66 Technology Risk Jobs

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

We re seeking a future team member for the role of Vice President to join our Information Security team. This role is located in Pune, Maharashtra -HYBRID BNYM is seeking an initiative-taking professional to join its Cyber Security Third Party Governance (CTPG) team. The successful candidate will work in a technically diverse and dynamic environment with a team of Cyber Security professionals responsible for the assessment, analysis and governance of cyber security for third party vendors. The successful candidate will have deep technical and assessment skills to identify vendor cyber vulnerabilities that puts the BNYM at risk. The individual works closely with the Cyber TPG Security Leader, Business Sourcing Leads (BSL), enterprise sourcing, technology risk management, engagement managers, business teams and vendors on identified cyber risks in vendor environments. This requires both good oral and written communications skills and the ability to negotiate. Must be able to keep sensitive information confidential and know how to use appropriately. In this role, you ll make an impact in the following ways: Assess the cyber security risk of third party vendors with an appropriate level of detail Travel to vendor locations for on-site assessments Interface with enterprise sourcing, technology risk management, business teams and engagement management on vendor cyber security issues identified Review and challenge vendor evidence for issue closure Assist in the design and implementation Cyber TPG related processes and tools Define and create relevant metrics, presentations and reports Review the cyber related attestations by third parties such as SOC2 and ISO 27001 and report any observations for further review and tracking Review vendor risk reports created by internal and external entities for impacts to cyber security Keep up to date on the latest trends, methodologies and tools related to third party Interface with industry coalitions working on third party cybersecurity issues To be successful in this role, we re seeking the following: Bachelors degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or CISM a plus 17+ years of experience in cyber security related activities required Firsthand experience in performing control-level technical cyber risk assessments In-depth technical knowledge in 1-2 cyber domains Experience in the securities or financial services industry is a plus Experience in third party governance and related tools is strongly desired but not required Ability to manage multiple projects and priorities Familiarity with various global regulations and industry standards concerning cyber security Strong verbal and written communication skills

You are a strategic thinker passionate about driving solutions in Sales, Research & Data Services Ops . You have found the right team. As VP of the SRDS Ops iMaintain team, you will lead efforts to manage regulatory-critical processes across various business areas, oversee transformation projects, and streamline operations using new technology. Based in Mumbai, you will develop metrics frameworks, identify business opportunities, and collaborate with stakeholders like Product Management, Operations, Technology, Risk & Control, and Finance to implement industry best practices for change and transformation, driving innovation and efficiency in regulatory processes. The primary responsibility of this position is to manage the iMaintain team in Mumbai, overseeing transformation projects and streamlining processes with new technology to contribute to the broader DCS vision. The candidate will maintain a strong control environment, define a future state vision for the functional area, and lead program execution from an operations perspective by building strategic platforms and decommissioning legacy systems. They will identify new business opportunities and synergies with other areas like Markets Operation, Research, and Sales, while managing people through training, upskilling, and hiring based on future needs. Collaboration with stakeholders such as Product Management, Operations, Technology, Risk & Control, and Finance is essential, leveraging industry best practices for change and transformation. Job responsibilities Maintain a strong control environment within the regulatory-critical iMaintain team. Define and implement a future state vision for the functional area with the BAU Operations team. Lead program and project execution, focusing on strategic platform development and legacy system decommissioning. Identify and pursue new business opportunities and synergies with Markets Operation, Research, and Sales. Manage people through training, upskilling, and hiring diverse skill sets for future team needs. Collaborate with stakeholders, leveraging industry best practices for change and transformation. Ensure a stable operational environment with robust controls, checks, and balances. Leverage new technology or tools to enhance processes, track metrics, and improve controls. Govern by providing updates to senior stakeholders and ensuring compliance with laws and regulations. Engage in each stage of the Project Delivery Framework (PDF) from requirements to implementation. Focus on the people agenda, including coaching, training, talent management, and recognition. Required qualifications, capabilities and skills Minimum 10+yrs experience with strong experience of 4-5 years on Tech Change programs, Process Improvements, Operating Model improvements Excellent problem-solving skills in order to identify, understand and address operational and technical issues. Proactive in displaying these skills and developing solutions. Strong knowledge of technology solutions available in the market for Operations business Must have Microsoft Office skills Excel, Word, Access and PowerPoint Influencing and negotiation skills - leverage subject matter expertise in driving conversations, challenging status quo and influence decisions/direction with stakeholders Ability to operate in a fast-paced environment under high pressure with time critical deliveries; multi-tasking, prioritizing and able to adjust to changing priorities Strong partnership record - ability to build effective relationships across different parts of the organization as required Should have a collaborative work style; fostering co-operation and teamwork. Ability to develop relationships across various stakeholders including senior business executives Control mindset to identify process control gaps, prioritize and mitigate operational risk Effective change management and transformation experience. Ability to challenge current state and mind set, adapt to a changing environment Good understanding of downstream impact of actions undertaken, particularly the requirement for strong and timely controls throughout the life cycle of the trade

