532 Risk Compliance Jobs - Page 12

Walk-in For Freshers - B.Tech (trained Cybersecurity candidates only) Experience Candidates : 2yrs to 5yrs who has worked on the below . Looking for candidates who has done cybersecurity course : Information Security Analyst , Cybersecurity questionnaire , MSA review , Data Protection Agreement, Third-party risk assessment, Vendor risk management , Security compliance , GRC analyst , Contract security review, Security documentation , Risk and compliance analyst Walk-In date: 23rd Jun'25 Designation : IT Contracts Analyst Location : Hyderabad Work mode : Work from office (Hyderabad) Interested candidates We are seeking a detail-oriented, technologically proficient IT Contracts Analyst to join our dynamic Legal and Procurement team, working closely with the Information Security function. In this role, you will be responsible for reviewing, analyzing, and managing a wide range of IT-related contracts, including compliance requirements, service agreements, SaaS/cloud agreements, NDAs, and vendor contracts. This position plays a key role in supporting risk management, legal compliance, and alignment with our internal IT and security policies. Role & responsibilities : Review and analyze IT contracts and SLAs to ensure compliance with internal policies, legal standards, and information security requirements. Collaborate cross-functionally with Legal, IT Security, and Procurement teams to review, negotiate, and finalize contract terms. Identify and highlight any InfoSec-related gaps, non-compliances, or risks in contractual terms. Track and manage the full lifecycle of IT contracts, ensuring timely renewals, amendments, and terminations. Identify key clauses, compliance gaps, risks, and client-specific requirements, aligning them with internal IT and security policies. Maintain a structured repository of all contracts, amendments, and associated documentation using contract management tools. Conduct risk assessments, perform compliance checks, identify critical clauses, and prepare concise contract summaries and reports. Remain current with industry trends, regulatory changes (e.g. data protection laws such as GDPR and CCPA), and best practices in IT contracting. Support the continuous improvement of contract review processes and contribute to internal documentation and policy alignment. Preferred candidate profile Looking for candidates who has worked on Information Security Analyst , Cybersecurity questionnaire , MSA review , Data Protection Agreement, Third-party risk assessment, Vendor risk management , Security compliance , GRC analyst , Contract security review, Security documentation , Risk and compliance analyst Strong analytical skills with a keen eye for detail and the ability to interpret complex legal and technical terms. Technologically proficient, with a solid understanding of IT terminology, particularly relating to SaaS, cloud services, cyber security, and data privacy. Proactive, well-organized, and capable of managing multiple contracts and priorities in a fast-paced environment. Excellent written and verbal communication skills, with experience collaborating across departments. Qualifications: Bachelors degree in Business Law, Information Technology, or a related field (technical certifications are a plus). 2+ years of experience reviewing and managing IT/Technology contracts, ideally within a legal, procurement, or corporate compliance environment. Solid understanding of IT contracting concepts, including SLAs, SaaS agreements, and third-party vendor risk. Working knowledge of data protection regulations (e.g. GDPR, CCPA) and their implications in IT contracting. Familiarity with contract lifecycle management tools (e.g. DocuSign, Icertis, Jira, or AI-based review tools). Proficiency in Microsoft Excel, PowerPoint, and other documentation tools. Ability to work both independently and collaboratively across legal, IT, and procurement functions.

What we offer: Group Summary: Magna is more than one of the world s largest suppliers in the automotive space. We are a mobility technology company built to innovate, with a global, entrepreneurial-minded team. With 65+ years of expertise, our ecosystem of interconnected products combined with our complete vehicle expertise uniquely positions us to advance mobility in an expanded transportation landscape. Job Responsibilities: The IR Analyst, Product Cybersecurity role is a part of Magnas central Information Security Risk & Compliance (ISRC) team. This position will serve as a primary point of contact in matters related to product cybersecurity vulnerability monitoring, management, and reporting. The Product Security IR Analyst will be the primary team member from the ISRC to utilize our global threat intelligence & vulnerability management tool. This role will work closely with leads from each of our unique business units to coordinate continual cybersecurity activities related to our products. Responsibilities Identify potential vulnerabilities in Magnas products by utilizing Magna s cyber threat intelligence and vulnerability management tool. Analyze and verify identified vulnerabilities to determine their applicability and relevance to Magnas products. Assess the risk level of verified vulnerabilities based on known industry frameworks. Collaborate with the product engineering team to facilitate the remediation of vulnerabilities. Track and report status of reported vulnerabilities Create playbooks and best practices for product cybersecurity incident response Stay current with industry best practices and emerging trends in product security to continuously improve Magnas vulnerability management process. Qualifications Bachelors degree or equivalent experience in a related technical field 4+ years of relevant experience in cybersecurity vulnerability monitoring, management, and/or incident response (automotive product preferred) Strong knowledge of product cybersecurity and vulnerability management principles. Proficiency in learning and adapting to new, advanced software tools Expert knowledge of industry standards related to product cybersecurity & incident response (ISO/SAE 21434 preferred) Excellent written and verbal English communication skills Comfortable conveying information effectively and professionally to a wide variety of technical and non-technical audiences Ability to work collaboratively with diverse teams. Enthusiasm for the evolving field of cybersecurity and a desire to continuously learn and improve Attention to detail and ability to prioritize tasks effectively. Awareness, Unity, Empowerment: At Magna, we believe that a diverse workforce is critical to our success. That s why we are proud to be an equal opportunity employer. We hire on the basis of experience and qualifications, and in consideration of job requirements, regardless of, in particular, color, ancestry, religion, gender, origin, sexual orientation, age, citizenship, marital status, disability or gender identity. Magna takes the privacy of your personal information seriously. We discourage you from sending applications via email or traditional mail to comply with GDPR requirements and your local Data Privacy Law. Worker Type: Regular / Permanent Group: Magna Corporate

Our client is Leading Global IT Service and Consulting Organnization Experience- 10 to 15 years Work location: Pune Notice period: Immediate to 30 days Position : Cybersecurity-GRC Governance, Risk, and Compliance Expertise Practical experience with cybersecurity compliance framework (eg., NIST). Ability to evaluate cybersecurity controls and align them with changing regulatory requirements. Experience in maintaining audit trails and managing compliance documentation. Experience managing teams in regulatory operations or cybersecurity GRC. Direct experience engaging with regulators or managing compliance audits. Tools & Processes Exposure to GRC tools like Archer or similar for managing control frameworks and evidence. Familiarity with metrics tracking and reporting for regulatory compliance performance. Comfortable using audit and risk management trackers for organizing and documenting lifecycle of compliance engagements. Education, Certifications and Experience Bachelor's degree in IT, Risk, or related field. At least one certification: CISSP, CISA, CISM. 8+ years in Cybersecurity GRC Experience with regulatory audits or compliance programs.

