297 It Risk Jobs - Page 6

The candidate shall perform comprehensive technical risk assessment which shall assist in identifying and remediating the risks. He/ She shall also have a change to represent ITRO to various stakeholders across IT verticals providing him/her visibility JOB FUNCTIONS AND RESPONSIBILITIES Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference frameworks like COBIT, ITIL and ISO 20000 Conduct IT SOX Testing Work closely with the Enterprise Risk Management team and ensure risks are reduced or maintained at minimum levels Assist in development of IT risk policies, standards, and procedures Ensure policy and procedure artifacts pertaining to IT Risk-Service and Infrastructure Management, (including but not limited to incident response, segregation of roles and responsibilities, risk register, etc). are up-to-date and regularly reviewed by appropriate management EDUCATION / EXPERIENCE: Graduate BE / BTECH with 3-6 years of experience in IT risk assessment

Detailed job description - Skill Set: Technically strong hands-on Self-driven Good client communication skills Able to work independently and good team player Flexible to work in PST hour(overlap for some hours) Past development experience for Cisco client is preferred.

POSITION SUMMARY: The candidate shall perform comprehensive technical risk assessment which shall assist in identifying and remediating the risks. He/ She shall also have a change to represent ITRO to various stakeholders across IT verticals providing him/her visibility JOB FUNCTIONS AND RESPONSIBILITIES Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference frameworks like COBIT, ITIL and ISO 20000 Conduct IT SOX Testing Work closely with the Enterprise Risk Management team and ensure risks are reduced or maintained at minimum levels Assist in development of IT risk policies, standards, and procedures Ensure policy and procedure artifacts pertaining to IT Risk-Service and Infrastructure Management, (including but not limited to incident response, segregation of roles and responsibilities, risk register, etc.). are up-to-date and regularly reviewed by appropriate management EDUCATION / EXPERIENCE: Graduate BE / BTECH with 3-6 years of experience in IT risk assessment WORK SCHEDULE 2pm to 11pm

Hiring for IT audit and compliance. Compliance, DPDP, IT Audit, ISO 27001, RBI regulation, Excellent communication Loc- Andheri- Marol Exp- 3+ years Apply/share resume to preethi.kumar@harjai.com

Job Requirements IT/OT Auditor Perform assigned internal audit engagements in the domain of IT and Operational Technology (OT) for ACWA POWER group, from start to finish, inclusive of preplanning, wrap-up activities ensuring application of risk and control concepts to scenarios encountered and identify any potential issues. Job Specific Accountabilities: Perform IT/OT Audits, Cybersecurity reviews, advisory engagements and other influencing activities in highly technical areas of current/emerging technologies within ACWA Power Group. Adapt the audit approach to the ever-changing technology landscape and deliver critical and complex technology audits that impact the group-wide internal controls. Develop detailed Audit Program/Risk & Control Matrix (RCM) for the assigned audit, including potential risk, key controls, audit procedures and the use of audit techniques and tools to evaluate governance, risks, and controls processes. Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, sampling method, etc. Identify high-risk areas, key control points, root causes and implications in relation to IT/OT environments reviewed. Prepare audit report with the conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems, and recommend improvement options to rectify reported deficiencies. Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures. Appraise the adequacy of the corrective actions taken by management on audit recommendations through follow-up audits and periodically review and update the status of management action plans. Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit activities, performance, significant risk exposures, controls/governance issues, and other related matters. Provide relevant business and technology insights into the current, emerging & potential technology issues, trends & opportunities affecting ACWA Power Group. Participate in conducting special reviews and undertake administrative duties as directed by Management. Supplement integrated audits and support business and group auditors in reviewing the technology controls within an operational audit. Minimum Qualification: Bachelor's Degree in Computer Science or related Technology discipline, or equivalent discipline. Minimum Experience, Knowledge & Skills: 5-7 years of varied experience in IT internal auditing and a minimum of 3+ years of work experience in Operational Technology or Industrial Control Systems. Expertise in developing or reviewing IT/OT security programs and conducting cybersecurity assessments for IT/OT environments including ICS, SCADA systems etc. and associated OT network architecture. Solid foundational knowledge of IT/OT security landscape including but not limited to, network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and OT integration with traditional IT systems (IT and OT Convergence). Solid understanding of OT security technologies such as Data diode, EDR, Antimalware, patch management, SIEM solution etc. Advance technical knowledge of different operating systems, databases, network infrastructure components (routers, switches, firewalls etc.). Advanced knowledge of OT/ICS-related standards like IEC 62443, NIST 800-82. Knowledge and understanding of Regulatory Standards such as NCA (ECC, OTCC, CCC etc.), NESA, ISR etc. Knowledge and experience with OEMs Honeywell, Yokogawa, Siemens etc. systems will be added advantage. In-depth knowledge of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, ISO27000, NIST) and their interpretation/application to IS/IT auditing practice. Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action. Expertise in collecting and analyzing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions. Extensive knowledge of planning and project management areas. Professional Certifications: IT audit certification such as CISA OT or ICS-related certifications are highly desirable. Other related certifications (CISSP, CISM, GIAC, GICSP, IEC-62443 etc.) are preferred.