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Consultant Specialist. In this role, you will: Identify opportunities and deliver consistent and interconnected risk and control environment reporting and governance Protect the bank via proactive regulatory risk reduction actions. Drive consistent regulatory reporting across regions, businesses, and global functions. Collaborate closely with global functions, businesses, and regional stakeholders to integrate risk and control insights into strategic technology planning and decision-making processes. Assist CTO RC Control teams to enhance technology control frameworks, ensuring they are inclusive and adaptable aligned with industry regulations and standards. Provide advice, guidance, and assessment of application of policies, control standards, and procedures. Advocate the desired behavioural changes across the CTO Enablement community required to mature the understanding and management of technology risk controls. Requirements To be successful in this role, you should meet the following requirements: Excellent understanding of HSBC Technology Controls, especially Cybersecurity Controls. Strong communication skills to be able influence and challenge stakeholders Analytical and problem-solving skills, with the ability to navigate technology landscapes. Excellent understanding of key reporting metrics. .

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Key Responsibilities Areas will be as follows - Control Audits goal/purpose is to Identify security controls gaps, remediate and drive compliance for all accounts/programs across Sutherland. ALL deviations MUST be remediated or have an APPROVED Exception Request. ALL non-compliance findings will be worked with peers across InfoSec Risk and Compliance and create a remediation plan by working with respective stakeholders. Results are tracked, trended and reported. Meetings are hosted with Senior InfoSec Leadership: results reviewed, gaps address, risks identified, remediation progress confirmed Audits are performed internally and via a 3rd party audit team that this leader oversees in tandem with Regional Risk and Compliance. Risk Assessments to be conducted and implemented as per various Complaince requirements to protects and prevents the misuse of Sensitive Customer Information (SCI) handled in client programs, in order to: Proactively identify risks and vulnerabilities Address potential data leakage areas Assess Sutherland s implementation of standards Identify Sensitive Customer Information (SCIN) belonging to clients. Remediates by tightening or establishing controls. Implements security best practices that minimize the risk & avoid incident / data breaches. 2. In addition to the above, the candidate will be asked to look beyond the task at hand and to question how can we do this better, how can we automate and improve upon business as usual, challenge the status quo so that we work smarter (not harder) 3. Demonstrate control effectiveness to the Infosec Leadership Core Infosec exp 4 yrs or IT domain exp of 5 yrs above Infosec certifications will be added advantage IT certification can also add value

