120 It Risk Jobs - Page 4

Dear Candidate, We are hiring an IT Security Consultant to help assess, design, and implement robust cybersecurity strategies for clients. Ideal for professionals with deep knowledge of security standards and hands-on defense experience. Key Responsibilities: Conduct security assessments and risk analysis Design and implement security controls, policies, and frameworks Guide clients on compliance with ISO 27001, NIST, SOC2, etc. Lead incident response and security awareness initiatives Required Skills & Qualifications: Experience in network, application, and cloud security Knowledge of IAM, SIEM, firewalls, and encryption Strong consulting, communication, and client-facing skills Bonus: Security certifications (CISSP, CISM, CEH) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

POSITION SUMMARY STATEMENT: This role is a global role that will support the Internal Controls and SOX Compliance Sr. Director in the scoping, design, and support of IT related controls. This position will be key in supporting Herbalife s integrated approach to the internal control environment. Candidates must possess a strong knowledge of the underlying principles for scoping and designing controls including a solid working knowledge of the COBIT, COSO, and NIST frameworks. Candidates must be excellent communicators skilled at influencing without authority and partnering with key stakeholders across the business. DETAILED RESPONSIBILITIES/DUTIES: Assist in the completion of the annual enterprise IT risk assessment to ensure appropriate scoping and risk mitigation and support the enterprise s integrated internal control environment. Work with application owners to document IT SOX narratives and related workflow diagrams. Work with control owners to identify, design and conduct the management assessment of IT application controls, Key Reports and General IT Controls. Support control owners in the preparation and execution of the annual SOX testing plan. Review, assess, and evaluate reported deficiencies, root causes, and planned corrective actions. Review and assess significance of reported deficiencies and identify compensating controls. Coordinate with the IT system owners in the implementation and improvement of controls and processes including the design, update and streamlining of the IT control environment. Provide support and assistance to groups performing SOX functions throughout the Company. Establish and maintain good working relationship with business groups and help address internal control related issues. Assess processes, risks, and controls to identify control gaps and improvement opportunities. Support process improvement and control optimization projects. Providing advice and counsel to management on internal controls including SOX and cybersecurity. Skills: Required Solid understanding of SOX testing methodologies, risk assessment practices, and the COBIT, COSO, and NIST frameworks Experience in Oracle Ability to effectively work in cross functional teams Solid ability to analyze problems to identify the root cause and propose workable solutions Strong oral and written communication skills Able to multi-task and organize Able to prioritize and meet (formal and self-imposed) due dates with minimal supervision Self-reliant and has initiative to carry out assigned tasks or improve processes Able to independently solve practical problems Strong proficiency in Excel, Word, PowerPoint and Visio Able to work in team environment Maintain positive attitude and influence Able to maintain professionalism at all times Experience: Required 5+ years SOX, internal or external audit Big 4 Accounting or publicly traded company International or Fortune 500 company Experience in planning, project management, and analysis Strong work ethic and capacity, ability to work collaboratively with a sense of urgency and commitment Education: Bachelor s Degree in Information Systems, Accounting, Finance, or equivalent CISA

As a practitioner in our Cyber Team, youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - SOX,Cloud,Data Management IT/IS controls Testing and Assurance Design and execute controls testing strategies to evaluate the design adequacy and operating effectiveness of controls. Testing Approach Review and Process Documentation Develop methods to monitor and measure risk, compliance, and assurance efforts. • Create test plan, test scripts etc. to support the delivery of controls assurance objectives. • Prepare detailed testing documentation, workpapers and reports to highlight findings and recommendations. Collaborate with various departments for control walkthroughs, sampling, evidence collection etc. Maintain up-to-date knowledge of industry standards and best practices related to controls testing. Review existing Risk control testing approach and methodology used by client to identify areas for improvement based on IT risk & control frameworks and industry good practices. Develop templates to facilitate the control testing and the documentation and reporting of the control testing outputs in line with the refined control testing approach and methodology Liaise with designated stakeholders to identify the prioritised set of controls and document repeatable test scripts for testing design effectiveness (“DE”) and operational effectives (“OE”) of prioritised IT and IS controls. Knowledge/ Experience in GRC tools such as Service now, archer etc. Knowledge/ Experience on cyber compliance regulations - RBI, SEBI, Cert-in. Industry knowledge would be a added advantage Technology & Transformation Cyber Strategy | Risk Controls Desired qualifications Cyber experience in Risk Controls ranging from 1 year to 7yrs is mandatory. Levels being hired for: Analyst, Senior Analyst, Consultant, AM, DM B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields • ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification • Strong communication skills (written & verbal)

