66 Technology Risk Jobs - Page 2

As a part of RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization.Qualification and Minimum Entry Requirements Job Description B.Tech(CSE/IT)/MCA/MBA/CA with 0-5 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Preferred candidate profile

Job Description: Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Knowledge of security measures and auditing practices within various operating systems, databases and applications. Experience in assessing risks across a variety of business processes. Experience of working on Financial Services sector clients. Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients. Hands on experience of working on IT General Controls, IT Application controls testing, IT Internal Audits, IT Risk Assessments, Third Party Risk Management. Knowledge of regulations impacting the privacy, integrity and availability of customer PII. Exposure of having led IT Audit engagements Exposure of working on Identity Access Management aspects like user management, authentication and authorization. Has team leading experience and has been a performance manager in current or last role Technical skills: Prior experience in evaluating the design and operating effectiveness of technology controls over varied IT platforms including ERP suites, Windows, Unix/Linux, iSeries, Oracle database, DB2 and SQL.

The opportunity Manager-NAT-Assurance-ASU - TR - Technology Risk - Mumbai/Bangalore ASU - TR - Technology Risk Assurance s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by 1) Ensuring their accounts comply with the requisite audit standards 2) Providing a robust and clear perspective to audit committees and 3) Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities - IT audits including stautiry and internal audits - IT General Controls (ITGC) testing / implementation experience - IT Application Controls (ITAC) testing / IT Automated Business Controls testing / implementation experience - IT Infrastructure risks and control assessments - IT SOX 404 - SOC1, SOC2 audits and reporting - SAP S4 HANA migration review - Cloud security - IT Strategy engagements - Architecture assessments - Data quality and data migration - IT Compliance and regulatory reporting - Risk and control assessments considering emerging technologies such as cloud, RPA, AI/ML, Blockchain etc Qualification CA, BE,Btech, MCA, BCA,B.com,M.com Experience 10+ years of relevant experience in It Audit EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. Apply now.

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Word Good communication skills Familiar with IT development life cycle and preferably with past experience in developing applicationProficient in Microsoft Excel is preferred The ability to create basis reports, track, and manage in spreadsheets , including creating formulars, and pivot tables for data analysis would be beneficial, To review IT project document prior submission to both internal/external auditor, Bank s Group Risk management and Regulators, To provide guidance and advise PMO of development team for submission of project documentations To prepare statistic/status report when required, The various training will be provided including the UOB development methodology and Security policies This role is suitable for candidate who has gone through development life cycle and interested in I T Risk management and Governance,This role is to support project team and provide guidance to the team to comply to the bank development methodology and security policies/processes,Key Responsibilities As per job objectives Key Requirements As per key skill Acknowledgement Requestor

