120 It Risk Jobs - Page 3

Skills Required : Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Education/Qualification : B.Tech, MBA, CA Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

Dear Candidate, We are hiring an IT Risk Analyst to identify, assess, and mitigate risks to the organization's information systems and data. This role supports compliance initiatives and strengthens the IT risk management framework. Key Responsibilities: Conduct IT risk assessments, gap analysis, and control evaluations. Develop mitigation strategies for identified security and compliance risks. Monitor regulatory changes and ensure adherence to frameworks (e.g., NIST, ISO 27001). Prepare risk reports, scorecards, and presentations for stakeholders. Collaborate with audit, security, and IT teams on risk response plans. Required Skills & Qualifications: Experience in IT risk, governance, or audit. Familiarity with frameworks like NIST, COBIT, ISO 27001, and SOX. Analytical skills to evaluate threats, vulnerabilities, and control gaps. Excellent documentation and stakeholder communication abilities. Certifications such as CRISC, CISA, or CISSP are a plus. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

About this role: Wells Fargo is seeking a Independent Testing Specialist In this role, you will: Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners and management Required Qualifications: 2+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Good experience in IT Risk, IT Control Testing, IT Audit Certified Information Security Auditor (CISA) Certified Information Security Manager (CISM Job Expectations: Shift Timing: 1.30 PM - 10.30 PM

Job Description At least 3 to 5 years of experience in IT Risk, Compliance, Audit and/or InfoSec. Experience in performing IT Audit and reviewing IT controls, framework, policies and standards. Experience in understanding design and operating effectiveness of IT controls and industry related frameworks. Significant knowledge in 2 or more areas: Application Security, IT Governance, IT Compliance & Audit, Identity & Access Management, Cloud Security, Asset Security, Threat/Vulnerability Management, BCM & DR Has a good understanding of international standards on Technology Risk Management. Excellent time management and ability to overse

10+ yrs exp IT & IT Security Certified in ISO 27001: 2013 Enterprise IT Governance including knowledge of IT risk management and controls Strong power point presentation creation and design Func as SPOC for IT GRC & Audits Team Leading Exp preferable Required Candidate profile Manage establishment of operate & tech decision-making process to ensure IT svc are align to organization priorities & risk appetite Prep sec dashboards with KPIs, sec metrics for CISO presentations Perks and benefits Mediclaim + additional 10% performance bonus

Education Criteria (Must): B.Sc (IT/CS) / B.Tech in any Engineering background, BCA, MCA M.Sc. Information Technology, or related field. CEH, CISSP, CISA, CISM, CRISC (If any security related certification) 11-15 years of experience in Application Security, Network Security, and IT Risk Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Client and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management Skill-Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation.

Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Mandatory Skill Strategy and Governance Preferred Skill Cyber Strategy Years of Experience Required 7 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CISA/CISM/ISO will be added advantage Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Strategy Plan Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage

Job Summary: We are seeking a Specialist, Control Tester to join our newly established Centralized 1LoD Control Testing function (1LoD Control Testing). This 1LOD Testing team aims to standardize and enhance our control testing practices across all Business Units and Corporate Functions. As a key member of this team, you will play a pivotal role in supporting risk management activities across the organization. This includes the opportunity to be immersed across multiple operational and compliance areas, with opportunities to specialize in specific areas of interest. This role will operate under general supervision; however , will primarily work independently to actively execute control test plans and support Testers within the team with their respective execution . Regular activities include a risk-based control review, effective test execution, and an in-depth analysis of control test results to identify key trends and solutions. Major Duties: Leads controls testing execution including walkthroughs, design, and operating effectiveness testing. Performs quality review over testing workpapers ( produced by other testers ) to ensure execution and documentation meet First Line of Defense Control Testing Methodology and testing quality expectations. Lead representative to ensure relevant stakeholders are appropriately engaged in all critical testing phases. Provides support to Tester(s) to ensure testing is being performed effectively and efficiently. Responsible for monitoring all testing phases including escalation of significant deficiencies and/or testing delays . Compile, manage, submit and socialize required monthly, quarterly or annual reporting including t est r esults, d ashboards and/or testing issue remediation status . Responsible for assisting in the identification and escalation of follow-ups and potential deficiencies. Work closely with the business partners to obtain issue remediation action plans, track and report status of remediation actions, including maintaining dialogue with the business to ensure timely remediation of issues . Assist with control projects, operational and/or corporate risk initiatives, where directed. Skills & Experience: 14+ years of risk and control experience Experience managing teams across multiple jurisdictions Bachelor s degree in computer science, information technology, IT/Cyber security, and/or risk management Current working knowledge of risks related to information technology, cyber security, IT General Controls (ITGCs), application controls, IT platforms and related technologies. Strong understanding of IT risk frameworks (ITIL, COSO, COBIT, NIST, ISO, etc) and Technology testing methodologies Understanding of assurance-based activities including Technology controls monitoring and compliance testing Professional certifications a plus (e.g., CISA, CRISC, CISM, CISSP) Shift Coverage: EMEA - 3:30PM to 12:30AM IST

