud Engineering, IT, and legal teams, to ensure compliance objectives are met. Provide expert advice on compliance issues and support various departments with technical and policy-driven . People Management & Leadership: Lead, mentor, and develop a team of professionals, fostering a high-performance culture. Manage team workload, project , and career development, ensuring that the team is up-to-date with industry standards and compliance practices. Oversee team training programs to ensure sharing and skills development in compliance and audit. Project Management & Reporting: Lead compliance projects, including forecasting, resource planning, and reporting progress to leadership committees. Develop project timelines, track, and ensure timely delivery of compliance and audit activities. Provide regular reports and updates to management, including dashboards and key performance indicators (KPIs) to assess the organizations compliance and risk posture. Collaborate with internal teams to ensure smooth integration of compliance requirements into new and existing technologies, including AI, cloud services, and data privacy technologies. Strategic Planning & Operational Compliance: Contribute to the development of the organizations broader compliance strategy, aligning with industry trends and emerging regulations. Proactively identify potential risks and vulnerabilities and develop risk mitigation strategies. Lead operational compliance efforts across various functions, ensuring comprehensive coverage of security, privacy, and data protection requirements. Qualifications & Experience: Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field. A masters degree or MBA is preferred. Minimum 10-12 years of experience in IT compliance, audit, and information security, with specific experience managing ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and related certifications. Proven track record of managing compliance programs and leading audits across large, complex organizations. Strong leadership and people management experience, with a demonstrated ability to lead, develop, and motivate high-performing teams. Excellent project management skills with the ability to manage budgets, forecasts, timelines, and complex stakeholder requirements. Deep understanding of cloud security (Azure, AWS, GCP) and privacy standards, with experience working with cloud engineering and DevSecOps teams. Strong problem-solving skills with the ability to influence and engage with C-level executives and senior stakeholders. Certifications (Preferred): CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) ISO 27001 Lead Auditor/Lead Implementer HITRUST Certified CSF Practitioner Certified Cloud Security Professional (CCSP) PMP (Project Management Professional) or equivalent certification Skills: Strong technical knowledge in information security standards and frameworks. Exceptional communication and presentation skills, with the ability to articulate complex compliance issues to technical and non-technical audiences. Experience with AI and its implications n compliance, security, and data privacy will be an advantage. Proficiency in GRC (Governance, Risk, and Compliance) tools and software. Why Join Us? ZS is a global consulting firm; fluency in English is required. Candidates must possess work authorization for their intended country of employment. An on-line application, including a cover letter expressing interest and a full set of transcripts (official or unofficial), is required to be considered. ZS offers a competitive compensation package with salary and bonus incentives, plus an attractive benefits package. Opportunity to lead and shape the compliance landscape of a forward-thinking organization. Work with cutting-edge technologies in a collaborative, dynamic environment. Competitive compensation and benefits package.

3 - 15yrs exp in IT & IT Security across various levels Certified in ISO 27001: 2013 /ISO 22301:2019 Preferred Enterprise IT Governance including knowledge of IT risk management & controls Strong PPT creation & design Func as SPOC for IT GRC & Audits Required Candidate profile Manage establishment of operate & tech decision-making process to ensure IT svc are align to organization priorities & risk appetite Prep sec dashboards with KPIs, sec metrics for CISO presentations Perks and benefits +++ Mediclaim + 10% perf bonus + 30% Company Bonus

