63 Technology Risk Jobs

We re seeking a future team member for the role of Vice President to join our Information Security team. This role is located in Pune, Maharashtra -HYBRID BNYM is seeking an initiative-taking professional to join its Cyber Security Third Party Governance (CTPG) team. The successful candidate will work in a technically diverse and dynamic environment with a team of Cyber Security professionals responsible for the assessment, analysis and governance of cyber security for third party vendors. The successful candidate will have deep technical and assessment skills to identify vendor cyber vulnerabilities that puts the BNYM at risk. The individual works closely with the Cyber TPG Security Leader, Business Sourcing Leads (BSL), enterprise sourcing, technology risk management, engagement managers, business teams and vendors on identified cyber risks in vendor environments. This requires both good oral and written communications skills and the ability to negotiate. Must be able to keep sensitive information confidential and know how to use appropriately. In this role, you ll make an impact in the following ways: Assess the cyber security risk of third party vendors with an appropriate level of detail Travel to vendor locations for on-site assessments Interface with enterprise sourcing, technology risk management, business teams and engagement management on vendor cyber security issues identified Review and challenge vendor evidence for issue closure Assist in the design and implementation Cyber TPG related processes and tools Define and create relevant metrics, presentations and reports Review the cyber related attestations by third parties such as SOC2 and ISO 27001 and report any observations for further review and tracking Review vendor risk reports created by internal and external entities for impacts to cyber security Keep up to date on the latest trends, methodologies and tools related to third party Interface with industry coalitions working on third party cybersecurity issues To be successful in this role, we re seeking the following: Bachelors degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or CISM a plus 17+ years of experience in cyber security related activities required Firsthand experience in performing control-level technical cyber risk assessments In-depth technical knowledge in 1-2 cyber domains Experience in the securities or financial services industry is a plus Experience in third party governance and related tools is strongly desired but not required Ability to manage multiple projects and priorities Familiarity with various global regulations and industry standards concerning cyber security Strong verbal and written communication skills

You are a strategic thinker passionate about driving solutions in Sales, Research & Data Services Ops . You have found the right team. As VP of the SRDS Ops iMaintain team, you will lead efforts to manage regulatory-critical processes across various business areas, oversee transformation projects, and streamline operations using new technology. Based in Mumbai, you will develop metrics frameworks, identify business opportunities, and collaborate with stakeholders like Product Management, Operations, Technology, Risk & Control, and Finance to implement industry best practices for change and transformation, driving innovation and efficiency in regulatory processes. The primary responsibility of this position is to manage the iMaintain team in Mumbai, overseeing transformation projects and streamlining processes with new technology to contribute to the broader DCS vision. The candidate will maintain a strong control environment, define a future state vision for the functional area, and lead program execution from an operations perspective by building strategic platforms and decommissioning legacy systems. They will identify new business opportunities and synergies with other areas like Markets Operation, Research, and Sales, while managing people through training, upskilling, and hiring based on future needs. Collaboration with stakeholders such as Product Management, Operations, Technology, Risk & Control, and Finance is essential, leveraging industry best practices for change and transformation. Job responsibilities Maintain a strong control environment within the regulatory-critical iMaintain team. Define and implement a future state vision for the functional area with the BAU Operations team. Lead program and project execution, focusing on strategic platform development and legacy system decommissioning. Identify and pursue new business opportunities and synergies with Markets Operation, Research, and Sales. Manage people through training, upskilling, and hiring diverse skill sets for future team needs. Collaborate with stakeholders, leveraging industry best practices for change and transformation. Ensure a stable operational environment with robust controls, checks, and balances. Leverage new technology or tools to enhance processes, track metrics, and improve controls. Govern by providing updates to senior stakeholders and ensuring compliance with laws and regulations. Engage in each stage of the Project Delivery Framework (PDF) from requirements to implementation. Focus on the people agenda, including coaching, training, talent management, and recognition. Required qualifications, capabilities and skills Minimum 10+yrs experience with strong experience of 4-5 years on Tech Change programs, Process Improvements, Operating Model improvements Excellent problem-solving skills in order to identify, understand and address operational and technical issues. Proactive in displaying these skills and developing solutions. Strong knowledge of technology solutions available in the market for Operations business Must have Microsoft Office skills Excel, Word, Access and PowerPoint Influencing and negotiation skills - leverage subject matter expertise in driving conversations, challenging status quo and influence decisions/direction with stakeholders Ability to operate in a fast-paced environment under high pressure with time critical deliveries; multi-tasking, prioritizing and able to adjust to changing priorities Strong partnership record - ability to build effective relationships across different parts of the organization as required Should have a collaborative work style; fostering co-operation and teamwork. Ability to develop relationships across various stakeholders including senior business executives Control mindset to identify process control gaps, prioritize and mitigate operational risk Effective change management and transformation experience. Ability to challenge current state and mind set, adapt to a changing environment Good understanding of downstream impact of actions undertaken, particularly the requirement for strong and timely controls throughout the life cycle of the trade