Job Title: Service Now Developer (TPRM) Location: Chennai, Bangalore, Mumbai, Noida Experience: 8-10 Years Shift Timings: 9:30am to 6:30pm Work Mode: C2H Job Description: We are seeking a highly experienced ServiceNow Consultant with strong expertise in implementing and supporting a combination of Third Party Risk Management (TPRM) , Governance Risk & Compliance (GRC) or Integrated Risk Management (IRM) , and Security Operations (SecOps) modules. The ideal candidate should also have working experience in IT Operations Management (ITOM) , including CMDB and Service Mapping . Required Skills: Strong hands-on experience with ServiceNow TPRM and GRC/IRM modules. Proven implementation knowledge of SecOps (Security Incident Response, Vulnerability Response). Experience in ITOM suite, including CMDB , Discovery , and Service Mapping . Proficiency in ServiceNow development (JavaScript, Glide APIs, UI Policies, Business Rules). Solid understanding of ITIL framework and risk/compliance methodologies. Excellent communication and stakeholder management skills.

As an Associate, you will support the overall research and due diligence within our Compliance Practice, by gathering information to help Kroll’s clients onboard and manage the risks associated with new clients and third parties, ensure we offer the right level of screening and due diligence solutions based on the risks inherent in the opportunity.. At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk and transparency challenges. Apply now to join One team, One Kroll. Responsibilities. Support the overall research and due diligence process for Kroll’s Risk & Compliance practice area.. Manage cases from start to finish, conducting extensive Internet, database, and media research into companies and individuals to provide our clients with an accurate assessment of the status, legitimacy, general background, and overall reputation of a subject company and its principals.. Advise our clients to make informed, strategic decisions that have a huge impact on their organizations.. Work with clients of all sizes and industries, providing a portfolio of services that includes third party screening and monitoring, reputational due diligence solutions. Use the Kroll Compliance Portal, a user-friendly web-based due diligence, governance, and compliance platform. Requirements. 2-4 years of previous work experience (including internships) is highly desirable. A high value on our talent and seek candidates with a high level of conscientiousness, integrity, and professional pride.. Outstanding English reading and writing skills. Meticulous attention to detail, a sense of curiosity, and the ability to learn quickly, and a dedication to customer satisfaction. Undergraduate or graduate degree at an accredited university majoring in: International Relations/Affairs, Regional Studies, Political Science, or other related areas of study required. Ability to quickly and effectively summarize information from multiple sources into concise analytical assessments. Ability to work independently. Ability to prioritize several projects and assignments on multiple topics while meeting tight deadlines. Customer-service orientation with a dedication to quality. Excellent written and verbal communication skills that help represent diverse communities. Experience working with diverse teams. About Kroll-. In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business.. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.. In order to be considered for a position, you must formally apply via careers.kroll.com. Kroll is committed to equal opportunity and diversity, and recruits people based on merit.. Show more Show less

To lead the Government NPS vertical for the assigned region by managing a team of Government Relationship Managers and driving AUM growth through voluntary PFM switches by Central and State Government NPS subscribers. The role includes strategic engagement with government bodies, sales planning, managing team productivity, and coordination with internal functions to ensure compliance and seamless execution. Main Accountabilities Business Leadership & AUM Delivery Own and deliver regional AUM targets by driving voluntary switches to Tata PFM from existing NPS subscribers across Central and State Government departments. Monitor performance of Government Relationship Managers and ensure structured outreach to high-potential departments and subscriber bases. Ensure consistent pipeline build-up, lead conversion, and timely execution of switching documentation. Government & Institutional Engagement Build and manage senior-level relationships with key government stakeholders - including Treasury offices, Directorate of Accounts, Nodal Offices, and Ministry departments. Represent Tata Capital and Tata PFM in regional government forums, PFRDA-linked events, and subscriber outreach programs. Support Government RMs in breaking into new departments and unlocking scale opportunities. Team Management & Productivity Train, and mentor a high-performing team of Government RMs in the region. Drive structured weekly reviews, performance tracking, and coaching for productivity improvement. Ensure team is equipped with latest product collaterals, objection handling scripts, and updated switching SOPs. Sales Planning, Reporting & Compliance Drive regional sales planning including target allocation, funnel tracking, and R&R program execution. Coordinate with central MIS/operations teams for accurate reporting and adherence to TATs. Ensure 100% compliance with PFRDA regulations, internal risk/compliance norms, and data handling protocols. Qualification : Minimum Degree: Graduate in any discipline. Post-Graduate. MBA/PGDM preferred.

This role will require the ability to evaluate and analyze Trade Sanctions Screening and Transactions Monitoring restricted party screening results. In addition, this role will perform certain administrative and planning duties as required by the Sanctions and Export - WorldPay and the Global Corporate Compliance team. Performs trade sanction restricted party screening of entities and financial transactions via the use of third-party screening tool. (Screening involves analysis of entities involved in financial transactions to ensure entities are not sanctioned parties.) Monitors compliance activities to verify that regulatory compliance deadlines and requirements are met. Participates in development of compliance sessions / presentations. Participates in training promoting compliance awareness. Identifies areas of potential improvement. Prepares and distributes internal communications covering compliance matters and metrics. Performs other related duties as assigned. What you bring 4-7 years of experience related to AML & Sanctions Compliance from financial services or from any financial industry. Knowledge of International Sanctions regimes. Knowledge of Financial Crime Risk policies, Sanctions, AML and procedures Awareness of financial market trading products Understanding how technology is applied to business and regulatory issues. Excellent writing and oral communication skills. AML certification such as ACAMS, CFE, CFCS is a plus. Good knowledge and experience of office tools like MS Outlook, MS Word, MS Excel etc Communicates ideas both verbally and in written form in a clear, concise, and professional manner. Comprehensive knowledge of at least one substantive area of compliance, such as export compliance, trade sanctions, or OFAC regulations. Excellent analytical and problem-solving skills and is detailed oriented. Ability to understand and apply learned concepts. Demonstrated ability to plan and complete work within tight time limitations. Ability to follow and conduct a compliance monitoring program. Ability to provide information to a variety of audiences and deal effectively with confidential issues that are sensitive in nature. Ability to share information with an awareness of its effect on others Worldpay Values: Determined - You stay open - winning, and failing, as one. Always looking for solutions that add value. Inclusive - You collaborate, encouraging others to perform at their best, always welcoming new perspectives. Open - You work across borders, working with your team to achieve your collective goals

