198 It Risk Jobs

The Risk & Control Specialist, AVP position in Bangalore, India, within the Risk, Finance, Treasury (RFT) Technology division of Deutsche Bank involves partnering with the CRO (Chief Risk Office) and CFO (Chief Financial Office) divisions. The CRO is responsible for identifying, managing, and mitigating Financial and Non-Financial risks, including Market & Valuation Risk Management, Credit Risk Management, and Non-Financial Risk Management. On the other hand, the CFO division oversees activities related to financial and regulatory integrity, such as PnL production, Financial control, Financial Reporting, Capital Management, Balance Sheet Management, and Liquidity & Treasury Reporting and Analysis. RFT Technology plays a crucial role in defining the IT strategy and providing solutions for managing Risk and Finance processes. As the regulatory landscape becomes more complex, Deutsche Bank has significantly invested in its infrastructure and platform capability. The Risk and Control Specialist supports RFT Technology Management by overseeing all aspects of the Audit lifecycle, including managing identified risks (Audit Findings) and self-identified issues, planning remediation actions, and monitoring and reporting progress. This role involves engaging with various stakeholders, including Divisional Risk Leads, Regional leads, Non-Financial Risk Management (NFRM), Group Audit, Chief Information Officers (CIOs), Development & Infrastructure Leads, Programme managers, Architects, and Production Support areas. The ideal candidate for this role should be high-performing, motivated, and eager to contribute towards reducing risk sustainably within the bank. Key Responsibilities: - Managing findings life-cycle events with finding owners/risk leads to ensure timely resolution - Collaborating with internal teams to promote Risk and Controls standards - Advocating DB Policies, Procedures, and Controls to facilitate successful remediation - Coordinating with Portfolio Owners/risk leads for upcoming audit schedules - Participating in Risk and Control meetings to review remediation status - Ensuring timely risk reporting and proactive engagement with management - Identifying potential areas of non-compliance or risk and proposing risk mitigation strategies Skills And Experience: - 8+ years of experience in SDLC/STLC engagement, with minimum 2 years in IT Risk and audit - Strong team player with excellent collaboration skills - Ability to manage multiple tasks, prioritize workload, and work under pressure - Strong analytical and problem-solving skills - Excellent written and verbal communication skills - Desire for continuous learning and upskilling - Comfortable with ambiguity and extracting meaningful risk insights - Ability to assimilate large amounts of information quickly The position offers various benefits, including a best-in-class leave policy, parental leaves, childcare assistance, sponsorship for certifications, Employee Assistance Program, Hospitalization Insurance, Accident and Term life Insurance, Health screening, and more. Deutsche Bank fosters a culture of empowerment, responsibility, commercial thinking, initiative, and collaboration, aiming for excellence together every day. Apply now to join Deutsche Bank Group and be part of a positive, fair, and inclusive work environment. For further information, visit our company website: https://www.db.com/company/company.htm,

Good experience in in the areas of, ITGC ,ITAC, IT audits, SOX / ICFR / IFC / SAS 70 / SSAE / SOC, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits Knowledge of ERP s like SAP / OFIN / JDE / etc and their native application controls. Must have hands on experience or led projects to comply with regulatory requirements / international standards like (SSAE / ISAE / SOX, PCI, ISO 27001) and good practices (COSO, COBIT) relating to information security. Must have Excellent English skills, excellent presentation skills, excellent soft-skills (influencing & negotiation) Team management skillset is mandatory In our Risk Assurance team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Assist client in identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services Understand clients business environment and basic risk management approaches Project Management: Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions Play substantive/lead role and engagement planning, economics, and billing Generate innovative ideas and challenge the status quo Participate in proposal development efforts Participate in "add-on" sales to client Membership and visibility in professional & civic organizations Identify opportunities to cross-sell other services Build and nurture positive working relationships with clients with the intention to exceed client expectations Qualification and Certification: Chartered Accountant and/or MBA with Finance/IT Certifications of CISA, CISSP, CISM, ISO27001 preferred Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. In addition to living our purpose, employees across our organization: Builds own understanding of our purpose and values; explores opportunities for impact Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent Understands expectations and demonstrates personal accountability for keeping performance on track Actively focuses on developing effective communication and relationship-building skills Understands how their daily work contributes to the priorities of the team and the business

Are you ready to make an impact at DTCC Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional developmentAt DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. Pay and Benefits: Competitive compensation, including base pay and annual incentive Comprehensive health and life insurance and well-being benefits, based on location Pension / Retirement benefits Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). The Impact you will have in this role: Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture. Your Primary Responsibilities: Set up, customize, and maintain SAST tools (e.g., SonarQube, Fortify, Checkmarx, Veracode) to align with project-specific requirements. Perform manual and automated code reviews to identify and advise on secure coding issues. Integrate SAST tools into CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.) to support shift-left security. Work with development teams to fine-tune SAST rules, reduce false positives, and ensure meaningful results. Assist developers in understanding and fixing security issues by providing actionable feedback. Implement basic security checks for Infrastructure as Code (IaC) and secrets detection in repositories. Collaborate with DevOps teams to ensure security tooling is seamlessly embedded into build and deployment workflows. Qualifications: Minimum of 4 years of related experience Bachelors degree preferred or equivalent experience Talents Needed for Success: Fosters a culture where honesty and transparency are expected. Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date. Collaborates well within and across teams. Communicates openly with team members and others. Resolves disagreements between colleagues effectively, minimizing the impact on the wider team. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. Please contact us to request accommodation .