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Skill required: Risk & Compliance - Risk Management Designation: Risk and Compliance Associate Manager Qualifications: Any Graduation Years of Experience: 10 to 14 years About Accenture Accenture is a global professional services company with leading capabilities in digital, cloud and security.Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities.Visit us at www.accenture.com What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.Anticipate, plan for, and react to risks and issues to the project, including categorizing their severity, taking into account the likelihood of occurrence, mitigation & contingency planning. Follow an agile approach that builds risk management into scrum roles, artifacts, and events and helps in continuous project delivery. What are we looking for Anticipate, plan for, and react to risks and issues to the project, including categorizing their severity, taking into account the likelihood of occurrence, mitigation & contingency planning. Follow an agile approach that builds risk management into scrum roles, artifacts, and events and helps in continuous project delivery. Anticipate, plan for, and react to risks and issues to the project, including categorizing their severity, taking into account the likelihood of occurrence, mitigation & contingency planning. Follow an agile approach that builds risk management into scrum roles, artifacts, and events and helps in continuous project delivery. Roles and Responsibilities: In this role you are required to do analysis and solving of moderately complex problems Typically creates new solutions, leveraging and, where needed, adapting existing methods and procedures The person requires understanding of the strategic direction set by senior management as it relates to team goals Primary upward interaction is with direct supervisor or team leads Generally interacts with peers and/or management levels at a client and/or within Accenture The person should require minimal guidance when determining methods and procedures on new assignments Decisions often impact the team in which they reside and occasionally impact other teams Individual would manage medium-small sized teams and/or work efforts (if in an individual contributor role) at a client or within Accenture Please note that this role may require you to work in rotational shifts Qualification Any Graduation

The primary role of the Controls Assurance Senior Manager is to work with the Assistant Vice President / Vice President to perform control testing across Technology, Third Party Risk Management, Operational Resilience, Data & Privacy areas and support the development and improvements of the control framework across all areas managed by First Line GRC to ensure that it remains aligned to the M&G risk appetite. This includes, but is not limited to, understanding the external requirements (by regulators and industry bodies) and the organisation s strategy, vision and direction, external and internal emerging risk, and working closely with other leads in the function and wider M&G to understand the control framework and recommend improvements of policy, standards and control requirements. This will include overall assessment of the implementation of the control framework and will be supporting control owners to define corrective actions when gaps are identified. In addition, the role will support oversight of the Technology controls testing team and the issue assurance process providing validation of issue closure packs. This will include overall assessment of the implementation of the control framework and will be supporting control owners to define corrective actions when gaps are identified. In addition, the role will support oversight of the Technology controls testing team and the issue assurance process providing validation of issue closure packs. Primary Responsibilities - Performing control testing across the Technology, Third Party Risk Management, Operational Resilience, Data & Privacy functions Supporting the Issue Assurance processes Supporting management with the remediation of any control gaps or implementation of control improvements Support AVP/VP in carrying out control testing and issue assurance. Build strong professional relationships with key stakeholders and senior leaders across Technology to capture appropriate risk metric data. Work closely with AVP/VP and help identify new approaches that enhance efficiency and the business impact of the IT risk landscapes. Support the Control Assurance Lead with reporting status updates to the Leadership team/Senior Stakeholders. Working flexibly and building collaboratively constructive and supportive working relationships with teams across M&G plc and suppliers. Keep abreast of industry trends, regulatory and business issues. Use of regulatory knowledge, business understanding and expert judgement, to quickly identify underlying issues and escalate issues, where appropriate.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Data Loss Prevention (DLP) Good to have skills : Microsoft Data SecurityMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Specific experience in Microsoft DLP-Lead the design, implementation, and management of Microsoft Purview across the enterprise.-Define and enforce data governance policies, including data classification, labeling, retention, and loss prevention.-Configure and manage Microsoft Purview components such as:-Data Map & Data Catalog-Information Protection & Sensitivity Labels-Data Loss Prevention (DLP) policies-Communication Compliance-Compliance Manager-Collaborate with IT, security, legal, and compliance teams to align Purview configurations with business and regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS).-Conduct data discovery, mapping, and lineage tracking across on-prem and cloud platforms using Purview tools.-Integrate Purview with Microsoft 365, Azure, and third-party data sources for unified data governance.-Monitor and report on compliance scores, risks, and policy violations.-Provide training and documentation to internal teams on Microsoft Purview features and best practices.-Stay updated on Microsoft Purview roadmap and recommend enhancements accordingly. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Data Loss Prevention (DLP)- Strong understanding of cloud security frameworks- Experience in implementing Microsoft Data Security- Knowledge of data encryption techniques- Familiarity with security compliance standards910 years of overall experience in Cybersecurity, Information Governance, or IT Risk & Compliance.Minimum 3 years of hands-on experience with Microsoft Purview.Strong understanding of data protection regulations and frameworks (GDPR, HIPAA, CCPA, ISO 27001, etc.).Experience with Microsoft 365 Compliance Center, Azure Purview, or similar governance tools.Proficient in implementing DLP policies, information protection labels, and auto-labeling. Additional Information:- The candidate should have a minimum of 5 years of experience in Data Loss Prevention (DLP)- This position is based at our Gurugram office- A 15 years full time education is required Qualification 15 years full time education

