158 Technology Risk Jobs

Requisition Id : 1614387 As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we dont just focus on who you are now, but who you can become. We believe that it s your career and It s yours to build which means potential here is limitless and well provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. The opportunity : Consultant-TMT-Assurance-ASU - TR - Technology Risk - Gurgaon TMT : Industry convergence offers TMT (Technology, Media Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth. We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of MA strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future - building a better working world for all. ASU - TR - Technology Risk : Assurance s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by: 1) Ensuring their accounts comply with the requisite audit standards 2) Providing a robust and clear perspective to audit committees and 3) Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting implementation support etc. Your key responsibilities Technical Excellence SOCR, FAIT, ITGC, ITAC Skills and attributes To qualify for the role you must have Qualification B Tech, MBA, CA Experience 3+ years What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach. What we offer With more than 200,000 clients, 300,000 people globally and 33,000 people in India, EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. EY is equally committed to being an inclusive employer and we strive to achieve the right balance for our people - enabling us to deliver excellent client service whilst allowing our people to build their career as well as focus on their wellbeing. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.

As a VP - CCO - Cyber at Barclays, you will be responsible for providing control advisory and governance on various aspects related to cybersecurity. Your role will involve ensuring proactive identification of security risks, timely remediation to reduce risk exposure, and developing and refreshing security policies and standards to address emerging risks and regulatory requirements. Key Responsibilities: - Provide control advisory and governance on Application Security, DevSecOps practices and controls, Threat modelling controls, Secure coding, and API security. - Develop and refresh security policies and standards to address new emerging risks and changes in regulatory requirements. - Identify and prioritize risks using frameworks like STRIDE, DREAD, or PASTA. - Analyze SDLC, DevSecOps practices, integration, and vulnerability management to translate findings into business-impact narratives. - Manage Technology Risk and Controls, leveraging IT risk frameworks such as ITIL, COBIT5, COSO, NIST, and industry standards. - Implement secure coding practices, API security standards, and industry standards like NIST, ITIL, OWASP, and CWE. Qualifications Required: - Bachelor's degree in Computer Science or equivalent work experience in a relevant industry. - Strong background in risk management, technology, and information security. - Knowledge of SAST, DAST, SCA, IAST, Mobile, cloud security, and other AppSec related technologies. - Experience in managing Technology Risk and Controls, and familiarity with IT risk frameworks. - Relevant professional certification such as CISSP, CISA, CISM, PMP, CRISC or equivalent. In your role as VP - CCO - Cyber, you may also be assessed on key critical skills such as risk and controls, change and transformation, business acumen, strategic thinking, and digital and technology expertise. Location: Pune, IN Barclays Values: All colleagues are expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as the Barclays Mindset to Empower, Challenge, and Drive.,

Role Overview: You have the opportunity to join EY as an Associate Consultant in the Business Consulting Risk team, specifically focusing on Regulatory Compliance in Hyderabad. As part of EY Consulting, you will contribute to building a better working world by leveraging the power of people, technology, and innovation to drive long-term value for clients. Key Responsibilities: - Anticipate and identify engagement-related risks and escalate issues as needed. - Identify and internally escalate any potential red flags during engagements. - Prepare reports, deliverables, status updates, and audit committee presentations. - Demonstrate the ability to manage multiple projects simultaneously as directed by managers. - Handle data analytics using tools like Access and ACL. - Maintain awareness of internal auditing standards issued by IIA and ICAI. Qualification Required: - Chartered Accountant/Certified Internal Auditor/Masters in Business Administration. Additional Details of the Company: At EY, the focus is not just on your current self but on who you can become. The company believes in providing training, opportunities, and creative freedom to help you reach your full potential. With a client-centric approach, EY Consulting aims to solve strategic problems and drive long-term value for clients through its sub-service lines: Business Consulting, Technology Consulting, and People Advisory Services. EY is committed to being an inclusive employer and offers a personalized Career Journey with ample resources for skills development and learning.,

Experience & Role: Internship, project work, or academic exposure to IT Risk, Information Security, or GRC topics will be beneficial. Will work under the guidance of the Risk Management team on real-time projects and operational support tasks. Key Responsibilities: Support in tracking risk items and control remediation status across departments. Participate in drafting or reviewing internal policies, procedures, and documentation. Help coordinate meetings, training, or awareness sessions related to IT risk and governance. Aid in the preparation of risk reports and dashboards. Support third-party risk assessments and follow-ups with stakeholders. Assist in documenting IT General Controls (ITGC) processes and observations. Contribute to projects related to regulatory compliance, control testing, and cybersecurity awareness. Skills and Requirements: Understanding of fundamental IT principles, systems architecture, and IT process flows. Knowledge of Risk Management frameworks and IT Governance processes. Basic understanding of IT/cybersecurity frameworks (ISO 27001, NIST, COBIT, etc.). Interest in IT General Controls (ITGC) and IT Application Controls (ITAC). Desire to explore GRC tools. Analytical mindset and attention to detail. Good communication and coordination skills. Ability to work with cross-functional teams in a supportive role. Learning Opportunities: Exposure to real-world IT and cybersecurity risk management practices. Hands-on experience with risk assessment processes and compliance monitoring. Understanding the intersection of enterprise IT systems and cybersecurity controls. Opportunity to collaborate with cross-functional teams in a dynamic IT environment