About the Role: As the IT Security Associate Director, you will lead the execution of complex cybersecurity projects with substantial autonomy. Your expertise will guide the strategic cybersecurity planning and policy-making processes. You will ensure alignment with organizational goals and provide critical security insights that drive our mission forward. Wolters Kluwer is seeking a strategic and technically skilled Cybersecurity Reporting & Metrics Associate Director to drive the design, automation, and delivery of security and risk reporting across the enterprise. This role will lead the creation of dashboards and visualizations that provide insight into key domains including cybersecurity awareness training, risk programs, control effectiveness, and risk indicators and triggers across all Global Information Security domains. The ideal candidate has a strong background in cybersecurity, cloud, automation, Microsoft Systems and tools, general IT Risk, and control/governance knowledge. Additionally, this person will have hands-on experience in reporting tools like PowerBI and creating automations and integrations with ServiceNow. As a critical thinker and problem-solver, this person will help elevate the Company s security posture by delivering consistent, insightful, and action-oriented reporting. Responsibilities: Design, build, and maintain dashboards and reports that measure cybersecurity performance and risk across key programs including but not limited to: Security awareness and training, Cloud and IAM tooling and systems , Vulnerability management sources, Risk identification and mitigation, Control effectiveness, and Internal KPIs and metrics related to operational capabilities and internal demand management Automate recurring reporting processes using tools such as Power BI, Excel Power Query, and Power Automate amongst others to enable actionable insights and self-service Strong knowledge of ServiceNow across demand and intake modules, as well as vulnerability management and GRC/IRM modules and features Define and manage cybersecurity KPIs/KRIs in partnership with the security team and integrating feedback from key partners including HR, Legal, and business units Strong knowledge of key metrics related to core security capabilities such as training and awareness, vulnerability management, cloud security, identity, and access mgmt. Understanding of technical security and risk related domains to enable KRI development, triggers, and ongoing management of key cybersecurity programs and outcomes Work closely with capability owners to source, structure, and govern data across diverse systems and repositories Create and maintain executive-level reporting packages and presentations that support security governance forums, audits, and regulatory reviews Establish consistent standards for report quality, accuracy, and delivery timelines Translate complex technical security data into clear, business-relevant visuals and insights Support continuous improvement of cybersecurity programs by identifying reporting gaps, opportunities for automation, and metric-driven trends Serve as the technical reporting SME within the cybersecurity function, helping to align business insights with security data points Skills and Qualifications: 14+ years of experience in cybersecurity or Information Technology Experience in reporting across various security programs including training and awareness, phishing, cloud security, IAM, vulnerability management and overall IT risk and governance Strong reporting skills and attention to detail Knowledge of resource management practices and HR tools such as Workday, Clicktime, and deep understanding of ServiceNow and its core IT Security and Demand management modules and capabilities Expert level powerbi/visualization skills Experience delivering outcomes without direct control over stakeholders and behaviors, able to influence and drive actions Ability to collaborate and build relationships with cross-functional teams, senior management, technologists, and external stakeholders. Analytical mindset with excellent problem-solving skills, attention to detail, and ability to interpret regulatory requirements and assess their impact on business. Self-driven and ability to identify actions / goals and drive them through completion with minimal oversight

At EY, you have the opportunity to shape a career that reflects your uniqueness, supported by a global network, inclusive culture, and cutting-edge technology to help you reach your full potential. Your distinct voice and perspective are valued in contributing towards making EY even better. Join us in creating an extraordinary experience for yourself while striving towards a better working world for all. As a Technology Risk Manager at EY, you will play a pivotal role in IT Risk and Assurance client projects and internal initiatives. Building and maintaining relationships, identifying business opportunities, and proactively addressing risks are key aspects of your responsibilities within the EY- Technology Risk team. You will have the chance to lead as a Manager within the EY- Technology Risk Team, contributing to the growth of a new service offering and shaping the direction of the firm. Your primary duties include evaluating control portfolios, ensuring compliance with policies and standards, supervising control assessments, and providing valuable insights to clients for enhancing processes and managing risks effectively. Key Responsibilities: - Conduct assessments of control design, operating effectiveness, and risk management outcomes - Ensure accuracy, effectiveness, and timely delivery of assigned control assessments - Manage relationships with control owners and stakeholders, resolving issues and escalating when necessary - Apply risk management concepts to identify and formulate findings, offering insights for process improvement - Stay updated on regulatory standards, industry best practices, and control frameworks Skills and Attributes: - Ability to guide team members and perform procedures related to complex issues - Experience in information security assessments and audits - Proficiency in conducting NIST assessments, ISO assessments, and privacy impact audits - Strong project management skills and understanding of complex information systems - Extensive knowledge of clients" business/industry to identify technological impacts Qualifications: - Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with a minimum of 6 years of experience - Significant experience in technical knowledge relevant to IT assessments and audits Preferred Qualifications: - Familiarity with program and project management practices - Understanding of IT systems development life cycle EY offers a dynamic work environment where you can collaborate with talented individuals globally and engage with leading businesses across diverse industries. Your growth and development are prioritized, supported by coaching, feedback, and opportunities to enhance your skills and advance your career in a way that suits you best. Join EY in building a better working world through creating long-term value, fostering trust, and providing innovative solutions to complex global challenges.,