About The Role : Job Title- Divisional Risk and Control Senior Analyst, AVP Location- Pune, India Role Description The 1st line Tech Risk, Insights and controls function at Deutsche Bank sits within the Chief Technology Office (CTO) for Deutsche Bank Group. CTO has the largest footprint within the Technology, Data and Innovation (TDI) division and is joined by other business-aligned CIO IT divisions. The Tech Risk, Insights and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner. As part of the team, you will join the Banks journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction. Specifically, you will bring expertise for risk identification and remediation advisory, records management supporting a proactive risk management function. It will therefore also include planning and executing thematic risk assessments and inputting into risk scenario testing and macro threat assessments. Further you will respond to client due diligence requests. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects. This role will report to the Head of Risk Assessments and Response and ultimately to the Global Head of Risks, Insights and Controls. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Risk Management Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting, and keeping CTO risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for CTO and key cross divisional priorities impacting CTO (control / remediation book of work) Support CTO in managing the CTB budget allocated for high risk finding remediation and CTO involvement in reducing risk owned by other CIO and CISO divisions Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Audit Management Manage and govern audit requests and findings in a quality assured and controlled manner Respond to client due diligence requests in a timely manner End-to-end governance, monitoring, control, and reporting of audit lifecycles Audit support and advice incl. quality assurance of management action plans, completion check of the deliverables, closure review, ownership transfer, downgrade, risk acceptance and target date extensions Act as overall interface with Audit for fieldwork support and ongoing oversight, co-ordination, quality control, read across for all divisional audit findings Establish a consistent approach to ownership of management action plans Manage operation of audit interface to vendors including monitoring and reporting Foster lessons-learned on audit findings and missed self-identified findings Stakeholder Management Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with DCRO team to manage the finding lifecycle Promote and support proactive IT risk culture at the Bank Your skills and experience Desired experience Minimum 2 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 Knowledge of Agile change delivery methodology, DevOps and Shift left concepts Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management Desired behaviors A strong team player comfortable in a cross-cultural and diverse operating environment Result oriented and ability to deliver under tight timelines Ability to successfully resolve conflicts in a globally matrix driven organization Excellent communication and collaboration skills Desire to learn about new and emerging technologies and continuous upskilling Must be comfortable with navigating ambiguity to extract meaningful risk insights How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Working with clients on SOCR and FAIT (Financial Audit Integration) engagements Sharp focus on ITGC Testing Deep knowledge in OS, Network, DB and ERP control testing Process narrative documentation Deep understanding of Compliance subjects (SOCR, FAIT, NIST, ISO and other Info Sec related compliance requirements) Understanding and performing of Testing methodologies Report writing Teaming skills related to on-site delivery Client interation and expectation management Skills and attributes To qualify for the role you must have Qualification BCOM, BCA, BSC, BE/ B.Tech,, or MSC in Computer Science Experience 3 - 6 years of relevant experience

Working with clients on SOCR and FAIT (Financial Audit Integration) engagements Sharp focus on ITGC Testing Deep knowledge in OS, Network, DB and ERP control testing Process narrative documentation Deep understanding of Compliance subjects (SOCR, FAIT, NIST, ISO and other Info Sec related compliance requirements) Understanding and performing of Testing methodologies Report writing Teaming skills related to on-site delivery Client interation and expectation management Skills and attributes To qualify for the role you must have Qualification BCOM, BCA, BSC, BE/ B.Tech,, or MSC in Computer Science Experience 3 - 6 years of relevant experience

Lead Information System Audit - Leading NBFC - Goregaon The purpose of this role is to perform IT risk assessment and manage execution of the Information System Audits (IS Audits) including Information Technology (IT) Infrastructure, Information Security and IT Applications Audits covering the key Information System areas (such as Cyber Security, Applications Security, Data Security, Cloud Security, Vulnerability Assessment & Penetration Testing, Network Security, Data Privacy, Data Centre, Logical and Physical Access Management, IT Infrastructure management, Database & Operating System management, Incident management, Change management, Email management and process review, End point security, IT Disaster Recovery, IT Business Process Continuity Review, IT Helpdesk management, IT Project management and Emerging Digital & Technology Risk). The role also include adherence to internal policies and procedures as well as applicable laws and regulations. This is an individual contributor role initially. Drop your CV on ankita.jalla@forward.net.in

