10 Technology Audit Jobs

The Supplier Assurance Services (SAS) team is responsible for conducting comprehensive risk assessments of suppliers within JPMCs Corporate Third Party Oversight (CTPO) program. Additionally, SAS plays a crucial role in supporting JPMCs Cybersecurity and Technology functions by designing and implementing controls and processes to enhance the security posture of JPMCs supply chain. SAS operates under Global Supplier Services (GSS) and reports directly to JPMCs Global Head of Corporate Third Party Oversight. The SAS Risk Management function aims to standardize and centralize Assessment quality oversight and Supplier Issue Management activities. As an Associate in the Technology Risk and Control - Issue Management team within Global Supplier Services (GSS), your primary responsibility will be to conduct technology and cybersecurity control reviews. This role involves reviewing findings to ensure alignment with JPMC guidance, engaging with internal stakeholders to address Issue Management queries, collaborating with the LOB Delivery Manager and Information Security Manager to resolve findings through Action Plans and Risk Acceptance, and ensuring that relevant Action Plans/Risk Acceptances are remediated within agreed timeframes. Additionally, you will be responsible for managing the entire Issue Lifecycle, identifying process improvement opportunities, and supporting internal education and best practices sharing with peers and colleagues. Qualifications, capabilities, and skills required for this role include: - 5+ years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network Security, Cyber Resiliency, and Third-Party Outsourcing Risk Management in a large enterprise environment. - Understanding of industry risk frameworks such as ISO27001, NIST Cybersecurity Framework, etc. - Strong written and verbal presentation skills at the senior management level. - Experience in debating issues with senior decision-makers and the ability to push back when necessary. Preferred qualifications, capabilities, and skills include certifications such as CISSP, CISA, CISM, CCSP, or CRISC.,

The Supplier Assurance Services (SAS) team is responsible for conducting comprehensive risk assessments of suppliers as part of JPMCs Corporate Third Party Oversight (CTPO) program. In addition, SAS plays a key role in supporting JPMCs Cybersecurity and Technology functions by implementing controls and processes to enhance the security posture of the supply chain. SAS operates within Global Supplier Services (GSS) and reports directly to the Global Head of Corporate Third Party Oversight. The SAS Risk Management function aims to standardize and centralize the quality oversight of assessments and Supplier Issue Management activities. As an Associate in the Technology Risk and Control - Issue Management team at GSS, your primary responsibility will be to conduct technology and cybersecurity control reviews. This involves reviewing findings to ensure alignment with JPMC guidance, validating closure evidence, and collaborating with internal stakeholders to address Issue Management queries. You will work closely with the LOB Delivery Manager and Information Security Manager to resolve findings through Action Plans and Risk Acceptance. Additionally, you will manage the entire Issue Lifecycle, including identification, creation, modifications, extensions, and validation of closure evidence. It is important to engage with Business Partners to ensure timely remediation of relevant Action Plans and Risk Acceptances. Furthermore, you will be responsible for understanding the Supplier Risk Assessment process, identifying process improvement opportunities, and sharing internal education and best practices with peers and colleagues. The ideal candidate for this role should have at least 5 years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network Security, Cyber Resiliency, and Third-Party Outsourcing Risk Management within a large enterprise environment. Knowledge of industry risk frameworks such as ISO27001, NIST Cybersecurity Framework, and others is essential. Strong written and verbal communication skills are required, particularly at the senior management level. The ability to engage in constructive debates with senior decision-makers and push back when necessary is also valuable. Preferred qualifications for this role include certifications such as CISSP, CISA, CISM, CCSP, or CRISC.,