: Job TitleNFRM Information Security & Technology Risk Specialist LocationMumbai, India Corporate Title Associate Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (5+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 3+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controlsSDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets IT Risk , ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets Stakeholder Management , Team Management Years of Experience required 3 + Years Education Qualification BE, B.Tech , M.Tech , MCA, MBA graduates . Education Degrees/Field of Study required Bachelor of Technology Degrees/Field of Study preferred Required Skills Stakeholder Management Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

Role Description Team / division overview The Operational Resilience team within the Chief Operating Office, drives the execution of the DWS Group Operational Resilience Programme. Operational Resilience describes DWSs ability to detect, prevent, respond to, recover and learn from operational disruptions. On the basis that operational disruption is inevitable, a risk-based and systematic approach to Operational Resilience provides greater assurance to Senior Management that those Business and Infrastructure Functions which deliver the Bank's material business services are adequately prepared for future disruption. In times of crisis specifically, this means minimizing the impact, improving the DWSs response, and maintaining the availability of our most important Business Services to our clients and markets. Your key responsibilities As an Operational Resilience Co-Ordinator you lead the Operational Resilience Operations Team that: Crisis Management Supports Global and Regional Crisis Chief of Staff with Crisis Mgmt information management, training, exercising and lessons learned tracking Maintains and update Regional Crisis Management Contact cards, Email Distribution, SendWordNow and MS Teams Lists. Supports the preparation required for running regional crisis exercises. BCM Oversees non-compliance with Accountable Managers, copying relevant Regional OpRes Lead Analyses continuity risks, including but not limited to concentration risks, single points of failure, recovery capability against DWS Risk Appetite Operational Resilience Supports Important Business Service Managers to coordinate scenario analysis / stress testing for each IBS instance to ensure regulatory requirements are met Coordinates and track through to completion the necessary remediation activities where scenario testing (or other analysis) identifies capability gaps (i.e. expected to be unable to recover services within stated Recovery Objectives) Supports production and maintenance of severe but plausible scenario library Reporting and Tooling support Develops, maintains and issues resilience related risk reporting to ensure proactive business awareness for compliance and vulnerabilities Provides central advisory and support for DWSs adoption of ServiceNow OpRes/BCM Modules Supports production of governance meeting and training reference materials Supports production and maintenance of threat analysis reports Your skills and experience Operational Resilience is a rapidly evolving risk discipline with the sector and regulatory authorities continually learning. We are therefore seeking candidates with a hunger to learn, enjoy collaboration, problem solving and challenging the status quo. Specifically we are looking for: Several years of professional experience in the Financial Services / Asset Management Sector (ideally at DWS/DB), experienced in Operations, Business Continuity, Crisis Management, Audit, Information Security, Compliance, IT Risk, Third Party Risk Management or Operational Risk Management preferred Good knowledge of DWS operations and divisional operating models and ability to translate business strategic changes into areas of emerging risks to support mitigation preferred Appreciation of the regulatory requirements for Operational Resilience (including BCM and Crisis Management) in the asset management area Excellent analytical skills and structured approach; Ability to grasp new topics quickly and create the right framework for further evaluation and implementation Personal initiative, results orientation and leadership qualities with regard to the independent implementation of medium-sized initiatives Demonstrable team leadership, staff development, relationship building skills and problem solving Worked with broad set of stakeholders within a high-pressure dynamic environment Demonstrable ability to understand and engage in business transformation; productively highlight risks and opportunities and effectively manage a successful outcome Advanced knowledge of using MS Excel/ PowerPoint/Word to analyze and present complex issues; other project management, automation and visualization tools are beneficial Excellent communication skills both within working groups and in presenting results in a clear and concise manner Very good knowledge of the English language (spoken and written)