Hi, We are actively looking to hire Information Security professionals to be based out of our Pune/Thane office. What does a successful Senior Professional - Information Security at Fiserv: We are looking for a Senior Professional, Information Security to join our growing Global Cybersecurity Services, GCS, team. This is an important role which requires sound knowledge of cybersecurity and technology risk management. The candidate should be motivated and willing to take on challenges and can work independently and with minimal oversight. What will you do: Manage Cyber & technology risk management function for Asia Pacific region. Conduct risk assessments and provide guidance on remediation of gaps. Support and guide other teams in the organization on cyber security best practices, security vulnerabilities and implementation/enforcement of the compensating controls. Support activities to ensure that risk and controls are in compliance with regulatory requirements and remain in line with company risk appetite. Drive security awareness and adoption across the organization and handle other related responsibilities. Use metrics to track security risks and awareness. What will you need to know: Minimum 10 years of cybersecurity and technology risk management experience. With minimum 5 years of experience in identifying information security and emerging technological requirements and effective risk mitigation actions. Good communicator capable of effectively communicating ideas and concepts within the organization, and externally with clients, auditors and vendors and leadership. Relevant professional certification, such as CISA, CEH, CRISC, CGEIT. What would be great to have: Experience in front ending and supporting customer audits, SOC2 engagements etc would be an advantage. Preferred industry certifications are: CISM, CISSP. We welcome and encourage diversity in our workforce. Fiserv is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protector veteran. Explore the possibilities of a career with Fiserv and Find your Forward with us !

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We are counting on your unique voice and perspective to help EY become even better. Join us to build an exceptional experience for yourself and contribute to creating a better working world for all. As a UI/UX Designer in the Technology Risk team at EY, you will have the opportunity to contribute technically to Risk Assurance client engagements and internal projects. You will work closely with fellow Seniors & Managers, actively participating in client engagements. Upholding EY's commitment to quality, you will ensure that work is of high quality and undergoes review by the next-level reviewer. As part of our team, you will foster a positive learning culture and support your team members while fulfilling assignments. The Role: - Professional with a minimum of 3 years of experience. - Responsibilities include gathering user requirements, designing graphic elements, building navigation components, and enhancing the user experience for digital products. - Be part of a cross-functional team driving the growth of a new service offering at a leading firm. Key Skills and Accountabilities: - Experience in client-facing roles, collaborating with cross-functional teams to assess control effectiveness and facilitate remediation activities. - Knowledge in IT Controls, Risk, and Compliance preferred. - Design IT Risk Controls framework like IT SOX. - Lead UX/UI design projects from concept to completion, ensuring high-quality deliverables. - Conduct user research, usability testing, and gather insights to inform design decisions. - Create wireframes, prototypes, user flows, and high-fidelity mock-ups. - Develop engaging presentations for internal and external stakeholders in alignment with EY brand guidelines. Qualifications: - 3-5 years of experience in creating presentations, reports, and infographics. - Proficient in design software like Adobe Illustrator, Photoshop, Figma, PowerPoint, and Excel. - Strong understanding of data visualization principles and techniques. - Basics of UI/UX for creation of Mock-ups of Power Platform Apps & Dashboards. - Knowledge or experience in Front-end development is a plus. EY is dedicated to building a better working world, creating long-term value for clients, people, and society by building trust in the capital markets. With diverse teams in over 150 countries, EY provides assurance and helps clients grow, transform, and operate across various business sectors. Join us in asking better questions to find new answers for the complex issues facing our world today.,

