28 Itgc Testing Jobs

About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant Manager Department BAS -IT Risk Assurance Reporting Manager Manager Experience At least 3+ years of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for executing client related engagements in the areas ITGC, process reviews, IT Application Controls, standard operating procedures review, SOCR (SOC 1, SOC 2), SOX 404 Audits. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Assist seniors & managers in developing new methodologies and internal initiatives. Create a positive learning culture, coaches, counsels and develops junior team members. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have good presentation & communication skills. Should also be well versed with MS office tools. Should be open and honest in communication with clients and colleagues. Fluency in written & verbal English. Managing engagement teams for optimum delivery, ability to articulate audit findings and convincing mid to senior level client management and coaching & mentoring staff on the engagements. High on personal integrity and work ethics and can be trusted without micro-level supervision from seniors Qualified CA, MBA, BTech/BE. (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

ITGC -Hyderabad They will be the same key roles and responsibilities, but each headcount will have specific focus/expertise as outlined in 1-4 below. This should give high level summary of specific qualification/experience in resources that we look for. Information Security/Cyber Security Infrastructure, cloud platform, network, and service management, software engineering/SLDC Data ITGC and business application controls Key Role & Responsibilities Conduct and document thorough walkthrough of IT controls Design test plans and document test steps to assess the control design and operating effectiveness Create/prepare a document request list and work with control owners/performers to obtain evidence supporting the control execution and validation that the control is working as intended. Complete control testing workpaper and maintain detailed records of testing results, findings, and recommendations. Address workpaper review comments and independent review and challenge from the Second Line of Defense Specific Skillsets & Experiences Experience with IT internal audit or other risk assurance functions Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP Strong understanding of risk management methodologies, and security control testing techniques. Strong verbal and written communication skills, with the ability to lead walkthroughs with control owners/performers, and construct questions and follow-ups. Focus on each headcount: Information Security/Cyber security focus - Technical skills and experiences with particular focus/familiarity on the following control areas or tools, but not limited to: Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.) Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva) Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust) Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence Cloud platform security Application and API security OWASP principles, SAST, SCA, DAST, secret scanning Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea) Infrastructure, cloud platform, and network, and service management, software engineering/SDLC focus - Technical skills and experiences with particular focus on the following control areas/concepts, but not limited to: Server and Directory service management Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build template Platform and application observability Disaster recovery – Data center DR test, High availability, cloud recovery Service management – Hardware/software asset management, software licensing, CMDB, change management, incident and problem management SLDC – DevSecOps concept, Coding services (IaC, service mesh etc.), Code repository, CI/CD, Quality engineering and quality assurance Data focus - Technical skills and experiences with particular focus on the following areas/concepts, but not limited to: Database administration – Database design/structure, access controls, build, configuration, backup, jobs, and other maintenance and security measures (i.e., SQL, PostgreSQL) Data warehouse platform/data development/transformation – Design/architecture, Data modeling, ETL, data obfuscation and masking (i.e., Snowflake, Coalesce) Data transit/exchange connection/data file transfers – Monitoring, Logging, Secure file transfer/protocols, error handling Data governance and quality management – Metadata management, Data lineage, Data quality rules, Data defect management (i.e., Collibra) ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts Testing of SOX ITGC / IT general controls Testing of business applications controls – Automated application interface and integration, system/application Please share your profile at surbhi.malhotra@nlbtech.com