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Consultant Specialist. In this role, you will: Identify opportunities and deliver consistent and interconnected risk and control environment reporting and governance Protect the bank via proactive regulatory risk reduction actions. Drive consistent regulatory reporting across regions, businesses, and global functions. Collaborate closely with global functions, businesses, and regional stakeholders to integrate risk and control insights into strategic technology planning and decision-making processes. Assist CTO RC Control teams to enhance technology control frameworks, ensuring they are inclusive and adaptable aligned with industry regulations and standards. Provide advice, guidance, and assessment of application of policies, control standards, and procedures. Advocate the desired behavioural changes across the CTO Enablement community required to mature the understanding and management of technology risk controls. Requirements To be successful in this role, you should meet the following requirements: Excellent understanding of HSBC Technology Controls, especially Cybersecurity Controls. Strong communication skills to be able influence and challenge stakeholders Analytical and problem-solving skills, with the ability to navigate technology landscapes. Excellent understanding of key reporting metrics. .

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Key Responsibilities Areas will be as follows - Control Audits goal/purpose is to Identify security controls gaps, remediate and drive compliance for all accounts/programs across Sutherland. ALL deviations MUST be remediated or have an APPROVED Exception Request. ALL non-compliance findings will be worked with peers across InfoSec Risk and Compliance and create a remediation plan by working with respective stakeholders. Results are tracked, trended and reported. Meetings are hosted with Senior InfoSec Leadership: results reviewed, gaps address, risks identified, remediation progress confirmed Audits are performed internally and via a 3rd party audit team that this leader oversees in tandem with Regional Risk and Compliance. Risk Assessments to be conducted and implemented as per various Complaince requirements to protects and prevents the misuse of Sensitive Customer Information (SCI) handled in client programs, in order to: Proactively identify risks and vulnerabilities Address potential data leakage areas Assess Sutherland s implementation of standards Identify Sensitive Customer Information (SCIN) belonging to clients. Remediates by tightening or establishing controls. Implements security best practices that minimize the risk & avoid incident / data breaches. 2. In addition to the above, the candidate will be asked to look beyond the task at hand and to question how can we do this better, how can we automate and improve upon business as usual, challenge the status quo so that we work smarter (not harder) 3. Demonstrate control effectiveness to the Infosec Leadership Core Infosec exp 4 yrs or IT domain exp of 5 yrs above Infosec certifications will be added advantage IT certification can also add value

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. What you'll do Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains – Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What you'll bring: Bachelor’s degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT – Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 – Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX – Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR – General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Bachelor s degree in information technology, Computer Science, Risk Management, or a related field; advanced degree or professional certification (e.g., CISA, CISSP, CRISC) Mandatory. Minimum of 10 years of experience in technology risk management, cybersecurity, or information security roles. Proven expertise in conducting technology risk assessments, developing risk management frameworks, and implementing controls and mitigation strategies. In-depth knowledge of regulatory requirements, industry standards, and best practices related to technology risk management and information security (e.g.,FAIR, NIST Cybersecurity Framework, ISO 31000, OCTAVE & TARA). Strong analytical, problem-solving, and decision-making skills with the ability to evaluate complex issues and develop practical solutions. Excellent communication and interpersonal skills with the ability to effectively engage and influence stakeholders at all levels of the organization. Demonstrated leadership abilities with a track record of driving results, managing projects, and leading cross-functional teams in a fast-paced, dynamic environment. Basic Requirements Effective verbal and non-verbal communication skills at all levels of the organization Leadership teamwork and collaboration Discretion Problem solving Critical Thinking Self-initiated/sufficient Motivated