About The Role Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Analyst Qualifications: Any Graduation Years of Experience: 3 to 5 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. Automated/IT control testing experience is required What are we looking for Commitment to qualityWritten and verbal communicationRisk managementAbility to work well in a teamAbility to meet deadlinesAutomated/IT control testing experience is must Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Consultant Specialist In this role, you will: Understand and Translate organization goals those are relevant to your services and define Service level objectives (SLO s). Ex (Reduction of incidents, Improve Service availability, Sustain/ improve SLAs). Define and Agree SLA s with upstream and down stream systems including regulatory feeds. Understand IT Risk related controls and ensure all your services are compliant. (Identity access management, Change Management, Release & Incident management etc. Run the Incident management Triage calls and make quick decisions on service recovery. Build Service improvement plans come up with estimations and agree with business to get funding. Work with vendors to define Success criteria for Service improvements and execute Outcome based contracts. Come up requirements to build observability dashboards as per industry standards. Review your services for Hardware and software Upgrade requirements and plan for remediation. Define and improve release checklist for all the changes going to production. Service Sustainability Periodic check wi. r. t Capacity requirements of your service and get necessary funding from business. Come up with strategy to proactively identify inactive roles, users, processes and data that is no longer required and demise those in automated way. Build/sustain and upgrade CI/CD pipelines to maintain/sustain automated deployments. Have excellent understanding of financials and have visibility on above deliverables, compliance, automation usage to reduce efforts, budget spend tracking for variances, provide timely governance around Exposure, solutions design wherever suitable. Creating Service level indicator (SLI s) reports for senior stake holder forums Conduct periodic meetings (OPCO) with Business owners to review your service. Manage support teams including Perm Staff and contractors Requirements To be successful in this role, you should meet the following requirements: Bachelor s degree and above and IT related field. Should have worked in IT related production support roles at least for 7+ years. Proven track record of managing production support teams in PHP, Oracle, Java, HTML, Testing & Migration projects. Good understanding of SRE concepts like SLA, SLI, SLO and Observability. Proven track record in identifying opportunities to manage RTB costs or budgets. Proven track record of working with Vendor organizations and executed contracts. Knowledge and exposure of processes related to Incident, problem, change and Release management. Strong interpersonal skills with ability to build & maintain relationships and work collaboratively across boundaries. Ensure an effective engagement process is in place that is demonstrably adding value to all target stakeholders.

Summary: Are you energised by a high-profile Risk management & Controls role that allows you to shape risk and controls programs and challenge organisational thinking to make informed business decisionsIf so, this Technology Risk and Governance role could be an exciting opportunity to explore. Within the Global Finance organisation, Finance Risk Management & Controls (FRMC), the Finance 2nd line team, is key to determining the level of risk which is acceptable to the organisation while developing business and operational opportunities. This global role leverages deep expertise in IT risks and controls to manage and oversee the Finance IT control environment. The Director is charged with ensuring robust governance, monitoring, and continuous improvement of IT risks impacting financial controls, including SOX compliance, transformation, and the integration of innovative solutions such as RPA and data analytics. This role requires seamless collaboration with the Digital & Technology (D&T) organisation, Finance, and external audit teams to deliver strategic objectives, mitigate risks, and drive operational excellence. Role Responsibilities: Oversight: Partner with the D&T leadership team and Sox Ops team to ensure combined oversight of the quality of IT Sox testing in order to meet the Finance requirements. Lead on IT Application Controls, BOTS, interface controls, and key reports used in controls to ensure compliance with established frameworks and regulatory requirements. Accountable for the relevant SOX Board papers preparation including status update on SOX testing results and progress of remediation activities. Scoping: Lead the scoping for Finance on the technology relevant for SOX purposes, ensuring that all relevant IT systems and processes are thoroughly evaluated for risk and control implications. Leadership in Change & Transformation: Provide leadership and support to change and transformation projects that address technology risks and business risks, including M&A activities, to ensure Finance 2nd line objectives are met. Governance of RPA in Finance: Establish and oversee governance protocols for robotic process automation (RPA) embedded in Finance, including new implementations and changes to existing RPAs. Collaboration & Partnership: Interface with the Digital & Technology organisation and partner and influence the D&T leadership team and GRC team to monitor IT risks relevant to the Finance control environment, driving collaboration and accountability. IT Governance Representation: Act as an integral member of IT governance forums, influencing decision-making and ensuring Finance s voice is represented. SOX Maturity Programme: Support the execution of the D&T SOX Maturity Programme, representing the Finance organization and ensuring Finance leadership is overseeing the delivery of required actions and milestones. SAP S4 Hana Implementation: Provide oversight and support for the design and implementation of SAP S4 Hana, ensuring SOX IT control design aligns with Finance requirements. Key IT Controls: Oversee the execution of key IT controls, such as Finance SOD monitoring controls, to safeguard the Finance control framework. Risk Lens in Business Walkthroughs: Support business walkthroughs with an IT risk and control perspective, enabling informed decisions and risk mitigation. Continuous Improvement: Lead continuous improvement initiatives in the control framework, leveraging enabling technologies and continuous control monitoring to enhance processes and reduce risks. Data Analytics Strategy: Design and oversee the data analytics strategy for the FRMC team, supporting initiatives that enhance data-driven decision-making and risk assessment. Qualifications and Skills 15+ years experience Experience at Big 4 (Deloitte, EY, KPMG, PWC) SAP and Cloud infrastructure experience Understanding of information security technologies Experience of internal and/or external regulatory, Sarbanes-Oxley environment and technology industry standards Experience and understanding of financial reporting risks and controls Required Licenses/Certifications: CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CA/CPA (Chartered Accountant/Certified Public Accountant) or equivalent Care to join us. Find out what life at Haleon is really like www.haleon.com/careers/ .