About this role: Wells Fargo is seeking an Independent Testing Specialist In this role, you will: Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners and management Required Qualifications: 2+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education DesiredQualifications: University degree in Business or related discipline 2+ years of relevant experience in risk management (includes compliance, operational risk, issue identification and validation, internal audit, business process management), Technology Audit, Risk and Control Testing Knowledge and understanding of financial services industry: compliance, risk management, or audit operations Expert knowledge levels and understanding of Technology controls Good understanding of Technology domain and Infrastructure Experience in reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, initiatives, products, and internal controls; and identifying issues resulting from internal and/or external compliance examinations Experience in testing policy, procedures, control, and business process testing Experience in creating, executing, and documenting compliance, control, and business process testing Intermediate Microsoft Office (Word, Excel, Outlook, and PowerPoint) Ability to take on a high level of responsibility, initiative, and accountability Minimum 2+ years at Big Four/super regional public accounting firm with experience in Technology testing, regulatory, and/or business process, advisory/consulting service. Experience supporting SOX/SOC, Regulatory Exams (Domestic and Intl), Audits, or other technology control related assessments. Strong critical thinking skills with ability to credibly challenge status quo. Strong organization and prioritization skills. Strong relationship management skills: ability to negotiate difficult positions without harming relationships Strong team player and ability to work with minimum guidance Job Expectations: Responsibilities of the Specialist role include, but are not limited to: Completes review/testing activities on an accelerated schedule, raising schedule delays as needed while looking for opportunities to remediate schedule issues. Providing meaningful operational and compliance risks assessments of business processes. Strong analytical skills Supporting efforts to effectively challenge risks in processes and evaluate and/or test controls designed to mitigate those risks. Executing substantive and/or control testing with moderate supervision. Executing the test of design and operating effectiveness for RCSA (Risk & Compliance Self-Assessment) controls. Completes all testing and documentation under limited supervision and appropriately retains all work papers (testing schedule, templates, work-papers, deferrals, deviations, etc.). Providing consultation and subject matter expertise for process related matters including evaluating severity of control deficiencies and related remediation efforts. Documenting test results and any issues identified while also providing recommendations to management. Providing Credible Challenge to the First Line Units as needed. Acting as a change agent for continual improvement of the control environment Chartered Accountant Certified Management Accounting Certified Public Accountant (CPA) Certified Internal Auditor (CIA) MBA Finance/PGDBA Certified Regulatory Compliance Manager (CRCM) Cybersecurity and Infrastructure Security Agency (CISA) Certified Information Security Manager (CISM) Certified in Risk and Information System Control (CRISC) Information Security Management Systems (ISMS) Data Management information Role: Risk Management & Compliance - Other Industry Type: IT Services & Consulting Department: Risk Management & Compliance Employment Type: Full Time, Permanent Role Category: Risk Management & Compliance - Other Education UG: Any Graduate PG: CA in Any Specialization, MBA/PGDM in Any Specialization

About this role: Wells Fargo is seeking an Independent Testing Specialist In this role, you will: Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners and management Required Qualifications: 2+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education DesiredQualifications: University degree in Business or related discipline 2+ years of relevant experience in risk management (includes compliance, operational risk, issue identification and validation, internal audit, business process management), Technology Audit, Risk and Control Testing Knowledge and understanding of financial services industry: compliance, risk management, or audit operations Expert knowledge levels and understanding of Technology controls Good understanding of Technology domain and Infrastructure Experience in reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, initiatives, products, and internal controls; and identifying issues resulting from internal and/or external compliance examinations Experience in testing policy, procedures, control, and business process testing Experience in creating, executing, and documenting compliance, control, and business process testing Intermediate Microsoft Office (Word, Excel, Outlook, and PowerPoint) Ability to take on a high level of responsibility, initiative, and accountability Minimum 2+ years at Big Four/super regional public accounting firm with experience in Technology testing, regulatory, and/or business process, advisory/consulting service. Experience supporting SOX/SOC, Regulatory Exams (Domestic and Intl), Audits, or other technology control related assessments. Strong critical thinking skills with ability to credibly challenge status quo. Strong organization and prioritization skills. Strong relationship management skills: ability to negotiate difficult positions without harming relationships Strong team player and ability to work with minimum guidance Job Expectations: Responsibilities of the Specialist role include, but are not limited to: Completes review/testing activities on an accelerated schedule, raising schedule delays as needed while looking for opportunities to remediate schedule issues. Providing meaningful operational and compliance risks assessments of business processes. Strong analytical skills Supporting efforts to effectively challenge risks in processes and evaluate and/or test controls designed to mitigate those risks. Executing substantive and/or control testing with moderate supervision. Executing the test of design and operating effectiveness for RCSA (Risk & Compliance Self-Assessment) controls. Completes all testing and documentation under limited supervision and appropriately retains all work papers (testing schedule, templates, work-papers, deferrals, deviations, etc.). Providing consultation and subject matter expertise for process related matters including evaluating severity of control deficiencies and related remediation efforts. Documenting test results and any issues identified while also providing recommendations to management. Providing Credible Challenge to the First Line Units as needed. Acting as a change agent for continual improvement of the control environment Chartered Accountant Certified Management Accounting Certified Public Accountant (CPA) Certified Internal Auditor (CIA) MBA Finance/PGDBA Certified Regulatory Compliance Manager (CRCM) Cybersecurity and Infrastructure Security Agency (CISA) Certified Information Security Manager (CISM) Certified in Risk and Information System Control (CRISC) Information Security Management Systems (ISMS) Data Management information Role: Risk Management & Compliance - Other Industry Type: IT Services & Consulting Department: Risk Management & Compliance Employment Type: Full Time, Permanent Role Category: Risk Management & Compliance - Other Education UG: Any Graduate PG: CA in Any Specialization, MBA/PGDM in Any Specialization