for an IT Senior Compliance Manager who can overlook and ensure Application Compliance, IT Risk mitigation & Issue management. How you ll make an impact: Engaging the third party and driving the ITGC operations across P&A (Platforms and Applications). Review that all the JSOX Controls are executed as per the standards and the required quality is being adhered to by the third party. Defining the key attributes needed to perform the controls effectively. Planning and ensuring that all the audits are completed in a timely manner in Coordination with the Control performers. Liaison between the P&A Application managers and the Control performers. Support Framework transition and optimization. Work out opportunities for efficiency improvements, automated controls, aggregation of controls, etc. Work out concept of internalization of Control Owner. Defining the KPI and come out with adequate measures to reduce the outsourcing costs without reducing the security risks to the applications. Supporting non JSOX audits and defining clear plans with timelines for all identified gaps, working on mitigations. Supporting non JSOX compliance maturity enhancements across P&A. Responsible to ensure compliance with applicable external and internal regulations, procedures, and guidelines. Living Hitachi Energy s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business. Your background: The candidate should have more than 20 years professional experience and more than 15 years in Internal audits The candidate should be a CISA and ISO 27001 Certified The candidate should have extensive experience with compliance service The candidate should have extensive experience in dealing with diverse technological audits The candidate should have experience in dealing with regulatory audits and also have a track record of completing SOX audits testing on time The candidate should have experience in managing large, global and diverse teams include handling third parties The candidate should have worked with senior management, provided and discussed reporting Proficiency in both spoken & written English language is required. .

About The Role Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our companys IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview The IT Risk Analyst is responsible for independently identifying, assessing, and mitigating IT risks. This role requires a deeper understanding of risk management frameworks and methodologies. The IT Risk Analyst will conduct thorough risk assessments, implement risk mitigation strategies, and collaborates with other departments to ensure compliance with company policies and regulatory requirements. You will collaborate closely with business and IT stakeholders, ensuring that risk assessment transaction are comprehensive, timely, and compliant with organizational standards and best practices. What will you do in this role: Identify potential risks across various areas such as financial, operational, strategic, and compliance risks. Conduct risk assessments and analyses to evaluate the likelihood and impact of identified risks. Analyze data and trends to understand the nature and extent of risks. Use quantitative and qualitative methods to measure and prioritize risks. Develop strategies and action plans to mitigate or manage identified risks. Implement risk control measures and monitor their effectiveness. Prepare detailed reports and presentations on risk assessments and mitigation strategies. Communicate findings and recommendations to senior management and stakeholders. Ensure that the organization complies with relevant regulations and industry standards. Conduct audits and reviews to ensure adherence to risk management policies and procedures. Stay up-to-date with industry trends and best practices in risk management. Continuously review and improve risk management processes and frameworks. What should you have: Bachelors degree in Information Technology, Computer Science or any Technology stream. 3+ years of hands-on experience in IT risk assessments, vendor management, and regulatory compliance. In-depth knowledge of risk assessment frameworks and methodologies. Strong analytical skills to assess and interpret complex data. Ability to identify trends, patterns, and potential risks. Excellent verbal and written communication skills to convey risk findings and recommendations. Ability to present complex information to non-technical stakeholders clearly. Strong problem-solving skills to develop effective risk mitigation strategies. Proactive approach to identifying and addressing potential risks. Meticulous attention to detail to ensure accurate risk assessments and reporting. Understanding of relevant regulations and compliance standards. Ability to manage risk-related projects and coordinate with various teams. Strong organizational skills to handle multiple tasks and priorities effectively.