You are an experienced IT SOX Auditor looking to join a dynamic Internal Audit team. Your main focus will be on evaluating and testing IT controls within the SAP R/3 ECC 6.0 environment to ensure compliance with the Sarbanes-Oxley Act (SOX). You will also be involved in reviewing other IT-related financial reporting controls, conducting risk assessments, and supporting continuous improvement initiatives within internal audit processes. The ideal candidate for this role will have a strong background in SAP auditing, ITGC testing, and SOX compliance. You should also be able to collaborate effectively across various business functions. Having a proactive approach to process improvements and experience in working with diverse IT systems such as Oracle, Active Directory, AWS, CyberArk, and Linux will be highly valued. Key Responsibilities: - Conduct thorough testing of IT controls within the SAP environment to ensure SOX compliance. Also, test IT controls over Oracle, Active Directory, AWS, CyberArk, and Linux. - Assist in quality assurance reviews of IT-related financial reporting controls within the SOX compliance program. Support the Internal Audit Manager on various tasks, compliance investigations, and continuous improvement initiatives. - Prepare preliminary risk assessments, define audit scopes, conduct fieldwork identifying control weaknesses, and discuss audit results with management. Participate in developing the annual Risk Assessment and Audit Plan. - Maintain regular communication with stakeholders including Senior Management and business process owners. - Support GEM implementation across Internal Audit by focusing on process improvements, raising Kaizen ideas, and implementing impactful projects. - Maintain a continuous focus on Root Cause Analysis (RCCA). Education: - B Tech/ MCA/ BSc /BCom/CISA/CIA Experience Required: - Must Have: 5-7 years of experience in testing SOX controls in SAP R/3 ECC 6.0 environment. - Good to have: 1-5 years of experience in programming in C++, Java, Python. Good knowledge of ITGC controls over Oracle, Active Directory, AWS, CyberArk, and Linux. Key Skills and Knowledge: - Fluent in English - Excellent knowledge of SAP R/3 ECC 6.0 environment. - Good knowledge of Sarbanes Oxley (SOX) IT general controls. - Ability to develop strong partnerships/working relationships with all functional areas. - Good teamwork and communication skills. Why Join Us - Growth and Development: Opportunities for professional development, including support for certifications and continuous learning. - Innovative Culture: Be part of a forward-thinking team focused on improving processes, driving automation, and optimizing audit practices. - Collaborative Environment: Work alongside a dynamic team of professionals dedicated to making an impact and adding value to the business. Join us at Garrett, a cutting-edge technology leader passionate about innovating for mobility and beyond. With a nearly 70-year legacy, we serve customers worldwide with solutions for passenger vehicles, commercial vehicles, aftermarket replacement, and performance enhancement.,

At PwC, the focus in audit and assurance is on providing independent and objective assessments of financial statements, internal controls, and other assurable information to enhance credibility and reliability with various stakeholders. The evaluation includes compliance with regulations, such as governance and risk management processes, and related controls. In the digital assurance domain at PwC, your role will involve delivering assurance services over clients" digital environment, encompassing processes, controls, cyber security measures, data and AI systems, and associated governance. The objective is to aid organizations and stakeholders in building trust in their technology while adhering to relevant regulations. Your role emphasizes building meaningful client relationships, as well as learning to effectively manage and motivate others. As you navigate through increasingly complex situations, you are expected to establish your personal brand, enhance your technical expertise, and identify your strengths. Anticipating the needs of both your teams and clients, quality delivery is key. Embracing ambiguity, you thrive in situations where the path forward may not be clear, asking questions and leveraging such opportunities for personal growth. To excel in this role, you should possess a diverse skill set, including: - Responding effectively to diverse perspectives, needs, and emotions of others. - Utilizing a wide array of tools, methodologies, and techniques to generate innovative ideas and solve problems. - Employing critical thinking to dissect complex concepts. - Understanding the broader objectives of projects or roles, and how your work contributes to the overall strategy. - Developing a deeper comprehension of the evolving business context. - Using self-reflection to enhance self-awareness, strengthen your strengths, and address areas for improvement. - Analyzing data to derive insights and formulate recommendations. - Upholding professional and technical standards, including adherence to specific PwC tax and audit guidance, the firm's code of conduct, and independence requirements. Minimum qualifications for this role include being a Chartered Accountant/CPA, Certified Information Systems Auditor (CISA), or holding a Bachelor's degree in various fields such as accounting, finance, management information systems, economics, business administration, engineering, mathematics, statistics, or other relevant disciplines. A minimum of 4+ years of relevant experience is required. Preferred candidates will possess: - Knowledge and understanding of auditing methodology. - Experience in conducting IT Audits on SAP ERP, including familiarity with T-Code, tables used for data extraction, and ITGC and ITAC testing. - Proficiency in testing ITGCs related to systems development, change management, computer operations, and program/data access. - Experience in performing walkthroughs (Test of design and Operating Effectiveness) and testing key reports to address risks related to Information Produced by Entity (IPE's). - Understanding of SAP S4 Hana/SAP ECC user access security architecture (Roles, profiles, Authorization objects). - Strong communication skills. - Ability to operate independently based on the level, including managing both upwards and downwards, with project management skills. - Preference will be given to candidates with experience in Big 4 or equivalent firms.,

