We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Skills : GRC - Compliance, SOX ITGC, Communication Skills, GRC - Risk management Responsibility: Should have good experience in SOX consulting, process and frameworks - Should be conversant with GRC practices, audits and compliance - Should have excellent communication skills, both verbal and written User access review experience is also require. Experience :3-5 Years Location : Bangalore NP- who can join max by 30 days only Shifts: Rotational Shift(US and UK Shift) Thanks and regards, Ankita Ghosh ankita.patari@happiestminds.com

About The Role : Job Title Vendor Risk Manager AVP LocationPune, India Role Description Vendor Management is responsible for the service relationship with a vendor on a transactional level and for transactional vendor related support tasks. Work includes Managing or performing strategic sourcing work to manage risk and optimize the value/resilience of materials/services sourcing including Establishing supplier relationship management processes and continuous improvement goals/programs Negotiating contracts and coordinating supplier integration plans with internal clients Monitoring market dynamics that impact materials/services availability and/or pricing Partnering with internal clients to identify sourcing needs, develop buyer/market profiles, identify marketplace trends, and define acceptable service levels What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Y our key responsibilities Vendor Risk Management (VRM) is the framework/process for identifying and managing the risks arising from working with third-party vendors (internal and external). All vendor relationships and transactions are assessed and those carrying higher inherent risks are subject to a more granular assessment. SO (Service Owner) role is responsible for owning the service and providing comprehensive details, responding to tasks in the VRM process when necessary. Your role Taking end-to-end ownership of each assigned Vendor Risk Management (VRM) Engagement Requests for an engagement as SO. Follow-up with Vendors point(s) of contact for responding to all Control questions raised during VRM process for an engagement. Escalations to be triggered as required. Attending all trainings and workshops defined as mandatory by internal Third-Party Risk Management (TPRM) teams. Keeping yourself familiarized and updated on all latest Policies and Procedures published by the various Risk Management Functions within Deutsche Bank. Keeping yourself familiarized and updated on control requirements of the latest Security Control for Third Parties (SCTP 4.0) and explain the same to vendors to ensure that appropriate evidence is shared by the vendors, which satisfy the Control requirement. Ensuring appropriate due diligence before Third Party Management (TPM) review initiation and familiarity with Risk Type Controller (RTC) requirements in advance Providing comprehensive and transparent details about the owned Engagement Request in the TPM platform in a timely manner Ensuring that the data provided about the owned Engagement Request are kept up-to date, in line with the TPM Key Operating Documents Performing VRM Process tasks when prompted by TPM and/or RTCs Notifying the relevant RTCs whenever gaps are closed, deadlines cannot be met or full mitigation is not possible, Remediating gaps identified for the Engagement Request and implementing mitigation plans, Reporting gaps by raising Self-Identified Issues (SII) in an engagement and follow-up for closure/mitigation on a timely basis, in line with the remediation plans shared, Addressing unmitigated risks/gaps in accordance with the Operational Risk Management Policy, TPRM Policy, TPRM Procedure and TPM Key Operating Documents, Ensuring the service does not commence before the VRM review is completed, Ensuring that no contract is signed, or service is delivered to any Deutsche Bank Legal Entity for which Compliance deemed the service prohibited, Ensuring adherence to contractual obligations by Vendor Ensuring compliance to Regulatory guidelines Timely submission of accurate data to Regulators. Liaising with Divisional Vendor Management Office (DVMO) resources for closing any open points related to the engagement requests, Ensuring all strategies and plans eg. Termination Exit Plans, Termination Exit Strategies, etc. related to an engagement are documented, agreed between the relevant stakeholders, and reviewed / updated on defined intervals. Ensuring that Monthly, Quarterly Governance meetings with appropriate stakeholders are conducted and the details documented in line with the SDM requirements, Ensuring monthly feedback / review is completed for all engagements in scope and the details are documented in the designated portals in line with relevant policies. Ensuring annual audits are budgeted, planned, and conducted for the identified vendors and follow-up to ensure all open findings are remediated by vendor. Your skills and experience Excellent skills and experience / technical knowledge in handling data/information security audits in Banking / Financial environments Minimum 10 years Knowledge and experience with handling / responding to controls around IT Security audits, Financial Audits eg. SOX IT (SOC) audits, ISO 27001:2022, PCI-DSS, etc. Working with multiple teams to remediate open findings identified during internal / external audits including regulatory audits, IT Security audits, etc. Familiar with security requirements for Banking applications and environments, A great team player who is comfortable in working and coordinating with diverse people from both internal as well as vendor teams, Excellent communication and mentoring skills, Experience with distributed, multi-locations teams, Able to inspire and motivate people and multi-disciplinary, self-organized teams, Any Certifications in areas of Information Security or Vendor Management is a plus, Professional level of English is mandatory. How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