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Software Engineer. In this role, you will: Provide timely and effective technical support to HSBC Fusion users by resolving IT-related incidents and requests through troubleshooting, diagnosis, and problem resolution. Build system domain knowledge across the Fusion estate, to provide guidance on the usage and operation of the Oracle Fusion Platform. Providing technical guidance and communicating technical fixes e. g. Root cause / configurations in a way that is understandable to users and stakeholders. Assist in incident resolution of IT system issues ensuring this is undertaken in a timely fashion and adhering to given Service Levels. The incumbent will need to collaborate and establish good working relationships with key stakeholders, including business team stakeholders, Project Fusion stakeholders, wider POD teams, ERP Strategy and Support Teams Effectively communicate relevant information, products and services to the Service desk team leads, at the right time in an appropriate style, throughout the lifecycle of a service impacting incidents Take ownership and provide a level of service that puts the customer at the heart of everything we do in resolving issues. Build rapport within and across teams, to improve service delivery and achieve bank objectives and maintain a high-performance culture within the IT service desk. Collaboration Seeks, listens to and accepts feedback and uses mistakes, failures and successes as data for future development. Accepts personal responsibility and encourages others in completion of tasks on time and to the highest standards. Highlight the IT Risk associated with the adoption of emerging technology solutions, especially in relation to the externally hosted cloud-based services. Recognizes inefficiencies and suggests ways to improve local risk and compliance processes. Requirements To be successful in this role, you should meet the following requirements: Current System Review: Review how users are currently using the application and discuss any pain points or issues that they are experiencing. Feature Utilization: Assess which features are being fully utilized and which are not. Identify any features that users might not be aware of or using efficiently and conduct appropriate trainings. Optimization: Explore ways to optimize current processes. Discuss any customization options or additional modules that could enhance functionality and highlight the same to business. Training and Development: Conduct targeted training sessions for users. Focus on new features, advanced functionalities, and common issues which would benefit the users. Feedback and Improvement: Provide feedback on the tool s performance and any desired improvements to the vendor. Discuss how the vendor plans to address any reported issues or implement the improvements. Support and Communication: Clarify support channels and escalation paths both for business and IT. Ensure we have a point of contact and an approved process for issues/questions/dispensations and approvals. Be the single point of contact for users for all sorts of communication. Oracle Fusion Functional knowledge on Procurement, Financial and General Ledger modules. Oracle Fusion Certification would be desirable. ITIL (Information Technology Infrastructure Library) certification or equivalent. Excellent communication and interpersonal skills. Strong analytical and problem-solving abilities. Proficiency in IT service management tools and software. Knowledge of computer systems, networks, and software applications. Ability to work in a fast-paced environment, prioritizing tasks and managing time effectively.

Join us as an Application Controls Testing Lead Leading multiple teams, you ll help us to protect the organisation by ensuring that the key controls over our IT applications and technology infrastructure are adequate, effective, and fit for purpose You ll drive the development, improvement, implementation, and maintenance of our technology controls assurance processes, procedures, and scheduling methodology, making sure that the global methodology and supporting processes are consistent, up to date, and fully aligned with necessary requirements You ll enjoy considerable variety and stakeholder interaction, leading regular senior stakeholder engagements, contributing to risk and controls assessments across the bank, and developing our control testing strategy This role comes with flexi-working, so you can start and end work when you want, as long as you work your weekly hours and you re working within core times We are offering this role at director level What youll do As our Application Controls Testing Lead, you ll manage an effective and efficient IT risk and controls assurance function for applications and infrastructure, meeting all policy, legal, and regulatory requirements. In doing so, you ll create a culture of continuous improvement, increasing efficiency and productivity by increasing adoption of automated controls testing solutions and great people leadership, coaching, engagement, and development. You ll develop, implement, and support integrated system solutions that drive efficiency savings, including the potential to utilise external assurance solutions. We ll look to you to build and influence strong relationships with key and senior business and IT stakeholders across the organisation, developing and using these networks for IT internal control requirements and improvements. You ll also lead the engagement with external auditors to communicate IT assurance programme scope, coverage, and testing plans. As well as this, you ll: Maintain and oversee the annual IT assurance schedule for applications and infrastructure technology controls Work together with bank-wide Risk and Controls Self Assessment (RCSA) teams to integrate key technology controls into the RCSAs in line with Enterprise Wide Risk Management Framework (EWRMF) Lead, motivate, and develop your teams to ensure all controls testing is done to high quality Proactively identify barriers to performance and manage improvements, sharing best practices and coordinating resource across your teams to maximise efficiency Drive and measure colleague performance and wellbeing, recognising success, developing talent and promptly addressing development areas The skills youll need We re looking for someone experienced in leading an IT controls assurance or audit function. Along with experience reviewing and assessing the quality of audit and control testing documentation, you ll have the ability to manage multiple projects and teams simultaneously and meet deadlines. We re also looking for: Significant experience in assessing automated controls, data quality controls and IT General Controls in a complex financial services technology environment The ability to drive adoption of automated controls testing solutions and tooling Strong written and verbal communication skills to effectively influence and communicate with senior business and IT stakeholders to drive improvements in the bank s control environment An understanding of internal control frameworks, relevant regulations, industry standards, and their application in technology and financial processes Experience of managing and influencing relationships with business and senior stakeholders and building positive working relationships

Join us as an Application Controls Testing Lead Leading multiple teams, you ll help us to protect the organisation by ensuring that the key controls over our IT applications and technology infrastructure are adequate, effective, and fit for purpose You ll drive the development, improvement, implementation, and maintenance of our technology controls assurance processes, procedures, and scheduling methodology, making sure that the global methodology and supporting processes are consistent, up to date, and fully aligned with necessary requirements You ll enjoy considerable variety and stakeholder interaction, leading regular senior stakeholder engagements, contributing to risk and controls assessments across the bank, and developing our control testing strategy This role comes with flexi-working, so you can start and end work when you want, as long as you work your weekly