We are looking for a subject matter expert as an in-house IT specialist for a long-term position. A successful candidate fulfills her two functions within the company. First, you need to coordinate IT-related infrastructure and development.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of SENIOR CONSULTANT SPECIALIST In this role, you will: Identify opportunities and deliver consistent and interconnected risk and control environment reporting and governance Protect the bank via proactive regulatory risk reduction actions. Drive consistent regulatory reporting across regions, businesses, and global functions. Collaborate closely with global functions, businesses, and regional stakeholders to integrate risk and control insights into strategic technology planning and decision-making processes. Assist CTO RC Control teams to enhance technology control frameworks, ensuring they are inclusive and adaptable aligned with industry regulations and standards. Provide advice, guidance, and assessment of application of policies, control standards, and procedures. Advocate the desired behavioural changes across the CTO Enablement community required to mature the understanding and management of technology risk controls. Have a good understanding of Operational Risk, particularly the key role played by Technology. Requirements To be successful in this role, you should meet the following requirements: Bachelor s degree (or equivalent experience) in Information Technology, Computer Science, or a related field Knowledge and experience of technology risk management, with a knowledge of control frameworks Good understanding of Cybersecurity Controls such as Vulnerability Management, Identity Access Management is a key requirement. Knowledge and experience of enterprise risk management software and tools Strong communication skills to be able influence and challenge stakeholders Flexible and adaptable being able to handle and prioritise competing demands in a fast-paced environment Analytical and problem-solving skills, with the ability to navigate technology landscapes. A commitment to continuous learning and staying at the forefront of technology concepts and practices Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Oversight of the 1st Line of Defense adherence to the RCSA policy Provide 2LOD effective challenge and oversight ensuring risks and controls are inventoried accurately, adhere to program requirements and align to defined Risk Taxonomies Provide objective oversight of risks through quality control using defined methodologies and subject matter expertise. Analyze RCSA results and prepare reports that highlight themes, root causes, and emerging risks as needed to the Operational Risk Management Committee Lead team of 2LOD controls testers responsible for testing, validating, and enhance control testing post RCSA approvals and 1LOD Controls Testing execution. Lead NFR teams responsible for Technology Risk, Third-Party Risk, and Risk Reporting Metrics Advance the companys risk culture and program knowledge through training, education and communication Strong stakeholder engagement to ensure identification of issues and timely completion of actions to meet deadlines Improve overall risk management culture and knowledge via training/awareness sessions Review key risk indicator framework, scorecards, dashboards to ensure appropriateness of metrics / key performance indicators Collaborate with senior management risk partners and lines of business partners to coordinate operational risk management activities Manage or lead projects aimed at improving the overall NFR programs Act as the Site Manager to include, but not limited to, coordinating with functional managers to onboard new hires locally, provide local support and guidance required to access the premises, meeting right stakeholders, IT and system access related support. Ensure smooth onboarding of all the new NFR staff. Review of Issues, IA and Exam Findings, and New Product/Initiatives to determine potential impact to risk and control inventories and work with the 1LOD to address Perform other duties as assigned. Knowledge, Skills, and Experience Ability to communicate in a clear, concise and effective manner (verbal and written) 15+ years financial services experience with minimum 7 years of operational risk, controls, or audit experience Excellent working knowledge of audit, risk and operational management concepts, and the ability to understand and interpret the impact of decisions, as well as identify and convey potential problem areas Ability to foster a positive and proactive approach to process assessment and improvement and to identify trends and improve processes for both the customer and the business Strong organizational, attention to detail, time management, and planning skills Ability to handle multiple competing priorities Ability to make independent decisions and also be a team player and effective communicator to ensure that issues are appropriately resolved Confidence and expertise to advise management and the business Ability to use initiative and work unsupervised in a proactive manner A collaborative approach to work and ability to build relationships with strong interpersonal skills

Ernst Young is looking for Associate Consultant - Assurance - TMT - ASU - TR - Technology Risk - Bangalore to join our dynamic team and embark on a rewarding career journey The job description for this position may include the following Client Management Assist in building and maintaining strong relationships with clients, act as a point of contact for clients, and manage client expectations Research and Analysis Conduct research and analysis to support project delivery, including collecting and analyzing data, developing hypotheses, and identifying insights Project Delivery Support project delivery by providing assistance in planning, executing, and monitoring project tasks and timelines Report Writing and Presentation Prepare reports and presentations for clients and internal stakeholders, including developing recommendations based on research and analysis Teamwork Collaborate with colleagues and other departments to provide integrated solutions to clients and support the development of the firm's intellectual property The ideal candidate for this position should possess strong analytical and problem-solving skills, as well as excellent communication and interpersonal skills They should also have a basic understanding of management consulting concepts