About The Role : Job TitleDivisional Risk and Control Analyst LocationJaipur India Role Description The Embedded Risk in India is a 10FTE team and part of a broader team of 30+ covering all aspects of the DB Risk Framework and Regulatory support for KYC Ops, Client Data Management (CDM) and Business Financial Crime Risk (BFCR). This role will report locally into an India based Embedded Risk Team (ERT) Lead and functionally to the Control Testing Lead in UK. The role will work closely with global peers to help provide a complete picture of the risk profile, ensuring that handoffs and dependencies across functions/regions are transparent and understood. Engages regularly with the first line processing teams and in collaboration with Regulatory Management Group, Anti Financial Crime (AFC), Divisional Control Regulatory Office (DCRO), Business & Other 2nd line functions to ensure full transparency and governance of risk. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under child care assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Risk & Control Assessments - Review the design adequacy and performance effectiveness (at a high level/light touch) of controls and their corresponding documentation (Desk Top Procedures) Governance - Ensure that an effective, embedded and consistently applied governance structure is in place Key Risk Indicators - Ensure a complete set of KRI's is in place, has definitions, RAG's (where applicable), has reporting parameters and a subjective assessment of the CATR (complete, accurate, timely and relevance) of those KRI's has been reached. Review and challenge validity of commentary, spot check monitoring by, looking for trend anomalies (spikes/dips) that may risk profile shifts, reporting errors or other issues requiring investigation Audit SII & Incident processes - Ensure compliance to the firm audit policy, firm Self-Identified Issue Guidance and incident escalation process through training, support guidance and challenge. Facilitate management with adequate reporting and governance, to ensure zero overdue items and no last min extensions are required and perform pre-closure submission review and validation. Regulatory Compliance Transparency - Ensure there is a mechanism in place to monitor regulatory compliance and that the mechanism is performing effectively. Risk Culture - Design and deliver a risk culture improvement programme to promote transparency, awareness, engagement with the risk agenda. Work in collaboration with multiple first and second line functions (inc. Regulatory Management Group (RMG), Anti financial Crime (AFC), Divisional Control Regulatory Office (DCRO) and the Business Your skills and experience The successful individual will have diverse experience of the financial sector in any of the following areas; Operations, risk/controls, Control testing, Regulatory teams/processes, quality assurance, compliance or audit and have experience managing deliverables & maintaining effective relationships with global senior management. Substantial and relevant experience in a global banking environment Exposure to Client On boarding, KYC or similar regulatory projects is preferred Strong communication and interpersonal skills Strong analytical and problem solving skills Ability to work under pressure to tight deadlines Strong organisational and administrative skills Client focused approach and ability to react quickly to changing demands How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Role & responsibilities: Perform testing of IT Application Controls(ITAC), IPE, and Interface Controls through code reviews, IT General Controls(ITGC) review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including: Information Security reviews Information Technology Infrastructure reviews Application reviews Preferred candidate profile : Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed Risk Based IT Internal Audit for Financial Services Entities IT SOX 404 Controls Testing, Quality Assurance Internal Financial Controls related to IT General Controls as part of Financial Statements Audits Business Systems Controls / IT Application Controls Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc. Working knowledge of programming languages(C/C++/Java/SQL)

Qualification and Minimum Entry Requirements B.Tech (IT/CSE) with 8+ Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities As a Manager in RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education

As a part of RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization.Qualification and Minimum Entry Requirements Job Description B.Tech(CSE/IT)/MCA/MBA/CA with 0-5 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Preferred candidate profile