Job Description: You are Responsible for Below are the roles and responsibilities of the candidate Assists the senior management in defining the control objectives and monitoring compliance efforts. Manage organization's compliance with the Sarbanes Oxley Act. Develops processes to ensure compliance with all SOX requirements. Designs and administers internal controls over financial reporting relating to the IT automated controls. Reports test results to the top management. Review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to the senior management. Serve as a liaison between internal and external auditors. Stays abreast of changes in SOX regulations to ensure timely compliance. Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures. Responsible for maintaining and updating all aspects of the internal SOX compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls. Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Develop and conduct SOX compliance training for employees. To succeed in this role you should have the following Applicants should be a University Degree holder (preferably Master degree), CPA or Chartered Accountant (or equivalent), Certified Information Systems Auditor (CISA) with 5+ years of experience in Finance / Internal/ IT Controls/Audit and relevant business area. Knowledge of SOX and IT controls. Big 4 public accounting experience with Fortune 500 clients. Extensive knowledge of the internal control framework (specifically COSO) and a solid understanding of the concepts of control design and operational efficiency. Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts. Strong risk management experience, including: performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Experience working in a dynamic IT environment similar to a high tech start-up. Experience of solving multiple and complex challenges. Exposure in audit planning and execution, controls operation, and handling audit queries with external/internal auditors. Strong governance, risk and assurance management background which encompass knowledge of corporate governance, control framework and risk. Aptitude for leading teams; influencing and galvanizing others to follow you toward a solution. Ability to guide and train team members. Strong interpersonal written and oral communication skills. Solid organizational skills along with an aptitude for information technology. Excellent analytical skills Understanding of business drivers and related risk and ability to interpret the relevant management information is appreciated. Good communication and Analytical skills Having risk and controls mindset Ability to challenge and open to different views and opinions. Self-starter and ability to manage diverse cultural/ethnic sensitivities. Ability to deal effectively with complexity and having focus on details. Ability to prioritize and ensure delivery of priorities. Quick learner and resilient Mandatory Skills :Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

No. of Positions: 1 Contract Duration: 1 Year Shift Timings: General No.of Working days: 5 days Minimum years of experience: 4-6 years Is WFH available: NO Job Description: You are Responsible for Below are the roles and responsibilities of the candidateAssists the senior management in defining the control objectives and monitoring compliance efforts. Manage organization's compliance with the Sarbanes Oxley Act. Develops processes to ensure compliance with all SOX requirements. Designs and administers internal controls over financial reporting relating to the IT automated controls. Reports test results to the top management. Review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to the senior management. Serve as a liaison between internal and external auditors. Stays abreast of changes in SOX regulations to ensure timely compliance. Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures. Responsible for maintaining and updating all aspects of the internal SOX compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls. Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Develop and conduct SOX compliance training for employees. To succeed in this role you should have the following Applicants should be a University Degree holder (preferably Master degree), CPA or Chartered Accountant (or equivalent), Certified Information Systems Auditor (CISA) with 5+ years of experience in Finance / Internal/ IT Controls/Audit and relevant business area. Knowledge of SOX and IT controls. Big 4 public accounting experience with Fortune 500 clients. Extensive knowledge of the internal control framework (specifically COSO) and a solid understanding of the concepts of control design and operational efficiency. Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts. Strong risk management experience, including: performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Experience working in a dynamic IT environment similar to a high tech start-up. Experience of solving multiple and complex challenges. Exposure in audit planning and execution, controls operation, and handling audit queries with external/internal auditors. Strong governance, risk and assurance management background which encompass knowledge of corporate governance, control framework and risk. Aptitude for leading teams; influencing and galvanizing others to follow you toward a solution. Ability to guide and train team members. Strong interpersonal written and oral communication skills. Solid organizational skills along with an aptitude for information technology. Excellent analytical skills Understanding of business drivers and related risk and ability to interpret the relevant management information is appreciated. Good communication and Analytical skills Having risk and controls mindset Ability to challenge and open to different views and opinions. Self-starter and ability to manage diverse cultural/ethnic sensitivities. Ability to deal effectively with complexity and having focus on details. Ability to prioritize and ensure delivery of priorities. Quick learner and resilient Mandatory Skills :Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

Role & responsibilities Coordinate with the nodal authority for the implementation of Department for Promotion of Industry and Internal Trade (DPIIT)BRAP/State Government recommendations concerning client, and assist client in ensuring effective implementation and compliance by recommending process improvements for approvals. Assist in the development, implementation, and monitoring of systems in collaboration with the System Integrator. Prepare Functional Requirement Specifications (FRS) and Software Requirement Specifications (SRS) for the system. Provide recommendations and support for maintaining and designing online application software/serviceswhether existing or newly developed—integrated with Single Window Portal or any other platform designated by the State or Central Government, as required or suggested by client. Preferred candidate profile Should have done 5 IT Projects.