Job Description : Approve, within the given mandate, all tier 2-4 Vendor assessments. Advice Global TPCRM and Global DPO on tier 1 Vendor assessments. Collect and evaluate latest Vendor Assurance documents (ISO 27001 certificates and SOC2 statements, tier 1-2) and store them. Escalate high risks to Global TPCRM and Global DPO Launch relevant Vendor assessments (internal and external) Support business departments (Global and OPCOs) and Vendors filling in Vendor assessments Reports: Monthly reporting on Key Performance Indicators (KPI) Reports on Vendor risks, threats or findings Exp : 3+ years Expertise with Vendor Risk Management, GRC, and ISO 27001. Shift timing : 1.00 PM-10 PM IST Hybrid mode of work Location : Hyderabad Notice Period : Immediate- 30 days only.

Role Overview: We are seeking an experienced Audit and IT Control Compliance Professional to join our team in Chennai. In this role, you will be responsible for ensuring that the organization's financial operations and IT systems comply with internal and external audit standards and regulatory requirements. You will also manage compliance with IT controls, including security processes, vulnerability management, patching, and ensuring adherence to industry best practices.Key Responsibilities:- Perform audits and assessments of financial systems and IT operations, identifying compliance gaps and proposing effective solutions.- Coordinate internal and external audits related to IT controls, ensuring timely completion and addressing audit queries effectively.- Review financial data and IT systems to ensure compliance with established audit standards and best practices.- Ensure compliance with regulatory requirements such as SOX, GDPR, ISO 27001, and other relevant standards.- Conduct assessments and reviews of IT controls, including access controls, change management, patch management, and vulnerability management.- Identify areas of improvement in security processes such as patching, security vulnerabilities, and risk mitigation.- Monitor and report on the status of compliance with internal IT policies and external regulatory requirements.- Implement and maintain IT control frameworks and ensure that IT policies, procedures, and practices align with corporate governance.- Collaborate with IT and security teams to assess, test, and validate security controls related to patch management, vulnerability remediation, and risk management.- Participate in security audits, ensuring compliance with security standards and protocols.- Develop and maintain documentation and records for audits, ensuring a traceable and transparent process.- Recommend improvements and assist in the implementation of security measures to minimize risk and protect business-critical data.- Communicate audit findings, issues, and concerns effectively with senior management and relevant stakeholders.- Create clear and concise audit reports detailing findings, recommendations, and required actions to maintain compliance.- Provide expert advice to business units on the implementation of best practices for IT controls and security measures.- Assist in the development of compliance and audit strategies to improve overall business operations.- Stay current with industry trends, regulatory changes, and audit methodologies to ensure continuous improvement in compliance efforts.- Recommend and support the implementation of best practices to improve overall audit and IT control processes.- Support the ongoing training of staff and stakeholders on compliance procedures and security measures.- 5+ years of experience in audit and IT control compliance in a corporate or consultancy environment.- Experience conducting audits in areas such as financial systems, IT controls, and security operations.- Familiarity with regulatory frameworks, including SOX, GDPR, ISO 27001, and NIST.- Experience in identifying, managing, and mitigating security vulnerabilities and ensuring compliance with security processes like patching and risk management.- Strong communication skills, both written and verbal, with the ability to interact with senior management and stakeholders effectively.- Excellent problem-solving abilities and analytical thinking skills.- Detail-oriented and able to maintain accuracy while working with large datasets and complex systems.- Ability to work independently and as part of a team in a fast-paced environment.- Strong organizational skills with the ability to manage multiple priorities and deadlines effectively

Security Risk and Compliance Expert will be instrumental in shaping the global Information Security Management System (ISMS) within our Group Security team. This role involves engaging with various Business Groups and Corporate Functions to identify and manage information security risks, ensuring compliance and enhancing our security posture. Facilitate risk assessments, develop training, and contribute to the continuous improvement of security policies and tools. Enhance the overall security and compliance of services provided to our customers. You have: Master's or bachelor's degree in computer science, security engineering, or equivalent 5+ years of experience in information security in a multinational organization. Solid understanding of information security processes and technologies Practical knowledge of ISO/IEC 27001:2022 standard implementation Excellent documentation and communication skills It would be nice if you also had: Knowledge of security standards like CSA CCM, NIST CSF, NIS2, and SOC2 Experience delivering information security training Familiarity with RSA Archer and Microsoft Power BI or other GRC tools Certifications in information security (e.g., CRISC, CISSP and ISO 27001 LI/LA) Implement and operate the global Information Security Management System (ISMS) to enhance overall security and compliance Conduct risk assessments with global stakeholders to evaluate and report information security risks Develop and maintain the information security risk register, tracking mitigation progress and presenting reports to stakeholders Provide recommendations for security risk mitigation strategies tailored to different business groups Create, update, and maintain ISMS documentation and a repository of reports and audit records Facilitate training sessions to educate employees on ISMS practices and promote a strong security culture Collaborate with cross-functional teams to identify evolving security trends and compliance requirements Contribute to the continuous improvement of Nokia ISMS and related tools, utilizing KPIs to measure effectiveness