Job ID: 198625 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) In one sentence The IS/IT Audit Expert will assess systems, processes, and controls to ensure compliance with internal policies/practices and identify technological or operational risks All you need is... BA/BS degree in Information Systems, Computer Science, Engineering, or related field. 2-5 years of experience in IT Audit, Cybersecurity, Risk Management, IT Compliance, IT Project Management, or related field. Able to execute comprehensive IT/IS audits utilizing data analytics (MS Excel, Tableau). Ability to evaluate the adequacy and effectiveness of IS/IT controls. Sound knowledge of industry standards, emerging technologies, and best practices. Ability to identify and assess IT/IS related risks and evaluate their impact on the organization. Ability to conduct independent fieldwork and align with process/system owners. Mindset to proactively seek relevant education and training opportunities. Excellent communication skills (both verbal and written) and ability to interact with people across the globe with different cultures. What will your job look like Plan the scope and objective of the audit topic Evaluate a system s efficiency based on knowledge of business process and systems, financial, procurement, HR and other operations. Plan the auditing techniques according to the audit type/maturity/region. Perform the audit in a professional manner and in accordance with the approved audit testing program. Involve the audit director during, and at the conclusion of, the examination, to discuss the test results and deficiency remediation recommendations. Prepare draft report containing all gaps identified and applicable risk analysis for the director review Raise red flag at the right time during the course of review when there is an exception that should be handled by the director Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com Why you will love this job: Opportunity to work in a growing organization Involved in planning auditing techniques We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave! Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Location Bangalore : IT SOX, Risk Management, Audits, Business Continuity Planning Not Ready to Apply Join our talent pool and we'll reach out when a job fits your skills.

Management Level Senior Manager & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC , you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. JOB DESCRIPTION Purpose of the Job /Role Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Roles and Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Certifications CISA/CISM/ISO will be added advantage Mandatory Skill Sets Strategy and Governance Preferred Skill Sets Cyber Strategy Years of experience required 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Cyber Risks Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance {+ 16 more} Travel Requirements Government Clearance Required?

SAP Security Architect will be responsible for all Application Security area covering audit controls, design, testing, and implementation of SAP roles and authorization concepts through project work, support incidents and service requests. GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Key Responsibilities Include: Deliver SAP Security solutions to meet requirements arising from programs, evolving regulatory environment and business development initiatives according to SAP release and program schedules. Collaborate with functional SAP Solution Architects, business stakeholders and various project teams to configure and manage SAP profiles and roles to meet business needs. Secure quality standards and full compliance of role design, build and test coaching less experienced team members. Assist SAP DevOps management in structuring work effort by providing resource and development effort estimates pertaining to Security Area. At all times adhere to SOX, GxP and IT QMS standards and deliver highest quality process design, functional requirements, configuration, testing and documentation. Working with internal and external audit teams to execute the required user audit processes. Contribute to the SAP Security Administration team performance meeting target SLA s, audit compliance, and management defined metrics. Develop and maintain security standards for role design and administration. Work closely with relevant business functions and Site Authorization Owners to maintain a detailed and current knowledge of their organization, processes, priorities and system needs Qualifications/Requirements: Demonstrated knowledge of key SAP authorization concepts including: security role design/build, user administration and SOD conflict resolution Working knowledge of organizational structures and key authorization objects in SAP modules used: MM, QM, SD, PP, FI, CO Experience working with audit and compliance teams in Security Area. Demonstrated experience working with profile generator, user management and all other security related t-codes and tables Architect-level technical skills in Security Area with the ability to develop security roadmap and influence key decisions in this area Good Understanding on SAP Risk Management and concepts of Segregation of Duties SoD Provide technical leadership in the assessment, design, and implementation of IT risk solutions Experience with Identity and Access Management products and technologies Strong verbal/written communication and presentation skills. Ability to effectively prioritize tasks and operate in a fast-moving international environment Experience working with geographically dispersed teams and global stakeholders bachelors degree in computer science engineering or equivalent combined with at least 6 years of SAP Security Area experience Desired Characteristics: ABAP programming language would be an added advantage Experience in newer SAP Application such as S4 Fiori is an added advantage Working knowledge of SAP BASIS area and key administration tools especially SAP Solution Manager Experience working with standard change control tools- SAP ChaRM, ServiceNow Exposure to lifecycle management products like ALM Working knowledge and understanding of standard ITIL processes and concept Exposure to SAP GRC security solutions Experience in a SOX IT controls certified environment Exposure to a validated system requirement in the Healthcare or Pharmaceutical industry

Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Analyst Qualifications: Any Graduation Years of Experience: 3 to 5 years What would you do? Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model- powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing experience is required What are we looking for? Commitment to quality Written and verbal communication Risk management Ability to work well in a team Ability to meet deadlines Automated/IT control testing experience is must Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

1. Design and build Dashboards for Horizontal Risk Unit using Tableau. 2. Develop Monitor Frequent MIS Reports using SSRS Tableau. 3. Deep dive in Risk KPI Metrics manage Risk Deck Reports. 4. Data Insights to be published across team. 5. Automation of processes to trigger exceptions. 6. Co-ordination with IT Risk. Required Qualifications and Experience 1. Minimum 3-4 years of Experience required in SQL. 2. Should have basic knowledge on Tableau. 3. Should have knowledge on SQL/SSIS/SSRS. 4. Should have Banking/NBFC Domain knowledge. 5. Knowledge of R/Python will be added advantage.

Key Responsibilities Business Acumen: Maintain a fundamental understanding of the Booking.com business, industry news and risk best practices and apply that knowledge in the context of your core areas of responsibility. Critical Thinking: Identify and design solutions in a wide range of situations, and proactively propose concrete improvement plans. Objective Setting, Prioritization & Task Management: Independently structure and execute work, decide on priority areas and output fitting the overarching objectives and priorities. Deliver in line within agreed timelines and escalate issues to the appropriate level and roles within the organization where needed. Attention to Detail: Produce high quality, accurate output across a broad range of topics, with limited review and oversight required. Result Orientation: Work independently and proactively to deliver the right results for specific objectives and deliverables in line with personal and company values whilst influencing stakeholders in order to meet timelines and prioritize critical activities. Effective Communication & Presentation Skills: Effectively and clearly communicate and present information relating to core responsibilities, tailor messages and explain (technical) concepts to stakeholders. Facilitate cross-functional discussions. Organize and run larger meetings in a clear, structured and outcome-oriented manner. Stakeholder Management & Influencing: Independently identify, develop and grow relationships with key stakeholders to build and maintain a wide network within the coverage area, mostly at mid-level but also including key senior stakeholders for a bilateral flow of information. Align with stakeholders on impact beyond their team, respectfully challenging and influencing others to assume appropriate roles and responsibilities by adopting stakeholder management and influencing techniques. Confidently and independently navigate tricky discussions, incorporating Manager input around escalations, approach or blockers where needed. People Management: Provide constructive feedback to peers and incorporate received feedback into personal development goals. May provide mentoring and task oversight to more junior staff or external consultants. Support hiring process. Operational & Technical Expertise: Apply a comprehensive understanding to processes, systems and/or products within your coverage area. Display general understanding of the impact on the wider process and/or system landscape. Seek manager input for in-depth expertise. Risk Landscape Awareness: Maintain awareness or knowledge of the broader internal risk landscape across one or more business areas as well as external developments. Adopt a business need centric and user friendly approach to influence business stakeholders to take informed decisions in line with the risk capacity, risk appetite and risk tolerance of Booking.com. Risk & Governance Advisory: Provide input to the development of methodologies throughout the risk management lifecycle. Advice stakeholders in ongoing risk and compliance work within your dedicated area(s). Risk Identification & Assessment: Identify and appropriately assess risks in line with the team's frameworks and methodologies. Document risk assessment outcomes, including clear description of the risk, perceived level of risk and considerations for risk treatment, tailored to the topic at hand, with limited guidance and review required. Risk Treatment: Independently support control design and/or assurance activities and work with control owners to prepare controls for approval. Coordinate audit activities including support to close any control deficiencies identified. Work across teams/projects/BUs and ensure risks are appropriately mitigated. Develop, select and implement risk treatment strategies, proposing alternative risk treatment options where needed. Communication.Stakeholder Process/Control owners (combination of directors, managers, team leaders and individual contributors) Subject Matters Experts (SME's) e.g. Finance, Fintech, Fraud, Legal, Security, etc. Other Internal stakeholders in Accommodations (i.a. CS, PS, Product), Trips, Finance, FinTech, Legal, Marketing, People, Strategy and Corporate Development and Technology (i.a. Security, Infrastructure) Internal & External Audit Risk & Control team Communication.Type Persuasion / CooperationPartner with business stakeholders by: providing guidance and support in ongoing compliance;providing guidance and support in identifying risks and control gaps and, designing and implementing appropriate controls;providing clear instructions on expected stakeholder contributions and ensure follow up;facilitating and participating in cross functional groups for activities related to the risk management lifecycle;presenting and advising on standardized methodologies, processes and documentation;maintaining a business centric approach. Information and CooperationInform SMEs on:risk areas in need of SME input;control design and implementation;work closely together to share knowledge and experience. CooperationWork closely together to share knowledge and experience. Cooperation Support Internal and External audit teams to ensure that remediation plans are implemented on a timely basis for any deficiencies foundSupport SOX, PCI and other audit cycles Information and CooperationWork closely together to share knowledge and experience. Level of Education.Level of Education Bachelor degree Master degree Level of Education.Description Alternatively compensating years of experience (3 to 5 years in addition to below) Preferred Years of relevant Job Knowledge.Years of relevant Job Knowledge Advanced Knowledge (5 - 8 years) Requirements of special knowledge/skills Qualities / Soft Skills: Enthusiastic, self-starting and flexible work attitude Ability to effectively prioritize and manage workload, work under pressure and deliver on timelines Handle multiple tasks, of varying and often complex content, generally at the same/similar time Have the ability to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time Strongly process, problem solving and action oriented Curious and proactive in the assessment and challenge of risks Strong team player Advanced communication skills and ability to actively listen Strong relationship building skills High level of integrity, confidentiality & professionalism Requirements of special knowledge/ Hard Skills: Advanced (technical) understanding of and experience with Risk Management, Compliance, Internal controls , control procedures, automation, monitoring, testing, collecting evidence and remediation activities Experience with large e-commerce or tech companies is advantageous Fluent in English, both written and spoken CISSP, CRISC, CISM, CISA, or similar certification is advantageous Project management skills Stakeholder management skills For Business Officer functions: Advanced understanding of and experience with risk management relevant fields, for example but not limited to: Business analysis Auditing Corporate governance Finance concepts and processes SOx integration AML/ CFT framework, GDPR, PCI, SOx Fundamental understanding of below IT expertise fields. For IT Officer functions: Advanced understanding of and experience with risk management relevant fields, for example but not limited to: IT Risk management and IT Governance IT Security concepts and processes (IT) Frameworks like ITGC, COSO, NIST DevOps tools like Puppet, Jenkins, Git, Docker, or Kubernetes JIRA Fundamental understanding of above Business expertise fields.