You will be responsible for delivering a key 2024 Operational Resilience-focused commitment that is being tracked in IT Risk. This will involve implementing a production CMDB, extending discovery of the IT Estate into lower environments and cloud DCs, and integrating ServiceNow with critical upstream systems including Mprove to provide traceability of business service to application service. Your role will also include optimizing the ServiceNow platform to ensure the bank's significant investment is maximized. To be successful in this role, you must have the ability to resolve technical and application configuration issues, effectively communicate issues and solutions to both technical and non-technical audiences, with a core initial focus on CMDB. Demonstrated real-world experience of CMDB implementations is a must-have. You should also be able to configure the ServiceNow platform in adherence to established technical best practices, translate user stories into practical ServiceNow solutions, and work with our ServiceNow developer on feature design and implementation, continuously aligning with the Now Create methodology and ServiceNow best practices. Additionally, you will attend and contribute to functional design workshops, crafting design specifications that hinge on out-of-the-box functionality and functional requirements. You will actively participate in all facets of an agile team, including daily standups, sprint planning, release planning, and backlog refinement. If you are looking for a challenging role where you can utilize your technical skills and contribute to the operational resilience of the organization, this position may be the right fit for you. Kind regards, Siddhi Mishra +91 6264087588,

Manager - Technology Risk Assessment Team - Technology Risk & Compliance ,Compliance Location - Bangalore The PhonePe Technology Risk and Compliance team plays a critical role in the successful execution of the firm's compliance mission. The Tech Risk and Compliance function ensures the development and maintenance of a strong compliance culture by developing and maintaining program infrastructure that identifies, measures and monitors compliance with applicable laws, regulations and rules that govern our business globally. Compliance teams work closely with Engineering, SREs, business, legal and other functions to provide expertise on regulatory compliance matters; assess and measure compliance and related risks and monitor and test the adequacy of the firm's compliance control environment. Roles and Responsibilities: To review PhonePe products, processes and environment from the perspective of security, regulatory compliance and best practices. To conduct due diligence on new and existing technology implementations across business units at PhonePe. To provide support to internal departments in areas of compliance with regulatory bodies (i.e. RBI, NPCI, SEBI, IRDAI, UIDAI), and implementation of security related requirements from circulars issued by regulators. To collaborate with product/business/engineering teams to implement compliance plans to mitigate risks in the early stage of product development To create control frameworks in guidance of the team and conduct gap assessment against security practices, various regulatory guidelines and compliance requirements Must Haves: 7 to 9 years of relevant work experience, B. Tech Prior people management experience. Strong understanding of ITGC domains and business processes. Experience in managing audits and implementing cyber security controls, NIST, PCI DSS standards, ISMS etc., Certifications such as ISO 27001 / CISA / CISM / CISSP preferred. High ethical standards and are able to work diligently to complete your duties. Analytical mind able to see the complexities of procedures and regulations. Demonstrate the ability to plan and execute projects with minimal management support. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

: Job TitleNFRM Information Security & Technology Risk Specialist LocationMumbai, India Corporate TitleAssociate Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (5+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 3+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controlsSDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How well support you

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITRS, Knowledge about regulators RBI, IRDA, SEBI Experience in PCI DSS, ISO 27001, SOC 2, GDPR, RBI guidelines Experience in audits & risk assessments.