Job Title : IT Audit Compliance Lead Department : Information Technology , No of Vacancy : 1 Location : Thrissur , Kerala Experience required : 8- 13 years Responsibilities : • To drive and supervise IT related audits with internal and external stake holders ensuring successful end to end audit cycle. • Supervise and guide audit team at IT Dept and ensure they meet assigned tasks in prompt and efficient manner. • Managing and coordinating major audits such as RBI CSITE IT Audit, IS Audit (external & Internal), Statutory audit, vendor audits etc. • Coordinating with external auditors on the audits conducted in IT Department and providing responses to audit queries / remarks and providing added evidence requested by auditors. • Conducting discussion on draft audit reports for finalization of the same with the auditors . • Escalating delays in closure/response with SI and other internal or external stake holders. • Participation of various discussions on audit interviews and also on determining closing timelines and methods. • Participating in various committees like IT Steering Committee, ISGC, ACE, on need basis. • Timely provision of ATRs for Committees. • Sending Audit dash boards to top management. • Preparation of vertical related notes to ED and various Committees. • Participating in Regulatory change management meeting with SI for following up of audit related regulatory changes. • Work with IT Leads and Process Owners to step up compliance on audit observations and closing the same. • Responsible for establishing, maintaining, coordinating, and overseeing Audit, compliance with policies and procedures regarding the confidentiality, integrity, and security of information assets. Key Competencies : • Intermediate level knowledge on IT & InfoSec aspects. • Strong knowledge on MS Office package • Data Analysis and Data interpretation skills • Good communication and presentation skills Qualification Required : MCA / B Tech in IT with all round IT exposure of 7+ years Note: InfoSec/ IT-Audit related certifications like DISA, CISA preferred

Join us for a role in " Technology Assurance - AVP" at Barclays, where youll spearhead the evolution of our digital landscape, driving innovation and excellence. Youll harness cutting-edge technology to revolutionize our digital offerings, ensuring unapparelled customer experiences. To be successful as an Technology Assurance - AVP, you should have experience with: Key technology and cyber risk areas, like Cloud, Networks, Identity and Access management, Active Directory, Cryptography, Resilience and Recovery at both application and infrastructure level. Core Infrastructure like Servers, Middleware, Database, Operating System, Cloud (AWS, Azure), Network Devices. Conduct IT risk assessment by understanding business objectives, internal controls, enabling technology, and IT infrastructure. Perform testing work over various technologies utilized by the company and various IT functions. Assess both the design and operating effectiveness of internal controls. Some other highly valued skills may include: Hands-on Data Analytics using Python, SQL programming. Extensive knowledge of technology risk and control including relevant tools and techniques. Strong stakeholder Management. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. Location: Pune. Purpose of the role To partner with the bank, to provide independent insurance on control processes and advise on improvements to ensure the efficiency and effectiveness of the bank s internal controls framework. Accountabilities Collaboration across the bank to maintain a satisfactory, robust, and efficient control environment through the execution of ad-hoc assessments and testing on the design and operational effectiveness of the internal controls, aligned to control policies and standards. Development of detailed test plans and procedures to identify weaknesses in internal controls and other initiatives aligned to the bank s control framework to mitigate any potential risks and issues, prioritised by its severity to disrupt bank operations, potential losses, and reputational impact. Communication of key findings and observations to the relevant stakeholders and business units to improve overall control efficiency and provide corrective actions to senior managers. Collaboration with other control professionals to resolve complex issues and ensure consistent testing methodologies across the bank. Development of a knowledge centre containing detailed documentation of control assessments, testing on design and operational effectiveness of procedures, findings, and the distribution of material on internal controls to train and upskill colleagues within the bank. Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/ business divisions. Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes. Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues. Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda. Take ownership for managing risk and strengthening controls in relation to the work done. Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy. Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc).to solve problems creatively and effectively. Communicate complex information. Complex information could include sensitive information or information that is difficult to communicate because of its content or its audience. Influence or convince stakeholders to achieve outcomes.