Responsibilities Supervise, plan and perform procedures around ITGCs for Internal Audit support engagements and various consulting client engagements and provide support around ITGC assessments for financial statement audit clients Lead a team of staff members under supervision of a Manager and/or Partner Demonstrate an understanding of basic and moderately complex workpaper preparation Analyze control activities and supporting documentation and draw logical conclusions Exercise professional skepticism in the critical assessment of audit evidence Identify, assess, and document controls and weaknesses in client accounting systems Thoroughly evaluate assigned areas of controls testing and identify potential points for improvement Develop understanding of client businesses related to assigned assurance areas Know and apply specialized knowledge, rules, regulations, and code of ethics of the AICPA Perform timely review of staff workpapers and provide constructive feedback Perform some management duties, including: second review of workpapers, directly report to Partner and attend board/client presentations/meetings, wherever possible Requirements Bachelors degree in Accounting, Management Information Systems (MIS), Information Technology, or related field Certified Public Accountant (US) or qualified Chartered Accountant Minimum of 1 years of experience in public accounting in audit or assurance Demonstrate knowledge of information technology and systems Experience in supervising staff professionals Strong project management skills Ability to identify internal control deficiencies and document management letter comments for purposes of communicating deficiencies and weaknesses to clients Working knowledge of Microsoft Office Suite and Adobe Acrobat Engagement Compensation and Benefits Compensation: Commensurate with Industry standards Other Benefits: Provident Fund, Gratuity, Medical Insurance, Group Personal Accident Insurance etc. employment benefits depending on the position.

Role & responsibilities IT Control Testing - Test internal controls in relation to Encores SOX Compliance program , a requirement for publicly traded companies in the Unites States and India ICoFR requirements as per requirements of India Companies Act. Assess the effectiveness of internal controls assessing whether the controls are appropriately designed, implemented and operating effectively. IT Audits - Assist in IT specific or other audits covering computer operations, security, change management and other IT areas as per the audit plan for the year. IT Audit related Special Projects - Assist in special projects involving review of system migrations, software changes, any other management requests and investigations. Preferred candidate profile EDUCATION: Bachelor's FIELD OF STUDY: IT, Computer Science EXPERIENCE: 1 year CERTIFICATION(S): KNOWLEDGE, SKILLS, ABILITIES, AND OTHER ATTRIBUTES: 1. Basic knowledge of SOX and IT general controls. 2. Proficient in written and oral communication 3. Logical and analytical approach with a keen eye on detail. 4. Basic knowledge with MS Office products (Excel/Visio/PowerPoint/Access), databases, etc Perks and Benefits Transportation Services : Convenient and reliable commute options to ensure a hassle-free journey to and from work. Meal Facilities : Nutritious and delicious meals provided to keep you energized throughout the day. Career Growth Opportunities : Clear pathways for professional development and advancement within the organization. Captive Unit Advantage : Work in a stable, secure environment with long-term projects and consistent workflow. Continuous Learning : Access to training programs, workshops, and resources to support your personal and professional growth. Apply Now at https://encore.wd1.myworkdayjobs.com/externalnew/job/Gurgaon---Candor-Tech-Space-IT---ITES-SEZ/Associate-Information-Technology-Audit_HR-18726 And Share your CV at shobhana@mcmcg.com or anjali.panchwan@mcmcg.com