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred

About Us At ANZ, were shaping a world where people and communities thrive, driven by a common goal: to improve the financial wellbeing and sustainability of our millions of customers. About the Role As a Privacy Governance Manager in our Data and Technology Risk team, you ll play a key role in the ANZ Privacy Office to ensure ANZ s compliance with Privacy and Data Protection laws across the bank globally. The role will provide Subject Matter Expertise on Privacy and Data Protection obligations across the bank to support the operational governance oversight. This role will also assist business units across the bank to understand privacy risks by identifying and implementing appropriate control measures. Banking is changing and we re changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you ll be building your future, while helping to build ours. Role Location: Bengaluru Role Type: Permanent, Fulltime What will your day look like Monitoring and ensuring compliance with Privacy and Data Protection laws across various jurisdictions. Identifying, assessing, and mitigating privacy risks through reviews and assessments. Collaborating with ANZ stakeholders and business units to align privacy practices with organizational goals. Overseeing data mapping initiatives and maintaining records of processing activities (RoPA). Managing, evaluating and reporting third-party vendors attestation outcomes and identifying risks or concerns related to Privacy or Data Protection. Reviewing and updating new obligations in NFR Hub. Tracking and reporting privacy KPIs and metrics for the ANZ Privacy Office. What will you bring Minimum of 8 to 10+ years experience in Privacy or a related field, preferably with a bachelors degree in law. Recognised Privacy and Data Protection qualification (e.g., IAPP - CIPM, CIPT, CIPP/E). Comprehensive knowledge of global Privacy and Data Protection legislation (including AU Privacy Act, GDPR, PDPA). Thorough understanding of privacy management practices and the ability to identify privacy risks and manage interactions across business operations. Proficient writing, organisational and problem-solving skills. Effective communication and interpersonal skills for collaborative work with stakeholders and employees at all levels. You re not expected to have 100% of these skills. At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we d love to hear from you. Job Posting End Date 13th June 2025, 11.59pm, (Melbourne Australia)

A Day in the Life Responsibilities may include the following and other duties may be assigned. Provides project management and sourcing expertise to cross-functional, cross-divisional commodity teams. Facilitates these teams in the development and execution of long-term strategies that will optimize Medtronics position in terms of quality, cycle/response time, technology, risk, and total cost. Mitigates risk, leverages technology and purchase power, improves processes and systems, and reduces overall cost of ownership and acquisition. Negotiates, establishes and monitors supplier agreements. SPECIALIST CAREER STREAM: Typically an individual contributor with responsibility in a professional discipline or specialty. Delivers and/or manages projects assigned and works with other stakeholders to achieve desired results. May act as a mentor to colleagues or may direct the work of other lower level professionals. The majority of time is spent delivering and overseeing the projects - from design to implementation - while and adhering to policies, using specialized knowledge and skills normally acquired through advanced education. DIFFERENTIATING FACTORS Autonomy: Recognized expert, managing large projects or processes . Exercises considerable latitude in determining deliverables of assignments, with limited oversight from manager . Coaches, reviews and delegates work to lower level specialists. Organizational Impact: Contributes to defining the direction for new products, processes, standards, or operational plans based on business strategy with a significant impact on work group results . May manage large projects or processes that span outside of immediate job area. Innovation and Complexity: Problems and issues faced are difficult, moderately complex and undefined, and require detailed information gathering, analysis and investigation . Develops solutions to moderately complex problems, and/or makes moderate to significant improvements of processes, systems or products independently to enhance performance of job area. Implements solutions to problems. Communication and Influence: Represents organization as a primary contact for specific projects and initiatives; communicates with internal and external customers and vendors at various levels . May negotiate with others to reach understanding or agreement, and influence decision-making. Leadership and Talent Management: Typically provides guidance, coaching and training to other employees within job area. Typically manages major / moderately complex projects, involving delegation of work and review of work products, at times acting as a team leader. Required Knowledge and Experience: Requires mastery of a specialty area and full knowledge of industry practices, typically obtained through advanced education combined with experience. May have broad knowledge of project management. Requires a Baccalaureate degree (or for degrees earned outside of the United States, a degree which satisfies the requirements of 8 C.F.R. 214.2(h)( 4)(iii)(A) and minimum 7 years of relevant experience, or advanced degree with a minimum of 5 years of relevant experience. Benefits Compensation About Medtronic We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people. We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the RD lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firms robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity & Tech controls team , you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firms standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards. Job responsibilities Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Support implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firms risk posture Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 3+ years applied experience Experience in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders Proficient knowledge of risk management frameworks, regulations, and industry best practices Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or other industry-recognized risk certifications