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. What you'll do Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains – Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What you'll bring: Bachelor’s degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT – Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 – Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX – Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR – General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Bachelor s degree in information technology, Computer Science, Risk Management, or a related field; advanced degree or professional certification (e.g., CISA, CISSP, CRISC) Mandatory. Minimum of 10 years of experience in technology risk management, cybersecurity, or information security roles. Proven expertise in conducting technology risk assessments, developing risk management frameworks, and implementing controls and mitigation strategies. In-depth knowledge of regulatory requirements, industry standards, and best practices related to technology risk management and information security (e.g.,FAIR, NIST Cybersecurity Framework, ISO 31000, OCTAVE & TARA). Strong analytical, problem-solving, and decision-making skills with the ability to evaluate complex issues and develop practical solutions. Excellent communication and interpersonal skills with the ability to effectively engage and influence stakeholders at all levels of the organization. Demonstrated leadership abilities with a track record of driving results, managing projects, and leading cross-functional teams in a fast-paced, dynamic environment. Basic Requirements Effective verbal and non-verbal communication skills at all levels of the organization Leadership teamwork and collaboration Discretion Problem solving Critical Thinking Self-initiated/sufficient Motivated

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred

About Us At ANZ, were shaping a world where people and communities thrive, driven by a common goal: to improve the financial wellbeing and sustainability of our millions of customers. About the Role As a Privacy Governance Manager in our Data and Technology Risk team, you ll play a key role in the ANZ Privacy Office to ensure ANZ s compliance with Privacy and Data Protection laws across the bank globally. The role will provide Subject Matter Expertise on Privacy and Data Protection obligations across the bank to support the operational governance oversight. This role will also assist business units across the bank to understand privacy risks by identifying and implementing appropriate control measures. Banking is changing and we re changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you ll be building your future, while helping to build ours. Role Location: Bengaluru Role Type: Permanent, Fulltime What will your day look like Monitoring and ensuring compliance with Privacy and Data Protection laws across various jurisdictions. Identifying, assessing, and mitigating privacy risks through reviews and assessments. Collaborating with ANZ stakeholders and business units to align privacy practices with organizational goals. Overseeing data mapping initiatives and maintaining records of processing activities (RoPA). Managing, evaluating and reporting third-party vendors attestation outcomes and identifying risks or concerns related to Privacy or Data Protection. Reviewing and updating new obligations in NFR Hub. Tracking and reporting privacy KPIs and metrics for the ANZ Privacy Office. What will you bring Minimum of 8 to 10+ years experience in Privacy or a related field, preferably with a bachelors degree in law. Recognised Privacy and Data Protection qualification (e.g., IAPP - CIPM, CIPT, CIPP/E). Comprehensive knowledge of global Privacy and Data Protection legislation (including AU Privacy Act, GDPR, PDPA). Thorough understanding of privacy management practices and the ability to identify privacy risks and manage interactions across business operations. Proficient writing, organisational and problem-solving skills. Effective communication and interpersonal skills for collaborative work with stakeholders and employees at all levels. You re not expected to have 100% of these skills. At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we d love to hear from you. Job Posting End Date 13th June 2025, 11.59pm, (Melbourne Australia)