Sr. Consultant, Info Security, Governance, Risk and Compliance Job ID 308692 Date posted 06/18/2025 Location : Bengaluru, India Category DIGITAL TECHNOLOGY AND DATA (DT&D) Job Status Salaried Full Time Job Purpose and Impact The Senior Professional, Governance, Risk & Compliance job leads the quantification of enterprise risk appetite and tolerance, the development of security policies and the maintenance of a comprehensive cyber risk register to safeguard the organization. With minimal supervision, this job ensures compliance with regulatory requirements and makes proposals to improve the organizations risk management framework in support of overall strategic objectives. Key Accountabilities ENTERPRISE RISK APPETITE & TOLERANCE: Conducts complex risk assessments to identify new vulnerabilities and threats that might harm the companys strategic objectives, aligned with the organizations risk appetite. SECURITY POLICIES & STANDARDS: Leads the establishment and improvement of fit for purpose security policies and standards to mitigate risks effectively and efficiently. CYBER RISK REGISTER: Reviews and oversees the cyber risk register, quantifying risk implications and ensuring accurate scoring of identified risks. COMPLIANCE TESTING: Leads the conduct of compliance testing, ensuring adherence to internal policies and external regulations. PERFORMANCE MONITORING: Leads the data collection, reports preparation and performance results communication to internal cross functional teams and external partners. COMPANY LEVEL METRICS & PROGRESS ON RISK MANAGEMENT GOALS: Prepares and communicates metrics related to risk management progress, ensuring clarity and accountability across the organization. Qualifications Minimum requirement of 5 years of relevant work experience. Typically reflects 6 years or more of relevant experience. Minimum of 4 years of Cybersecurity policy and governance experience. 5+ years of experience of relevant experience policies, standards and Cybersecurity guidelines in the total work experience. Experience developing and implementing cybersecurity policies and procedures. Exceptional written and verbal communication skills, and proven ability to translate security risks to all levels of business. Working knowledge of common technical controls across security domains (e.g., logical access, configuration management, security operations, etc.) and technologies.

Job Title: ServiceNow GRC Developer Location: Anywhere in India Company: NexusNow.ai Experience: Minimum 4 years Job Type: Full-time About Us: NexusNow.ai is a leading ServiceNow consulting and implementation partner, delivering value-driven digital transformation solutions. We specialize in IT workflows, risk and compliance automation, and strategic platform integrations that help enterprises operate smarter and faster. Job Summary: We are looking for a strong ServiceNow GRC Developer with solid experience in core ServiceNow concepts, GRC module implementations, scripting, and integration. The ideal candidate will contribute to building and enhancing GRC use cases like Policy & Compliance, Risk Management, and Audit Management, ensuring seamless integration with other systems. Key Responsibilities: Design, develop, and implement solutions in the ServiceNow GRC module (Governance, Risk, and Compliance) Configure and customize Policy and Compliance , Risk , Audit , and Vendor Risk Management applications Build and manage custom applications , workflows , catalog items , and UI components using JavaScript, Glide APIs , and ServiceNow Studio Develop and support REST/SOAP integrations between ServiceNow and external systems Perform end-to-end GRC solutioning , including form design, data model setup, and dashboard/report creation Collaborate with business analysts, architects, and stakeholders to gather and clarify requirements Conduct unit testing , code reviews, and performance tuning to maintain system health and quality Follow best practices for ServiceNow development, security, and documentation Required Skills: Minimum 4 years of hands-on development experience with ServiceNow Strong expertise in ServiceNow GRC module (at least 1 full-cycle implementation preferred) Proficiency in ServiceNow platform fundamentals , including forms, workflows, ACLs, notifications, and UI policies Advanced scripting skills in JavaScript , GlideRecord , Business Rules , Script Includes , UI Scripts , etc. Experience with ServiceNow Integrations (REST, SOAP, MID Server) Strong understanding of data security , roles/permissions , and CMDB/asset management Experience with Agile/Scrum delivery methodology Preferred Qualifications: ServiceNow Certified System Administrator (CSA) mandatory ServiceNow GRC Implementation Specialist preferred Exposure to IRM , Third-Party Risk , or Continuous Monitoring modules is a plus Strong communication and stakeholder management skills What We Offer: Competitive salary and performance bonuses Opportunity to work on cutting-edge GRC implementations Collaborative and growth-oriented culture Hybrid/flexible work model Apply Now: Send your resume to careers@nexusnow.ai with the subject: Application for ServiceNow GRC Developer

Position Purpose As Head/Domain lead, manage the software development teams based in India to deliver high value IT functionality, stability & Scalability with a scope of responsibility of 100+ FTEs. Responsible for relationship management with Business & IT sponsors in conjunction with respective global domain heads. Lead Transversal transformation programs of a technical nature for the GMIT department beyond the domain, e.g. Engineering initiatives to improve code quality, Technical Debt management, End of Life / Obsolescence, Left shift for testing etc, including the awareness, training and change management dimensions of it. By being a part of the India Global Markets IT (GM IT) ExCo :- Contribute & strengthen the management vision of the department. Contribute to the continuous improvement of GMIT ISPL and implementation of best practices. Lead by example and disseminate the management values & objectives for GMIT Leadership group to boost GMIT ISPL performance. Contribute to true collaboration across all domains of GMIT. Responsibilities Direct Responsibilities Vision in strategy: Key leadership role responsible for managing and driving the IT strategy, execution and delivery of technology and solutions, support position management, risk analytics and collateral management for GM IT The successful candidate will ensure management of ~100+ GM IT professionals. Will act as a key partner with business stakeholders to drive the overall GM IT strategy. Build strong relationship with global business leaders, risk managers, collateral teams to drive business successfully and to ensure consistency and alignment across systems. Visualize business changes and create an IT/innovation mindset so that solutions are ready for the growth of business and subsequent scale-up. Delivery and operations: Overseeing delivery of high-quality, complex IT Programs for the Position, Risk and Collateral teams. Implement Agile methodologies to ensure efficiency in delivery operations. Platform availability, scalability and performance to support high transaction volumes. Collaborate with Application Production Support to optimize production incidents resolutions. Manage relationships with technology partners ensuring cost effective delivery of solutions. Leverage emerging technologies to enhance system architecture and solutions. Drive digital transformation initiatives to improve operational efficiency. Budget management and cost optimization. Continuous monitoring of performance & efficiency of the setup. Identify opportunities for process and technologies improvement. Enable solutions and act as escalation point for Administrative & HR topics. Provide support to business stakeholders & operations leadership. Risk and compliance: Ensure compliance with global regulatory requirements. Implement existing robust IT governance and reporting mechanisms to manage operational excellence. Risk mitigation via implementation of technology obsolescence remediation. Digital Transformation: Manage initiatives, which includes framing transformation programs Getting buy-in from stakeholders and contributors Define the governance, secure capacity, and budget, build/consolidate and maintain the plan, manage dependencies and drive to completion, ensuring effective communication, continuous alignment of contributors and timely running of governance routines. People Development: Drive and manage people development initiatives in partnership with HR. Responsible for mentorship and career growth of the in-scope employees. Consulting point for Talent Acquisition & Technology solutions. Contributing Responsibilities Technology validation & evolution. Support & leadership to organizational initiatives. Identify gaps in existing systems and create action plan to plug those gaps rapidly. Promote automation on all areas that helps to improve quality and faster delivery Technical & Behavioral Competencies Specific Qualifications (if required) An IT Engineering degree or equivalent At least 20 years of work experience in IT At least 10 years of work experience in a Capital Markets IT environment Hands on Programming experience of at least 10 years Experience of managing an overall team of at least 100 staff for at least 3 years Strong understand of Global Markets , trade lifecycle experience in trading platforms Financial markets and regulatory requirements Skills Referential Behavioural Skills Ability to collaborate / Teamwork Decision Making Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: Analytical Ability Ability to develop others & improve their skills Ability to anticipate business / strategic evolution Ability to inspire others & generate people's commitment Ability to develop and leverage networks Education Level: Bachelor Degree or equivalent Experience Level: At least 20 years Other/Specific Qualifications (if required)