New requirement - JD for Cybersecurity risk manager: Key responsibilities As a Cyber Risk & compliance Professional in our Group CISO office, you will be occupied in the following domainsa) Risk management b) Compliance.This role is responsible for planning, managing and coordinating various cybersecurity risk management activities focused on identifying, assessing, and mitigating risks for the enterprise from a business perspective. Skill requirement: Degree, or equivalent, in Information Security or Cyber Security or Computer science or similar course Self-motivation to continuously develop in the areas of cybersecurity Ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience Cyber / technology risk assessments & management methodologies Hands on with assessment report preparation and presenting to senior technical and business stakeholders Articulative and confident in presentation to senior stakeholders Knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Advanced knowledge and understanding of ITGC, NIST 800-53, NIST CSF controls and Risk management frameworks Expertise in complex business processes and technological risks Deep understanding of security technologies including firewalls, proxies, SIEM, XDR, CSPM, IGA, PAM, Data protection Experience8 12 years. Applications from people with disabilities are explicitly welcome.

3 - 15yrs exp in IT & IT Security across various levels Certified in ISO 27001: 2013 /ISO 22301:2019 Preferred Enterprise IT Governance including knowledge of IT risk management & controls Strong PPT creation & design Func as SPOC for IT GRC & Audits Required Candidate profile Manage establishment of operate & tech decision-making process to ensure IT svc are align to organization priorities & risk appetite Prep sec dashboards with KPIs, sec metrics for CISO presentations Perks and benefits +++ Mediclaim + 10% perf bonus + 30% Company Bonus

Job Description: You are Responsible for Below are the roles and responsibilities of the candidate Assists the senior management in defining the control objectives and monitoring compliance efforts. Manage organization's compliance with the Sarbanes Oxley Act. Develops processes to ensure compliance with all SOX requirements. Designs and administers internal controls over financial reporting relating to the IT automated controls. Reports test results to the top management. Review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to the senior management. Serve as a liaison between internal and external auditors. Stays abreast of changes in SOX regulations to ensure timely compliance. Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures. Responsible for maintaining and updating all aspects of the internal SOX compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls. Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Develop and conduct SOX compliance training for employees. To succeed in this role you should have the following Applicants should be a University Degree holder (preferably Master degree), CPA or Chartered Accountant (or equivalent), Certified Information Systems Auditor (CISA) with 5+ years of experience in Finance / Internal/ IT Controls/Audit and relevant business area. Knowledge of SOX and IT controls. Big 4 public accounting experience with Fortune 500 clients. Extensive knowledge of the internal control framework (specifically COSO) and a solid understanding of the concepts of control design and operational efficiency. Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts. Strong risk management experience, including: performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Experience working in a dynamic IT environment similar to a high tech start-up. Experience of solving multiple and complex challenges. Exposure in audit planning and execution, controls operation, and handling audit queries with external/internal auditors. Strong governance, risk and assurance management background which encompass knowledge of corporate governance, control framework and risk. Aptitude for leading teams; influencing and galvanizing others to follow you toward a solution. Ability to guide and train team members. Strong interpersonal written and oral communication skills. Solid organizational skills along with an aptitude for information technology. Excellent analytical skills Understanding of business drivers and related risk and ability to interpret the relevant management information is appreciated. Good communication and Analytical skills Having risk and controls mindset Ability to challenge and open to different views and opinions. Self-starter and ability to manage diverse cultural/ethnic sensitivities. Ability to deal effectively with complexity and having focus on details. Ability to prioritize and ensure delivery of priorities. Quick learner and resilient Mandatory Skills :Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist. In this role, you will: Partner with IT Service Owners and Service line head to identify and assess controls, determine mitigating actions and remediation activities, and understand the overall risk profile. Partner with the Business service owners, Business Risk and Chief Control Office Technology functions to promote and provide guidance to relevant policies, standards and governance within the department. Provide updates with respect to global IT Control uplift programs to stakeholders. Lead IT engagement with internal / external / client audit and Regulatory Exams, including oversight of field work, collation of artefacts and partnership with CCO tech to remediate issues. Communicate residual risk through reporting, business governance processes and forums. Provide visibility of status of action plans and external/internal audit issues through different MIs/Dashboards Act as a gatekeeper in collection of artefacts and / or evidence for internal/external audits and assessments, and act as POC for auditors and reviewers. Lead the delivery of risk control projects and programmes for the IB RASF IT. Assist IT Service Owners in responding appropriately and effectively to firm-wide risk, Cybersecurity and corporate control initiative. Drive ownership and accountability for Risk/Issue and Action Plan Ownership within Service line. Ability to converse with technical teams and assess their solutions for gaps and issues as well as propose mitigating or compensating controls. Manage the Risk Acceptance and Exception process through group standard process. Attend relevant governance forums to represent service line risk position and remediation plan through different MIs. Requirements To be successful in this role, you should meet the following requirements: Minimum Bachelor Degree and/or experience in IT Risk and Control, IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provide Experience of a control (Risk Management) environment, including reviewing adherence to/enforcing/promoting policies and standards Excellent communication skills to articulate at a senior management level, to peers at Group level and to external organizations (Clients, Auditors, Regulators). Ability to communicate technical subject matter to non-technical stakeholders Proven ability to prioritise competing demand Demonstrated ability to assess risk trends Risk and Issues management - including escalation Positive and professional attitude, team player, flexible and adaptable, open to change(s) Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English Demonstrated ability to rapidly build relationships with key stakeholders