Role & responsibilities Below are the roles and responsibilities of the candidateAssists the senior management in defining the control objectives and monitoring compliance efforts. Manage organization's compliance with the Sarbanes Oxley Act. Develops processes to ensure compliance with all SOX requirements. Designs and administers internal controls over financial reporting relating the IT automated controls. Reports test results to the top management. Review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to the senior management. Serve as a liaison between internal and external auditors. Stays abreast of changes in SOX regulations to ensure timely compliance. Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures. Responsible for maintaining and updating all aspects of the internal SOX compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls. Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Develop and conduct SOX compliance training for employees. To succeed in this role you should have the following Applicants should be a University Degree holder (preferably Master degree), CPA or Chartered Accountant (or equivalent), Certified Information Systems Auditor (CISA) with 5+ years of experience in Finance / Internal/ IT Controls/Audit and relevant business area. Knowledge of SOX and IT controls. Big 4 public accounting experience with Fortune 500 clients. Extensive knowledge of the internal control framework (specifically COSO) and a solid understanding of the concepts of control design and operational efficiency. Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts. Strong risk management experience, including: performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Experience working in a dynamic IT environment similar to a high tech start-up. Experience of solving multiple and complex challenges. Exposure in audit planning and execution, controls operation, and handling audit queries with external/internal auditors. Strong governance, risk and assurance management background which encompass knowledge of corporate governance, control framework and risk. Aptitude for leading teams; influencing and galvanizing others to follow you toward a solution. Ability to guide and train team members. Strong interpersonal written and oral communication skills. Solid organizational skills along with an aptitude for information technology. Excellent analytical skills Understanding of business drivers and related risk and ability to interpret the relevant management information is appreciated. Good communication and Analytical skills Having risk and controls mindset Ability to challenge and open to different views and opinions. Self-starter and ability to manage diverse cultural/ethnic sensitivities. Ability to deal effectively with complexity and having focus on details. Ability to prioritize and ensure delivery of priorities. Quick learner and resilient Mandatory Skills :Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk Preferred candidate profile Candidate who are ready to work for Contract Who are ready to come for F2F interview

Role- ITGC -Senior Location - Gurgaon, Kochi, Kolkata, Noida, Bengaluru, Chennai, Pune Exp- 3-6 Years To qualify for the role, you must have Preferably B.E/B.Tech (Computers, Electronics, Data Analytics), BCA/MCA, B.Sc/M.Sc. (computers major), MBA, CA. Must Have 3-6 years of hands-on internal/external IT Audits Atleast One - IT General Controls, IT Automated Controls, and Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting Able to perform independent security configuration review of common operating systems and databases - Windows, Unix, DB2, AS400, SAP R3ECC/HANA, Mainframe, SQL, Oracle. Knowledge of documentation and data analysis tools like Word, Excel, Access, Strong English verbal and written communication skills. Nice to have CISA, CISM, CRISC, ISO27001, Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI German/Dutch/French language is an added advantage.