Roles and Responsibilities Greetings from GRM Technologies!!! Providing support in IT and Cyber Risk Advisory services offered by GRM Technologies to its clients in the following domains- Information regulatory compliance (ISO 27001, PCIDSS, RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, GDPR) Information risk management Information security and information assurance Information technology controls for financial and other systems Identifying processes and technologies to maintain and enhance the security architecture Disaster recovery and business continuity management Information privacy Have a fair understanding of Business Continuity Planning and DR Drills Should have conducted Information Life Cycle management reviews in the past Conducting Infrastructure Vulnerability Assessment and Penetration Testing Conducting Web and Mobile Application Security Assessment Conducting Secure Code Review Conducting Architecture Review Should have minimum 2-5 yrs. of experience into Cyber Security, including IT Risk, Cyber Risk & Compliance, IT Audit, Vendor Audit, VAPT, Application Security, Fraud Risk & Security. Knowledge of information security standards, principles and practices required Perform risk assessment, controls and documentation with expected standards (information technology/ business process) Conduct Infrastructure Vulnerability Assessment and Penetration Testing Conduct Web Application Security Assessment Conduct Mobile Application Security Assessment Conduct Source Code Review Perform SOX compliance audits, SOC 1 and SOC 2 audits, as well as testing and reporting Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2) Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.) Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable Ability to adapt to new scope areas and technologies Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more Ability to manage client communication and escalation Ability to make all attempts to guide the peers and self to improve client satisfaction scores Participate in proposal preparation Understanding of risk Appreciation for technological innovation Strong organization skills Curiosity and eagerness to learn Initiative to seek out opportunities and add value Tolerance for ambiguity and shifting priorities; appreciation of change. Should have certification on CCNA / CCNP / ITIL Exposure into ISO 27001 is mandate