If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of DBS Senior Control Tester. In this role, you will: Carrying out thorough preparation, driving and participating in execution of a wide range of Technology control testing activities Timely delivery of control testing and being transparent and accurate in the completion of testing deliverables Applying judgment in relation to the identification and publication of control testing findings through identifying the key risks and issues Embedding quality into the control testing deliverables and ensuring compliance with the CCO Control Testing Methodology Providing expertise and guidance on control testing across CCO and applying critical judgment and decision making in relation to the identification and publication of control testing findings through identifying the key risks and issues Maintaining working relationships with key stakeholders including keeping abreast of key business, regulatory and industry developments and any changes to procedures and practices Supporting the preparation of testing reports to inform key stakeholders of the outcome of testing and review work. Track and follow-up actions identified as a result of testing and review work and escalating when necessary. Understand, follow and demonstrate compliance with all relevant internal and external rules, regulations and procedures that apply to the conduct of the business in which the jobholder is involved, specifically Internal Controls and any supporting policies and procedures. Requirements To be successful in this role, you should meet the following requirements: Minimum 3 - 5 years of relevant experience in IT controls testing in Financial Service industry / Process assessment experience. ITGC, SOX, NON-SOX, Internal Control, Automated control Testing (BACs) The successful candidate will also meet the following requirements: SOC IT Risk qualifications (CRISC, CISM, CISA, CISSP or equivalent) are desirable. Demonstrable knowledge in Technology control testing and risk management, internal control, or internal audit preferably within a financial / banking services operations environment Self-starter and effective collaborator

As a Software Engineer III at JPMorgan Chase, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable way. You are responsible for carrying out critical technology solutions across multiple technical areas within various business functions in support of the firm s business objectives. Job responsibilities The Alternatives Technology team is currently seeking an application developer to join and drive a team responsible for the design and delivery of strategic solutions to support Alternative Investment businesses. The successful candidate will be from a server side development background, have a proven track record in designing and delivering distributed, event driven services and be able to demonstrate a detailed knowledge of architecture principles and software development best practices Expertise working in an Agile project environment, with the ability to work with the Product Owner and SCRUM Team on all aspects of the project; from development of the product vision and business case, through to delivery of product increments. An understanding of code quality, code security and application quality KPIs; in order to provide project metrics and data to enable development teams to make intelligent decisions throughout the delivery lifecycle. The ability to facilitate development and architecture discussion, through a detailed understanding of current application development tools and techniques. A strong focus on engineering excellence and compliance with all corporate, regulatory, IT risk and architecture policies Results orientated Drives results through people, communication, influence and interaction Required qualifications, capabilities, and skills Formal training or certification on software engineering concepts and 5+ years applied experience Extensive Java development including areas such as Spring, Spring Boot and experience in React. Knowledge of web service technologies such as REST and JSON. Knowledge of application security areas authorization, authentication, encryption Multi-threaded application development experience. Automated testing techniques - especially BDD, experience working with Sonar, SSAP, JIRA, GIT, Maven etc. Strong written and oral communication skills, strong team working skills and the ability to work on multiple parallel work items with other developers, analysts etc Preferred qualifications, capabilities, and skills Familiarity with modern front-end technologies Exposure to cloud technologies/AWS As a Software Engineer III at JPMorgan Chase, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable way. You are responsible for carrying out critical technology solutions across multiple technical areas within various business functions in support of the firm s business objectives. Job responsibilities The Alternatives Technology team is currently seeking an application developer to join and drive a team responsible for the design and delivery of strategic solutions to support Alternative Investment businesses. The successful candidate will be from a server side development background, have a proven track record in designing and delivering distributed, event driven services and be able to demonstrate a detailed knowledge of architecture principles and software development best practices Expertise working in an Agile project environment, with the ability to work with the Product Owner and SCRUM Team on all aspects of the project; from development of the product vision and business case, through to delivery of product increments. An understanding of code quality, code security and application quality KPIs; in order to provide project metrics and data to enable development teams to make intelligent decisions throughout the delivery lifecycle. The ability to facilitate development and architecture discussion, through a detailed understanding of current application development tools and techniques. A strong focus on engineering excellence and compliance with all corporate, regulatory, IT risk and architecture policies Results orientated Drives results through people, communication, influence and interaction Required qualifications, capabilities, and skills Formal training or certification on software engineering concepts and 5+ years applied experience Extensive Java development including areas such as Spring, Spring Boot and experience in React. Knowledge of web service technologies such as REST and JSON. Knowledge of application security areas authorization, authentication, encryption Multi-threaded application development experience. Automated testing techniques - especially BDD, experience working with Sonar, SSAP, JIRA, GIT, Maven etc. Strong written and oral communication skills, strong team working skills and the ability to work on multiple parallel work items with other developers, analysts etc Preferred qualifications, capabilities, and skills Familiarity with modern front-end technologies Exposure to cloud technologies/AWS