control testing job descriptions . They will be the same key roles and responsibilities, but each headcount will have specific focus/expertise as outlined in 1-4 below. This should give high level summary of specific qualification/experience in resources that we look for. Information Security/Cyber Security Infrastructure, cloud platform, network, and service management, software engineering/SLDC Data ITGC and business application controls Key Role & Responsibilities Conduct and document thorough walkthrough of IT controls Design test plans and document test steps to assess the control design and operating effectiveness Create/prepare a document request list and work with control owners/performers to obtain evidence supporting the control execution and validation that the control is working as intended. Complete control testing workpaper and maintain detailed records of testing results, findings, and recommendations. Address workpaper review comments and independent review and challenge from the Second Line of Defense Specific Skillsets & Experiences Experience with IT internal audit or other risk assurance functions Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP Strong understanding of risk management methodologies, and security control testing techniques. Strong verbal and written communication skills, with the ability to lead walkthroughs with control owners/performers, and construct questions and follow-ups. Focus on each headcount: Information Security/Cyber security focus - Technical skills and experiences with particular focus/familiarity on the following control areas or tools, but not limited to: Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.) Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva) Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust) Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence Cloud platform security Application and API security – OWASP principles, SAST, SCA, DAST, secret scanning Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea) Infrastructure, cloud platform, and network, and service management, software engineering/SDLC focus - Technical skills and experiences with particular focus on the following control areas/concepts, but not limited to: Server and Directory service management – Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build template Platform and application observability Disaster recovery – Data center DR test, High availability, cloud recovery Service management – Hardware/software asset management, software licensing, CMDB, change management, incident and problem management SLDC – DevSecOps concept, Coding services (IaC, service mesh etc.), Code repository, CI/CD, Quality engineering and quality assurance Data focus - Technical skills and experiences with particular focus on the following areas/concepts, but not limited to: Database administration – Database design/structure, access controls, build, configuration, backup, jobs, and other maintenance and security measures (i.e., SQL, PostgreSQL) Data warehouse platform/data development/transformation – Design/architecture, Data modeling, ETL, data obfuscation and masking (i.e., Snowflake, Coalesce) Data transit/exchange connection/data file transfers – Monitoring, Logging, Secure file transfer/protocols, error handling Data governance and quality management – Metadata management, Data lineage, Data quality rules, Data defect management (i.e., Collibra) ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts Testing of SOX ITGC / IT general controls Testing of business applications controls – Automated application interface and integration, system/application Please share your profile at surbhi.malhotra@nlbtech.com

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Role :The General Manager Finance will oversee a comprehensive range of financial functions including finance controllership, accounting operations, and revenue recognition. This role requires deep expertise in A/R, A/P, GL, cost accounting, and financial forecasting. The ideal candidate will be a Chartered Accountant with significant experience in ERP systems such as Oracle, PeopleSoft, and SAP, and possess thorough knowledge of Ind AS, IFRS, and USGAAP. Familiarity with the SOX framework and ITGC testing is essential, ensuring compliance with regulatory requirements and supporting organizational growth through strategic financial management. Reports into :VP Finance Job Responsibilities : Lead and manage the finance controllership, ensuring accurate and timely financial reporting and compliance with Ind AS, IFRS, and USGAAP standards. Oversee accounting operations including accounts receivable, accounts payable, general ledger maintenance, and cost accounting to ensure financial processes are efficient and effective. Develop and implement strategic financial plans and forecasts to support organizational goals and enhance financial performance. Conduct ITGC testing to evaluate and improve financial systems and controls, ensuring alignment with the SOX framework. Implement and maintain ERP systems such as Oracle, PeopleSoft, and SAP, driving efficiency and accuracy in financial operations. Manage revenue recognition processes, ensuring compliance with relevant accounting standards and optimizing revenue streams. Collaborate with cross-functional teams to integrate financial insights into business strategies and decision-making. Provide leadership and guidance to the finance team, fostering a culture of continuous improvement and professional development. Experience in managing complex financial projects and initiatives that drive organizational growth. Ability to adapt to evolving financial regulations and standards, and proactively implement necessary changes. Criteria : (Must have) Chartered Accountant qualification. 8+ years of post qualification work experience in Finance & Accounts. Proficiency in ERP systems such as Oracle, PeopleSoft, and SAP. In-depth knowledge of Ind AS, IFRS, and USGAAP. Criteria : (Desired) Knowledge of SOX framework. Experience with ITGC testing.