Wells Fargo is seeking a Independent Testing Specialist In this role, you will: Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners and management Required Qualifications: 2+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Good experience in IT Risk, IT Control Testing, IT Audit Certified Information Security Auditor (CISA) Certified Information Security Manager (CISM Job Expectations: Shift Timing: 1.30 PM - 10.30 PM

We are looking for Information Security Professional in our Corporate office. Experience: 7-10 years of experience in security and privacy roles. Monitor, investigate, and respond to security incidents using DLP, EDR, and MDR solutions. Conduct Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate risks. Implement and manage Data Loss Prevention (DLP) strategies to safeguard sensitive information. Ensure compliance with ISO 27001/27002 controls and support audit requirements. Analyze security events, perform root cause analysis, and recommend remediation measures. Collaborate with internal stakeholders to enhance the overall security posture Partner with internal departments, such as IT, Compliance, and Risk Management, to identify security gaps, implement best practices, and enhance overall cybersecurity measures. Conduct regular assessments of the organization's systems, networks, and processes to identify and mitigate potential security and privacy risks. Develop and enforce security and privacy policies, ensuring alignment with industry standards and regulatory requirements. Lead and participate in incident response activities, including investigation, analysis, and resolution of security incidents. Develop and deliver security awareness training programs to educate employees on security best practices and privacy guidelines. Implement and manage vulnerability assessment programs to identify and remediate security vulnerabilities in a timely manner. Ensure the protection of sensitive data through encryption, access controls, and other relevant measures. Work closely with cross-functional teams to integrate security and privacy considerations into the development lifecycle of applications and systems. Stay current with relevant security and privacy regulations, ensuring the organization's compliance with applicable laws. Work Experience & Educational/Professional Certifications 7-10 Years of experience in cybersecurity. Proficiency in EDR, MDR, VAPT, and ISO 27001/27002. Strong analytical and problem-solving skills. Bachelor's degree in Computer Science, Information Security, or a related field. Industry-recognized certifications such as ISO 27001 LA,/LI, CEH, Security+ are a plus. Strong knowledge of security frameworks, standards, and best practices. Experience with risk management, policy and process documentation, and security assessments. Excellent communication skills and the ability to collaborate with diverse teams.

Greetings of the day, We are looking for Technology Risk ( ITGC ) Exp: 1 to 6 Years Location: Bangalore, Chennai, Hyderabad, Pune, Gurugram Mandatory skills required: ITGC, SAP, HANA/ECC, IT audit, IT Risk, Change & Access Management If you are interested to work with one of the leading BIG4 Company Send your updated resume with Project details (Including skills used in the project, project date timeline & bullet points briefing the use of specified skills in the project) to sgshetty@allegisglobalsolutions.com.

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets IT Risk , ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets Stakeholder Management , Team Management Years of Experience Required 3 + Years Education Qualification BE, B.Tech , M.Tech , MCA, MBA graduates . Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration, Master of Engineering Degrees/Field of Study preferred Required Skills Information Technology (IT) Risk Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