Number of Openings 1 ECMS ID in sourcing stage TS-ID-15567 Assignment Duration 6 Months Total Yrs. of Experience 7+ years Relevant Yrs. of experience 5 +years Detailed JD (Roles and Responsibilities) TRAC-Controls Specialist Technology Risk and Controls assessment 5+ years of hands-on experience with controls management and related lifecycle, including design, implementation, validation and operational effectiveness testing. Third party risk and control assessment experience Experience managing stakeholders across a variety of seniorities and technical understanding, with the ability to explain and educate stakeholders on IT risk and controls and related topics Ability to work under time pressured conditions against deadlines whilst achieving or exceeding KPIs measuring completion of testing and assessments work Business level fluency in spoken and written English Domain TRAC-Controls Specialist Max Vendor Rate in Per Day (Currency in relevance to work location) 12000 INR Work Location given in ECMS ID Bangalore/Pune WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) As per Infosys Policy Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO NO

Job Purpose: Financial Controls (FC) Design Adviso r will be part of a global Centre of Expertise providing advisory and deep professional support on Financial Controls Design & Deploy. This global position will give the successful candidate opportunity to collaborate with Process Owners & Architects, Process and Business stakeholders who own fit-for-purpose, risk-value driven financial control framework. Working on the assigned projects, this position will contribute to ensuring that Shell maintains an effective financial control framework, including technical & digital elements of controls. It will also provide the opportunity for visibility across end-to-end processes, and the prospect to drive forward and influence changes of global control framework. This position will primarily focus on, but will not be limited to, projects related to end-to-end risk & control framework in the Reporting & Analysis workstream. Principle Accountabilities Working with the relevant Process Owner organization and various business stakeholders, the Financial Controls Design Advisor will support risk appetite conversations & deliver assigned projects related to control framework design changes driven e.g. by Finance Digital Strategy, process, business or system changes upgrades, digital transformation, remediations, migrations etc. The successful candidate will build a specialist end-to-end process and business knowledge across the assigned workstream to effectively business partner with Process & Business stakeholders in transformation of control framework in their respective area. Financial Controls Design Advisor will apply high quality standards of Control Design Change Management Process, risk-based mindset and end-to-end perspective to ensure that design effective Financial Control Framework is maintained, and controls are fit-for-purpose in line with the Future of Controls vision. Design & deploy of financial controls will involve good understanding of IT technical aspects of Application Embedded Controls and interdependencies with IT Controls Framework, including conducting Technical Validation for simple & medium complex projects. This role will also require continuous learning of emerging digital technologies used by the Process Business and will understand and apply principles of the Future of Controls vision, contribute to FOC roadmap with timely identification of potential opportunities for application of FoC technologies. Financial Control Design Advisor will deliver Finance Operations assurance activities related to the annual SOX lifecycle, including among others Risk & Controls Identification, SOX sign-offs, Process (LoD1) and Shell Internal Audit & External Audit (LoD3) queries, deficiency evaluations and ensuring high data quality in MetricStream. Disciplined project delivery ensuring timely delivery of key project outcomes within budget & deadlines, and for ad hoc initiatives such as query resolution resulting from controls testing and internal external audits within applicable audit timelines. End-to-end risk management - ability to articulate , assess and address risks in the end-to-end transaction flow, and support risk appetite discussions with Process/Business stakeholders. Digital Risk Management ability to continuously learn new digital technologies emerging across assigned process business areas and provide digital risk assurance advisory to the key stakeholders. Required Experience: A minimum of 5 years related work experience below will be required for this opportunity. Finance professional with previous experience within the Accountancy Audit Profession, Risk & Assurance, Internal Audit or someone who has built a broad process knowledge in IT risk, systems and digital tools would be a plus. Successful candidate would be expected to demonstrate strong stakeholder engagement, effective communication and influencing skills, a track record of managing change projects, delivering value add and learning new technologie Successful candidate would be expected to demonstrate strong stakeholder engagement, effective communication and influencing skills, a track record of managing change projects, delivering value add and learning new technologies The successful candidate will be a Chartered Accountant Auditor or studying towards their professional exams (e.g. CIMA ACCA Certified Internal Auditor Certified Information Systems Auditor or equivalent) .

Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. The SOX Governance and Advisory team within Controllership (1LOD) plays a critical role in supporting the enterprise by developing and executing a risk-based plan to assess and enhance the company s internal controls over financial reporting. The team runs a robust governance framework to ensure compliance with the company s 2LOD objectives and requirements of the Sarbanes-Oxley Act. The team is looking for a highly motivated and detail-oriented SOX IT Risk Advisory Manager to join our growing team. This role will help to ensure that Amexs internal controls over financial reporting with respect to IT systems and applications are in compliance with SOX. The Manager will identify and assess relevant technology controls, focusing on the relevant risks for financial reporting across all of our in-scope applications and supporting infrastructure. This will include IT General Controls covering system security, logical and physical access controls, software development and change management processes, backup recovery procedures, and cybersecurity controls as well as IT Application Controls that ensure data integrity and timeliness. The role involves extensive collaboration with Technology teams, application and process owners, related Control Management functions, and internal and external auditors. The Manager, SOX IT Risk Advisory will: Collaborate with Business, Technology, Finance, SOX Governance and Testing, and internal and external audit teams for matters related to SOX technology controls Work with the SOX Governance team to ensure SOX scope alignment Identify key technology and data risks relevant to ICFR and work with the SOX Testing team to mitigate risks and strengthen SOX controls Consult on the control design and implementation of required and repeatable IT controls with process owners to meet regulatory requirements, including for new products, processes, and system implementations, ensuring appropriate internal controls are in place Serve as a subject matter expert on technology-related SOX risks and controls and provide guidance to business and technology stakeholders Support training and communications as needed on relevant technology risks and controls practices for the enterprise Required Qualifications 4+ years of IT controls auditing and/or consulting Demonstrated experience understanding business and IT processes and identifying and assessing associated ITGCs, ITACs, interfaces, and key reports IT and IS risk domain knowledge best practices and principles Strong understanding of financial reporting risk and requirements of the Sarbanes-Oxley act as well as internal control frameworks (e.g., COSO) Excellent project management, communication, and interpersonal skills, with an ability to interact and obtain buy-in from Business and Technology owners Strong written and verbal communication skills to articulate risk/control insights to both technical and non-technical stakeholders Demonstrated history and ability to work with multiple teams, spread over geographies and with varying backgrounds Preferred Qualifications Bachelors degree in Management Information Systems, Information Technology, Computer and Information Science, Accounting, Business, or a related field Relevant professional certifications such as CISA, CISSP, CPA, CISM, or CRISC are preferred Knowledge in Oracle, security, and cloud technologies Knowledge of industry best practices for technology controls including frameworks from ISACA, NIST, ISO, and ITIL

Team Manager SOX ITGC 5+ Years – [Bangalore] Are you a certified IT audit professional with extensive experience in SOX ITGC and team management? Location: Bangalore Your Future Employer Join a global organization committed to strong internal controls, compliance excellence, and a collaborative work environment. Responsibilities: Lead planning, fieldwork, and reporting phases for assigned SOX ITGC audit engagements. Design and execute detailed testing for IT General Controls and Automated Controls. Validate Test of Design (ToD) and Test of Effectiveness (ToE) for key control areas including Logical Access, Change Management, Backup & Restoration, and Incident Management. Manage and mentor a team, taking full responsibility for performance reviews, appraisals, and goal setting. Ensure audit documentation meets professional standards and internal quality benchmarks. Collaborate with stakeholders and effectively communicate findings and recommendations. Participate in internal initiatives and support continuous process improvements. Maintain updated knowledge on IT auditing best practices, COSO, and SOX regulations. Requirements: CISA certification is a must. Bachelor’s or advanced degree in Information Technology or a related field. Minimum 5 years of experience in SOX ITGC audits. At least 2 years of hands-on team management experience, including appraisal and performance management. Strong knowledge of IT General and Automated Controls. Proficiency in validating ToD/ToE documentation. Excellent interpersonal and stakeholder communication skills. Strong analytical thinking and attention to detail. Proficient in Microsoft Office Suite. Ability to manage multiple priorities in a fast-paced environment. What’s in it for you: Competitive salary and perks. Hybrid working model (1 week/quarter from office). Opportunity to lead high-impact IT compliance audits. Work in a growth-driven and evolving audit environment. Reach us: If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at sonaly.sharma@crescendogroup.in Crescendo Global specializes in Senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging, memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note: We receive a lot of applications on a daily basis so it becomes a bit difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted in case you don't hear back from us in 1 week. Your patience is highly appreciated. Keywords: SOX ITGC, CISA, IT General Controls, Audit Manager, Team Management, Risk Assessment, Change Management, Logical Access, IT Audit