Role & responsibilities Review of the IT Governance processes IT policies, SOPs, etc; Operating effectiveness testing of the IT policies and SOPs and reporting the same to IT management; Assisting the IT management in fixing the issues. Keeping track of the key action points agreed in the IT Steering Committee and IT Strategy Committee meetings and coordinating with the IT management to ensure that the action points are implemented. ITGC testing for the business-critical applications and risk and control matrix to be prepared accordingly; Key findings to be reported to IT management; Assisting the IT management in fixing the issues. Review of the system controls of the business critical applications end to end system walkthrough and negative testing in the test environment; Carrying out data analysis for the areas where system control gaps identified. Result of the above reviews to be reported to IT Management; Assisting the IT management in fixing the issues. Periodic review of the IT policies and SOPs and recommending changes to IT management wherever applicable. Preferred candidate profile Prior experience of IT audits is mandatory Knowledge & experience of IT environment and the key risks embedded in different IT processes and technology. Good command over both IT process audits and IT functionality testing (System validation testing)

What is the Role? As an ITGC Testing Advisor, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts. More specifically, your role will include: Quality Review : Review ITGC and ITC testing for quality, completeness and correctness of outcome. ITGC Testing : Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing : Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Not Effective Discussions : Support testers in conversation with Line 1 to align on the decision. Test Scripts : Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation : Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting : Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management : Review quality of remediation and documentation of the same before issue closure. Collaboration : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication : Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management : Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. What We Need from You? Experience: IT Audit Expertise : 5+ years of experience in IT audits or ITGC testing. Education: Academic Background : Bachelors Degree in Technology is highly desirable. Certifications : Preferred certifications include those in IT security and Risk Management. Technical Skills: IT Audit and Risk Management : Good knowledge of IT audit processes, risk management, and control testing. Security Standards : Familiarity with internal and external IT security standards such as ISO 27001 and COBIT. Certifications : Relevant certifications like ISO 27001, CISA, CISM, CRISC is desired. Information Risk Management : Strong understanding of information risk management and associated processes. Application Proficiency : Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement : A mindset geared towards continuous improvement and project management experience. Soft Skills: Leadership : Demonstrated ability to deliver through others, is essential. Team Collaboration : Highly motivated team player who volunteers support and collaborates effectively. Proactive Problem-Solving : Skilled in identifying potential challenges and proposing effective solutions. Learner Mindset : Demonstrates professional curiosity and a strong desire to learn. Prioritization : Capable of managing multiple tasks simultaneously with strong prioritization skills. Interpersonal Communication : Strong communication skills, with the ability to build strong relationships with stakeholders. Work Schedule: Mid-Shift : Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization policy.

What is the Role? As an ITGC Testing Analyst, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts.. More specifically, your role will include: ITGC Testing : Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing : Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Test Scripts : Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation : Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting : Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management : Advise IT operations on risk management and contribute to remediation plans for deficient controls. Collaboration : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication : Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management : Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. What We Need from You? Experience: IT Audit Expertise : 3+ years of experience in ITGC testing Education: Academic Background : Bachelors Degree in Technology is highly desirable. Certifications : Preferred certifications include those in IT security and Risk Management. Technical Skills: Certifications : Relevant certifications like ISO 27001, CISA, CISM, and CRISC or having a strong desire to work towards obtaining such certifications. Information Risk Management : Good understanding of information risk management and associated processes. Application Proficiency : Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement : A mindset geared towards continuous improvement and project management experience. Soft Skills: Team Player : Should be a strong team player and display the same by volunteering where one can extend support. Proactive Problem-Solving : Skilled in identifying potential challenges and proposing effective solutions. Learner Mindset : Demonstrates professional curiosity and a strong desire to learn. Team Collaboration : Highly motivated team player who volunteers support and collaborates effectively. Work Schedule: Mid-Shift : Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization policy.