This position as a Senior IT Internal Auditor is a vital role within the Internal Audit Team, requiring you to take the lead in executing high-impact, risk-based IT audit engagements that are in alignment with regulatory frameworks such as SOX, FFIEC, and NIST, as well as organizational priorities. The ideal candidate for this role will possess experience in auditing intricate IT environments and a profound expertise in cybersecurity, IT governance, and technology risk. Your primary responsibilities will involve contributing to the annual IT audit plan by assessing risk, planning and scoping audits, and providing assurance and advisory services across various areas including financial reporting, cloud computing, data protection, third-party risk, and IT operations. Collaboration with stakeholders from departments such as Accounting, Technology, Information Security, Risk, and Compliance will be crucial in driving efforts towards risk mitigation and control enhancement. Your duties will include executing the SOX IT and information systems testing program, conducting walkthroughs, analyzing audit evidence, executing controls testing, identifying issues, defining issues, and documenting business processes and procedures. You will also be involved in supporting the creation of status reports and planning materials, collaborating closely with internal and external stakeholders, and performing end-to-end planning, execution, and reporting of risk-based IT audit engagements across various domains such as Information Security Program, Network & System Security, Business Continuity and Disaster Recovery (BC/DR), Change Management and Software Development Lifecycle (SDLC), Third-Party Risk Management (TPRM), Identity & Access Management (I&AM), IT Operations and Asset Management, Privacy and Data Protection, and Cloud and Outsourced Services. Additionally, you will evaluate IT risks, control maturity, and alignment with regulatory expectations, provide risk advisory and control consultation to IT and business leadership, collaborate closely with cross-functional stakeholders to understand business processes and evaluate control effectiveness, develop and deliver clear, concise, risk-focused audit reports, partner with internal and external audit teams, monitor and validate the implementation of management action plans, support new system implementations, conduct risk assessments, contribute to the development and evolution of the IT audit program, act as a key liaison to internal and external auditors, and suggest alternatives for process improvements. To be successful in this role, you are required to have a Bachelor's degree in Information Technology, Accounting, Finance, or a related field, along with five or more years of experience in IT audit, internal audit, cybersecurity, financial services, or a related business function. A thorough understanding of internal controls, IT risk, and regulatory requirements including SOX, FFIEC, and financial compliance frameworks is essential, as well as strong knowledge of internal audit methodologies, project management skills, proficiency in Microsoft Excel, Word, Outlook, and data analysis tools, and excellent communication and interpersonal skills. Holding an active CIA, CISA, or CPA designation or having plans to pursue one is also preferred.,

Job description At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As an IT risk professional, you’ll contribute technically to risk assurance client engagements and internal projects. An important part of your role will be to perform IT audits, document good quality assessment reports and issue opinions. You’ll anticipate and identify risks within engagements and share any issues with the audit stakeholders. You’ll also identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. In line with EY’s commitment to quality, as an influential member of the team - you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for experienced staffs with 1 to 3 years of hands-on experience in IT Risk/Audit, Assurance and Advisory to join our Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities Participate, lead and execute the IT Risk and Assurance engagements Develop and maintain productive working relationships with client and onshore stakeholders Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress Help prepare reports and schedules that will be delivered to clients and other parties Develop and maintain productive working relationships with client personnel Build strong internal relationships within Ernst & Young Services and with other services across the organization Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise. Skills and attributes for success Work effectively as a team player - collaborate and share responsibility, coach, and support team members to succeed Role & responsibilities To qualify for the role, you must have B.E/B.Tech (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc., Chartered Accountant and/or MBA with Finance/IT with at least 1-3 years of experience 1-3 years of professional experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC1, SOC2, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits Expertise in pre and post implementation reviews and auditing configuration of major ERPs like SAP, Oracle, JDE, WorkDay, Netsuite, Navision etc. Expertise in performing infrastructure reviews pertaining to OS, DB and Active Directory such as Windows, UNIX, SQL, Mainframe, Oracle etc. Assist with the development of policies, procedures and standards that meet existing and newly developed policy and regulatory requirements Assist with facilitating IT security/risk training curriculum. Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise Must have end-client facing experience. Ideally, youll also have CISA, CISM, CRISC, ISO27001, Cloud and Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool – SQL, Monarch, BluePrism, Alteryx, PowerBI Familiarity with a typical IT systems development life cycle

About the Role: Grade Level (for internal use): 10 The Team: As part of Vendor Risk Management, the Vendor Cyber Risk Management team manages the Supply Chain Cyber risks by performing risk assessments of third-party engagements to identify and reduce the risks posed by third parties. This is an extremely important role, considering the fact that large number of data breaches happen due to third parties. It involves working with internal stake holders as well as third parties to achieve the results. The Impact: Working in Vendor Risk Management offers the opportunity to continuously enhance processes to meet the evolving requirements of various regulators. This challenging environment provides ample opportunities to expand your knowledge and expertise. Whats in it for you: In addition to risk assessments, recertifications, and continuous monitoring, you will participate in various projects, allowing you to showcase and further develop your skills and experience. Responsibilities: Conduct thorough Cybersecurity, Business Continuity, Artificial Intelligence, Cloud Service Prover and Privacy assessments for Vendors, evaluating their information security policies, procedures, and controls. Effectively collaborate with internal teams to identify critical vendors and assess their potential impact on the organization's cyber risk profile. Communicate risk assessment findings and recommendations to key stakeholders, including senior management, legal, and compliance teams. Work closely with vendors to address identified security gaps and ensure they meet the organization's cybersecurity requirements. Review the vendors on the continuous monitoring program and assisting in driving the periodically review the vendors. Monitor and stay abreast of evolving cybersecurity threats and industry trends to enhance the effectiveness of the risk assessment process. Lead and support enhancement projects within Vendor Risk Management to meet various business and regulatory requirements. Assist the team members in balancing the load and managing Ad-hoc projects. What Were Looking For: Basic Required Qualifications: Bachelors degree in computer science or engineering or equivalent Minimum 8 years of experience in Information Security or Technology Risk Management Any prior exposure to vendor risk management and/ or privacy laws and regulations is a plus. Demonstrable understanding of the concepts of technology controls and information security controls. Exposure to cloud technologies and cloud security is highly desired; the familiarity with pubic cloud technologies such as Amazon Web Services (AWS) or Microsoft Azure or Google Cloud is highly preferred. Excellent communication skills - a must. The resource should have the ability to communicate with cross-functional teams and vendors, both written and oral communication is critical. Additional Preferred Qualifications: This position is required to work in UK Shift; flexibility is a must, especially when it comes to vendor and internal meetings held during US business hours. Strong organizational skills with the ability to multitask and prioritize while maintaining close attention to detail. Ability to build strategic partnerships with internal stakeholders. Must be a critical thinker with strong qualitative skills. Information Security/Risk Management certification would be an advantage. Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world. Our Values: ----------------------------------------------------------- -----------------------------------------------------------