Job Description: Job Title: Divisional Risk and Control Analyst TDI Controls Testing & Assurance, AS Location: Pune, India Role Description Infrastructure Chief Operating Office (COO) is responsible for the effective operation of the infrastructure functions, driving operational efficiency whilst supporting the effective delivery of infrastructure services in line with business objectives and control requirements. It also includes oversight of Infrastructure Divisional Control Office (DCO) and Trade Settlement and Confirmations Operations (TSCO). Infrastructure Divisional Control Office (IDCO) as part of Infrastructure COO, provides services to multiple functions in infrastructure. The IDCO function is a dedicated risk, control, and regulatory oversight function, with prime responsibility for managing and proactively mitigating risk across the full breadth of the Technology and Infrastructure organization. Function also provides a consolidated view and central coordination of (non-financial) risks, as well as effective, efficient, and consistent standards and policies. (Technology Data & Innovation) TDI Control Testing & Assurance team part of IDCO identifies, tracks and reports control testing & assurance activities, conducts independent controls testing (design and operating effectiveness) on different risk types in line with the Control Testing Standards. The team also focuses on regulatory and risk-based assurance requirements. This role is within TDI Control Testing & Assurance team. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Perform Control Testing in line with Control Testing methodology/minimum standard Identify control deficiencies (findings), risks related to elements of controls, participate in findings agreement with stakeholders, escalate potential issues and exception items noted during the testing to senior management for discussion and further investigation, if deemed necessary Prepare Control Testing workpapers for senior management detailing testing results, document findings with highest quality Track Control Testing identified findings, perform required follow-up on open findings Consider regulatory and internal firm policy requirements as well as established best practices for control assurance. Support controls assurance activities Support in monitoring Control testing teams adherence to Control Testing methodology/minimum standards Support, contribute in managing Control Testing vendor resources, where applicable Track testing related effort/budget Plan Vs. Actuals throughout the testing lifecycle Build and maintain solid working relationships with key stakeholders such as within the DCO, IDCO, TSCO, GTI and other Testing Teams including Divisions/sub-divisions, 2 LoD and Group Audit (GA) Your skills and experience University degree preferably in Computer Science, Mathematics, Engineering or a related subject or equivalent qualification in the areas of information security. Professional/industry recognized qualifications e. g. , CISA, CISSP, CISM, CRISC are beneficial. Experience in Cloud Security audit/testing, GCP (Google Cloud Platforms) or Professional/industry recognized qualifications e. g. , CCSP, CCSK will be an advantage Good knowledge of auditing IT application controls, e. g. , from IT audits or IT risk management. Understanding of the relationship between IT risk and underlying business process risk. Knowledge of regulations governing financial institutions is beneficial. Strong written and verbal communication skills and the ability to communicate effectively in conflict situations. Strong organizational skills and attention to detail. Ability to work under pressure, multi-task and prioritize workload. Strong analytical skills and structured thought process with the ability to clearly articulate control deficiencies and related risk Flexible, proactive, and innovative mind set with strong organizational skills to take ownership and responsibility for agreed targets and to meet them within budget to enable a timely and efficient completion of projects. This is an IC (individual contributor) role. How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. https://www. db. com/company/company. htm Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Job Description: Job Title- Project Manager (Audit Functions/Transformation) TDI Engineering Location- Pune, India Corporate Title : AS Role Description The TDI Engineering unit is responsible for all desktop, end user automation, engineering, and collaboration tools within the bank. The goal of this unit is to provide enterprise development tools as services for teams across Deutsche Bank, enabling them to reach higher levels of maturity in their process. These services consist of all necessary to support teams from initial Program/Project investment governance decisions and subsequently management through development, testing, deployment as well as compliance with the Bank s software processes. Tools such as Bitbucket, JIRA, Confluence, TeamCity, Artifactory, MF ALM. The Developer Tools Project Portfolio has multiple Programs/Initiatives driven by Regulatory/Audit-finding based remediation, Strategic Programs e. g. , Cloud (GCP) migration (of tools, as part of a larger, bank-wide Programme), Developer Experience initiatives and Migration to new tools. The Project manager will manage sub projects under a set of these Programs. A Programme is a group of related projects that together deliver the intended value of a business case. Project manager functionally reports to the Programme Manager. The Project Manager will be part of TDI engg support Audit remediation or Internal initiative projects in Candidate/application functions. We are searching for a candidate with a good understanding of IT risks and controls. This role is integral in supporting the function in complying with the Non-Financial Risk Management framework including the Findings Management Policy (FMP). The project manager will work with subject manner experts, across TDI engg, Group Audit and Non-Financial Risk. This is an exciting opportunity for a high-performing and motivated individual to help shape the technology infrastructure in response to demanding regulations making a real impact on the profitability and reputation of the organization. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy. Gender neutral parental leaves Sponsorship for Industry relevant certifications and education Comprehensive Hospitalization Insurance for you and your dependents Accident and Term Life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities To deliver the required output whilst managing the costs to budget, delivering the business benefits according to plan, identifying project delivery risks and proposing mitigations as required Manage the execution, track deliverables, budgets (on the bank-wide Portfolio Management system e. g. , dbClarity) Establish and drive the governance for this Program including TDI(IT)-wide stakeholders Engage with a variety of stakeholders within the bank, other Programme Managers, Project Management Offices/COO functions to effectively steer the Programme Ensure that the Project Team (Engineering, Policy teams, Operations teams, Product Owners) are appropriately aligned to the Programme and its deliverables Provide MI and reporting on a periodic basis to the stakeholders Understand the expectations of the CAF (Central Approval Function), DCRO & Auditor on all audit procedures and help the project team articulate the SII Forms, Closure packs and Remediation plan accordingly. Coordinate with Portfolio Owners/SPOCs for the upcoming audit schedule and request if any potential SIIs are to be raised for the audit scope. Support application leads/delegate on closure documentations (Include Finding & Action Level). Responsible for doing the first pass reviews of all Life Cycle Events before it is submitted to CAF (Central Approval Function). Participate in Weekly and Monthly Status calls with Portfolio owners / CIO-1, GCIO Embedded Risk Manager and Divisional Compliance officer to update the status of the remediations. Coordination and management with Portfolio Owners/Delegates, ERT, Control Owners, CAF members & collaboratively work with them to address the requirements to close the remediation on time. Work with domain leads to tracking all remediations to ensure timely closure without any KPI impact. Prepare for the monthly Governance meetings MB-1, CIO and CIO-1 Level. Support the delivery risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance, and validation. Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums. Identify and evaluate potential areas of non-compliance or risk, assessing impact, probability and present findings and proposals for risk mitigation measures. Familiarize with policies, procedures, and internal documentation, as well as management models pertaining to Deutsche Operational Risk & Findings Management. Manage and deliver the critical book of work for Risk & Controls. Establish a proactive risk culture with simplified governance, improved application stability and investment in reduction of manual support activities. Your skills and experience Overall 10+ years of experience in any of the SDLC/STLC engagement and minimum 3 years on risk and audit related experience in IT Risk. Previous experience with IT risk assessment, audit, controls validation and emerging risk identification. A strong team player comfortable in a cross-cultural and diverse operating environment. Result oriented and ability to deliver under tight timelines. Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling. Must be comfortable with navigating ambiguity to extract meaningful risk insights. Excellent verbal and written communication skills Ability to work independently, plan, organize, prioritize, and meet deadlines in a rapidly changing environment. Ability to assimilate large quantities of information in short periods of time. How we ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs https://www. db. com/company/company. htm Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Job Description: Job Title: ITAO, AVP Location: Pune, India Role Description IT Application Owner (ITAO) is accountable for the Application Management of a single or a portfolio of applications. The ITAO must ensure that the application(s) are enhanced and maintained in accordance with the Bank s IT Security Risk and Compliance requirements of the client and other stakeholders as included in the application strategy and service levels. The ITAO identifies and manages the risks and issues associated with the application(s) and escalate appropriately What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Position Specific Responsibilities and Accountabilities Guidance for setting out the responsibilities and tasks to be carried out in the position: The IT Application Owner is in charge of a broad set of duties. On one hand, ITAO has a management responsibility for an application instance. On the other hand, the ITAO is requested to provide detailed administrative information in self-assessments to comply with the IT Policies Standards of the Bank. The latter can be mostly delegated, but always stays in the responsibility of the ITAO. The following are typically some of the tasks for which an ITAO is responsible for: Disaster Recovery activities by reviewing DR plans and coordinating the execution of DR exercise for the application. Manage remediation of gaps in application lifecycle management activities such as Account recertification, remediation of Application configuration gaps etc. Manage application related Risk and Compliance Evaluation tasks and resolution of gaps in this area. Manage any IT Security incidents that may occur in the application. Plan and Manage Application events and Database Events monitoring using Bank wide standard monitoring tools. Manage application capacity forecasting and monitoring. Plan and manage Application user access related tasks. Infrastructure Activities - Server Procurement, Server Activation, server Decommission Plan for Application Hardware / Software / License upgrades or migration activities to align to the compliant platforms. Close Coordination Collaboration with Internal Stakeholder/ External Stakeholders and Vendors Strong Logical Aptitude to understand the overall Application and root out the gaps wherein required Good Questioning skills to understand the Root Cause of the request ITAO should have basic technical capabilities and infrastructure knowledge. Onboard application onto Deutsche Banks IT Risk and control related tools Interface with Internal and External Auditors for IT Audits and self-identified issues in order to reduce risk. Identify IT Risk and control related gaps based on the knowledge of application and Deutsche Bank policies Remediate IT related Audit Findings and IT Risk and control related issues Your Skills Experience ITAO should have basic technical capabilities and infrastructure knowledge. Onboard application onto Deutsche Banks IT Risk and control related tools Interface with Internal and External Auditors for IT Audits and self-identified issues in order to reduce risk. Identify IT Risk and control related gaps based on the knowledge of application and Deutsche Bank policies Remediate IT related Audit Findings and IT Risk and control related issues How we ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