Opportunity to shape risk culture and ensure technological safeguards in a dynamic, collaborative environment. As a Tech Risk Assurance Lead in Cybersecurity & Tech Controls team, your role will involve identifying and influencing the design of technology controls to enhance the firms ability to manage compliance and operational risk exposure. You will offer subject matter expertise and technical guidance to technology-aligned product and process owners, ensuring that controls are integrated and adhered to throughout the Global Technology organization, in line with regulatory, legal, and industry standards. By collaborating with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will help provide a comprehensive view of the technology risk posture and its impact on the business. Your advanced understanding of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively lead a diverse team in a dynamic and evolving risk environment. This position will focus on and offer personal growth in areas such as supply chain risk, software development lifecycle, and emerging technologies like blockchain and AI/ML. Job responsibilities Effectively identify, quantify, communicate, and manage technology risks, emphasizing root cause analysis and resolution recommendations. Build and sustain strong relationships, becoming a trusted partner with line of business technologists, assessment teams, and product owners to support cross-functional collaboration. Facilitate progress toward shared goals through robust partnerships and collaboration. Execute reporting and governance of controls, policies, issue management, and measurements. Provide senior management with insights into control effectiveness and risk posture to ensure proper prioritization. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 5+ years applied experience Experience in technology risk management, information security, or a related field. Expertise in risk identification, assessment, and mitigation. Familiarity with risk management frameworks and industry standards. Knowledge of financial industry regulatory requirements. Proficient in supply chain risk, software development lifecycle, and control evaluation. Ability to influence executive-level decision-making and translate technology insights into business strategies. Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred

Equity Derivatives Researcher Equity Derivatives Researcher Millennium s Global Risk Management Department is responsible for identifying, measuring, monitoring, managing, and reporting on the risks associated with Millennium equity derivatives portfolios. Our Risk Management organization is designed to accommodate the overall size, nature, and complexity of the firm s trading activities. We are looking to add an inquisitive minded Risk Modeler to join our team. You will have the opportunity to develop and maintain the quantitative frameworks used by our portfolio managers and senior management teams. You will be responsible for the risk framework which involves consistently evolving metrics, improved valuation methodologies and clear identification and resolution of issues associated with inadequate risk measurement. You will understand and monitor closely the strategies of PM s trading in equity derivatives and embed insights in quantitative frameworks. Your primary responsibilities will encompass: Development of Risk Measurement Techniques: Develop and maintain robust frameworks for risk measurements. You will create frameworks to deliver insights on PM strategies and risks through interacting with existing tools or building own framework Quantitative Framework Development: Assist in the creation and optimization of our quantitative framework, which includes collaborating with technology, risk, portfolio, and business managers. Tech Collaboration: Partner with the Technology department to streamline the transition of quantitative models into production environments. The priority is to ensure accuracy and efficiency in day-to-day workflows. Research Model Development: Lead research into and implementation of various quantitative models Qualifications/Skills Required: The candidate should have a degree in a quantitative major: statistics, mathematics, engineering, and either professional experience of 1-4 years in a quantitative role in a financial organization, or an advanced degree in a quantitative field preferred. A good understanding of derivatives and valuation is a plus, and basic familiarity is generally expected. Prior experience with managing and deploying valuation models is a great add. Strong programming skills, prior experience with Python (Polars and/or Pandas) or SQL. Proficiency in at least a compiled and statically typed language is a plus; so is demonstrated programming ability on public repositories e.g., GitHub. Sense of responsibility and integrity. Intellectual curiosity and spirit of initiative. Ability to work independently and effectively manage ambiguity.