About the Role: Grade Level (for internal use): 10 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role rolls up to the Head of Technology Risk and Governance, in the Global Digital Technology Organization . The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact This role belongs to First Line of Defense. Support in defining a comprehensive risk inventory, focusing on granular-level risks. Support in development of detailed controls inventory for various technology processes based on various industry frameworks (COBIT, ITIL, ISO, NIST) and DS Technology Standards. Perform self- QA over the controls inventory to ensure key risks and controls are covered. Support in implementation of the Governance, Risk, and Compliance (GRC) tool, focusing on the technology aspects. Support in development of Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) Establish and manage thresholds for risk indicators Coordinate with key stakeholders to ensure alignment and effective communication Develop and operationalize risk scorecards to track and report on risk metrics. Aggregate risk data to provide a holistic view of organizational risk Support in p repar ing and deliver ing comprehensive risk reports to measure performance against the organization's Risk Appetite. Prepare presentations for the Management reporting (requires very good PowerPoint presentation skills) Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5 + years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5 + years of experience in a large global organization in a technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Role Location Gurgaon, Noida, Bangalore Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ---- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.1 - Middle Professional Tier I (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ---- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ---- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

Be responsible for delivering highest quality on every task assigned in line with SRB methodology and the expectations of the engagement teams. Demonstrate basic understanding of an industry or sector and be aware of technical issues or assurance risks. Execute & document specific review procedures as defined by the engagement teams. Build knowledge about risk management which includes understanding significant business processes, regulation applicable to the client, other risks specific to a client s business. Timely identification of accounting issues, clearly documenting the facts and findings, and discuss with COE senior/Assistant Manager. Work with the COE senior and team members to set goals and responsibilities. Contribute ideas for improvement by comparing efficiency of review procedures performed across different clients. Promote SRB s ethical and professional standards, including data confidentiality. Develop knowledge of use of SRB technology and tools to continually learn, share knowledge with team members, and enhance service delivery Skills and attributes To qualify for the role you must have Qualification B.Com degree from an institute of repute Experience 0 3 years of post qualification experience

The Team: As part of Vendor Risk Management, the Vendor Cyber Risk Management team manages the Supply Chain Cyber risks by performing risk assessments of third-party engagements to identify and reduce the risks posed by third parties. This is an extremely important role, considering the fact that large number of data breaches happen due to third parties. It involves working with internal stake holders as well as third parties to achieve the results. The Impact: Working in Vendor Risk Management offers the opportunity to continuously enhance processes to meet the evolving requirements of various regulators. This challenging environment provides ample opportunities to expand your knowledge and expertise. Whats in it for you: In addition to risk assessments, recertifications, and continuous monitoring, you will participate in various projects, allowing you to showcase and further develop your skills and experience. Responsibilities: Conduct thorough Cybersecurity, Business Continuity, Artificial Intelligence, Cloud Service Prover and Privacy assessments for Vendors, evaluating their information security policies, procedures, and controls. Effectively collaborate with internal teams to identify critical vendors and assess their potential impact on the organization's cyber risk profile. Communicate risk assessment findings and recommendations to key stakeholders, including senior management, legal, and compliance teams. Work closely with vendors to address identified security gaps and ensure they meet the organization's cybersecurity requirements. Review the vendors on the continuous monitoring program and assisting in driving the periodically review the vendors. Monitor and stay abreast of evolving cybersecurity threats and industry trends to enhance the effectiveness of the risk assessment process. Lead and support enhancement projects within Vendor Risk Management to meet various business and regulatory requirements. Assist the team members in balancing the load and managing Ad-hoc projects. What Were Looking For: Basic Required Qualifications: Bachelors degree in computer science or engineering or equivalent Minimum 8 years of experience in Information Security or Technology Risk Management Any prior exposure to vendor risk management and/ or privacy laws and regulations is a plus. Demonstrable understanding of the concepts of technology controls and information security controls. Exposure to cloud technologies and cloud security is highly desired; the familiarity with pubic cloud technologies such as Amazon Web Services (AWS) or Microsoft Azure or Google Cloud is highly preferred. Excellent communication skills - a must. The resource should have the ability to communicate with cross-functional teams and vendors, both written and oral communication is critical. Additional Preferred Qualifications: This position is required to work in UK Shift; flexibility is a must, especially when it comes to vendor and internal meetings held during US business hours. Strong organizational skills with the ability to multitask and prioritize while maintaining close attention to detail. Ability to build strategic partnerships with internal stakeholders. Must be a critical thinker with strong qualitative skills. Information Security/Risk Management certification would be an advantage.