Job Description Job Title NFRM Information Security Technology Risk Specialist Location Mumbai, India Corporate Title Associate Role Description An Information Technology Security Risk Specialist to join the 2nd LoD Information Security Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (5+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 3+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controls SDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How we ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

The Information Security Analyst will be responsible for the development, implementation, and maintenance of the FA s information security program. The successful candidate will have experience with all the information security domains of ISO 27001:2022 standard. Responsibilities will include: Assist in developing and implementing policies, procedures, and guidelines related to information security Assist in conducting periodic risk assessments and audits to identify potential vulnerabilities, threats, and risks. Assist in developing and implementing Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP). Collaborate with other teams to ensure the security of our systems, applications, and data Work with infosec team in providing guidance and support to the organization on information security-related matters Stay up-to-date with the latest developments in information security and recommend improvements to the Information Security Program as necessary Qualification and experience: Bachelors degree in computer science, information technology, or related field Experience: Minimum 1-2 years (s) of experience in hands-on experience in managing information security Other Knowledge, Skills, Abilities or Certifications: (First list requirements, followed by preferences.) Experience with Business Continuity Planning (BCP). Basic knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, CIS). Understanding about vulnerability management, risk assessments, and audits. Understanding incident response, disaster recovery, and business continuity planning. Basic understanding of network and system architecture. Excellent communication and collaboration skills. Relevant certifications (e.g., ISO 27001:2022) are a plus Work Location : Bangalore (Hybrid Model) (Only Bangalore based employees can apply) Shift timing : India business hours (should be flexible to work as per the modified business hours in case there is a need) Joining time: 2 nd June 2025 United States Equal Opportunity Employment: First Advantage is proud to be a global leader in removing barriers and supporting our community members to ensure the changing demographics of the workforce are reflected in our hiring and employment practices. We value all of our candidates, employees, and clients, and place great emphasis on hiring and supporting qualified individuals in each role. We are an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, genetic information, or any other area protected by applicable law.

Role : Cyber 3rd Party Risk Analyst Job Description : Cyber & Information Security team is seeking a Third-Party Security Analyst. Reporting to the Director of Cyber & Information Security, the analyst will perform third-party security assessments. You will work with a team of professional Security Analysts leveraging Next Gen security tools to perform the full lifecycle of third-party reviews from onboarding to real-time monitoring of vendors and suppliers. Total Experience 4 to 6 years. Responsibilities, Functions and Duties : - Conduct technical security assessments of third-party vendors, suppliers and partners by reviewing their security controls, adherence to regulations, compliance and contracts. - Analyze third-party security assessment findings and document security risks within the management software for tracking of risk reporting. - Coordinate with various stakeholders to verify and remediate security risk findings. - Develop KRIs and KPIs around third-party risk assessments and the remediation of key findings. - Develop, Update, and Publish Policies and Standard Operating Procedures for third-party risk management. - Continuously monitor for active vulnerabilities and cyber events against our vendors and suppliers. - Participate in third-party cyber incident response by reaching out to impacted vendors and tracking remediation. - Be an ambassador for Cyber & Information Security within Crum & Forster. Requirements Knowledge and Requirements : - Previous experience performing technical security audits or third-party assessments. - Understanding of current Cyber Vulnerabilities & threats. - Knowledge of security assessments (SOC reports, ISO/NIST, vulnerability and pen testing assessments). - Fundamental understanding of system and network security principles and technology. - Ability to interface with a wide audience of technical and non-technical personnel. Cyber 3rd Party Risk Analyst - Ability to prioritize and manage workloads and deadlines. - Excellent written and verbal communication skills. - Self-starter who is motivated and driven to learn. - Bachelors degree in a technical discipline or equivalent experience Preferred Qualifications : - Prior experience and/or certifications in AWS, Azure, and/or GCP. - Experience in performing third-party assessments of SaaS providers and vendors operating in cloud environments. - Experience performing risk assessments. - Any Security focused Certifications. - 3-5 year Cybersecurity related experience.

Pro-active communication approach with local AZT / AZS entity colleagues, especially building strong relationships with other key / safeguarding functions Actively supports the implementation of the Risk Policy Framework (Risk Policy, Risk Strategy, NFRM policy) and Control Assurance Report. Support running Risk Reporting in time and quality, report of any material risk management related information to relevant stakeholders Support timely execution of the risk management lifecycles (NFRM, ERM, SoG) and drive for full compliance with AZ Technology Risk Framework (Risk Policy, Risk Strategy, NFRM Policy). Support implementation and coordinate Top & Emerging Risk assessments process. Support maintenance of an oversight on IT RM - ARA coverage (having strong interaction with Local ISO). Coordinate activities with other safeguarding functions, in particular Data Privacy, Information Security, TPRM, Protection & Resilience, Compliance, Legal. Have a coordinated view on risks. Coordinate risk assessments supporting the business in control implementation, documentation and performance, development of mitigation plans and its follow up. Perform project risk assessments reviews and decisions in the relevant tool, in an accurate and timely manner. Keep up to date RM tools (ServiceNow and ORGS), ensure consistency between what is reported in the systems and reality. Keep up to date the Regions MS Teams Repository. Support the timely delivery and high quality of the Control Assurance Report and other related audit reports by emphasizing on the comprehensive coverage, quality and effectiveness of the internal control system. Support awareness sessions in the location, and with the OE to explain the CAR results. Support the NFRM Testing Plan with the execution of 2nd LoD testing activities, and coordination of updated testing dates (working with Internal Audit, external audit plans, and compliance, as necessary). Qualification, Experience, Technical and Functional Skills Degree holder Relevant Certifications like C-Risk, ISO 31000 Certified Risk Management, COBIT Multi-year professional experience in different areas of IT risk management or other safeguarding functions. Experience in IT Risk management,. ISO, IT Security etc Good understanding of the risk categories: operational risk, IT risk, project risk, third party risk, business risk. Good knowledge of supplier relationships and outsourcing management Basic knowledge of local regulatory environment and standards like: COBIT 2019, COSO, and ISAE/SOC Strong communication and conflict management skills Advanced skills in MS Office, knowledge of ORGS, SNOW is a plus Fluent in English (oral and written) Ability to work in an international team in a global set-up