About the role: The global Identity Access Management team is passionately serving our stakeholders while evolving best practices. As an Identity Access Analyst , you have a pivotal operational role to provide and deprovision system access. You have an equally crucial role to partner collectively with stakeholders to mature, streamline, and automate Identity and Access Management procedures for Blackbaud. What you’ll do Ensure appropriate Control through timely removal of unnecessary or inappropriate system access? Expediently provision approved access, often utilizing evolving Role Based Access Controls (RBAC), for Blackbaud systems to prevent excessive permissions and rights. ?? Proactively expand approved RBAC roles through analysis, recommendation and adoption/rollout. Analyze and resolve access issues, coordinating with system owners or technical support resources as necessary. Participate in ongoing audits and assessments, and assist with implementation of audit or compliance recommendations? Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support? Identify , evaluate and recommend opportunities to eliminate, streamline, and automate access management practices. Partner with colleagues including application owners, cloud engineers, cyber security SMEs, etc. to effectively execute improvements based on expected value. Generate reports to perform in-depth analysis and data collection for issues associated with IAM? What you’ll bring 2 years of experience in Identity or Access Management?? Tireless adherence and attention to appropriate IT general computing controls? Ability to understand, work with and where appropriate leverage various technologies including PowerShell , ServiceNow, SailPoint's Identity-Now, Active Directory, EntraID , Salesforce, Workday, etc. Practical experience with SCA, ITIL, COBIT, NIST and/or other security and control frameworks? Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube ? Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Role & responsibilities We are seeking enthusiastic & technically savvy professionals to support the current team with the execution and management of engagements in our current and future Client portfolio. Information Security Governance, Privacy and Compliance and Security Assessment experience with a focus on IT and IS Risk Assessments and program reviews / establishment. Understanding on ISO 27001/ NIST 800-53/ PCI-DSS Interacting with onshore engagements and clients directly performing Vendor or Third-party security assessments Business Continuity planning and Disaster Recovery implementation and review experience. Perform remote assessments independently. Independently write reports of the assessments based on the discussions during remote reviews. Perform second level quality review of the reports written by peers/junior resources.

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Required education Bachelor's Degree Preferred education Doctorate Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred Key behavioral attributes/requirements Ability to work well independently as well as part of a team Driven and enthusiastic with a can-do attitude and a strong sense of ownership to get the job done in a pragmatic fashion

Job Description: Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Knowledge of security measures and auditing practices within various operating systems, databases and applications. Experience in assessing risks across a variety of business processes. Experience of working on Financial Services sector clients. Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients. Hands on experience of working on IT General Controls, IT Application controls testing, IT Internal Audits, IT Risk Assessments, Third Party Risk Management. Knowledge of regulations impacting the privacy, integrity and availability of customer PII. Exposure of having led IT Audit engagements Exposure of working on Identity Access Management aspects like user management, authentication and authorization. Has team leading experience and has been a performance manager in current or last role Technical skills: Prior experience in evaluating the design and operating effectiveness of technology controls over varied IT platforms including ERP suites, Windows, Unix/Linux, iSeries, Oracle database, DB2 and SQL.

Job Title: Associate Consultant / Consultant / Assistant Manager - IT Audit & ITAC (Code Review) Location: Bangalore, India Experience: 1 to 6 years Education: BE/B.Tech (Mandatory) About the Role KPMG India is hiring professionals for its IT Audit practice in Bangalore. This role involves delivering high-impact ITGC, ITAC, and code review assignments for clients across industries. We're looking for individuals who bring technical expertise, an understanding of IT controls, and familiarity with code and automation. Key Responsibilities - Conduct IT General Controls (ITGC) and IT Application Controls (ITAC) reviews as part of audit and advisory engagements. - Evaluate and test at least three key ITAC modules, such as: - Input Controls - Processing Controls - Output Controls - Interface Controls - Access and Authorization Controls - Review application logic and perform code review activities to validate system control implementations and assess secure coding practices. - Identify control gaps and risks, and provide practical, risk-based recommendations for improvement. - Collaborate with cross-functional teams to deliver quality outcomes on time. - Prepare documentation, working papers, reports, and presentations to share with clients and internal stakeholders. Required Skills & Experience - 1-3 years (Associate Consultant) / 3-5 years (Consultant) / 5-6 years (Assistant Manager) of experience in: - IT Audit - Hands-on ITGC and ITAC testing (Mandatory) - Minimum 3 ITAC module implementations or testing - Exposure to code logic and secure coding practices; code review experience preferred. - Technical knowledge or working experience with one or more of the following: - Java, Python, C, C++, C#, SQL - Strong documentation and analytical skills, and a detail-oriented approach. Preferred Certifications (Nice to Have) - CISA, ISO 27001 LA, or similar industry certifications