A Day in the Life Responsibilities may include the following and other duties may be assigned. Provides project management and sourcing expertise to cross-functional, cross-divisional commodity teams. Facilitates these teams in the development and execution of long-term strategies that will optimize Medtronics position in terms of quality, cycle/response time, technology, risk, and total cost. Mitigates risk, leverages technology and purchase power, improves processes and systems, and reduces overall cost of ownership and acquisition. Negotiates, establishes and monitors supplier agreements. SPECIALIST CAREER STREAM: Typically an individual contributor with responsibility in a professional discipline or specialty. Delivers and/or manages projects assigned and works with other stakeholders to achieve desired results. May act as a mentor to colleagues or may direct the work of other lower level professionals. The majority of time is spent delivering and overseeing the projects - from design to implementation - while and adhering to policies, using specialized knowledge and skills normally acquired through advanced education. DIFFERENTIATING FACTORS Autonomy: Recognized expert, managing large projects or processes . Exercises considerable latitude in determining deliverables of assignments, with limited oversight from manager . Coaches, reviews and delegates work to lower level specialists. Organizational Impact: Contributes to defining the direction for new products, processes, standards, or operational plans based on business strategy with a significant impact on work group results . May manage large projects or processes that span outside of immediate job area. Innovation and Complexity: Problems and issues faced are difficult, moderately complex and undefined, and require detailed information gathering, analysis and investigation . Develops solutions to moderately complex problems, and/or makes moderate to significant improvements of processes, systems or products independently to enhance performance of job area. Implements solutions to problems. Communication and Influence: Represents organization as a primary contact for specific projects and initiatives; communicates with internal and external customers and vendors at various levels . May negotiate with others to reach understanding or agreement, and influence decision-making. Leadership and Talent Management: Typically provides guidance, coaching and training to other employees within job area. Typically manages major / moderately complex projects, involving delegation of work and review of work products, at times acting as a team leader. Required Knowledge and Experience: Requires mastery of a specialty area and full knowledge of industry practices, typically obtained through advanced education combined with experience. May have broad knowledge of project management. Requires a Baccalaureate degree (or for degrees earned outside of the United States, a degree which satisfies the requirements of 8 C.F.R. 214.2(h)( 4)(iii)(A) and minimum 7 years of relevant experience, or advanced degree with a minimum of 5 years of relevant experience. Benefits Compensation About Medtronic We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people. We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the RD lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firms robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity & Tech controls team , you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firms standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards. Job responsibilities Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Support implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firms risk posture Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 3+ years applied experience Experience in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders Proficient knowledge of risk management frameworks, regulations, and industry best practices Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or other industry-recognized risk certifications

Visa is looking for a candidate to join its Cybersecurity 3rd Party Technology Risk Management (3PTRM) team as an Associate Cybersecurity Analyst, which works with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet Visa security requirements and mitigate any risks that are associated with engagement of third parties. The Analyst will work closely with Supplier Relationship Owners (SROs) and other Cybersecurity teams such as penetration testers, security architects, etc to assess and monitor third parties that do business with Visa. The role requires the candidate to have strong analytical, communication, and organizational skills, as we'll as a solid understanding of cybersecurity concepts and best practices. Essential Functions: Perform risk/security assessments of Suppliers and Third-Party relationships to identify, validate and remediate risks Cybersecurity Risks. This may include performing interviews, document design assessments and walkthroughs of cybersecurity controls. Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements. Participate and conduct onsite assessments of Third Parties against Visa s security framework and industry security standards. Support risk/security assessments for special projects involving Third Parties. Support PCI-related activities relevant to third parties to ensure compliance with PCI requirements. Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations. Proactively follow-up with Suppliers to ensure prompt remedial actions for assessment findings. Basic Qualifications: Bachelors degree, OR 3+ years of relevant work experience Preferred Qualifications: 2 or more years of work experience. Bachelor s degree in Computer Science, Information Systems, Engineering, or related field, or equivalent work experience. Minimum of 1 years of experience in cybersecurity, IT audit, or IT risk management. Experience in cybersecurity, IT audit, risk management, compliance, or related fields. Knowledge of cybersecurity frameworks and standards such as NIST, ISO, PCI, etc. Strong written and verbal communication skills, and ability to communicate effectively with technical and non-technical audiences. Ability to work independently and collaboratively in a fast-paced environment. Certifications such as CISSP, CISA, CISM, CRISC, or equivalent are preferred.