Role & responsibilities Strategic Planning Create forward looking view of what the strategy should be with regard to Risk & Control in AM IT Relationship management Build and maintain relationships within WPB Cyber, CCO tech, ITSO, AM CITRO, Risk and Control Organization, ITID and 2nd line risk Knowledge Drive culture change around Risk & Control Consult on technology projects, providing support during IT audits Share best practice with the WPB Risk and Control Organization Provide guidance and help to IT delivery teams regarding security solutions to enable faster delivery of IT Systems Collaborating with IT development teams and other teams working closely in a DevOps and agile development processes Support the Safe and Secure development framework ensuring developers are coding in-line with security standards, practices and industry best-practice Stakeholder Management/Governance Partner with the AM business and Risk Functions to promote and provide support to relevant policies, standards and governance within AM IT Provide regional stakeholder updates with respect to global IT Control uplift programs Support IT engagement with internal / external / client audit and Regulatory Exams, including oversight of field work, collation of artefacts and partnership with CCO tech to remediate issues Attend relevant governance forums and where applicable provide appropriate MI Prepare the RCMM deck Communicate residual risk through reporting, business governance processes and forums Preferred candidate profile Partner and contribute to the risk & control agenda for AM IT Delivery of risk & control projects and programmes for AM IT Assist service owners in responding appropriately and effectively to firm-wide risk, cyber, internal, and external audits Contribute in evidence collection in delivery of external audits Partner with service owners, AM CITRO and 2nd line risk to identify and assess controls, determine mitigating actions and remediation activities, and understand the overall risk profile Advocate and support initiatives to improve accuracy across all Enterprise Golden Source data repositories Provide technical knowledge to support secure development of applications and remediation programs Provide visibility of status of action plans and external/internal audit issues Coordinate response to ICMP testing Support in mitigation of Risk Issue and Action Plan. Challenge where appropriate, decisions made on control implementation Review allocation of issues to AM IT and agree categorization of high/medium/low with audit and CCO tech Approve the raising and closure of regional IT issues, action plans, but look to automate process Fulfil DBIRO responsibilities for AM IT Advocate security policies and standards to wider IT team Support new IT projects with initial risk assessment, providing consultancy and guidance on controls and policies. Support where necessary key WPB security uplift initiatives Contribute to review of security standards and procedures Providing support for automated application security tooling working with Cybersecurity as necessary Interpret and advise on the results from security testing to both technical and non-technical audiences

Job Title:IT SOX Risk Management Experience5-10 Years Location:Bangalore : IT SOX, Risk Management, Audits & Business Continuity Planning

IT SOX Compliance Analyst - Docusign0 Job Title: IT SOX Compliance Analyst (Second Shift) : We are seeking a motivated and detail-oriented IT SOX Compliance Analyst to support our Sarbanes-Oxley (SOX) compliance initiatives, with a focus on IT General Controls (ITGCs) and IT application controls. This role requires collaboration with internal audit teams and IT control owners to ensure effective control design, implementation, and remediation. The position is aligned to support global teams, requiring availability during the 2 PM to 11 PM IST shift. Key Responsibilities: Support the assessment, design, and implementation of IT General Controls (ITGCs) and IT application controls across key systems. Collaborate with internal audit and IT control owners to evaluate risks, discuss control deficiencies, and support audit-related activities. Assist in the preparation of documentation, including control deficiency memos and remediation plans. Oversee and facilitate end-to-end IT control walkthroughs to ensure proper documentation and understanding of control processes. Skills & Qualifications: Solid understanding of the Sarbanes-Oxley (SOX) Act, specifically ITGC and IT application control requirements. Experience in internal audit, IT risk management, and control testing. Strong communication and documentation skills, with the ability to work cross-functionally. Must be available to work during the 2 PM to 11 PM IST shift to support global operations.