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Manage multiple audit assignments simultaneously as per the plan Review & approve of the documented results of audit work/SOX testing procedures to ensure compliance with the internal requirements Communicate & maintain relationships with clients Required Candidate profile Min 5 years exp post Qualification (CA/ CIMA/ CIA) Should have experience in SOX Audit ITGC SOX & Financial Reporting, ITAC including detailed testing Suvidha Mahajan suvidham@emsol.co.in 9911254430

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at jyoti.gupta@nlbtec.in

EY GDS is actively seeking for IT Audit professionals to join our Technology Risk team at Kolkata, Kochi, and Trivandrum locations To qualify for the role, you must have A bachelors or masters degree and approximately 3-8 years of related work experience At least 3+ years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/MLRole & responsibilities

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Dear Candidate, We are hiring an IT Risk Analyst to identify, assess, and mitigate risks to the organization's information systems and data. This role supports compliance initiatives and strengthens the IT risk management framework. Key Responsibilities: Conduct IT risk assessments, gap analysis, and control evaluations. Develop mitigation strategies for identified security and compliance risks. Monitor regulatory changes and ensure adherence to frameworks (e.g., NIST, ISO 27001). Prepare risk reports, scorecards, and presentations for stakeholders. Collaborate with audit, security, and IT teams on risk response plans. Required Skills & Qualifications: Experience in IT risk, governance, or audit. Familiarity with frameworks like NIST, COBIT, ISO 27001, and SOX. Analytical skills to evaluate threats, vulnerabilities, and control gaps. Excellent documentation and stakeholder communication abilities. Certifications such as CRISC, CISA, or CISSP are a plus. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Role & responsibilities: Lead planning, fieldwork, and reporting phases for assigned SOX ITGC audit engagements. Design and execute detailed testing for IT General Controls and Automated Controls. Validate Test of Design (ToD) and Test of Effectiveness (ToE) for key control areas including Logical Access, Change Management, Backup & Restoration, and Incident Management. Manage and mentor a team, taking full responsibility for performance reviews, appraisals, and goal setting. Ensure audit documentation meets professional standards and internal quality benchmarks. Preferred candidate profile: CISA certification is a must. Bachelors or advanced degree in Information Technology or a related field. Minimum 5 years of experience in SOX ITGC audits. At least 2 years of hands-on team management experience , including appraisal and performance management. Strong knowledge of IT General and Automated Controls. Proficiency in validating ToD/ToE documentation. Excellent interpersonal and stakeholder communication skills. If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at rimjhim.sharma@crescendogroup.in

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

SUMMARY SOX Audit ITGC Testing Team Lead We are in search of a highly skilled and experienced individual to fill the position of SOX Audit ITGC Testing Team Lead for our client's dynamic team in Gurgaon. The ideal candidate should possess a robust technical background and a minimum of 6-8 years of experience in ITGC testing. This role will involve leading and executing ITGC testing activities to ensure compliance with Sarbanes-Oxley (SOX) standards. Key Responsibilities ITGC Testing: Develop and implement comprehensive ITGC test plans and procedures. Identify and evaluate key risks and controls associated with financial reporting. Create and execute test cases to assess control effectiveness. Document test results and deliver detailed reports to management. SOX Compliance: Ensure adherence to SOX requirements and best practices. Contribute to the development and upkeep of SOX documentation. Stay informed about industry trends and regulatory changes. Stakeholder Management: Collaborate with internal and external stakeholders, including auditors and management, to address testing requirements and provide timely updates. Risk Assessment: Identify and evaluate potential risks and vulnerabilities that could impact financial reporting. Recommend mitigation strategies to address identified risks. Continuous Improvement: Identify opportunities for process enhancement and implement best practices to improve testing efficiency and effectiveness. Qualifications and Experience Bachelor's degree in Computer Science, Information Systems, or a related field. Minimum of 6-8 years of experience in ITGC testing. Strong technical background, including knowledge of IT general controls, application controls, and data integrity. Experience with SOX compliance and auditing standards. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Requirements Qualifications and Experience: Bachelor's degree in Computer Science, Information Systems, or a related field. Minimum of 6-8 years of experience in ITGC testing. Strong technical background, including knowledge of IT general controls, application controls, and data integrity. Experience with SOX compliance and auditing standards. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team.