Risk Analyst (Equity Derivatives) Equity Derivatives Researcher Millennium s Global Risk Management Department is responsible for identifying, measuring, monitoring, managing, and reporting on the risks associated with Millennium equity derivatives portfolios. Our Risk Management organization is designed to accommodate the overall size, nature, and complexity of the firm s trading activities. We are looking to add an inquisitive minded Risk Modeler to join our team. You will have the opportunity to develop and maintain the quantitative frameworks used by our portfolio managers and senior management teams. You will be responsible for the risk framework which involves consistently evolving metrics, improved valuation methodologies and clear identification and resolution of issues associated with inadequate risk measurement. You will understand and monitor closely the strategies of PM s trading in equity derivatives and embed insights in quantitative frameworks. Your primary responsibilities will encompass: Development of Risk Measurement Techniques: Develop and maintain robust frameworks for risk measurements. You will create frameworks to deliver insights on PM strategies and risks through interacting with existing tools or building own framework Quantitative Framework Development: Assist in the creation and optimization of our quantitative framework, which includes collaborating with technology, risk, portfolio, and business managers. Tech Collaboration: Partner with the Technology department to streamline the transition of quantitative models into production environments. The priority is to ensure accuracy and efficiency in day-to-day workflows. Research Model Development: Lead research into and implementation of various quantitative models. Qualifications/Skills Required: The candidate should have a degree in a quantitative major: statistics, mathematics, engineering, and either professional experience of 1-4 years in a quantitative role in a financial organization, or an advanced degree in a quantitative field preferred. A good understanding of derivatives and valuation is a plus, and basic familiarity is generally expected. Prior experience with managing and deploying valuation models is a great add. Strong programming skills, prior experience with Python (Polars and/or Pandas) or SQL. Proficiency in at least a compiled and statically typed language is a plus; so is demonstrated programming ability on public repositories e.g., GitHub. Sense of responsibility and integrity. Intellectual curiosity and spirit of initiative. Ability to work independently and effectively manage ambiguity.

Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

Our Purpose Title and Summary Director, Technology Risk Management Overview: The Payment Gateway Team is seeking a Principal, Technology Risk Management to lead and build our strategy for designing and implementing assurance requirements to meet customer and regulatory expectations regarding security and availability risk and controls via assurance products such as SOC 2. The individual will coordinate and advise management to ensure customer and regulatory obligations are considered for the Payment Gateway Service. The individual will be responsible for reviewing and analyzing strategic plans and identifying risk and controls required to meet Mastercard policies and standards and apply the design of relevant risk and control assessments that meet our assessment obligations. Key Responsibilities: Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

About The Role : Job TitleInformation Security Analyst, AS LocationMumbai, India Role Description CRO DCO Resilience team Manages and Governs various risk types for Chief Risk Office (CRO) including but not limited to Information Security, Data Protection, Records Management, Business Continuity, Vendor / Third Party Risk Management (TPRM) The Resilience team in India is a part of CRO's Divisional Control Office (DCO) responsible for Governance on various risk types Information Security Analyst will be responsible for ensuring governance on information security and other risk types for various CRO Functions Information Security Analyst will support CRO DCOs efforts to identify, analyse and report the non-financial risks of the CRO Function, thereby ensuring that Group and Functional standards are consistently applied. The candidate is required to demonstrate very good understanding of risk management activities, paired with strong stakeholder management and Microsoft office skills. The role will have full exposure to all areas within CRO and requires working closely with a variety of stakeholders. The role has considerable scope for professional development across the Risk Management domain What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities As the Information Security & Technology Analyst your responsibilities will include (but not be limited to): Assume ISO ownership for assigned Risk applications Ensure execution of Information Security risk assessments and compliance evaluation Ensure implementation of controls for identified Information Security and Technology risks for designated business applications and functions Ensure implementation and maintenance of Identity and Access Management processes, as well as execution of periodical recertification of User Access Rights Ensure annual validation of key application documentation, including KOP and User access matrix for each assigned application and activities Provide timely updates to the DBISO and/or Risk Chief BISO regarding afore mentioned tasks Ensure accuracy of application entries regarding Information Security in the Group inventory of applications (NAR) Engage and create a positive network across external teams like Technology, respective functions, Chief BISOs, Risk type managers etc. Treatment of escalation questions regarding problems as well as assessments of potential violations of regulatory or internal guidelines regarding Information Security Cooperation in improving existing processes and workflows as well as independent implementation of new processes Regular attendance at scheduled meetings and telephone conferences, e.g., presentations of work results to senior decision-makers/workgroups, processing of meetings and telephone conferences (preparation of agendas, if needed, keeping the minutes) Management of urgent activities at short notice Management of enquiries from auditors and regulators Your skills and experience Core understanding of non-financial risk. Good understanding of risk management activities and internal control frameworks. Strong analytical skills to interpret and analyse data. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with diverse stakeholders across the bank Very good Microsoft Office skills, particularly Excel and PowerPoint A sound knowledge of Information Security would be preferred along with Information Security Certifications / skills How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