Position Purpose The role of the Third-Party Technology Risk Management Analyst / Consultant is to implement the set of operational activities to be carried out within BNP Paribas (Group entities) to manage ICT Cyber risks for the beneficiaries of sourcing (Outsourcing, purchasing shoring) initiatives supported by ICT service providers and third parties involved in ICT projects or business projects with ICT components. She/he can operate within TPTRM scope governance, providers, beneficiaries SMEs spread throughout global region. As part of his role, she/ he will have to work closely with German stakeholders. Especially, she / he will help clients assess the risks associated to their arrangement and provide recommendations for managing those risks.. Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Instruct the 5 European Bank Authority ICT risks categories and follow them throughout TPTRM assessments Participate in Initialization Committee/ Validation Committee Go-Live committee for Supporting specific arrangements and results Provide support to beneficiary / contract owner to implement residual actions Facilitate the business/sponsor/beneficiary/SME decision-making with deep analysis based on relevant flagged risk families Provide support to contract owners and coordinate/ assist to ensure proper assessments are done Manage TPTRM inventory with follow-up tracker management Contribute to process improvement, upkeep with new policies, regulations, standards guidelines Technical Behavioral Competencies Functional Skills Experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation. Experience in the Finance IT industry with a strong exposure to IT Operations, Application Security, and/or network administration, IPS Demonstrate knowledge of Risk Compliance, cybersecurity, cyber risk, cyber threats, Third Party Technology Risk Management/ Vendor assessments Working knowledge of global regulations, frameworks and standards (ISO, NIST, COBIT, PCI-DSS, HIPAA) and conversant in the tactics, techniques and procedures used by Risk adversaries. Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Good IT knowledge Technical : - Good understanding of organizations and IT Businesses - Good technical understanding of infrastructures and IT Security Productions and Systems - IT risk /Third Party risk analysis and management methods and should have worked on Risk Management Tools like, ServiceNow etc. - Knowledge of Cyber Resilience, IT continuity and business continuity - GRC - Governance, Risk Management and Compliance Management. - Firewall and Internet technologies; Cloud Security, Banking Tools Technologies. - Secure access control mechanisms; Encryption and Key management technics Behavioral : - Strong Communication, Analytical and problem-solving skills. - Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills - Good documentation and reporting skills - Ability to work independently - Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back-office users - Good communication, technical writing/diagramming skills - Attention to detail and accuracy Specific Qualifications (if required) - One or more Industry-recognized information Security certifications such as CISSP, CISA, GCCC, CISM, CEH, CRISC, OSCP or Security+. - IT Security tools like Firewalls, IPS, WAF, Endpoint protection, Network security, etc. - IT Auditing (ISO27001/2, NIST 800 Series, ISO27005, ISO42001) - Regulatory Compliance MBA in Finance/Systems/IT, Masters in Technology, Bachelor of Commerce, Masters in Commerce, Bachelor in Science, Bachelor in Technology Skills Referential Behavioural Skills : (Please select up to 4 skills) Communication skills - oral written Attention to detail / rigor Ability to deliver / Results driven Creativity Innovation / Problem solving Choose an item. Choose an item. Choose an item. Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to manage a project Ability to understand, explain and support change Ability to develop and adapt a process Ability to anticipate business / strategic evolution Other/Specific Qualifications (if required) CISA/CISSP/CISM/CRISC

Good knowledge of Statutory Compliance, PF & ESIC Returns, CLRA, Factory Annual Returns, MIS, Payroll and HR Generalist. Maintain monthly reconciliations of Statutory and Compliance data. Check salary related compliances. Required Candidate profile Must have good communication in English and proficient with MS Office and Excel.

We are looking for a highly skilled and experienced Field Risk Officer to join our team at Equitas Small Finance Bank. Roles and Responsibility Conduct thorough risk assessments and analyses to identify potential threats to the organization. Develop and implement effective risk mitigation strategies to minimize losses. Collaborate with cross-functional teams to ensure compliance with regulatory requirements. Monitor and report on key performance indicators (KPIs) related to risk management. Provide expert guidance on risk-related matters to stakeholders. Stay up-to-date with industry trends and developments in risk management. Job Requirements Strong understanding of risk management principles and practices. Excellent analytical and problem-solving skills. Ability to work effectively in a fast-paced environment. Effective communication and interpersonal skills. Strong attention to detail and organizational skills. Experience working with financial institutions or similar organizations is preferred.

Essential Services: Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team. To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service. The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the Role ICICI Bank is pleased to on-board Chartered Accountants across various functional domains like Relationship Management, Credit Management, Risk & Compliance, Audit, and Product Management. The roles offered will involve building and nurturing relationships with corporate and institutional client segments comprising of Large & Global Client Groups, PSUs, and Capital Markets & Custody. ICICI Bank believes in serving the entire banking needs of the customer through a customer-360 degree approach, this necessitates all the employees to work beyond the role boundaries and product domains. Chartered Accountants play a pivotal role in Banking & Finance. They bring in the lens of financial acumen and analytical abilities. Across various roles, from dealing with customers to managing the risk framework, creating products, shaping technology solutions, planning, taxation, and in many other areas CAs have shaped Banking as a whole. Hence, they become a natural choice at ICICI Bank for various roles. Applicants are expected to apply for this opportunity with an understanding that every job role at ICICI Bank will entail Sales & Relationship management. The role and location offered will solely depend upon the requirement of the Bank. Key Responsibilities Customer 360 Build and deepen relationships with customers to increase their wallet share and revenues through customer-centric engagements. Ensure the customer's needs are captured holistically and solutions are offered using the 360-degree banking framework by recommending the right products within the guiding principle of Fair to Customer, Fair to Bank . Risk Calibrated Business Development Market scoping, segmenting and onboarding new clients as per the risk frameowrk of the bank to drive ecosystem revenue. The role holder for the purpose of business origination, will engage with many internal and external stakeholders like corporate clients, banks, brokers, regulators as per the needs of the role. Market scoping, segmenting and onboarding new clients as per the risk frame work of the bank to drive ecosystem revenue. The role holder for the purpose of business origination, will engage with many internal and external stakeholders like corporate clients, banks, brokers, regulators as per the needs of the role. Portfolio Management Manage a high-quality portfolio of corporate clients. Work towards generating new business leads as well as deepening relationships with existing customers. Customer Service Create service excellence by partnering with customers through their life cycle and offer suitable products and services based on their financial needs while being fair to and fair to the bank in all engagements. Create service excellence by partnering with customers through their life cycle and offer suitable products and services based on their financial needs while being fair to customer and fair to bank in all engagements. Behold our values Offer products that are fair to our customers and fair to the bank. Qualifications & Skills Educational Qualification Chartered Accountant with 0-6 years of experience Communication skills Ability to tailor conversations (both verbal & written) around the need of customer with utmost focus on service deliver Financial Understanding An understanding of the financial analysis, balance sheet, profit & loss accounts and cash flow statements. Knowledge of basic banking products Location : - Chennai,Hyderabad,Bengaluru,Mumbai