Understanding of the Hydrogen value chain and market; identifying and understanding key technology, cost, demand and production trends domestically and globally; business planning, development of business roadmap, customer profiling, customer requirements, interactions with potential customers; attending various conferences, webinars, talking to various people in Hydrogen sector; etc. Major Accountabilities: To track latest industry developments in New Energies sector To gather information from news articles, research papers, analyst reports; synthesize and present this information in a cohesive way To attend various webinars, conferences and share key learnings To skim through literature and undertake secondary research to better understand technology, risk and other project related aspects To derive key insights/findings from various ongoing work streams and present the essence of the matter in a short and cohesive way To think through and present key takeaways on various business strategy activities To collate, synthesize and circulate newsletters on new energies industry developments To monitor raw material and finished goods prices on a timely basis

Understanding of the Hydrogen value chain and market; identifying and understanding key technology, cost, demand and production trends domestically and globally; business planning, development of business roadmap, customer profiling, customer requirements, interactions with potential customers; attending various conferences, webinars, talking to various people in Hydrogen sector; etc. Major Accountabilities: To track latest industry developments in New Energies sector To gather information from news articles, research papers, analyst reports; synthesize and present this information in a cohesive way To attend various webinars, conferences and share key learnings To skim through literature and undertake secondary research to better understand technology, risk and other project related aspects To derive key insights/findings from various ongoing work streams and present the essence of the matter in a short and cohesive way To think through and present key takeaways on various business strategy activities To collate, synthesize and circulate newsletters on new energies industry developments To monitor raw material and finished goods prices on a timely basis

Understanding of the Hydrogen value chain and market; identifying and understanding key technology, cost, demand and production trends domestically and globally; business planning, development of business roadmap, customer profiling, customer requirements, interactions with potential customers; attending various conferences, webinars, talking to various people in Hydrogen sector; etc. Major Accountabilities: To track latest industry developments in New Energies sector To gather information from news articles, research papers, analyst reports; synthesize and present this information in a cohesive way To attend various webinars, conferences and share key learnings To skim through literature and undertake secondary research to better understand technology, risk and other project related aspects To derive key insights/findings from various ongoing work streams and present the essence of the matter in a short and cohesive way To think through and present key takeaways on various business strategy activities To collate, synthesize and circulate newsletters on new energies industry developments To monitor raw material and finished goods prices on a timely basis

Understanding of the Hydrogen value chain and market; identifying and understanding key technology, cost, demand and production trends domestically and globally; business planning, development of business roadmap, customer profiling, customer requirements, interactions with potential customers; attending various conferences, webinars, talking to various people in Hydrogen sector; etc. Major Accountabilities: To track latest industry developments in New Energies sector To gather information from news articles, research papers, analyst reports; synthesize and present this information in a cohesive way To attend various webinars, conferences and share key learnings To skim through literature and undertake secondary research to better understand technology, risk and other project related aspects To derive key insights/findings from various ongoing work streams and present the essence of the matter in a short and cohesive way To think through and present key takeaways on various business strategy activities To collate, synthesize and circulate newsletters on new energies industry developments To monitor raw material and finished goods prices on a timely basis

You are M&G Global Services Private Limited, a fully owned subsidiary of the M&G plc group of companies, dedicated to providing a range of value-added services since 2003. Your purpose is to empower individuals to confidently invest their money, offering a variety of financial products and services through Asset Management, Life, and Wealth segments to deliver attractive financial outcomes and superior shareholder returns. M&G Global Services is a powerhouse of capability, contributing significantly to M&G plc's vision of becoming the most respected savings and investments company globally. With diverse service offerings spanning Digital Services, Business Transformation, Management Consulting, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk & Compliance, and Audit, you provide exciting career growth opportunities for your employees. The First Line GRC function oversees Technology, Third Party, Operational Resilience, Data, and Privacy policies, risks, and controls while driving a deeper understanding of associated risks. This function supports Technology leadership and business risk teams in actively managing risks, making decisions on remedial actions and risk acceptance based on risk profiles, control environments, exposure scale, likelihood of occurrence, and remediation costs. The Assistant Vice President - First Line GRC Risk Management role leads and conducts high-quality risk assessments and reporting for Technology, Data, Privacy, Operational Resilience, and Third Party Risk Management. Responsibilities include delivering risk assessment services, developing and updating associated procedures, ensuring alignment with internal requirements and regulatory standards, integrating stakeholders across GRC and relevant risk frameworks, providing oversight and governance, and supporting the VP in managing reporting requirements for governance forums and stakeholders. You will work to mature delivery and governance processes to enhance risk management associated with Technology, Data, and Privacy. Building professional relationships with key stakeholders and senior leaders, assessing the impact of new reporting requirements, driving continuous improvement in risk assessment standards, engaging with the 2nd Line of Defence Technology Risk team, and promoting a strong risk culture and management strategy are key aspects of this role.,