About The Role : Job Title Technology Risk Manager Corporate Title Director Location Pune, India Overview Our Corporate Bank group is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. This means that technology is more important than ever for the business. The CIO Corporate Bank (CB) division sits in the Banks Technology, Data and Innovation (TDI) group. The Risk and Control (R&C) team ensures the Bank's technology control priorities are effectively implemented across CIO - CB. The R&C team offers dedicated support for each Chief Information Officer (CIO) business line, advisory services for control responses, and program management services for broad control uplifts. The team's mission is to reduce the organization's technology risk exposure by implementing key bank controls, ensuring appropriate and timely resolution of audit and regulatory issues, and participating in the Bank's design of control implementations. Therefore, a role on the R&C team is integral in supporting the front-line management in identifying, assessing/measuring risks, developing/implementing remediation actions, and monitoring risks. We are looking for a technology risk manager (also known as embedded risk team lead) to join the Risk & Control team to ensure robust and sustainable control governance across CIO CB, in particular for CB Data and head for India Risk and Control team. You will be responsible for supporting the CB Chief Data Office in managing audit/regulatory/self-identified findings, participating in regulatory and audit exams, monitoring stakeholders compliance with key risk indicators, and ensuring controls are implemented effectively and sustainably. Your role will be integral in supporting the front-line management in identifying and assessing/measuring risks, determining remediation plans, monitoring levels of risk, and implementation of remediation. You will work directly with CIO-1s, the CIO Corporate Bank Risk Leads, senior technology management, business and operations stakeholders, regulatory management, and other embedded risk teams and will represent CB Risk & Control . As a senior member in the region, you will spearhead risk initiatives within the region and will oversee India applications. As a Tech Risk and Controls Director, you will play a pivotal role in shaping and implementing the firms technology risk management strategy. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under child care assistance benefit (gender neutral) Flexible working arrangements Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities: Partner with CB CDO, in risk management and control implementation. Create deep and productive relationships with the teams and finding owners for audit/regulatory/self-identified issues to ensure overall risk posture for the area is improved. Support CIO-1 portfolio(s) in managing audit/regulatory/self-identified findings to ensure appropriate and timely resolution of risks/gaps in controls, and resolve non-compliance with Bank policies, procedures and processes and non-compliance with regulations and laws. Review and revise findings lifecycle event documentation. Provide strategic direction on risk management matters to senior leadership including implementation of detailed data driven narratives to inform leadership of risks related to IT and Cybersecurity topics. Provide credible challenge across all information technology and cybersecurity enabling business growth while ensuring that risks remain within appetite. Participate in, and coordinate with technology stakeholders, on internal and external audits and regulatory exams Ensure Risk & Control topics and standards are effectively included in all Change Programs related to CB Data, in particular within the perimeter of the EDM Program. Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified technology issues Support application teams in control implementation requirements Ensure risk remediation programs are initiated and executed. Design and implement processes to test effectiveness and sustainability of technical controls. Develop strategies for reducing the risk exposure of CIO CB portfolio(s), including preparedness of critical applications for audit and regulatory exams and working with application owners to address and prevent common risk issues Assist application owners and other technology stakeholders in identifying and documenting risks and developing remediation Tracking and reporting on CIO CB portfolio(s) key risk indicators (KRI) and control uplift programs. Assisting application owners in developing plans to ensure compliance with KRIs. Close control gaps. Ensure risk remediation programs are initiated and executed in line with the Banks policies, procedures and standards. Work with the application teams and control owners to identify and resolve potential issues in control design. Advise on effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling. Create risk awareness and positive attitudes through specialized trainings and educate the wider Corporate Bank CDO stakeholders regarding Risk & Control. Develop and guide a culture of talent development to meet business objectives and strategy. Your Skills and Experience: Excellent communication skills, both written and verbal to present ideas and concepts effectively Extensive