The Supplier Assurance Services (SAS) team at JPMCs Corporate Third Party Oversight (CTPO) program is dedicated to conducting thorough risk assessments of suppliers. As an integral part of Global Supplier Services (GSS), SAS plays a crucial role in enhancing the security posture of JPMCs supply chain in collaboration with JPMCs Cybersecurity and Technology functions. Reporting directly to JPMCs Global Head of Corporate Third Party Oversight, SAS focuses on designing and implementing controls and processes to mitigate risks effectively. In the role of Associate, Supplier Cybersecurity Controls within the Supplier Assurance Services team, you will be responsible for conducting technology and cybersecurity control assessments of supplier environments. Your primary tasks will involve reviewing infrastructure, application stacks, and other technologies to ensure compliance with JPMC Corporate Policies & Standards. Working closely with JPMCs Global Cybersecurity and Technology team and JPMCs Lines of Business (LOBs), you will address the latest cyber risks prevalent in the industry. As part of the SAS team, you will evaluate action plans and risk acceptances across business lines where technology standards compliance falls short. Your key responsibilities will include managing all aspects of the control assessment of suppliers, leading onsite/virtual assessments, identifying and addressing control breaks and vulnerabilities within suppliers IT environments, and suggesting process improvements for enhanced operational efficiency and supplier posture. Additionally, you will support internal education initiatives and share best practices with peers, colleagues, and third parties while escalating any critical issues associated with suppliers as necessary. To excel in this role, you should possess at least 5 years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network Security, Cyber Resiliency, and Third Party Outsourcing Risk Management within a large enterprise-level environment. It is essential to have a solid understanding of industry risk frameworks such as ISO27001, NIST Cybersecurity Framework, and others. Strong written and verbal presentation skills at the senior management level, along with the ability to engage in constructive debates with senior decision-makers and provide necessary pushback when required, are crucial for success in this position. Preferred qualifications for this role include certifications such as CISSP, CISA, CISM, CCSP, or CRISC, which can further enhance your expertise in supplier cybersecurity controls and risk management.,