3+ yrs exp in Technology Risk Assessment. Responsible for conducting risk assessments to identify potential threats to the organization. Develop & implement risk management strategies. Candidates can share updated CV at melissa@rightmatch.co.in

Requisition Id : 1586815 As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we dont just focus on who you are now, but who you can become. We believe that it s your career and It s yours to build which means potential here is limitless and well provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. The opportunity : Manager-TMT-Assurance-ASU - TR - Technology Risk - Bangalore TMT : Industry convergence offers TMT (Technology, Media Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth. We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of MA strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future - building a better working world for all. ASU - TR - Technology Risk : Assurance s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by: 1) Ensuring their accounts comply with the requisite audit standards 2) Providing a robust and clear perspective to audit committees and 3) Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting implementation support etc. Your key responsibilities Technical Excellence 1. IT SOX - SOX 404 Testing 2. IT General Controls - Evaluation of IT Risk and Control Matrices, Logical Access, Change Management, Backups and Recovery, Batch Jobs, Interfaces, APIs, DevOps CI-CD Pipelines 3. IT Application Controls Testing 4. Information Produced by Entity (IPE) Testing 5. Evaluation of SOC 1 and SOC 2 Audit Reports Skills and attributes To qualify for the role you must have Qualification 1. Should have handled IT audit assignments earlier 2. Must have strong knowledge of IT audit concepts 3. Good presentation skills and ability to respond promptly 4. Ability to prioritize work on multiple assignments manage ambiguity 5. Should be a team player with a proactive result oriented approach Experience More than 5-7 yrs experience in IT audits What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach. What we offer With more than 200,000 clients, 300,000 people globally and 33,000 people in India, EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. EY is equally committed to being an inclusive employer and we strive to achieve the right balance for our people - enabling us to deliver excellent client service whilst allowing our people to build their career as well as focus on their wellbeing. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.

Your key responsibilities ITGC Skills and attributes To qualify for the role you must have Qualification BTech Experience 1+ People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach.

As a part of RSM's growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Qualification and Minimum Entry Requirements Chartered Accountant with relevant 3 to 5 years' experience in SSAE 18, SOC reports, IT General Controls and IT Application Controls. Candidate should have basic to intermediate knowledge of financials, operations and technology and its related risks Candidate should have basic knowledge for SOC 1, SOC 2, IT General Controls, and IT Application Controls Qualified to pursue a job-relevant certification (CIA, CISA) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the industry leading frameworks and methodologies for Sarbanes-Oxley, COSO, COBIT Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control's design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB's and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements.

Regulatory Compliance, Risk Management JD Experience, Background, Qualifications and CertificationsCandidate will have minimum of 5 years of experience in Risk, Compliance, Assurance and Regulatory areas. Preferred candidate with professional consulting experience in risk management ideally with a Big4 or similar large consulting firm. Good understanding of Technology Risk and Compliance frameworks is preferred. Good communication and presentation skills with a proven track record in stakeholder engagement and influencing skills. Ability to plan and prioritise to manage multiple work streams/tasks simultaneously. Candidates with certifications like CISA, CRISC, and PRINCE2/Agile will be preferred.Technology Governance, Risk and Compliance SpecialistOverviewAs a Risk Specialist, you will play a key role in providing outcome-focused risks and controls assessments that influences Technology risks oversight over projects and portfolios.The Risk Specialist would alsoEnsure strategic objectives are implemented, risks managed, and benefits realised. Advise the projects and programs on how to identify, monitor, measure and manage existing and emerging risks. Provide independent oversight and challenge the effectiveness of risks and controls during pre and post implementation of projects.Key capabilities and skillsRisks and Controls Management within technology space Technology Insight (Infrastructure, Data, Cloud and Service Management) Project Lifecycle Management Stakeholder engagementAdditional skills that would be beneficialData Analytics and Reporting tools Technology audit and assurance Coaching and leadership