Co-ordinate with departments to identify, mitigate & manage risks Idea of Indian regulatory system related to IT risk mgt Define & Assess Key Risk Indicators Perform Root Cause Analysis ,IT General Controls & Risk Control Self-Assessment Required Candidate profile Exp in related field IT risk management/IT security standards Exp to Risk Management & Governance Frameworks/ Systems & multiple ERP systems Knowledge of data analysis/GRC tools ISO 27000/ 27001 Perks and benefits +10% Perf bonus +0-30% Org Revenue Bonus +Medclaim

Summary The Controls Advisory delivers all project and engagement management phases for multiple clients in various industries. Responsibilities include executing business processes, IT control reviews, and activities related to Sarbanes-Oxley 404 and internal audit control projects. Performing work on SOX 404 engagement: conducting tests of control design and operating effectiveness, ensuring high-quality work through complete and accurate testing documentation. Manage a portfolio of engagements by leading a team of Assistant managers, Senior Associates, and Associates/ Analyst Ensure the work delivered is high quality through spot checks, periodic reviews, and quality review/ assurance processes. Ensure established turnaround times and the allotted budget are met. Assist Associate Directors and Directors in developing new methodologies, internal initiatives, marketing collaterals, business proposals, etc. Skills IT General Controls testing (ITGC), including platforms, ERP applications like SAP and databases for i) IT General Controls testing for Internal Audits (IA), ii) Sarbanes-Oxley (SOX) 302, 404 audits, iii) Third party reporting e.g., SOC1, SOC2 etc. iv) Governance, risk, and compliance (GRC) Gaining an understanding of the clients IT applications and infrastructure to determine the effectiveness of the control environment through performing and reviewing process walkthroughs with Experience of Windows, Oracle, SQL, or UNIX environments Knowledge of IT industry practice methodologies (e.g., COSO, COBIT, ITIL) is preferable. Awareness of internal auditing standards issued by IIA, ICAI & ISACA Data analytics support for Internal Audits (IA), Sarbanes-Oxley (SOX) 404 assessments and other advisory services Microsoft office tools (Word, Excel, Access, Power point etc.) with demonstrated ability to coach young team members on the respective tools. Education / Professional Experience/ Qualifications 3 to 5 years of post-qualification experience in risk advisory/ related internal audit/ IT SOX audit experience preferably in big 4 or related business experience. Certified Information Systems Auditor/ Bachelor of Engineering/ B. Tech/ Master s in business administration with major in Information Technology & Systems Internal Audit, Risk Advisory, Sox Audit, Testing

Summary The Controls Advisory delivers all project and engagement management phases for multiple clients in various industries. Responsibilities include executing business processes, IT control reviews, and activities related to Sarbanes-Oxley 404 and internal audit control projects. Manage a portfolio of engagements, by leading a team of Assistant Manages, Senior Associates and Associates/ Analyst Ensure the work delivered is of high quality through spot checks, periodic reviews, quality review/ assurance process. Proactively engage with stakeholders to identify, develop and implement new work areas and enable growth of existing client work. Anticipate and identify engagement related risks and escalate/manage issues as appropriate on a timely basis. Assist Associate Directors and Directors in developing new methodologies, internal initiatives, marketing collaterals, and business proposals etc. Actively manage engagement budgets and ensure all stakeholders are updated timely. Skills Candidates should have proficient knowledge (both in leading and execution) in the areas of: 1. IT General Controls testing (ITGC) 2. IT General Controls testing for Internal Audits (IA) 3. Sarbanes-Oxley (SOX) 302, 404 audits 4. Third party reporting e.g., SOC1, SOC2 etc. 5. Strong experience, including performing risk assessments and audits, performing walkthroughs, creating flowcharts, and designing controls. 6. Microsoft office tools (Word, Excel, Access, Power point etc.) with demonstrated ability to coach young team members on the respective tools. Education / Professional Experience/ Qualifications 8 to 12 years of post-qualification experience in risk advisory/ related internal audit/ IT SOX audit experience preferably in big 4 or related business experience. Certified Information Systems Auditor/ Bachelor of Engineering/ B. Tech/ Master s in business administration with major in Information Technology & Systems/ Master s in computer applications. Internal Audit, Team Handeling, Testing, Risk Advisory, Sox Audit