About The Role : Job Title Technology Risk Manager Corporate Title Director Location Pune, India Overview Our Corporate Bank group is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. This means that technology is more important than ever for the business. The CIO Corporate Bank (CB) division sits in the Banks Technology, Data and Innovation (TDI) group. The Risk and Control (R&C) team ensures the Bank's technology control priorities are effectively implemented across CIO - CB. The R&C team offers dedicated support for each Chief Information Officer (CIO) business line, advisory services for control responses, and program management services for broad control uplifts. The team's mission is to reduce the organization's technology risk exposure by implementing key bank controls, ensuring appropriate and timely resolution of audit and regulatory issues, and participating in the Bank's design of control implementations. Therefore, a role on the R&C team is integral in supporting the front-line management in identifying, assessing/measuring risks, developing/implementing remediation actions, and monitoring risks. We are looking for a technology risk manager (also known as embedded risk team lead) to join the Risk & Control team to ensure robust and sustainable control governance across CIO CB, in particular for CB Data and head for India Risk and Control team. You will be responsible for supporting the CB Chief Data Office in managing audit/regulatory/self-identified findings, participating in regulatory and audit exams, monitoring stakeholders compliance with key risk indicators, and ensuring controls are implemented effectively and sustainably. Your role will be integral in supporting the front-line management in identifying and assessing/measuring risks, determining remediation plans, monitoring levels of risk, and implementation of remediation. You will work directly with CIO-1s, the CIO Corporate Bank Risk Leads, senior technology management, business and operations stakeholders, regulatory management, and other embedded risk teams and will represent CB Risk & Control . As a senior member in the region, you will spearhead risk initiatives within the region and will oversee India applications. As a Tech Risk and Controls Director, you will play a pivotal role in shaping and implementing the firms technology risk management strategy. What well offer you 100% reimbursement under child care assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your Key Responsibilities: Partner with CB CDO, in risk management and control implementation. Create deep and productive relationships with the teams and finding owners for audit/regulatory/self-identified issues to ensure overall risk posture for the area is improved. Support CIO-1 portfolio(s) in managing audit/regulatory/self-identified findings to ensure appropriate and timely resolution of risks/gaps in controls, and resolve non-compliance with Bank policies, procedures and processes and non-compliance with regulations and laws. Review and revise findings lifecycle event documentation. Provide strategic direction on risk management matters to senior leadership including implementation of detailed data driven narratives to inform leadership of risks related to IT and Cybersecurity topics. Provide credible challenge across all information technology and cybersecurity enabling business growth while ensuring that risks remain within appetite. Participate in, and coordinate with technology stakeholders, on internal and external audits and regulatory exams Ensure Risk & Control topics and standards are effectively included in all Change Programs related to CB Data, in particular within the perimeter of the EDM Program. Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified technology issues Support application teams in control implementation requirements Ensure risk remediation programs are initiated and executed. Design and implement processes to test effectiveness and sustainability of technical controls. Develop strategies for reducing the risk exposure of CIO CB portfolio(s), including preparedness of critical applications for audit and regulatory exams and working with application owners to address and prevent common risk issues Assist application owners and other technology stakeholders in identifying and documenting risks and developing remediation Tracking and reporting on CIO CB portfolio(s) key risk indicators (KRI) and control uplift programs. Assisting application owners in developing plans to ensure compliance with KRIs. Close control gaps. Ensure risk remediation programs are initiated and executed in line with the Banks policies, procedures and standards. Work with the application teams and control owners to identify and resolve potential issues in control design. Advise on effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling. Create risk awareness and positive attitudes through specialized trainings and educate the wider Corporate Bank CDO stakeholders regarding Risk & Control. Develop and guide a culture of talent development to meet business objectives and strategy. Your Skills and Experience: Excellent communication skills, both written and verbal to present ideas and concepts effectively Extensive experience (15-20 years) in technology risk management and risk advisory Strong understanding of three lines of defense model and compliance frameworks, Experience with regulatory environments and financial services technology. Robust knowledge and experience of data risks, in particular data-related technology controls, - policies, - standards and - tools Excellent analytical and investigatory skills to identify underlying technology issues Extensive experience in assessing risk, writing issues, and developing appropriate corrective actions Demonstrate viable solutions and problem solving Relevant experience working with auditors, regulators and external auditors on exams, reports and information requests Prefer experience with designing and testing technology controls and processes Prefer technical background (application development, infrastructure engineering, etc.) How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Job Description: Job Title: Risk and Controls Specialist, VP Location: Bangalore, India Role Description: The 1st line GTI Risk and Controls function is part of Group Technology Infrastructure (GTI), which is a division of Technology, Innovation and Data (TDI) of Deutsche Bank Group. As part of the GTI Risk and Controls team, you will contribute towards DB strategic goals to improve operational resilience and reduce risk. Specifically, you will support a proactive risk management function. As such, your role will be focused on risk identification and remediation activities. Additionally, you will use your expertise to plan and execute thematic risk assessments as well as supporting risk scenario testing and macro threat assessments. What we ll offer you: As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities: GTI Risk Management (InfoSec) Serve as the IT Security delegate for the CIO Unit (i.e. GTI), managing a team of Analysts / Associates / AVPs. Drive InfoSec Controls compliance activities / InfoSec Controls implementation facilitation management responsibilities. Steer IT Security initiatives and programs. Interface with application-level teams and app owners to facilitate and support remediation activities and consequent adoption of compliance solutions for the GTI applications estate across the CSO mandated security control domains. Manage stakeholders across InfoSec Control areas and multiple InfoSec Governance Forums. Orchestrate periodic reporting activities and deliverables governing the InfoSec controls compliance space. This role holds the ownership of various InfoSec reporting outputs / work-products. Coordinate closure actions related to SII/Findings within the Findings Management space. Provide GTI ERTs with InfoSec SME support wherever required. Work with the associated D-CISO (Divisional Chief Information Security Officer) for maintenance of Divisional ISMS (Information Security Management System) over IT assets and processes. Support the implementation of IT Security requirements and ensure overall Information Security posture is within agreed Risk Appetite. Work in close collaboration with the CIO area (i.e. GTI) level application teams and the technical security structure embedded within the CIO-1 units namely the DTISOs/TISOs (Divisional Technical Information Security Officers). Steer IT Security initiatives and programs. Ensure all members of the IT Security organization are trained and have completed the curriculum specific to their assigned roles. Advise and report on Technical Information Security topics. Report regularly on the status of IT Security to the CIOs, relevant IT senior management and to key stakeholders. Additionally, Report to the associated Divisional CISOs on handling of information security topics, issues and risks. Support the Divisional CISO in managing Information Security topics for Technical Security Matters. Ensure effective and efficient communication of all IS requirements and decisions within their IT Security organization. Stakeholder Management Identify, Partner, and Collaborate Establish relationship with the DTISO/TISO community within GTI to ensure effective and robust support towards InfoSec realm of activities. Partner with the CSO teams to ensure alignment towards Group wide CSO mandated InfoSec controls and standards. Collaborate closely and proactively with the DTISO teams to manage the alignment towards InfoSec control requirements. Promote and support proactive IT risk culture at the Bank. Your skills and experience: Desired experience 15+ years of experience as Risk and Control Lead in designing and implementing Technology risk framework in a global organization. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001. Knowledge of Agile change delivery methodology, DevOps and Shift left concepts. Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains. Other professional qualifications and certifications in Technology risk management. Desired behaviors A strong team player able to operate in a cross-cultural and diverse operating environment. Result oriented and ability to deliver under tight timelines. Proven ability to lead a team Ability to successfully resolve conflicts in a globally matrix driven organization. Excellent communication and collaboration skills. Desire to learn about new and emerging technologies and continuous upskilling. Must be comfortable with navigating ambiguity to extract meaningful risk insights. How we ll support you: Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