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagementsRole & responsibilities Preferred candidate profile Educational qualifications BE/B-Tech/MCA/BSC-IT/MBA Certifications CISA, CRISC, CISSP, CCSK etc. cleared/certified preferred

3 to 5 Years of experience: 2 Resources • The candidate must have experience in IT auditing, IT risk management, or related fields. • Plan, execute, and report on internal IT audits. • Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or other relevant standards. • Hands-on experience conducting on-site and remote assessments of third-party vendors to evaluate their security posture and related controls. • Must be CISA certified. • Proficiency in MS Office Suite with experience in creating and presenting dashboards and reports. • Comfortable to travel for on-site visits to the client side for audit purposes. • Evaluate the effectiveness of IT controls, identify risks, and provide recommendations for improvement. • Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or other relevant standards. • Conduct regular access reviews to ensure users have appropriate access levels based on their roles. • Evaluate the effectiveness of access controls in safeguarding sensitive information. • Recommend improvements for identity and access management (IAM) processes. • Perform internal risk assessments to identify vulnerabilities and ensure timely mitigation strategies. • Work closely with IT, legal, and business teams to address audit findings and track remediation efforts. • Must have the capability to represent the audit reports to Management. • Stay updated on the latest developments in IT audit and compliance practices.

About The Role : Job Title- Divisional Risk and Control Senior Analyst, AVP Location- Pune, India Role Description The 1st line Tech Risk, Insights and controls function at Deutsche Bank sits within the Chief Technology Office (CTO) for Deutsche Bank Group. CTO has the largest footprint within the Technology, Data and Innovation (TDI) division and is joined by other business-aligned CIO IT divisions. The Tech Risk, Insights and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise for risk identification and remediation advisory, records management supporting a proactive risk management function. It will therefore also include planning and executing thematic risk assessments and inputting into risk scenario testing and macro threat assessments. Further you will respond to client due diligence requests. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. This role will report to the Head of Risk Assessments and Response and ultimately to the Global Head of Risks, Insights and Controls. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Risk Management Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting, and keeping CTO risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for CTO and key cross divisional priorities impacting CTO (control / remediation book of work) Support CTO in managing the CTB budget allocated for high risk finding remediation and CTO involvement in reducing risk owned by other CIO and CISO divisions Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Audit Management Manage and govern audit requests and findings in a quality assured and controlled manner Respond to client due diligence requests in a timely manner End-to-end governance, monitoring, control, and reporting of audit lifecycles Audit support and advice incl. quality assurance of management action plans, completion check of the deliverables, closure review, ownership transfer, downgrade, risk acceptance and target date extensions Act as overall interface with Audit for fieldwork support and ongoing oversight, co-ordination, quality control, read across for all divisional audit findings Establish a consistent approach to ownership of management action plans Manage operation of audit interface to vendors including monitoring and reporting Foster lessons-learned on audit findings and missed self-identified findings Stakeholder Management Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with DCRO team to manage the finding lifecycle Promote and support proactive IT risk culture at the Bank Your skills and experience Desired experience Minimum 2 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Knowledge of Agile change delivery methodology, DevOps and Shift left concepts Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Mandatory technical & functional skills: Knowledge of security measures and auditing practices within various operating systems, databases and applications. Experience in assessing risks across a variety of business processes. Experience of working on Financial Services sector clients. Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients. Hands on experience of working on IT General Controls, IT Application controls testing, IT Internal Audits, IT Risk Assessments, Third Party Risk Management. Knowledge of regulations impacting the privacy, integrity and availability of customer PII. Exposure of having led IT Audit engagements Exposure of working on Identity Access Management aspects like user management, authentication and authorization. Has team leading experience and has been a performance manager in current or last role Technical skills: Prior experience in evaluating the design and operating effectiveness of technology controls over varied IT platforms including ERP suites, Windows, Unix/Linux, iSeries, Oracle database, DB2 and SQL. Role & responsibilities Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Preferred candidate profile: IT Audit-Bangalore

ITGC - ITGC , IT General control application (Mandatory) , IT Automated control testing (Mandatory ) , IT Audits , SOX

Skill required: Control Testing - Agile testing Designation: Regulatory Compliance Analyst Qualifications: Any Graduation Years of Experience: 3 to 5 years What would you do? Help clients transform their compliance function from reactive to proactive through an intelligent compliance operating model – powered by data, intelligent technologies and talentLooking for someone with SOX testing experience.Conduct testing tasks within Agile models and integration processes and manage development sprints. What are we looking for? Conduct testing tasks within Agile models and integration processes and manage development sprints.Conduct testing tasks within Agile models and integration processes and manage development sprints. Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts Qualifications Any Graduation