About the role We are seeking a Senior IT Architect to lead our annual ongoing technology refresh programme taking responsibility for defining, shaping and agreeing the annual portfolio of technology refresh projects each year. This will include the management and leadership of a small team of architects to successfully deliver these projects, ensuring effective governance and control and the delivery of business requirements, whilst minimising IT risk and optimising the IT estate. You will also contribute to the development of standards, patterns and strategic IT roadmaps for current IT systems, services & applications. You will also be capable of deputising for the head of solution architecture in their absence. Accountabilities: Working with Enterprise Architecture define and agree a portfolio of candidate projects each year for the annual technology refresh programme. Undertaking the necessary discovery and investigation to provide a robust proposed scope and approach for each candidate project; with a high degree of confidence in the likely costs and timeframe required to deliver each project. Management and leadership of a small team of IT architects to deliver each of the projects in the agreed annual technology refresh programme each year. Delivery of Solution Architectures for technology refresh projects: ensuring compliance to policies and standards, remediation of identified risks and vulnerabilities and optimisation. Deputise for Head of Solution Architecture in his absence, attending architectural governance and management meetings to represent Solution Architecture. Where required research, create, communicate and maintain IT product and supplier roadmaps for specific domains within the associated risk appetite; taking into account market and IT developments that are designed to deliver long-term business requirements, reduce IT risk and maximise re-use and efficiencies. Develop, agree, control, maintain and govern effective delivery of IT architectural solution blueprints (both internally and externally produced), incorporating IT operating model, technology, applications, information and service, in accordance with agreed standards and criteria, to ensure a shared understanding between parties, that it delivers business requirements and is effectively governed and controlled. Identify, evaluate and select technology, applications and service products, in collaboration with Group Procurement and business stakeholders and in accordance with policies, procedures and standards, to ensure they are fit for purpose, deliver business requirements within budget and timescales and that contracts are effective. Develop, agree, control and maintain IT architectural standards and policies for product, technology, information and service that are aligned with industry practice and the strategic roadmap and will deliver consistent and efficient IT solution design and application. Manage the technology relationships with third party suppliers and contractors, to ensure they meet business need and deliver the requirements of the solution and any contracts are aligned with IT roadmaps and standards. Monitor and manage specific Information Technology Infrastructure Library (ITIL) processes to ensure their effective operation and provide guidance and control to the architectural design aspects of other relevant ITIL processes to ensure governance requirements and standards are met. Assist with impact assessment of IT operational incidents and proposed IT Change to provide the subject matter expertise required to support effective decision making. About you Qualifications: Ideally qualified to the following standards or equivalent: Information Systems Examination Board (ISEB) Practitioner in Enterprise and Solution Architecture The Open Group Architecture Framework (TOGAF) 9 Certified ITIL Foundation Prince 2 Foundation Control Objectives for Information and related Technology (COBIT) Foundation Experience and Knowledge: Experience in playing a key role within an IT delivery function including solutioning/solution planning and delivering Experience as a Lead Architect for an IT programme or large project Experience in shaping and defining a portfolio of projects Experience of defining and creating architectural standards and patterns Experience of running architectural governance for a programme or large project Working knowledge of Architectural domains Good knowledge of: Emerging technologies and standards Wider IT market issues Architectural standards and methodologies e.g. TOGAF Architectural design patterns Integration design patterns Excellent presentation and influencing skills Great senior stakeholder communication and management skills Good working knowledge of change lifecycle skills: Analysis and requirements management Azure Hosting Functional Decomposition Business models Data models About the role We are seeking a Senior IT Architect to lead our annual ongoing technology refresh programme taking responsibility for defining, shaping and agreeing the annual portfolio of technology refresh projects each year. This will include the management and leadership of a small team of architects to successfully deliver these projects, ensuring effective governance and control and the delivery of business requirements, whilst minimising IT risk and optimising the IT estate. You will also contribute to the development of standards, patterns and strategic IT roadmaps for current IT systems, services & applications. You will also be capable of deputising for the head of solution architecture in their absence. Accountabilities: Working with Enterprise Architecture define and agree a portfolio of candidate projects each year for the annual technology refresh programme. Undertaking the necessary discovery and investigation to provide a robust proposed scope and approach for each candidate project; with a high degree of confidence in the likely costs and timeframe required to deliver each project. Management and leadership of a small team of IT architects to deliver each of the projects in the agreed annual technology refresh programme each year. Delivery of Solution Architectures for technology refresh projects: ensuring compliance to policies and standards, remediation of identified risks and vulnerabilities and optimisation. Deputise for Head of Solution Architecture in his absence, attending architectural governance and management meetings to represent Solution Architecture. Where required research, create, communicate and maintain IT product and supplier roadmaps for specific domains within the associated risk appetite; taking into account market and IT developments that are designed to deliver long-term business requirements, reduce IT risk and maximise re-use and efficiencies. Develop, agree, control, maintain and govern effective delivery of IT architectural solution blueprints (both internally and externally produced), incorporating IT operating model, technology, applications, information and service, in accordance with agreed standards and criteria, to ensure a shared understanding between parties, that it delivers business requirements and is effectively governed and controlled. Identify, evaluate and select technology, applications and service products, in collaboration with Group Procurement and business stakeholders and in accordance with policies, procedures and standards, to ensure they are fit for purpose, deliver business requirements within budget and timescales and that contracts are effective. Develop, agree, control and maintain IT architectural standards and policies for product, technology, information and service that are aligned with industry practice and the strategic roadmap and will deliver consistent and efficient IT solution design and application. Manage the technology relationships with third party suppliers and contractors, to ensure they meet business need and deliver the requirements of the solution and any contracts are aligned with IT roadmaps and standards. Monitor and manage specific Information Technology Infrastructure Library (ITIL) processes to ensure their effective operation and provide guidance and control to the architectural design aspects of other relevant ITIL processes to ensure governance requirements and standards are met. Assist with impact assessment of IT operational incidents and proposed IT Change to provide the subject matter expertise required to support effective decision making. About you Qualifications: Ideally qualified to the following standards or equivalent: Information Systems Examination Board (ISEB) Practitioner in Enterprise and Solution Architecture The Open Group Architecture Framework (TOGAF) 9 Certified ITIL Foundation Prince 2 Foundation Control Objectives for Information and related Technology (COBIT) Foundation Experience and Knowledge: Experience in playing a key role within an IT delivery function including solutioning/solution planning and delivering Experience as a Lead Architect for an IT programme or large project Experience in shaping and defining a portfolio of projects Experience of defining and creating architectural standards and patterns Experience of running architectural governance for a programme or large project Working knowledge of Architectural domains Good knowledge of: Emerging technologies and standards Wider IT market issues Architectural standards and methodologies e.g. TOGAF Architectural design patterns Integration design patterns Excellent presentation and influencing skills Great senior stakeholder communication and management skills Good working knowledge of change lifecycle skills: Analysis and requirements management Azure Hosting Functional Decomposition Business models Data models