About Cyber BDO India cyber security practice is one of the fastest growing areas of the business with significant ambition for the future through additional recruitment and acquisition. As part of our cyber team / tech risk you will be managing teams and projects delivering advisory and technical support to help our clients to improve their information / cyber security posture and respond to the dynamic nature of technology risks / cyber security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build and deploy pragmatic security solutions that will provide real and tangible benefits to protect their organisations. Furthermore, often carryout out IT Risk Assessments in line with industry better” practices (NIST / ISF / Cloud Security / etc.), regulatory mandates (RBI / IRDAI), and various compliance standards focusing on data security, data privacy, etc. Details: Position Title Info Security – ISMS Location Gurugram Department BAS Cyber Key Responsibilities: • Implement and maintain the ISMS framework in accordance with ISO/IEC 27001 standards. • Conduct risk assessments and assist in developing mitigation strategies. • Perform internal audits and support external audits for compliance certifications. • Develop and maintain ISMS documentation including policies, procedures, and reports. • Monitor and report on ISMS performance metrics and KPIs. • Coordinate with cross-functional teams to ensure security controls are effectively implemented. • Stay updated with regulatory requirements and industry best practices. • Support incident response and business continuity planning activities. • Implement and maintain framework according to ISO/IEC 42001 standards. • Conduct AI risk assessments, focusing on data privacy, model integrity, bias, and ethical considerations. • Develop and maintain documentation for AI governance, including risk registers, impact assessments, and control matrices

Key Responsibilities: Perform audits and assessments of internal controls (regulatory compliance Audits, ISO 27001, NIST, GDPR, HIPAA, etc.). Conduct risk assessments and develop mitigation plans across IT and business processes.