As a Risk Manager for Line of Business Technologies (LOBTs) within the Technology and Operations (T&O) division, your primary responsibility will be to manage technology and operational risks. You will collaborate with various stakeholders to ensure regulatory compliance, coordinate audit activities, and drive issue & action management for LOBTs. Key Accountabilities: - Assist Line of Business Technology in managing technology and operational risks. - Ensure regulatory compliance for the LOBT and coordinate audit activities. - Manage issue & action planning for LOBT across external and internal audits. - Engage with various departments to prioritize, plan, and close all open findings within timelines. - Stay updated on regulatory requirements and execute compliance plans. - Conduct control testing for Risk Control Self Assessments (RCSAs) and monitor risk issues and incidents for LOBT. Job Duties & Responsibilities: - Collaborate with stakeholders within and outside DBS to gain a comprehensive view of all Technology Risks. - Work with Technology verticals and Compliance to progress on closure of open points and regulatory requirements. - Identify execution challenges in risk mitigation actions and facilitate resolutions. - Conduct risk assessments for LOBT covering partners, external environment, and potential risks. - Provide regular updates and front dialogues with stakeholders on Risk Management and Mitigation. - Ensure awareness of Technology Risk within the DBS India Technology Team and liaise with Line of Business Risk. Requirements: - Minimum 10+ years of experience in Technology Risk Management, Information Security, and Technology Audit. - Preferred qualifications include risk-accreditations like CISA, CRISC, CISM, CISSP, and experience in Information System audits. - A degree in Computer Science or Technology Management, preferably with a specialization in Information Security. Core Competencies: - Understanding of Information Systems complexity and risk points. - Strong communication skills and ability to engage with seniors effectively. - Willingness to escalate risks for the bank's benefit.,

Job Title : Information Systems (IS) Auditor CISA Certified Experience : 7+ Years Location : Gurugram Qualification : CISA (Mandatory) Preferred Background : Indian Banks or Indian Fintech Companies Job Overview : We are looking for an experienced IS Auditor with a proven track record in Indian banking or fintech environments. The ideal candidate must be CISA certified , with strong expertise in conducting risk-based audits, IT governance, and regulatory compliance. Key Responsibilities : Plan & execute risk-based IS audits across core banking systems, applications, infrastructure & vendors Cover key domains: IT Governance, Application Control, Logical Access, BCP/DR, Change Management, Vendor IS Ensure compliance with RBI, ISO, IT Act, GDPR and internal policies Prepare audit reports & follow up on Audit Tracking Reports (ATR) Work with business and IT teams to close gaps and suggest mitigation plans Drive automation in audits using CAATs Present findings to senior leadership and audit committee Ideal Candidate : 7+ years in IS Audit within an Indian Bank or Fintech company Strong understanding of P2P, O2C, IT/IS Risk, Information Security, and Compliance Hands-on with UAT, audit documentation, and ERP/Banking system audits Excellent communication, reporting, and stakeholder management skills Interested candidate can share their cv at sanjana@beanhr.com

In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes. As a Technology Auditor, you will be involved to provide assurance on the data integrity and quality, applications stability and system operations etc. used for the purposes of portfolio construction and management, deal workflows, investment research flows, reporting for internal and regulatory purposes, along with other general technology controls. Responsibilities For each assigned review you will report to an experienced project manager. You will be expected to: Assist/Lead the risk assessment, scoping and planning of a review. Assist/Lead in executing the review. Specifically focusing on the following: Analyze the design of controls around the underlying system architecture in the context of information technology controls and its impact on the business. Analyze the business and technology processes to evaluate the design and effectiveness of the relevant technology controls by designing and executing tests to validate identified system control features, which may require data analysis, code inspection and re-performance of system processes. Document the results of the test steps executed within the IA automated document project repository as per the departmental guidelines. Assist/Lead in vetting audit observations Assist/Lead in tracking, monitoring and recording remediation of risks identified in reviews. Basic Qualifications BE/B Tech/MCA/MBA in Systems/MSc or equivalent University degrees in technology Atleast 10+years of experience in technology audit focusing on Financial Services Technology audit. Technology audit skills including an understanding of: System architecture, with high level understanding of databases, operating systems and messaging Prior experience of testing automated IT application controls System Development / Programming Languages / Databases,System Architecture (Distributed/Messaging) Operating Systems andData analysis skills (SQL, ACL, or similar tools) Application security principles. System development lifecycle (SDLC). Management, monitoring and operations of technology (backups, change management, system monitoring, incident/problem management) Business continuity planning and disaster recovery design and implementation Security within the software development lifecycle Ability to review / develop code (OO languages like Java, C#, C++) Experience in managing audit engagements or technology projects Relevant Certification or industry accreditation (CISA, CISSP, etc) Ability to work effectively across a large global audit team, understanding the team's role in the overall strategy of the firm Strong Written and verbal communication skills a must; strong interpersonal skills essential. Job requires frequent interaction with technology management Must be able to multitask while managing both time and work load