Visa is looking for a candidate to join its Cybersecurity 3rd Party Technology Risk Management (3PTRM) team as an Associate Cybersecurity Analyst, which works with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet Visa security requirements and mitigate any risks that are associated with engagement of third parties. The Analyst will work closely with Supplier Relationship Owners (SROs) and other Cybersecurity teams such as penetration testers, security architects, etc to assess and monitor third parties that do business with Visa. The role requires the candidate to have strong analytical, communication, and organizational skills, as we'll as a solid understanding of cybersecurity concepts and best practices. Essential Functions: Perform risk/security assessments of Suppliers and Third-Party relationships to identify, validate and remediate risks Cybersecurity Risks. This may include performing interviews, document design assessments and walkthroughs of cybersecurity controls. Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements. Participate and conduct onsite assessments of Third Parties against Visa s security framework and industry security standards. Support risk/security assessments for special projects involving Third Parties. Support PCI-related activities relevant to third parties to ensure compliance with PCI requirements. Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations. Proactively follow-up with Suppliers to ensure prompt remedial actions for assessment findings. Basic Qualifications: Bachelors degree, OR 3+ years of relevant work experience Preferred Qualifications: 2 or more years of work experience. Bachelor s degree in Computer Science, Information Systems, Engineering, or related field, or equivalent work experience. Minimum of 1 years of experience in cybersecurity, IT audit, or IT risk management. Experience in cybersecurity, IT audit, risk management, compliance, or related fields. Knowledge of cybersecurity frameworks and standards such as NIST, ISO, PCI, etc. Strong written and verbal communication skills, and ability to communicate effectively with technical and non-technical audiences. Ability to work independently and collaboratively in a fast-paced environment. Certifications such as CISSP, CISA, CISM, CRISC, or equivalent are preferred.

Risk Analyst (Equity Derivatives) Equity Derivatives Researcher Millennium s Global Risk Management Department is responsible for identifying, measuring, monitoring, managing, and reporting on the risks associated with Millennium equity derivatives portfolios. Our Risk Management organization is designed to accommodate the overall size, nature, and complexity of the firm s trading activities. We are looking to add an inquisitive minded Risk Modeler to join our team. You will have the opportunity to develop and maintain the quantitative frameworks used by our portfolio managers and senior management teams. You will be responsible for the risk framework which involves consistently evolving metrics, improved valuation methodologies and clear identification and resolution of issues associated with inadequate risk measurement. You will understand and monitor closely the strategies of PM s trading in equity derivatives and embed insights in quantitative frameworks. Your primary responsibilities will encompass: Development of Risk Measurement Techniques: Develop and maintain robust frameworks for risk measurements. You will create frameworks to deliver insights on PM strategies and risks through interacting with existing tools or building own framework Quantitative Framework Development: Assist in the creation and optimization of our quantitative framework, which includes collaborating with technology, risk, portfolio, and business managers. Tech Collaboration: Partner with the Technology department to streamline the transition of quantitative models into production environments. The priority is to ensure accuracy and efficiency in day-to-day workflows. Research Model Development: Lead research into and implementation of various quantitative models. Qualifications/Skills Required: The candidate should have a degree in a quantitative major: statistics, mathematics, engineering, and either professional experience of 1-4 years in a quantitative role in a financial organization, or an advanced degree in a quantitative field preferred. A good understanding of derivatives and valuation is a plus, and basic familiarity is generally expected. Prior experience with managing and deploying valuation models is a great add. Strong programming skills, prior experience with Python (Polars and/or Pandas) or SQL. Proficiency in at least a compiled and statically typed language is a plus; so is demonstrated programming ability on public repositories e.g., GitHub. Sense of responsibility and integrity. Intellectual curiosity and spirit of initiative. Ability to work independently and effectively manage ambiguity.

Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

Our Purpose Title and Summary Director, Technology Risk Management Overview: The Payment Gateway Team is seeking a Principal, Technology Risk Management to lead and build our strategy for designing and implementing assurance requirements to meet customer and regulatory expectations regarding security and availability risk and controls via assurance products such as SOC 2. The individual will coordinate and advise management to ensure customer and regulatory obligations are considered for the Payment Gateway Service. The individual will be responsible for reviewing and analyzing strategic plans and identifying risk and controls required to meet Mastercard policies and standards and apply the design of relevant risk and control assessments that meet our assessment obligations. Key Responsibilities: Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

Job Description: Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Knowledge of security measures and auditing practices within various operating systems, databases and applications. Experience in assessing risks across a variety of business processes. Experience of working on Financial Services sector clients. Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients. Hands on experience of working on IT General Controls, IT Application controls testing, IT Internal Audits, IT Risk Assessments, Third Party Risk Management. Knowledge of regulations impacting the privacy, integrity and availability of customer PII. Exposure of having led IT Audit engagements Exposure of working on Identity Access Management aspects like user management, authentication and authorization. Has team leading experience and has been a performance manager in current or last role Technical skills: Prior experience in evaluating the design and operating effectiveness of technology controls over varied IT platforms including ERP suites, Windows, Unix/Linux, iSeries, Oracle database, DB2 and SQL.

The opportunity Manager-NAT-Assurance-ASU - TR - Technology Risk - Mumbai/Bangalore ASU - TR - Technology Risk Assurance s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by 1) Ensuring their accounts comply with the requisite audit standards 2) Providing a robust and clear perspective to audit committees and 3) Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities - IT audits including stautiry and internal audits - IT General Controls (ITGC) testing / implementation experience - IT Application Controls (ITAC) testing / IT Automated Business Controls testing / implementation experience - IT Infrastructure risks and control assessments - IT SOX 404 - SOC1, SOC2 audits and reporting - SAP S4 HANA migration review - Cloud security - IT Strategy engagements - Architecture assessments - Data quality and data migration - IT Compliance and regulatory reporting - Risk and control assessments considering emerging technologies such as cloud, RPA, AI/ML, Blockchain etc Qualification CA, BE,Btech, MCA, BCA,B.com,M.com Experience 10+ years of relevant experience in It Audit EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. Apply now.

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Word Good communication skills Familiar with IT development life cycle and preferably with past experience in developing applicationProficient in Microsoft Excel is preferred The ability to create basis reports, track, and manage in spreadsheets , including creating formulars, and pivot tables for data analysis would be beneficial, To review IT project document prior submission to both internal/external auditor, Bank s Group Risk management and Regulators, To provide guidance and advise PMO of development team for submission of project documentations To prepare statistic/status report when required, The various training will be provided including the UOB development methodology and Security policies This role is suitable for candidate who has gone through development life cycle and interested in I T Risk management and Governance,This role is to support project team and provide guidance to the team to comply to the bank development methodology and security policies/processes,Key Responsibilities As per job objectives Key Requirements As per key skill Acknowledgement Requestor