5 days Working Proprietary Trading | Stock Broking |Capital Markets Derivatives and Margin Mechanics SEBI & Taxation Compliance Treasury & Liquidity Management Internal Controls, Audit & Risk Compliance Financial Automation, MIS, and Dashboarding Required Candidate profile Financial Management Compliance & Risk SEBI, taxation laws, and ROC requirements Capital Allocation & Treasury Strategic Finance & MIS Stakeholder Management

Review and resolve complex sanctions alerts and escalations, including potential true matches and high-risk cases. Provide subject matter expertise on global sanctions programs (eg, OFAC, EU, UN, UK, etc). Supervise and mentor a small team of sanctions analysts, ensuring timely and accurate alert resolution. Conduct quality assurance reviews and provide feedback to improve team performance and consistency. Collaborate with internal stakeholders (eg, Legal, AML, Risk) to ensure appropriate handling of sanctions-related issues. Assist in the development and refinement of sanctions screening procedures and escalation protocols. Monitor regulatory updates and industry trends to ensure the sanctions program remains compliant and effective. Support audits, regulatory inquiries, and internal investigations as needed. What you bring 3-5 years of experience in sanctions compliance or financial crime investigations. Strong understanding of global sanctions regimes and regulatory expectations. Experience handling complex escalations and conducting in-depth investigations. Prior experience leading or mentoring team members is preferred. Excellent analytical, communication, and documentation skills. Proficiency with sanctions screening tools (eg, World-Check, Dow Jones, LexisNexis, etc). Proven People management of teams from 5-20 people compliance knowledge (sanctions, PEP, Negative News) Excellent Written skills Worldpay Values: Determined - You stay open - winning, and failing, as one. Always looking for solutions that add value. Inclusive - You collaborate, encouraging others to perform at their best, always welcoming new perspectives. Open - You work across borders, working with your team to achieve your collective goals.

we're looking for a Principal Analyst - Compliance in our ever-evolving Sanctions Compliance Team to help us unleash the potential of every business. What you'll own Review and resolve complex sanctions alerts and escalations, including potential true matches and high-risk cases. Provide subject matter expertise on global sanctions programs (eg, OFAC, EU, UN, UK, etc). Supervise and mentor a small team of sanctions analysts, ensuring timely and accurate alert resolution. Conduct quality assurance reviews and provide feedback to improve team performance and consistency. Collaborate with internal stakeholders (eg, Legal, AML, Risk) to ensure appropriate handling of sanctions-related issues. Assist in the development and refinement of sanctions screening procedures and escalation protocols. Monitor regulatory updates and industry trends to ensure the sanctions program remains compliant and effective. Support audits, regulatory inquiries, and internal investigations as needed. What you bring 3-5 years of experience in sanctions compliance or financial crime investigations. Strong understanding of global sanctions regimes and regulatory expectations. Experience handling complex escalations and conducting in-depth investigations. Prior experience leading or mentoring team members is preferred. Excellent analytical, communication, and documentation skills. Proficiency with sanctions screening tools (eg, World-Check, Dow Jones, LexisNexis, etc). Proven People management of teams from 5-20 people compliance knowledge (sanctions, PEP, Negative News) Excellent Written skills Worldpay Values: Determined - You stay open - winning, and failing, as one. Always looking for solutions that add value. Inclusive - You collaborate, encouraging others to perform at their best, always welcoming new perspectives. Open - You work across borders, working with your team to achieve your collective goals

About Us At ANZ, we're shaping a world where people and communities thrive, driven by a common goal: to improve the financial wellbeing and sustainability of our millions of customers, About The Role As a Privacy Governance Manager in our Data and Technology Risk team, youll play a key role in the ANZ Privacy Office to ensure ANZs compliance with Privacy and Data Protection laws across the bank globally, The role will provide Subject Matter Expertise on Privacy and Data Protection obligations across the bank to support the operational governance oversight This role will also assist business units across the bank to understand privacy risks by identifying and implementing appropriate control measures, Banking is changing and were changing with it, giving our people great opportunities to try new things, learn and grow Whatever your role at ANZ, youll be building your future, while helping to build ours, Role Location: Bengaluru Role Type: Permanent, Fulltime What will your day look like Monitoring and ensuring compliance with Privacy and Data Protection laws across various jurisdictions, Identifying, assessing, and mitigating privacy risks through reviews and assessments, Collaborating with ANZ stakeholders and business units to align privacy practices with organizational goals, Overseeing data mapping initiatives and maintaining records of processing activities (RoPA), Managing, evaluating and reporting third-party vendors' attestation outcomes and identifying risks or concerns related to Privacy or Data Protection, Reviewing and updating new obligations in NFR Hub, Tracking and reporting privacy KPIs and metrics for the ANZ Privacy Office, What will you bring Minimum of 8 to 10+ years' experience in Privacy or a related field, preferably with a bachelor's degree in law, Recognised Privacy and Data Protection qualification (e-g , IAPP CIPM, CIPT, CIPP/E), Comprehensive knowledge of global Privacy and Data Protection legislation (including AU Privacy Act, GDPR, PDPA), Thorough understanding of privacy management practices and the ability to identify privacy risks and manage interactions across business operations, Proficient writing, organisational and problem-solving skills, Effective communication and interpersonal skills for collaborative work with stakeholders and employees at all levels, Youre not expected to have 100% of these skills At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, wed love to hear from you, Job Posting End Date 13th June 2025, 11 59pm, (Melbourne Australia)

We are looking for a highly skilled and experienced Field Risk Officer to join our team at Equitas Small Finance Bank. Roles and Responsibility Conduct thorough risk assessments and analyses to identify potential threats to the bank's assets. Develop and implement effective risk mitigation strategies to minimize losses. Collaborate with cross-functional teams to monitor and manage risk exposure. Identify and report on key performance indicators (KPIs) related to risk management. Provide expert guidance on risk-related matters to stakeholders. Stay up-to-date with industry trends and regulatory requirements to ensure compliance. Job Requirements Strong understanding of risk management principles and practices. Excellent analytical and problem-solving skills. Ability to work effectively in a fast-paced environment with multiple priorities. Strong communication and interpersonal skills. Experience working with financial data and systems. Knowledge of regulatory requirements and industry standards. Educational qualifications: Any Graduate or Postgraduate degree. About Company Equitas Small Finance Bank is a leading player in the BFSI industry, committed to providing high-quality banking services to its customers. We offer a dynamic and supportive work environment, with opportunities for professional growth and development. Location - Kumbakonam,Mannargudi,Thanjavur,Thiruvaiyaru