experience (15-20 years) in technology risk management and risk advisory Strong understanding of three lines of defense model and compliance frameworks, Experience with regulatory environments and financial services technology. Robust knowledge and experience of data risks, in particular data-related technology controls, - policies, - standards and - tools Excellent analytical and investigatory skills to identify underlying technology issues Extensive experience in assessing risk, writing issues, and developing appropriate corrective actions Demonstrate viable solutions and problem solving Relevant experience working with auditors, regulators and external auditors on exams, reports and information requests Prefer experience with designing and testing technology controls and processes Prefer technical background (application development, infrastructure engineering, etc.) How we'll support you Training and development to help you excel in your career Flexible working to assist you balance your personal priorities Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Join us as a Technology Controls Manager You ll be navigating the fast-changing landscape of technology risk to protect our customers and the day-to-day banking services they rely on Its a role that will see you building and influencing strong relationships with senior stakeholders across the bank , giving you an excellent platform to boost your profile Surrounded by subject matter experts, inspiring innovators and technology specialists, this is your opportunity to access our expertise and vast industry knowledge to open doors to further career success Were offering this role at vice president level What youll do To keep pace with the evolving needs of our customers, we re constantly investing in the latest cutting-edge technology to deliver a banking experience like no other. But new technology presents new and increasingly complex risks. And a s we become increasingly reliant on systems, networks and devices in our day-to-day lives, the importance of safeguarding the banking services that our customers rely on is greater than ever - and this is where you can make an important impact as our Technology Controls Manager. Day to day, you ll be: Identifying the risks presented by technology and helping our teams to understand and grab the opportunities they present too Exercising sound judgment to assess the potential impact of technology risks, along with their risk position Partnering with senior leaders to develop and deliver remedial action plans for risks that fall outside of our risk appetite Championing a culture of proactive and pre-emptive risk management that empowers our people to unlock value, embrace new technologies and navigate risk with confidence Demonstrating risk leadership and advocacy to develop relationships with colleagues and senior leaders that are built on trust The skills youll need We re looking for someone who can inspire confidence and build trust, and to do that your risk management expertise will be key. You ll need a deep understanding of risk management methodologies too, along with practical experience managing regulatory and operational risks in a technology environment. You ll also need: Knowledge of control and process design methods A deep understanding of IT service management processes The ability to benchmark the inherent resilience of technology architecture Experience of assessing and managing the efficacy of processes and controls Great communication, collaboration and stakeholder management skills

Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management. As a Tech Risk & Controls Lead in Infrastructure Platforms which is aligned to Enterprise Technology division, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firms standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. Job responsibilities Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred

Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firms robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity & Technology Controls, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firms standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards. Job responsibilities Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Support implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firms risk posture Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 3+ years applied experience Expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders Proficient knowledge of risk management frameworks and industry best practices Understanding of national and international Laws, Regulations and Rules (LRR) related to cybersecurity in the financial industry. A demonstrated ability to analyze technology-focused regulations (from US and international agencies) Develop and maintain strong partnerships with key stakeholders at both working & executive levels, and to work across diverse businesses and regions, balancing the needs of multiple organizations Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or other industry-recognized risk certifications

Qualification and Minimum Entry Requirements B.Tech (IT/CSE) with 8+ Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities As a Manager in RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education