About The Role : Job Title- Divisional Risk and Control Senior Analyst, AVP Location- Pune, India Role Description The 1st line Tech Risk, Insights and controls function at Deutsche Bank sits within the Chief Technology Office (CTO) for Deutsche Bank Group. CTO has the largest footprint within the Technology, Data and Innovation (TDI) division and is joined by other business-aligned CIO IT divisions. The Tech Risk, Insights and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise for risk identification and remediation advisory, records management supporting a proactive risk management function. It will therefore also include planning and executing thematic risk assessments and inputting into risk scenario testing and macro threat assessments. Further you will respond to client due diligence requests. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. This role will report to the Head of Risk Assessments and Response and ultimately to the Global Head of Risks, Insights and Controls. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Risk Management Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting, and keeping CTO risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for CTO and key cross divisional priorities impacting CTO (control / remediation book of work) Support CTO in managing the CTB budget allocated for high risk finding remediation and CTO involvement in reducing risk owned by other CIO and CISO divisions Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Audit Management Manage and govern audit requests and findings in a quality assured and controlled manner Respond to client due diligence requests in a timely manner End-to-end governance, monitoring, control, and reporting of audit lifecycles Audit support and advice incl. quality assurance of management action plans, completion check of the deliverables, closure review, ownership transfer, downgrade, risk acceptance and target date extensions Act as overall interface with Audit for fieldwork support and ongoing oversight, co-ordination, quality control, read across for all divisional audit findings Establish a consistent approach to ownership of management action plans Manage operation of audit interface to vendors including monitoring and reporting Foster lessons-learned on audit findings and missed self-identified findings Stakeholder Management Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with DCRO team to manage the finding lifecycle Promote and support proactive IT risk culture at the Bank Your skills and experience Desired experience Minimum 2 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Knowledge of Agile change delivery methodology, DevOps and Shift left concepts Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Working with clients on SOCR and FAIT (Financial Audit Integration) engagements Sharp focus on ITGC Testing Deep knowledge in OS, Network, DB and ERP control testing Process narrative documentation Deep understanding of Compliance subjects (SOCR, FAIT, NIST, ISO and other Info Sec related compliance requirements) Understanding and performing of Testing methodologies Report writing Teaming skills related to on-site delivery Client interation and expectation management Skills and attributes To qualify for the role you must have Qualification BCOM, BCA, BSC, BE/ B.Tech,, or MSC in Computer Science Experience 3 - 6 years of relevant experience

Working with clients on SOCR and FAIT (Financial Audit Integration) engagements Sharp focus on ITGC Testing Deep knowledge in OS, Network, DB and ERP control testing Process narrative documentation Deep understanding of Compliance subjects (SOCR, FAIT, NIST, ISO and other Info Sec related compliance requirements) Understanding and performing of Testing methodologies Report writing Teaming skills related to on-site delivery Client interation and expectation management Skills and attributes To qualify for the role you must have Qualification BCOM, BCA, BSC, BE/ B.Tech,, or MSC in Computer Science Experience 3 - 6 years of relevant experience

Lead Information System Audit - Leading NBFC - Goregaon The purpose of this role is to perform IT risk assessment and manage execution of the Information System Audits (IS Audits) including Information Technology (IT) Infrastructure, Information Security and IT Applications Audits covering the key Information System areas (such as Cyber Security, Applications Security, Data Security, Cloud Security, Vulnerability Assessment & Penetration Testing, Network Security, Data Privacy, Data Centre, Logical and Physical Access Management, IT Infrastructure management, Database & Operating System management, Incident management, Change management, Email management and process review, End point security, IT Disaster Recovery, IT Business Process Continuity Review, IT Helpdesk management, IT Project management and Emerging Digital & Technology Risk). The role also include adherence to internal policies and procedures as well as applicable laws and regulations. This is an individual contributor role initially. Drop your CV on ankita.jalla@forward.net.in

We are looking for a subject matter expert as an in-house IT specialist for a long-term position. A successful candidate fulfills her two functions within the company. First, you need to coordinate IT-related infrastructure and development.