Summary Firm s Client Response Center (CRC) Team is in search of a Senior Proposal Specialist to play an integral role in client service and retention efforts through the completion of Due Diligence and Onboarding Questionnaires, Contract Renewal/Sub-Advisory Questionnaires and RFIs (DDQs) for Firm s retail and institutional clients worldwide. Projects will be primarily client servicing-related and include both standard and customized client DDQs. The Senior Proposal Specialist will write and review complex firm/entity level operational DDQs covering various topics including risk, compliance, cybersecurity and operations. The Senior Proposal Specialist will also be responsible for writing, maintaining in repository and customizing for DDQs an identified universe of language and data. The topics under Senior Proposal Specialist s purview would relate to Firm s firm level language including but not limited to each of the relevant areas mentioned above. The language universe would specifically cover the Firm parent entity. A secondary focus area of the Senior Proposal Specialist would be US Retail DDQs which cover multiple funds and managed accounts (SMAs) and require skillful handling and thorough understanding of all traditional and alternative asset classes and also of the nuances of US fund platforms and the operational delivery of managed accounts. The Senior Proposal Specialist will be expected to work directly and effectively with CRC Management, other RFP Writers and various other Senior Subject Matter Experts (SMEs) from across the firm for writing assigned DDQs and maintaining the assigned language. The Senior Proposal Specialist would also be responsible for reviewing the work of, guiding and training the assigned Mid-Senior and Junior Specialists/Writers working on firm/operational and multi-fund DDQ s. How You Will Grow This is an exciting opportunity for you to grow -- to further increase your expertise and knowledge of the operations and functioning of an asset management firm and understanding of the asset management business by working at a large, global asset manager handling challenging firm, operational and multi-fund DDQs for some of the firm s largest and most strategically important clients. You will work directly with Firm s highly experienced internal subject matter experts to write and manage such DDQs, and you will be empowered to maintain and customize existing language, and develop new language, for the topic areas under your purview. Having full ownership of these projects and topic areas will further deepen and broaden your technical expertise in the intricacies of each topic, positioning you as a subject matter expert yourself. Job Description Specific responsibilities include but are not limited to: Write Complex Firm and Operational DDQs: Write complex firm and operational DDQs and also handle Retail DDQs for multiple funds and managed accounts. Produce High Quality Drafts: Ensure high quality drafts which follow Firm specific best practices related to content and style. Customize: Ensure final documents are customized to reflect nuanced and targeted responses to the specific client request. Handle Follow-ups: Handle follow-up questions from the client associated with previously completed DDQs, including researching responses as needed and coordinating with CRC Management and other Senior SMEs firmwide for the additional information needed. Maintain Firm and Operations Language: It is the Senior Proposal Specialist s one of core responsibilities to keep the firm level language in areas including but not limited to risk, compliance and operations, fully updated and compliance-approved in the response repository (Responsive). Customize Language: Customize existing language and develop new language to answer technical due diligence questions as needed. Understand Best Practices: Understand the Firm policies, procedures and best practices for providing responses and reporting information in our DDQs. Understand Systems and Sources: Establish processes for and stay up-to-date on the systems, documents, websites and internal resources available to access the necessary information to complete DDQs. Stakeholder Management: Show high degree of independence and professionalism in managing all internal stakeholders, including all communications with these stakeholders, so as to maintain long term and productive engagements. Review for Mid- and Junior Specialists/Writers: Review DDQs drafts of assigned Mid-Senior and Junior Specialists/Writers. Review for Mid- and Junior Specialists/Writers - Train and Guide : Guide, train and develop the assigned Mid-Senior and Junior Specialists/Writers. Job Qualifications & Key Attributes The ideal candidate will have: Experience: 5-7 years of due diligence and/or RFP writing experience with a 5 to 10 years of overall experience. Sound knowledge of functioning, organization and operations of an asset management firm. Track Record of Execution: Must be an excellent and highly productive writer and reviewer of technical investment material. Must be able to handle multiple different projects simultaneously to meet tight client deadlines. Strong Initiative and Judgment: Must demonstrate initiative and good judgment as well as the ability to work well under pressure, within time constraints, and across time zones. Must be able to interact directly and effectively with multiple internal Senior SMEs across the firm. Exceptional Attention to Detail: Must be highly organized and have strong attention to detail. Strong Industry Knowledge: Knowledge of GIPS regulations, Composite requirements, and global Fund marketing regulations. Familiarity with US retail managed account set up and operational nuances a plus. Technical Knowledge: Expert-level knowledge of full MS Office Suite required, but especially Word and Excel. Technology-Forward: Preference will be given to candidates with strong experience in leveraging technology, including new and emerging AI technology, to complete DDQ drafts in as fast and efficient a manner as possible. Experience with the Responsive software a strong plus. College education: MBA/MS/MA. CFA (L1 Cleared or higher) would be added advantage. Pune, India

We are M&G Global Services Private Limited (formerly known as 10FA India Private Limited, and prior to that Prudential Global Services Private Limited) . We are a fully owned subsidiary of the M&G plc group of companies, operating as a Global Capability Centre providing a range of value adding services to the Group since 2003. At M&G our purpose is to give everyone real confidence to put their money to work. As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns. We have a diverse workforce and an inclusive culture at M&G Global Services, regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.