Role Responsibilities of the position in brief: Provide support to regional stakeholders in day-to-day risk management of Electronic and Algorithmic trading activities. Ensure compliance to EAT Risk policies and procedures by periodic reviews and reporting. Engaging with stakeholders across divisions and regions to ensure timely deliveries. Provide support for running of Risk Committees, Forums and preparation of meeting materials. Review and analyze Electronic Trading relevant incidents and facilitate reviews of lessons learned and cross-functional reviews. Coordinating regulatory attestations like MiFID II attestations. Facilitate the annual control attestation process. The process involves understanding the process, controls and ensuring that the controls are adequate. Review new and upcoming Electronic and Algorithmic Trading specific regulations. Support regions in performing gap analysis with the Firm s Stakeholders to determine level of compliance, gaps, and remediation plans. Contribute to the continued development of the Algo Control Framework and work with key stakeholders to embed new processes. Key Skills: Ideal candidate will have decent understanding of the four key areas as below. At the minimum, we expect candidate to be we'll-versed with at least one of the below four: Understanding of Electronic and Algorithmic Trading activities Risk Limit Management in Market Risk - setup, adjustment, review and breaches Non-financial and Operational Risks - RCSA, OpRisk Events, Risk Assessment Technology Risk - Understanding building blocks of the tools, relevant risks. A candidate with prior experience in IT Risk and Control / Algo Trading Risk / e-Trade Support / e-Trade Operational Risk would be preferred. Strong written and verbal communication skills with the ability to engage with all levels of management. Understanding of Policies and Compliance would be added advantage. Technical fluency. Specifically, must have the ability to simplify technical concepts to present effectively to a non-technical audience. An ability to remain objective and to independently raise areas of risk exposure. Ability to effectively collaborate with multiple stakeholders including compliance, legal, internal audit, risk managements and senior business partners. Strong project management skills with the ability to handle multiple deliverables. Working knowledge of the following is preferred: Understanding of any one of the assets classes (Equity / FX / Rates) - Rules and regulations relating to electronic trading including but not limited to MiFID II, PRA, FCA, CFTC, Dodd Frank, MAR etc. Knowledge about Algorithmic and electronic trading workflows: algorithmic trading strategies, smart order routing, order management systems, auto hedging, pricing and RFQs, dark pools, FIX protocol etc. Fundamentals of IT change, Technology platforms and standard control requirements Education UG: B.Tech/B.E. in Any Specialization PG: MBA/PGDM in Any Specialization, CA in CA

As a Risk Professional specializing in Enterprise Risk and Controls at Fiserv, you will play a crucial role in the organization's Enterprise Risk and Controls team. Your responsibilities will include conducting Third Party Risk Assessments for vendors and providing support for PCI and SOC audits as part of the company's Third-Party Audit initiatives. This role is perfect for professionals who are adaptable and keen to contribute to various risk programs within the department. Your primary focus will be on the Third-Party Risk Management (TPRM) function. You will be responsible for gaining a thorough understanding of security policies, standards, and related processes within the TPRM program. Utilizing your strong assessment abilities, you will ensure that vendor-related risks are identified, evaluated, mitigated, and continuously monitored to maintain the highest standards of security and compliance. Key responsibilities will include driving collaboration between cross-functional stakeholders, contributing to TRPM Risk transformation projects, performing due diligence on vendor outsourcings, conducting third-party risk assessments, and reviewing documentation related to security policies and processes. You will also be responsible for monitoring and tracking risks through closure, maintaining auditable results, and participating in regional and global TPRM governance forums. To be successful in this role, you should ideally have a Bachelor's or Master's degree from an accredited university, experience in IT Risk and Compliance Management or Information Security domain, good interpersonal and communication skills, and the ability to work effectively within a matrixed organization. Proficiency in MS Office tools and exposure to Governance, Risk, and Compliance (GRC) tools are also required. Additionally, having financial services experience, knowledge of IT audit, ISO 27001, ITIL, Vendor Risk Management processes, and industry certifications such as CISA, CRISC, CTPRA, ISO 27001 LA/LI, ISO 31000 would be beneficial. The role requires working the 1 PM to 10 PM IST shift. If you are someone who thrives in a dynamic environment, enjoys collaborating with diverse stakeholders, and has a passion for maintaining the highest standards of security and compliance, then this role as a Risk Professional Enterprise Risk and Controls at Fiserv could be the perfect fit for you.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Risk consultant, you'll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for Senior Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Participating in IT Risk and Assurance engagements. - Working effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. - Helping prepare reports and schedules that will be delivered to clients and other parties. - Developing and maintaining productive working relationships with client personnel. - Managing reporting on assurance findings and ensuring control owners take remediation action as required. - Identifying, leading, and managing the continuous improvement of Internal Controls through the implementation of continuous control monitoring and automation. - Reviewing evidence of compliance for adherence to standards. - Understanding key domains of compliance controls, including change management, access to system, network and data, computer operations, and system development. - Staying current with and promoting awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. - Understanding Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Conducting performance reviews and contributing to performance feedback for staff. - Adhering to the Code of Conduct which sets the standards of behavior, actions, and decisions expected from EY's people. Skills and attributes for success include: - Experience in application controls and Information security experience. - Understanding of risk management systems and processes. - Ability to build relationships with key stakeholders across different levels of seniority. - Strong written and verbal communication skills. To qualify for the role, you must have: - Preferably a bachelor's degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA. - Minimum of 1-2 years of experience in internal controls and Internal Audit. - Enterprise risk services with a specific focus on IT and related industry standards. - IT Risk Assurance framework. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Preferred security skills related to a broad range of operating systems, databases, or security tools such as UNIX, Linux, Windows 2000 and NT, firewalls, and IDS systems. - Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM. - Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT. - Experience of security testing methods and techniques including network, operating, and application system configuration review. - Application controls and security experience: sensitive access and SOD testing, controls testing. - Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. - Preferred Certifications: CISA. What we look for: We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

7 years’ experience in IT SOX/ITGC, SOC1/SOC2, ITACs, and Information Security Audits Knowledge of IT infrastructure, preparation of Risk & Control Matrix Audit Knowledge of Emerging Technology-Cloud infrastructure, Regulatory compliance requirements Required Candidate profile IT SOX/ITGC, SOC1/ SOC2 and Information Security Audits. Certifications: CISA, CISM, ISO 27001 LA/ LI, CCSK, Certification son Data Privac