Description GRC Access Control Should have hands on experience on Implementation and configuration of GRC 10.1/12 with at least one end to end project experience. Configured to integrate SAP Enterprise Portal with GRC 12 Implemented/support GRC AC, Configured GRC AC Access Risk Analysis (ARA) and Emergency Access Management (EAM) components. Successfully implemented various MSMP workflows for escalation paths, worked on mitigation control workflow setup and assignment Configured MSMP workflows for addressing various user request types in Access Request Management Worked on various BRF+ rules building and modifications. Thoroughly handled master data Complete connector setup Post and pre upgrade activities and testing and modifications of workflow errors. Debug analyze and fix FF logs issues Ruleset updates, creation, modification, include custom rules. Strong profiles in Security Authorization Good understanding of Authorizations in the areas of SAP ECC and understanding about Authorizations related to SAP GRC AC. Understanding of Standard SAP Business Processes Evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Knowledge of compliance standards and verticals will be an added advantage Experience with SAP GRC access controls (Risk analysis and remediation, super user privilege management, compliant user provisioning, enterprise role management) and/or Process Controls and authorization insights. Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility No Global Role Family To be defined Local Role Name To be defined Local Skills SAP Governance Risk and Compliance Languages RequiredENGLISH Role Rarity Niche

Understanding of the Hydrogen value chain and market; identifying and understanding key technology, cost, demand and production trends domestically and globally; business planning, development of business roadmap, customer profiling, customer requirements, interactions with potential customers; attending various conferences, webinars, talking to various people in Hydrogen sector; etc. Major Accoutabilities To track latest industry developments in New Energies sector To gather information from news articles, research papers, analyst reports; synthesize and present this information in a cohesive way To attend various webinars, conferences and share key learnings To skim through literature and undertake secondary research to better understand technology, risk and other project related aspects To derive key insights/findings from various ongoing work streams and present the essence of the matter in a short and cohesive way To think through and present key takeaways on various business strategy activities To collate, synthesize and circulate newsletters on new energies industry developments To monitor raw material and finished goods prices on a timely basis

Experience : 2 to 5 years of experience in information security, IT auditing & IT / Third Party risk management processes. Job responsibilities: Review and establish secure processes and systems at Third Partys end Conduct Third Party risk assessments from information security perspective using ISO27001 or COBIT framework to meet the organization standards. Classification of Third Parties from information security risk perspective Preparation of risk-based questionnaires and reports Undertake extensive Third Party evaluations from an information security perspective and then make active recommendations to the business / Third Party to mitigate the risks and provide risk-based clauses for the agreements with the Third Party. Preferred certifications : ISO27001 LA / CISSP / CISA / CTPRA / CTPRA Competencies / Abilities: Excellent written & verbal communication & presentation skills Independent & self-starter Knowledge in multiple information security technologies and their strengths and shortcomings Exposure to Third Party Risk questionnaires and tools such as Standard Information Gathering (SIG) Proven experience with securing information for various technical solutions Knowledge of IT risk management, common assessment control techniques Knowledge of analytic techniques and methods / Excel Understand security controls from a people, process, and technology perspective. Experience in system security, network security, and information security, covering areas of ISMS Management / COBIT, Technology risk and compliance, BCP & DR planning, Implementation and compliance, IT and IS audits, BCP audits, Security operations assessment, and Cloud security. Ability to interact and work with various senior stakeholders. Manage congruent relationships among different teams. PCI DSS, PA DSS, ISO27001 & COBIT experience. Strong ability to devise, drive, and implement standard processes and best practices (both from security and risk perspective) for all the suppliers Primary Keywords: Third Party Risk Management IT Risk Management Information Security IT Audit ISO 27001 COBIT Framework Vendor Risk Assessment Technical & Compliance Keywords : ISMS PCI DSS, PA DSS BCP & DR Cloud Security Security Operations IT & IS Audits Tools & Certifications: SIG (Standard Information Gathering) CISA, CISSP, ISO 27001 LA, CTPRA Work Experience Required : - Third party risk / Risk management Job Location : - Chennai (only Current location - Chennai candidates highly preferred Qualification : - Any degree relevant