This role is critical in driving how Quantitative Analytics manages its risk and controls in a coherent E2E framework. The role sits within QA Systems, Strategy and Governance (QASSG) that is responsible for defining, driving, and operating a vision and coherent strategy to drive quality and/or efficiencies of QAs processes and the models and software that QA develops. As a key advisor to QAs Management Team, you will be responsible for managing and driving improvements to QAs E2E control framework. Your role will involve developing a vision for QAs control framework over the medium to long term (i.e. next three years) that adds tangible value to Barclays, with measurable progress. You will identify, lead, and drive specific initiatives and provide ad hoc support to improve the control framework such as PRA SS1/23. It is essential to succinctly assess, propose, and communicate effective and efficient solutions to manage the impact of emerging and evolving risks, such as AI/ML, to a broad range of stakeholders. Furthermore, you will define and manage QAs Risk & Control Advisory book of work, collaborating with other SMEs within the QASSG team and broader QA stakeholders to deliver desired outcomes. In addition to the standard skill sets required for this role, you must possess knowledge of Enterprise Risk Management, with practical experience in risk types including Model risk, Technology risk, Change management, Model development, and the software development lifecycle. The purpose of this role is to design, develop, and consult on the bank's internal controls framework and supporting policies and standards across the organization, ensuring it is robust, effective, and aligned with the bank's overall strategy and risk appetite. Your accountabilities will include the identification and analysis of emerging and evolving risks across functions to understand their potential impact and likelihood. You will be responsible for communicating the purpose, structure, and importance of the control framework to all relevant stakeholders, including senior management and audit. Support will be required for the development and implementation of the bank's internal controls framework and principles tailored to the bank's specific needs and risk profile, including design, monitoring, and reporting initiatives. Monitoring and maintenance of the control's frameworks are essential to ensure compliance and adjust and update as internal and external requirements change. Additionally, you will be responsible for embedding the control framework across the bank through cross-collaboration, training sessions, and awareness campaigns, fostering a culture of knowledge sharing and improvement in risk management and the importance of internal control effectiveness. As Director Expectations, you will manage a business function, providing significant input to function-wide strategic initiatives. You will contribute to and influence policies and procedures for the function and plan, manage, and consult on multiple complex and critical strategic projects, which may be business-wide. Depending on the role, you will lead a large team or sub-function, leading other people managers and embedding a performance culture aligned with the values of the business. You may also lead organization-wide projects as a deep technical expert and thought leader, identifying new ways of working and collaborating cross-functionally. It is expected for you to train, guide, and coach less experienced specialists and provide information affecting long-term profits, organizational risks, and strategic decisions. You will also provide expert advice to senior functional management and committees to influence decisions made outside of your function, offering significant input to function-wide strategic initiatives. Managing, coordinating, and enabling resourcing, budgeting, and policy creation for a significant sub-function will be part of your responsibilities. It is crucial to escalate breaches of policies/procedures appropriately and foster compliance, ensuring regulations are observed and relevant processes are in place to facilitate adherence. Focus on the external environment, regulators, or advocacy groups to both monitor and influence on behalf of Barclays when appropriate. Demonstrating extensive knowledge of how the function integrates with the business division/Group to achieve the overall business objectives will be expected. Maintain broad and comprehensive knowledge of industry theories and practices within your discipline alongside up-to-date relevant sector/functional knowledge and insight into external market developments/initiatives. Use interpretative thinking and advanced analytical skills to solve problems and design solutions in often complex/sensitive situations. Exercise management authority to make significant decisions and certain strategic decisions or recommendations within your area. Negotiate with and influence stakeholders at a senior level both internally and externally. Act as the principal contact point for key clients and counterparts in other functions/business divisions. You will be mandated as a spokesperson for the function and business division. All Senior Leaders are expected to demonstrate a clear set of leadership behaviors to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviors are: L - Listen and be authentic, E - Energize and inspire, A - Align across the enterprise, D - Develop others. All colleagues are expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship - our moral compass, helping us do what we believe is right. They are also expected to demonstrate the Barclays Mindset - to Empower, Challenge, and Drive - the operating manual for how we behave.,