About this role: Wells Fargo is seeking a Senior Compliance Specialist In this role, you will: Establish, implement and maintain risk standards and programs to drive compliance with federal, state, agency, legal and regulatory and Corporate Policy requirements Oversee the Front Line's execution and challenges appropriately on compliance related decisions Provide oversight and monitoring of risk-based compliance programs Develop and oversee standards Provide subject matter expertise with comprehensive knowledge of business and functional area Provide compliance risk expertise and consulting for projects and initiatives with moderate risk for a business line or functional area Monitor reporting, escalation, and timely remediation of issues, deficiencies or regulatory matters regarding compliance risk management Provide direction to the business on developing corrective action plans and effectively managing regulatory change Provide compliance risk expertise Consult for projects and initiatives with moderate risk for a business line Identify and recommend opportunities for process improvement and risk control development Provide direction to the business on developing corrective action plans and effectively managing regulatory change Report findings and make recommendations to management appropriate committees Interpret policies, procedures, and compliance requirements Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Work with complex business units, rules and regulations on moderate risk compliance matters Receive direction from leaders and exercise independent judgment while developing the knowledge to understand function, policies, procedures, and compliance requirements Support the oversight or monitoring of a risk-based compliance program Provide compliance risk insight and support projects and initiatives with low to moderate risk for a business line or functional area Continuously monitor electronic communications including emails, instant messages, and other digital correspondences. Utilize surveillance tools and software to track and analyze communication patterns for suspicious activities Monitor active deals and MNPI for all covered employees Ensure all electronic communications comply with industry regulations, legal standards, and internal policies. - Stay updated with changes in relevant laws and regulations affecting electronic communication surveillance Participate in the implementation of an IT book of work associated with the teams surveillance platform Support the oversight or monitoring of a risk-based compliance program Support the reporting, escalation, and timely remediation of issues, deficiencies or regulatory matters regarding compliance risk management Review electronic communications which have alerted or via targeted reviews Work with Compliance Officers, Supervisory Principals and/or Managers to research and resolve escalated electronic communications Assist in further developing the monitoring of electronic communication Appropriately challenge the Front Lines execution of their compliance responsibilities when it comes to trading in companies on the Restricted List, issuers they may be over the wall on or their escalation of suspicions of insider trading Identify and recommend opportunities for process improvement and risk control development Establish and maintain effective relationships with various teams. Required Qualifications: 4+ years of Compliance experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Prior Compliance Control Group or related experience Prior experience as a Securities or Derivatives trader Prior surveillance experience Intermediate Microsoft Office skills Excellent verbal, written, and interpersonal communication skills Strong analytical skills with high attention to detail and accuracy Ability to interact with all levels of an organization Knowledge and understanding of regulatory compliance requirements surrounding the financial services industry Experience meeting high production and quality standards Experience resolving and working through escalated and complex issues BS/BA degree or higher FINRA registration including Series 7 (or FINRA recognized equivalents) Experience conducting regulatory compliance surveillance Knowledge and understanding of institutional banking and/or broker/dealer activities Experience reading, analyzing, and interpreting written communications Extensive experience in the review of surveillance alerts across market conduct / abuse behaviors as well as rules-based surveillance using surveillance applications (Actimize ActOne, Protegent Market Abuse, Protegent Trading Compliance and Trading Hub) Experience with Equity security products Proficient knowledge of data sets for trading in Equity products, including but not limited to quotes, orders and executions Knowledge of US Market Abuse or Manipulation Regulations and similar FCA MAR Behaviors Knowledge of SEC, FINRA market abuse rules and regulations and FCA MAR Behaviors Job Expectations: Shift Timing - 1.30 PM - 10.30 PM.

In this role, you will: Establish, implement and maintain risk standards and programs to drive compliance with federal, state, agency, legal and regulatory and Corporate Policy requirements Oversee the Front Line's execution and challenges appropriately on compliance related decisions Support the oversight or monitoring of a risk-based compliance program Provide support in developing and overseeing standards with some business and functional knowledge Provide compliance risk insight and support projects and initiatives with low to moderate risk for a business line or functional area Work with a business unit, a defined set of rules and regulations on low to moderate risk compliance matters Support the reporting, escalation, and timely remediation of issues, deficiencies or regulatory matters regarding compliance risk management Provide direction to the business on developing corrective action plans and effectively managing regulatory change Provide support in reporting findings and drafting recommendations to management Support and implement initiatives with low to moderate risk Interact with team to support risk oversight and monitoring Manage and ensure accuracy of data Troubleshoot system issues to determine root cause Research and implement new regulatory rules and manage other Registration Team related projects Identify and recommend opportunities for process improvement and risk control development Establish and maintain effective relationships with various teams Make decisions and resolve issues to meet business objectives Interpret policies, procedures, and compliance requirements Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Interact with internal customers Receive direction from leaders and exercise independent judgment while developing the knowledge to understand function, policies, procedures, and compliance requirements Required Qualifications: 2+ years of Compliance experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Candidates with Law degree LLB/ LLM/ Companies Secretary would be preferred. Fluency in any of the foreign languages such as Chinese, Japanese, French, Spanish, and German would be an added advantage. Expertise in technology data entry related to laws, rules and regulations Ability to follow directions for using the SHRP Governance Management system (Archer platform) Excellent verbal and written communication skills Ability to articulate complex concepts in a clear manner Advanced Microsoft Office skills Good eye for detail and accuracy Execution oriented, professional demeanor, self-starter behavior and able to recognize opportunities for improvement in the business and to act on those opportunities Working knowledge on SharePoint would be an added advantage Job Expectations: Strong educational background with a university degree Experience in the compliance and regulatory field within financial services and knowledge of Corporate and Investment Banking at a leading global financial services firm(s). Good understanding of the market and regulatory environment in which Wells Fargo operates is a comparative advantage. Seasoned Compliance professional with capabilities, including but not limited to: ability to make critical decisions, working collaboratively, ability to develop others, enabling high performance, building self-insight and effective risk and control environment. Good intellectual capability and flexibility, able to consider issues from multiple angles and lead debates and discussions with multiple stakeholders. Good sense of judgement and absolute commitment to Wells Fargo transformation journey Ability to forge relationships across multiple functions to enhance the Compliance brand. Ability to deal with change and exhibit a service led mindset to support our stakeholders. Ability to challenge independently and constructively. Communicate effectively and confidently, orally and in writing at all levels of the organization. A team player that actively looks to partner with and support team members with workloads and challenges