Vice President - Resiliency Risk Management, Technology Risk Management II At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world s financial system we touch nearly 20% of the world s investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere. We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about. We re seeking a future team member for the role of Vice President- Technology Risk Management II to join our Resiliency Risk Management team. This role is located in Pune- MH- Hybrid. In this role, you ll make an impact in the following ways: Evaluate the design of controls owned by 1LOD business and technology operations functions to identify control gaps, review, and disposition these gaps, and track actions to resolution. Evaluate the effectiveness of record keeping and implementation of business continuity plans. Partner with the 1LOD and assess their compliance with enterprise level resiliency policies. Support execution of control assessment processes to validate the effectiveness of defined resiliency controls to determine performance improvement enhancements. Participate in resiliency risk management industry forums to identify industry trends. Support assessments of regulatory changes impacting areas of resiliency risk and control A. Perform assessment, monitoring and reporting resiliency risks inherent to business activities. Evaluate enforcement of relevant risk policies. Apply understanding of business function interdependencies to anticipate resiliency risks inherent to assigned areas. To be successful in this role, we re seeking the following: The candidate must have a minimum of 8 to 10 years experience in risk management, and control design and implementation, experience in resilience risk management is a plus. The candidate must have strong communication skills and demonstrate a record of accomplishment and excellence in delivery. Strong relationship management skills and ability to partner with a large array of constituents; ability to manage and influence change are required. Bachelor s degree or the equivalent combination of education and experience is required. Appetite for learning is also a must to function in a changing resiliency risk landscape. Prior work experience supporting a large, regulated institution, preferably financial services, would be a plus. At BNY, our culture speaks for itself. Here s a few of our awards: America s Most Innovative Companies, Fortune, 2024 World s Most Admired Companies, Fortune 2024 Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024 Best Places to Work for Disability Inclusion , Disability: IN - 100% score, 2023-2024 Most Just Companies , Just Capital and CNBC, 2024 Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024 Bloomberg s Gender Equality Index (GEI), 2023 Our Benefits and Rewards: BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

Role Description The first line Tech Risk function for business divisions (Corporate Bank (CB), Investment Bank (IB) and Operations (Ops) at Deutsche Bank sits within the Divisional Control Office (DCO) embedded in the Business. CB and IB front-to-back have the largest footprint within the banking divisions, and you will be part of a dynamic team, consistently in demand for providing insights and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business. You will join the Banks journey and contribute towards our strategic goal of managing risk within appetite whilst enabling adoption of emerging and new technologies for business growth. You will report directly to the Head of Technology Risk for CB and IB, oversee initiatives in India and deputize at management forums as necessary. Your key responsibilities Manage a team of 35+ members across all people related subjects including hiring, identifying, and developing talent across fungible team, staff retention, cross training, cultivating change and risk conscious mindset. Drive understanding and representation of IT& IS risks with business line heads across CB and IB front-to-back divisions and work closely with Head of Tech Risk Governance to successful implement initiatives in India Manage global stakeholders and prioritization of delivery of DCO BOW from the teams located in Mumbai, Pune and Bangalore Lead innovation, efficiency initiatives & automation through use of Data Analytics or AI models to enhance maturity in Technology risk management and empower decision making. Be a strategic partner with Senior Leadership including DCO and business aligned CIO divisions to drive the control-based risk exposure and management discussions Ensure management transparency by way of timely reporting and represent the IT/IS risk types, and remediation plans against appetite at the various divisional Non-financial Risk Council forums Manage all aspects of Front Office Technology risk, working closely with Risk leads in the Technology divisions including tracking of Self-Identified Issues, Audit Findings Work closely with peers leading other pillars in the team (such as Divisional Chief Information Security Office) to establish an effective risk management 1st line function in the Business Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards and risk appetite framework Promote and support proactive IT risk culture at the Bank. Your skills and experience Previous experience in similar Technology risk roles in a front office IB/ CB division or IT audit (internal/external) in a cross-cultural and diverse operating environment with knowledge of business products In-depth knowledge of industry-wide risk landscape and global regulatory expectations, and leading engagement prep Strong understanding of Industry best practices in Technology Risk Frameworks such as National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT) and fundamentals of Artificial Intelligence/ Machine Learning (AI/ML) and Cloud based services Excellent communication, presentation and collaboration skills, with result-oriented mindset.