As a global leader in assurance, tax, transaction, and advisory services, EY hires and develops passionate individuals to contribute towards building a better working world. EY believes in providing training, opportunities, and creative freedom to help individuals reach their full potential. At EY, the focus is not just on who you are presently, but on who you can become. The potential at EY is limitless, and the organization is committed to providing motivating and fulfilling experiences throughout your career to support you in becoming the best professional version of yourself. The opportunity available is for the position of Senior Consultant-TMT-Business Consulting Risk-CNS within the Risk - Process & Controls team, located in Hyderabad. In the TMT sector, which encompasses Technology, Media & Entertainment, and Telecommunications industries, organizations have the opportunity to evolve and transform. EY assists TMT companies in creating engaging experiences for employees and customers, retaining talent, achieving operational excellence, safeguarding data and reputation, and pursuing M&A strategies that create value and reduce risk. Within CNS - Risk - Process & Controls at EY Consulting, the focus is on transforming businesses through the power of people, technology, and innovation. The team helps clients in identifying and managing risks to make informed decisions that align with their future business strategies and objectives. The key areas of focus include Enterprise Risk, Technology Risk, and Financial Services Risk. As a Senior Consultant, your key responsibilities will include assisting seniors and managers in developing methodologies, identifying potential red flags, preparing reports and deliverables, managing multiple projects, handling data analytics, and mentoring young professionals within the practice. Additionally, you will be involved in managing engagement budgets, developing marketing collaterals, and identifying potential business opportunities for the firm. To qualify for this role, you must have a CA or master's degree in Science, Arts, Business, Accounting, Finance, or a related discipline, along with 3 to 5 years of relevant experience. EY is looking for individuals who can work collaboratively across departments, solve complex problems, deliver practical solutions, and demonstrate agility, curiosity, mindfulness, and creativity in their approach. EY offers a personalized Career Journey, access to career frameworks, and a commitment to inclusivity and employee wellbeing. If you meet the criteria and are interested in contributing to building a better working world, apply now to join EY.,

As a global leader in assurance, tax, transaction, and advisory services, EY is committed to hiring and developing passionate individuals to contribute to building a better working world. At EY, you will experience a culture that values training, opportunities, and creative freedom. We focus not only on your current capabilities but also on your potential for growth and development. Your career at EY is yours to shape, with limitless possibilities and a wealth of motivating experiences to help you evolve into your best professional self. EY Consulting is dedicated to transforming businesses through the integration of people, technology, and innovation. By adopting a client-centric approach, we aim to create long-term value for our clients by addressing their most critical challenges. The consulting services at EY encompass Business Consulting, Technology Consulting, and People Advisory Services. In the role of Senior Consultant in the CNS - Risk Management team, you will play a crucial part in assisting clients in identifying and managing risks that impact their strategic decisions and future objectives. The key focus areas include Enterprise Risk, Technology Risk, and Financial Services Risk. Your responsibilities will include: - Supporting seniors and managers in developing new methodologies and internal initiatives - Identifying and escalating potential issues during engagements - Preparing reports, deliverables, and presentations - Managing multiple projects and engaging in data analytics - Demonstrating awareness of internal auditing standards - Managing engagement budgets and assisting in business development activities - Mentoring young professionals within the practice - Identifying business opportunities for existing clients To qualify for this role, you should have: - A CA or master's degree in a relevant discipline - 3 to 5 years of experience in a similar role We are looking for individuals who can collaborate effectively across various client departments, adhere to commercial and legal requirements, and offer practical solutions to complex problems. We seek agile, curious, and creative professionals who can maintain a positive mindset and adapt to evolving challenges. At EY, you will have the opportunity to work with a diverse range of clients and colleagues, access extensive learning resources, and shape your career path through personalized development frameworks. We are committed to fostering an inclusive work environment that prioritizes both client service excellence and employee well-being. If you meet the above criteria and are eager to contribute to building a better working world, we encourage you to apply and join our team at EY.,

Requisition Id 1624807 The opportunity Manager-TMT-Assurance-ASU - TR - Technology Risk - Bangalore TMT Industry convergence offers TMT (Technology, Media & Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth. We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of M&A strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future - building a better working world for all. ASU - TR - Technology Risk Assurance s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by 1) Ensuring their accounts comply with the requisite audit standards 2) Providing a robust and clear perspective to audit committees and 3) Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities ITGC, ITAC and SOX audit experience Skills and attributes To qualify for the role you must have Qualification CA, ACCA, B.E/B.Tech Experience 5-7 years experience in IT Audit