L&D - Manager -Trainer Exp- 8-14 years Work location- Bangalore Skills- SAP GRC/ServiceNOW/ITSM/IT Asset Management/ IT Operations Kolkata- ITGC/SOX Compliance

Perform ITGC audit activities including SAP compliance and SOD reviews. Review and deactivate inactive SAP user IDs as part of the audit process. Resolve L1 tickets and address issues in SAP PS modules. Manage and maintain relevant PS master data. Support System Integration Testing (SIT) and User Acceptance Testing (UAT). Provide training and guidance to end users on SAP PS functionalities. Ensure compliance with internal control frameworks and policies. Work closely with cross-functional teams to implement corrective actions and improvements.

Control and Compliance Group - Job Description Job Description Provide strong domain leadership managing a team of audit professionals in F&A/ HRO/ S&F services Lead teams performing Risk Assessments, Process Walkthroughs, Process Documentation Narratives, Process Flow Diagrams, Finalize Risk and Control Matrix, Internal audits Lead assignments on Test of Control Effectiveness, Control Design , support remediation efforts for control failures - SOX and ISAE / SSAE compliance. Lead Interventions / Special Assignments at Client Engagements identifying reasons for operations failures, critical errors, process weaknesses / Performing Root Cause Analysis remediating and resolving causes. Requirement to interact with overseas clients and senior stakeholders within and external to he company. Skill Description Working Knowledge of processes like AP,AR and RTR is mandatory Reasonable knowledge of Information Technology ITGC Controls; Information Systems Audit Knowledge of Key F&A Compliances required ISAE 3402, SSAE 16, SOX Strong Analytical Skills; Strong Spreadsheet skills; Excellent command over English Language Experience of working in a GBS delivery environment Mandatory Experience using ERPs – SAP, Oracle and other Business / Enterprise Applications. Educational Qualifications & Experience Chartered Accountant with minimum 2 years post qualification audit experience. Graduate/ MBA/B.COM CISA with experience of Information Systems Audit with client engagements. Experience in leading Teams of Auditors representing the entities for which they have been Internal Audit Managers. Please share below details at anjali.kukreja@winfort.net. Total Exp Rel Exp CCTC ECTC Notice Period Current Location Preferred Location.

Lead Information System Audit - Leading NBFC - Goregaon The purpose of this role is to perform IT risk assessment and manage execution of the Information System Audits (IS Audits) including Information Technology (IT) Infrastructure, Information Security and IT Applications Audits covering the key Information System areas (such as Cyber Security, Applications Security, Data Security, Cloud Security, Vulnerability Assessment & Penetration Testing, Network Security, Data Privacy, Data Centre, Logical and Physical Access Management, IT Infrastructure management, Database & Operating System management, Incident management, Change management, Email management and process review, End point security, IT Disaster Recovery, IT Business Process Continuity Review, IT Helpdesk management, IT Project management and Emerging Digital & Technology Risk). The role also include adherence to internal policies and procedures as well as applicable laws and regulations. This is an individual contributor role initially. Drop your CV on ankita.jalla@forward.net.in

Opportuinity for Fresh CAs & Experienced CAs! including Multiple attempt CA' s PwC India Tech Consulting (SPA/TRAS) is hiring! No Final attempt limits multiple attempt pass-outs are totally welcome Who can apply? CA Freshers & Experienced CAs Salary: Freshers : 9L Fixed + Var (11L+ Total) Experienced CAs: As per your current CTC Locations: Mumbai | Pune | Bangalore | Gurgaon Interested ? Apply NOW! Click the link: Apply Here https://forms.gle/9p3FmeGCUiXqtmd8A 1. To Activate Copy and paste above link into browser and you can apply 2. Link is also mentioned in website tab in this form for direct acess Whats the job about? Before the Stat Audit team starts, YOU will ensure all systems & controls are on point! Think: Financial controls Tech + business process improvement IT risk management Youll be the tech-savvy problem solver companies need to enhance performance and tackle risks like a boss! Dont miss this chance to kickstart your career with PwCs Tech Consulting Team!! For queries, feel free to contact us. Regards, D2P Consulting deepak.npa@gmail.com