Location: Gurgaon Sector 58 Preference: Candidates with experience in NBFCs Compensation: Up to 00 LPA Requirements: Strong communication skills, a compelling personality, and relevant profile exposure -----JOB DESCRIPTION--- For a role that encompasses IT GRC (Governance, Risk, and Compliance) along with IT Security Audit responsibilities, especially in the context of NIST, ISO 27001, SOC2, ITGC audit, RBI (Reserve Bank of India) regulatory compliance, IT Security Compliance, Business Continuity Management (BCM), Disaster Recovery (DR), and Vulnerability Assessment (VA), the roles and responsibilities would typically include: Governance, Risk, and Compliance (GRC): Develop and maintain IT governance frameworks aligned with industry standards and regulatory requirements. Establish and enforce policies, procedures, and controls to ensure compliance with applicable laws, regulations, and standards. Coordinate risk assessment and management activities across the organization. Monitor and report on compliance status to senior management and stakeholders. Facilitate audits and assessments to verify adherence to compliance requirements. Implement continuous improvement initiatives to enhance the effectiveness of GRC processes. IT Security Audit: Plan, coordinate, and conduct IT security audits based on regulatory requirements and industry best practices. Perform risk-based assessments of IT systems, networks, and applications to identify security vulnerabilities and weaknesses. Review and evaluate controls related to access management, change management, data protection, and incident response. Document audit findings, including recommendations for remediation and improvement. Collaborate with internal and external auditors to facilitate audit engagements and address audit findings. Track and monitor the implementation of audit recommendations to ensure timely resolution. Regulatory Compliance: Interpret and apply relevant regulatory requirements, including NIST Cybersecurity Framework, ISO 27001, and RBI guidelines. Conduct gap assessments against regulatory requirements to identify areas of non-compliance and develop remediation plans. Coordinate with business units and stakeholders to implement controls and measures to achieve compliance objectives. Prepare documentation and evidence to demonstrate compliance with regulatory requirements. Stay informed about changes in regulations and standards and assess their impact on the organization's compliance posture. IT Security Compliance: Establish and maintain IT security policies, standards, and guidelines in accordance with regulatory requirements and industry best practices. Conduct periodic reviews and assessments to ensure adherence to security policies and standards. Implement controls and measures to mitigate security risks and vulnerabilities. Monitor and analyse security events and incidents to detect and respond to security breaches. Provide guidance and support to business units on security compliance matters. Business Continuity Management (BCM) and Disaster Recovery (DR): Develop and maintain business continuity and disaster recovery plans aligned with organizational objectives and regulatory requirements. Run BCP/DR frameworks Conduct business impact analyses and risk assessments to identify critical business functions and dependencies. Coordinate the development, testing, and maintenance of BCM and DR plans. Ensure alignment between BCM/DR plans and IT systems, applications, and infrastructure. Provide training and awareness programs to ensure effective response and recovery during emergencies. Vulnerability Assessment (VA): Plan and execute vulnerability assessment activities to identify security weaknesses and vulnerabilities in IT infrastructure and applications. Utilize automated scanning tools and manual techniques to identify and prioritize vulnerabilities based on risk. Analyse and interpret scan results to provide actionable recommendations for remediation. Coordinate remediation efforts with IT teams to address identified vulnerabilities in a timely manner. Monitor and track the status of vulnerability remediation efforts and report on progress to stakeholders. In summary, this role involves a comprehensive approach to managing IT governance, risk, and compliance, along with conducting IT security audits, ensuring compliance with regulatory requirements such as NIST, ISO 27001, and RBI guidelines, and overseeing BCM, DR, and VA activities. Effective communication, collaboration, and coordination with various stakeholders are essential for success in this role. Digital Personal Data Protection Act (DPDPA) and GDPR Compliance: Interpret and ensure compliance with the provisions of the Digital Personal Data Protection Act (DPDPA) and the General Data Protection Regulation (GDPR), as applicable. Conduct data protection impact assessments (DPIAs) to identify and mitigate risks associated with the processing of personal data. Develop and maintain data protection policies, procedures, and controls to safeguard the privacy and confidentiality of personal data. Implement measures such as data encryption, pseudonymization, and access controls to protect personal data from unauthorized access and disclosure. Establish mechanisms for obtaining and managing consent for the processing of personal data in accordance with regulatory requirements. Monitor and respond to data subject requests (e.g., access requests, erasure requests) in compliance with GDPR and DPDPA requirements. Facilitate training and awareness programs to ensure compliance with data protection regulations and promote a culture of privacy within the organization. Collaborate with legal and compliance teams to address data protection issues and ensure alignment with regulatory requirements. Maintain records of processing activities and data protection measures to demonstrate compliance with GDPR and DPDPA obligations. Conduct regular audits and assessments to evaluate the effectiveness of data protection controls and identify areas for improvement. Competencies: Proactively contribute to leadership & handle work stress & people skills Strong analytical skills, problem solving skills, and project/program management skills Excellent communication skills working with all levels of management across the entire organization Ability to handle team strength and work cohesively Ability to act in Leadership position Work and stretch as required in corporate scenario Extrovert and Outspoken Experience Needed: 8+ years' demonstrable experience in IT security GRC management, IT security project management, IT & Data security policy management, and other security practices w.r.t Cloud Infra , Basic IT infra design and architecture Hands-on experience with designing, implementing and managing security IT GRC programs Past experience managing a small to mid-sized team Educational Requirements: Bachelor's degree or equivalent business experience in Computer Science, Business Management. Certified training in IT & Data security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, ISO 27K LA or related certification will be added advantage

We are Hiring for IT & Cybersecurity Compliance Specialist for our client company for Andheri East location Job description- Looking for 3+ year experiencein IT compliance, cybersecurity regulations, risk management, and audit support. This role will be instrumental in ensuring IT systems and practices adhere to relevant laws, industry standards, and internal policies, thereby safeguarding our information assets and maintaining stakeholder trust. Key Responsibilities: Compliance Framework Management: Assist in the development, implementation, and maintenance of following IT and cybersecurity compliance frameworks ISO 27001, NIST, SOX 2, local regulations like IT Act 2000, CEA, DPDP Stay up to date with evolving cybersecurity related regulatory changes, and industry best practices. Policy & Procedure Development: Contribute to the creation, review, and update of IT security policies, standards, guidelines, and procedures to ensure alignment with compliance requirements. Communicate compliance requirements and policy changes to relevant stakeholders. Risk Assessment & Management: Participate in IT risk assessments to identify, evaluate, and prioritize potential security vulnerabilities and compliance gaps. Support the development and implementation of remediation plans for identified risks. Audit & Assurance: Act as a key liaison during internal and external IT and cybersecurity audits. Gather, organize, and provide evidence required for audit requests. Track and monitor the progress of audit findings and remediation efforts. Control Monitoring & Testing: Assist in the regular monitoring and testing of IT security controls to ensure their effectiveness and compliance. Identify control deficiencies and recommend corrective actions. Vendor Risk Management (VMR): Support the assessment of third-party vendor security postures and compliance with organizational requirements. Training & Awareness: Contribute to the development and delivery of IT security and compliance awareness training programs for employees. Documentation & Reporting: Maintain accurate and comprehensive documentation of compliance activities, risk assessments, and audit results. Prepare regular reports on compliance status, key risks, and remediation progress for management. This role will involve tremendous amount of Documentation work & management of same. Qualifications: Preferred bachelors degree in information technology, Computer Science, Cybersecurity, or a related field. 3-4 years of proven experience in an IT compliance, cybersecurity, or IT audit role. Solid understanding of common information security frameworks and standards (e.g., ISO 27001, NIST, SOX 2). Familiarity with data privacy regulations (e.g., India's DPDP Act 2023, IT ACT 2000). Experience with risk assessment methodologies and tools. Strong analytical and problem-solving skills with meticulous attention to detail. Must Excellent written and verbal communication skills, with the ability to articulate complex technical and compliance concepts clearly. Ability to work independently and collaboratively in a fast-paced environment. Exceptional Documentation & presentation Skill. Prior experience with GRC Tools & Cybersecurity Awareness tools like KNowbe4 will be preferred. Preferred Certifications (one or more): CompTIA Security+ (ISC) SSCP (Systems Security Certified Practitioner) ISACA CISA (Certified Information Systems Auditor) - a strong plus ISACA CRISC (Certified in Risk and Information Systems Control) ISO 27001 Lead Implementer/Auditor Looking for candidates who can join immediately or within 20 days.