Role Responsibilities & Qualifications This role supports the global Internal Audit team. Specific responsibilities include: Engaging BlackRock stakeholders to understand and identify key processes and risks within a specific business unit or technology. Contribute to the risk-based decision making of audit scope. Reviewing, testing, and assessing the effectiveness of technology controls in business-integrated audits in which there is close interaction between business and technology partners. This role also includes technology-led audits across all aspects of information technology including cybersecurity, software, hardware, database, messaging, network, and cloud. Identifying and escalating issues identified during testing. Overseeing issue remediation Identifying emerging firm-wide and business risks, understanding organizational changes through periodic engagements with business units, and completing risk assessments of these areas Contributing to global department-wide initiatives Education and Experience Undergraduate or graduate degree in management information systems, engineering, technology, computer science or a related field is preferred. 2-3 years in a technology audit and/or technology risk management function, preferably within the Finance Industry. Familiarity with financial instruments and asset management processes. Knowledge of regional and global regulatory requirements Technology Skills Relevant professional certifications are a plus (e.g., CISA, CISM, CRISC, CEH). Strong understanding of application development, databases, operating systems, networking, and other key technology infrastructure components. Knowledge of ISO, ITIL and COBIT Knowledge of technology controls including application security management, system architecture and design, technology operations, and technology governance. Analytical mindset: Experience in utilizing business intelligence, and analytical methods and language (e.g., SQL, Python) and adopting a data driven approach to perform audit testing will be a plus. Soft Skills Intellectual curiosity, critical thinking and problem solving. Commitment and strong work ethic. Excellent communication (verbal, written, listening) and interpersonal skills.

In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes. As a Technology Auditor, you will be involved to provide assurance on the data integrity and quality, applications stability and system operations etc. used for the purposes of portfolio construction and management, deal workflows, investment research flows, reporting for internal and regulatory purposes, along with other general technology controls. Responsibilities For each assigned review you will report to an experienced project manager. You will be expected to: Assist/Lead the risk assessment, scoping and planning of a review. Assist/Lead in executing the review. Specifically focusing on the following: Analyze the design of controls around the underlying system architecture in the context of information technology controls and its impact on the business. Analyze the business and technology processes to evaluate the design and effectiveness of the relevant technology controls by designing and executing tests to validate identified system control features, which may require data analysis, code inspection and re-performance of system processes. Document the results of the test steps executed within the IA automated document project repository as per the departmental guidelines. Assist/Lead in vetting audit observations Assist/Lead in tracking, monitoring and recording remediation of risks identified in reviews. Basic Qualifications BE/B Tech/MCA/MBA in Systems/MSc or equivalent University degrees in technology Atleast 10+years of experience in technology audit focusing on Financial Services Technology audit. Technology audit skills including an understanding of: System architecture, with high level understanding of databases, operating systems and messaging Prior experience of testing automated IT application controls System Development / Programming Languages / Databases,System Architecture (Distributed/Messaging) Operating Systems andData analysis skills (SQL, ACL, or similar tools) Application security principles. System development lifecycle (SDLC). Management, monitoring and operations of technology (backups, change management, system monitoring, incident/problem management) Business continuity planning and disaster recovery design and implementation Security within the software development lifecycle Ability to review / develop code (OO languages like Java, C#, C++) Experience in managing audit engagements or technology projects Relevant Certification or industry accreditation (CISA, CISSP, etc) Ability to work effectively across a large global audit team, understanding the team's role in the overall strategy of the firm Strong Written and verbal communication skills a must; strong interpersonal skills essential. Job requires frequent interaction with technology management Must be able to multitask while managing both time and work load