Big 4 Hiring in large number IT AUDIT PROFESSIONALS - ACROSS INDIA MEGA DRIVES Call on : 9359055605 /7208835287 Call: 7738402343 Mail: divyani@contactxindia.com Mail : zeenat@contactxindia.com Role & responsibilities Minimum Degree Required: Chartered Accountant or Bachelors Degree Required Fields of Study: Accounting, Finance, Management Information Systems, Computer Science, Economics, Business Administration/Management, Engineering, Mathematics, Statistics , and/or other relevant degree. Minimum Years of Experience: Four years of experience in IT auditing, auditing, consulting and/or implementing experience. Oral and written proficiency in English required. Preferred Knowledge/Skills: Demonstrates thorough knowledge of providing services related to controls around the financial reporting, compliance and operational processes, including business process and IT management controls, which includes a proven record of success with facilitating and completing deliverables involving the following: Financial reporting and information technology risks, processes and controls; Current and emerging technologies which may include: Oracle, SAP, Oracle Database, web development tools, virtualization, UNIX, Linux, and security technologies; COSO Framework, CoBIT and/or other leading business and IT control frameworks; and, Key domains of information technology general controls, including change management, access to programs and data, computer operations and systems development. Identifying key risks and controls, knowledge of Sarbanes Oxley readiness, controls optimization, including the configuration of controls around security, business process and within IT environments; Applying internal control principles and business/technical knowledge working experience applying professional skepticism skills; Leading the execution of a work program and practice aid, as well as perform assessments, using Company proprietary or other relevant tools to evaluate controls, security, SOD, and potential for optimization; Exhibiting project management skills, including developing project plans, budgets, and deliverables schedules; Creating a positive environment, monitoring workloads of the team while meeting client expectations, and respecting the work-life quality of team members. This includes providing candid, meaningful feedback in a timely manner and keeping leadership informed of progress; and, Interacting with clients on solutions and executing projects on client engagements, forming client relationships and demonstrating an understanding of the client's business. Preferred candidate profile

Role & responsibilities Project delivery for skills ISO 27001, SOC 1&2, GDPR, Risk Assessment, SOX, HIPPA, HITRUST, etc. Hands on experience and/or working knowledge. Knowledge on laws, framework, and regulations pertaining to information security standards - ISO27001, NIST CSF, SOC, Privacy. Conduct third party risk assessments & vendor risk assessments in alignment with company security policies and industry standards. As part of the SRC team deliver on engagements related to information security, cyber security, risk management and privacy for our customers across the globe. Responsible for managing and delivering on accounts in accordance with SISA quality guidelines & methodologies. Execute the engagement requirements, prepare and validate reports and schedules that will be delivered to clients and other parties. Work effectively as team lead and managing the team members, sharing responsibility, providing support, maintaining communication and updating management on progress. Develop and maintain productive working relationships with client personnel. Prepare status updates and prepare management presentations etc. Actively contribute to improving operational efficiency on projects & internal initiatives. Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. Understand and follow workplace policies and procedures. Flexible to travel to client location for the project delivery. Conducting research, surveys and interviews to gain understanding of the business. Assessing the pros and cons of possible strategies. Compiling and presenting information orally, visually and in writing.

About Us: Our purpose is to help clients exceed their financial health goals. Across the reimbursement cycle, our scalable solutions and clinical expertise help solve programmatic needs. Enabling our teams with leading technology allows analytics to guide our solutions and keeps us accountable achieving goals. We build long-term careers by investing in YOU. We seek to create an environment that cultivates your professional development and personal growth, as we believe your success is our success. ESSENTIAL DUTIES AND RESPONSIBILITIES: Note: The essential duties and responsibilities below are intended to describe the general duties and responsibilities of this position and are not intended to be an exhaustive statement of duties. This position may perform all or most of the primary duties listed below. Specific tasks, responsibilities or competencies may be documented in the Team Member s performance objectives as outlined by the Team Member s immediate Leadership Team Member. Role Overview: The Manager will lead and manage 24x7 cybersecurity and SOC operations, ensuring round-the-clock protection of the organizations critical infrastructure. This role demands deep expertise in network security, threat detection, and incident response , while also managing a team working in rotational shifts. Key Responsibilities: Oversee end-to-end SOC operations , including real-time monitoring, incident triage, and escalation. Lead network security strategy and governance including firewalls, intrusion detection/prevention systems (IDS/IPS) , and VPN infrastructure. Manage and mentor a 24x7 cyber defense team, ensuring effective shift coverage and performance. Drive threat intelligence integration and lead response to advanced persistent threats. Conduct regular audits, vulnerability assessments, and penetration tests. Ensure compliance with relevant cybersecurity regulations and frameworks (e.g., ISO 27001, NIST, HIPAA). Collaborate with IT, Risk, and Compliance teams for coordinated risk mitigation. Requirements: 8+ years in cybersecurity, with 3+ years in a leadership role. Experience running or managing a 24x7 SOC . Strong expertise in SIEM tools , threat detection, and mitigation strategies. Relevant certifications: CISSP, CISM, CEH , or equivalent. Excellent leadership and communication skills. PHYSICAL DEMANDS: Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions as described. Regular eye-hand coordination and manual dexterity is required to operate office equipment. The ability to perform work at a computer terminal for 6-8 hours a day and function in an environment with constant interruptions is required. At times, Team Members are subject to sitting for prolonged periods. Infrequently, Team Member must be able to lift and move material weighing up to 20 lbs. Team Member may experience elevated levels of stress during periods of increased activity and with work entailing multiple deadlines. A job description is only intended as a guideline and is only part of the Team Member s function. The company has reviewed this job description to ensure that the essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate. PHYSICAL DEMANDS: Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions as described. Regular eye-hand coordination and manual dexterity is required to operate office equipment. The ability to perform work at a computer terminal for 6-8 hours a day and function in an environment with constant interruptions is required. At times, Team Members are subject to sitting for prolonged periods. Infrequently, Team Member must be able to lift and move material weighing up to 20 lbs. Team Member may experience elevated levels of stress during periods of increased activity and with work entailing multiple deadlines. A job description is only intended as a guideline and is only part of the Team Member s function. The company has reviewed this job description to ensure that the essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