Role & responsibilities Conduct audits of IT systems, applications, and infrastructure. Evaluate IT policies, procedures, and controls for effectiveness and compliance. Identify security vulnerabilities and risks in IT systems. Prepare audit reports and recommend improvements. Support compliance efforts (e.g., SOX, GDPR, ISO 27001). Collaborate with IT, security, and business teams to remediate findings.

Job Title: Senior Analyst IT Risk and Compliance Location: Chennai Department: IT Risk & Compliance Reports To: Manager, IT Risk and Compliance Job Type: Full-Time Job Summary We are seeking a highly motivated and detail-oriented IT Compliance Analyst to join our Risk & Compliance team. The ideal candidate will be responsible for performing comprehensive IT compliance assessments, testing IT general controls and IT Automated controls and ensuring the organization adheres to internal policies and external regulatory requirements, including Sarbanes-Oxley (SOX). This role plays a critical part in maintaining a strong internal control environment and driving process improvement across the organization. Key Responsibilities Assist in planning and scoping IT compliance and internal control assessments. Identify risk areas and develop internal control testing programs. Perform end-to-end IT compliance assessments, including evaluating effectiveness of risk and control frameworks. Test IT General Controls (ITGCs) across domains like change management, logical access, SDLC and IT operations. Assess IT Automated Controls across business functions such as payroll, inventory, and revenue. Document control walkthroughs using narratives and flowcharts. Develop, maintain, and present compliance workpapers and reports highlighting control deficiencies and recommendations. Collaborate with management to communicate findings and ensure timely remediation of audit issues. Support external audit activities by coordinating information requests and walkthroughs. Stay up to date with regulatory and industry developments in IT compliance and risk management. Engage in continuous improvement efforts to enhance the efficiency and effectiveness of compliance processes. Qualifications Bachelor's degree in Information Technology, Computer Science etc. Professional certification (or working towards) such as CISA, CRISC, CISSP, or CISM preferred. 7–10 years of experience in IT audit, compliance, or risk management; minimum 3-5 years in a Big 4 or similar professional services firm preferred . Strong understanding of IT infrastructure, applications, and enterprise systems. Knowledge of Sarbanes-Oxley (SOX), ITGCs, automated controls, and internal control principles. Experience with audit and compliance tools (e.g., eAudit, Auditboard, or equivalent). Ability to understand cross-functional business processes and their integration with IT systems. Strong interpersonal, communication, and report-writing skills. Able to work independently and collaboratively under tight deadlines. Demonstrated sound judgment, critical thinking, and attention to detail. Preferred Skills Hands-on experience in documenting business processes and identifying control gaps. Ability to present findings to senior stakeholders and recommend practical remediation steps. Familiarity with GRC platforms and data analytics tools. Understanding of global business practices and regulatory environments.