Designation : Technology Risk Manager Reporting to : Chief Risk Officer Job Description : 1. Risk Identification and Analysis Conduct systematic risk assessments in line with ISO/IEC 27005 and CSCRF, identifying vulnerabilities, threats, and potential impacts on organizational assets. Maintain and update a risk inventory, categorizing risks by criticality and likelihood. Develop risk scenarios and conduct business impact analyses (BIA). 2. Risk Evaluation and Prioritization Apply qualitative and quantitative risk evaluation methods to prioritize risks. Align risk evaluations with organizational objectives, compliance requirements, and the business risk appetite. Engage with stakeholders to validate and refine risk prioritization decisions. 3. Risk Treatment and Mitigation Design, implement, and monitor risk treatment plans in compliance with ISO 27005. Recommend appropriate controls from frameworks like ISO/IEC 27005 Annex A, NIST CSF, or industry best practices. Ensure alignment with CSCRFs risk response strategies (acceptance, avoidance, mitigation, or transfer). 4. Continuous Monitoring and Reporting Develop and implement Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) to track the effectiveness of risk management processes related to technology and cyber security. Continuously monitor emerging risks, threat intelligence, and changes in the threat landscape. Prepare comprehensive risk assessment reports for leadership and regulatory bodies. 5. Incident Response and Recovery Collaborate with incident response teams to manage technology risk events effectively. Conduct root cause analyses and update risk registers post-incident. Support the enhancement of business continuity and disaster recovery plans (BCP/DRP). 6. Governance, Compliance, and Framework Adoption Embed CSCRF and ISO 27005 principles into the organizations overall risk management strategy. Ensure compliance with regulatory requirements (e.g., GDPR, RBI IT Guidelines) and internal policies. Coordinate with internal audit teams to support risk-related assessments. 7. Awareness and Training Develop and deliver training programs on risk management principles, CSCRF, and ISO/IEC 27005. Collaborate with business units to foster a culture of risk awareness and accountability. Competencies Required : Technical Skills Strong understanding of CSCRF and ISO/IEC 27005 frameworks, including risk management lifecycle processes. Knowledge of ISO 27001 controls, NIST Cybersecurity Framework (CSF), and COBIT. Proficiency in risk assessment tools and methodologies (e.g., FAIR, OCTAVE). Familiarity with BFSI-specific regulatory frameworks and compliance requirements. Soft Skills Excellent analytical and problem-solving skills for identifying and addressing complex risks. Strong communication and collaboration skills to engage with stakeholders across business and IT functions. Leadership abilities to drive risk management initiatives and build cross-functional team co-ordination. Education : Qualification Needed: Bachelors or Masters degree in Information Security, Computer Science, or a related field. Relevant certifications: CRISC, CISSP, ISO/IEC 27005 Certified Risk Manager, CISM, or equivalents. Relevant Experience: 6-8 Years Interested candidates can share resumes on ruchi.kedia@sbicapsec.com

Role Description We are seeking a highly experienced and strategic leader to join our FCR&C division as Vice President Financial Crime Risk and Control - Technology Risk Strategy & Controls . This role is critical in shaping the risk and control landscape across our technology platforms, with a strong emphasis on Python-based automation , audit readiness , and strategic risk governance . The ideal candidate will bring a blend of technical acumen , regulatory insight , and banking domain expertise to drive innovation and resilience in a complex, fast-paced environment. Your key responsibilities Strategic Risk Leadership Define and lead the technology risk strategy for Financial Crime Risk and Compliance (FCR&C) division, aligning with enterprise risk appetite and regulatory expectations. Advise senior Leadership on emerging technology risks, regulatory developments (e.g., Basel III, EMIR, GwG, ECB), and control enhancements. Drive strategic initiatives to embed risk intelligence into digital transformation and innovation programs. Technology Enablement & Automation Lead the development of Python-based tools and analytics to automate risk assessments, control testing, and audit support. Oversee the integration of advanced analytics and AI/ML into risk monitoring and reporting frameworks. Collaborate with engineering and data teams to ensure secure, scalable, and compliant technology solutions. Audit, Controls & Regulatory Compliance Own the design and execution of IT control frameworks across trading platforms, payment systems, and client onboarding technologies. Partner with internal audit, DCO and compliance to ensure readiness for regulatory reviews and external audits. Monitor and assess control effectiveness across front-to-back banking processes, including trade lifecycle, credit risk, and operational risk. Review internal processes to confirm all financial crime risks have been appropriately identified and documented. Confirm relevant controls or risk mitigants are in place to manage all financial crime risks within internal processes. Perform design and/or operating effectiveness testing on controls and mitigants. Conduct annual assessment of controls within FCR&C to demonstrate they are operating effectively. Identify, analyse and review operational readiness for any change-related activities. Define the requirements e.g. for the standardisation of processes/policies, translating the required changes for an operational environment and overview effective implementation. Assess risks that are responsible for the mitigating and protecting the Banks reputation. Stakeholder Engagement & Governance Present testing results, risk insights, control metrics, and strategic recommendations to Leadership team Build strong partnerships with front office, operations, DCO, compliance, and technology teams to foster a risk-aware culture. Lead governance forums and working groups focused on technology risk and control transformation. Your skills and experience Qualifications: Bachelors or Masters degree in Computer Science, Information Systems, Finance, or a related field. 14+ years of experience in technology risk, audit, or compliance within investment or corporate banking. Strong proficiency in Python and experience leading automation or analytics initiatives in a regulated environment. Deep understanding of banking products, trading systems, and regulatory frameworks (e.g., SOX, Basel, MiFID II, DORA). Proven leadership in cross-functional teams and executive-level stakeholder management. Experience with testing the design and operating effectiveness of controls and remediating any identified control gaps. Analytical skills and attention to detail, with the ability to think laterally around issues, proposing solutions where required. Effective communication, organisation, prioritisation and interpersonal skills Ability to work to high standards and under strong time constraints. Preferred Certifications: Python/Data Science certifications MBA or executive leadership training (preferred) CISA, CRISC, or equivalent (desirable)