Dated: July 10,2025 A Position Overview Position Title Assistant Manager - Investments Operations (Back & Mid Office) Department Investments Operations Finance & Accounts Level/ Band Assistant Manager 1. Role Summary: a) Ensure smooth working of Investments Cash Flows, Banking & Settlement, Fund Accounting and declaration of daily NAV; b) Understanding of all Regulatory and Internal Exposure Norms related to settlement of trades c) SAP Investment Management System (IMS) (i) Addressing day to day issues; and (ii) New Development / enhancement with successful completion of UAT testing ; d) Derivative deal settlement and accounting e) MIS and Analytical. B Organizational Relationships Reports To AVP - Investments Operations Supervises Junior members of Investments Operations team (normally 3-4 officials) C Job Dimensions Geographic Area Covered National Stakeholders - Internal Fund Managers, Finance & Accounts, Operations, IT, Risk and Actuarial Department for Investments Operation activities. External Banks, Custodian, Counterparties & Auditors and System Vendor D Key Responsibility Areas 1) Prime responsibility would ensure smooth working of Investment Back Office - from morning Cash Flows to daily EOD activities 2) Ensure compliance of all regulatory and internal norms/ limits on day-to-day basis related to deal settlement for all assets classes 3) Updation and implementation of SOP Back Office 4) Managing various Investments Audits and ensure its smooth closures 5) Liaising with Banks, Custodian 6) Strengthening of MIS and share its analytical 7) Carrying out derivative accounting 8) Carrying out UAT for SAP IMS bugs as well as new requirements. 9) Support in preparing data / MIS for Board and its Committees 10) Grooming team members E Skills Required Technical Behavioral Essential Desired Interpersonal skills Communication skills Creative thinking skills Supervising/Leadership skills Teamwork Skills Influencing skills Relationship Building skills Decision making skills F. Incumbent Characteristics Essential Desired Qualification Chartered Accountant (CA) Advanced Excel Skills and writing Macros is desirable Experience Experience of 3-4 years in Life Insurance industry <

We re seeking a future team member for the role of Vice President IT Audit to join our SOX Team- This role is located in Chennai, TN, HYBRID- In this role, you ll make an impact in the following ways: Demonstrate sound knowledge of IT general controls and application controls with a thorough understanding of SOX- Ensure IT general controls and application controls over financial reporting are sound and effective to ensure compliance with SOX- Contributes to the execution of the SOX IT plan in the assessment of key IT controls for in-scope information systems for testing, documentation and reporting to Senior Management- Manage multiple deliverables across various time sensitive deadlines while executing the completion of the test of design and test of operating effectiveness over the internal controls with limited oversight- Support the senior colleagues with tracking the status of control deficiencies; reviews remediation by process owners and documents findings for/to SOX management- Supports in the collaboration with business & technology stakeholders to identify ways to improve testing efficiency and issue reporting communications- Actively contributes to the achievement of the IT SOX team goal- To be successful in this role, we re seeking the following: Bachelors Degree or the equivalent combination of education and experience is required- Minimum of 3-6 years of experience in IT risk/controls, Internal IT Audit, Public Accounting IT audit or a combination of- Financial Services industry experience is highly preferred- Certified Information Systems Auditor (CISA) or an equivalent IT certification is highly preferred but not required- Experience with GRC software (AuditBoard) and/or data analytic tools (PowerBI, Alteryx) is preferred-

Jul 11, 2025 Location: Coimbatore Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you re always ready to act ahead. Learn more about Technology & Transformation Practice Your work profile As a practitioner in our Cyber Team, you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - SOX,Cloud,Data Management IT/IS controls Testing and Assurance Design and execute controls testing strategies to evaluate the design adequacy and operating effectiveness of controls. Testing Approach Review and Process Documentation Develop methods to monitor and measure risk, compliance, and assurance efforts. Create test plan, test scripts etc. to support the delivery of controls assurance objectives. Prepare detailed testing documentation, workpapers and reports to highlight findings and recommendations. Collaborate with various departments for control walkthroughs, sampling, evidence collection etc. Maintain up-to-date knowledge of industry standards and best practices related to controls testing. Review existing Risk control testing approach and methodology used by client to identify areas for improvement based on IT risk & control frameworks and industry good practices. Develop templates to facilitate the control testing and the documentation and reporting of the control testing outputs in line with the refined control testing approach and methodology Liaise with designated stakeholders to identify the prioritised set of controls and document repeatable test scripts for testing design effectiveness ( DE ) and operational effectives ( OE ) of prioritised IT and IS controls. Knowledge/ Experience in GRC tools such as Service now, archer etc. Knowledge/ Experience on cyber compliance regulations - RBI, SEBI, Cert-in. Industry knowledge would be a added advantage Desired qualifications Cyber experience in Risk Controls ranging from 1 year to 7yrs is mandatory. Levels being hired for: Analyst, Senior Analyst, Consultant, AM, DM B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification Strong communication skills (written & verbal) Location and way of working Base location: Coimbatore/Chennai/Kochi This profile involves frequent travelling to client locations. Your role as a practitioner We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, practitioners across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ---- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ---- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job description At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk Senior Manager As an IT risk professional, you'll contribute technically to risk assurance client engagements and internal projects. An important part of your role will be to perform IT audits, document good quality assessment reports, and issue opinions. You'll anticipate and identify risks within engagements and share any issues with the audit stakeholders. You'll also identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. In line with EY's commitment to quality, as an influential member of the team - you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We're looking for experienced staffs with 10+ years of hands-on experience in IT Risk/Audit, Assurance, and Advisory to join our Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities Participate, lead, and execute the IT Risk and Assurance engagements. Develop and maintain productive working relationships with client and onshore stakeholders. Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within Ernst & Young Services and with other services across the organization. Stay current with and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. Skills and attributes for success Work effectively as a team player - collaborate and share responsibility, coach, and support team members to succeed. To qualify for the role, you must have: B.E/B.Tech (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc., Chartered Accountant and/or MBA with Finance/IT with at least 10+ years of experience. 1-3 years of professional experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC1, SOC2, IT Financial Audit and Business Automated Controls, IT Risk consulting, or any other regulatory / compliance audits. Expertise in pre and post implementation reviews and auditing configuration of major ERPs like SAP, Oracle, JDE, WorkDay, Netsuite, Navision, etc. Expertise in performing infrastructure reviews pertaining to OS, DB, and Active Directory such as Windows, UNIX, SQL, Mainframe, Oracle, etc. Assist with the development of policies, procedures, and standards that meet existing and newly developed policy and regulatory requirements. Assist with facilitating IT security/risk training curriculum. Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. Stay current with and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. Must have end-client facing experience. Ideally, you'll also have: CISA, CISM, CRISC, ISO27001, Cloud, and Data privacy certifications. IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX. Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI. Familiarity with a typical IT systems development life cycle. What working at EY offers At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around. Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people, and society, and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.