81 Technology Risk Jobs - Page 3

Position Purpose RISK Operational Risk Management (RISK ORM) CIB belongs to the second line of defence of BNP Paribas Corporate and Institutional Bank (CIB). It belongs to the Risk Function (RISK) of BNP Paribas and is placed under the responsibility of the Head of RISK ORM CIB, who reports to the CRO of CIB. The department has responsibility for independently challenging and supervising the Operational Risk management of CIB activities (Global Banking, Global Markets, Securities Services, Information Technology (IT), Operations and Functions) on a worldwide scope. In the territories that CIB operates, there is responsibility to cover the Assets Liability Management and Treasury (ALM-T) operations too. This is achieved through: framing operational risk methodology for CIB and disseminating of risk management culture across CIB; assessing the adequacy of the CIB operational risk management set-up; controlling effectiveness of CIB control environment; contributing to the detection, anticipation and response to risks; alerting CIB and RISK stakeholders on any significant risk issue; providing a consolidated view on CIB operational risks profile. As the second line of defence for technology & transversal risks (Information and Communications Technology (ICT), anti-fraud, third party and operational resilience), RISK ORM has the responsibility for oversight and supervision on those risks for CIB, ensuring and opining that appropriate risk management efforts are underway and raise any alerts in case of issues to the stability of the Bank and influencing business, functions and technology partners to take sound risk management decisions. Key Responsibilities Purpose : To provide independent and control function opinion on DORA implementation at CIB level Scope : CIB activities worldwide, covering all business lines and all geographies Corporate and Institutional Banking ( CIB ) businesses are fast paced, dynamic, growing and complex. RISK ORM CIB oversees, evaluates and supervises the wider operational risks of all its business lines. The main responsibility of the role is to participate, oversee and check and challenge the programme of CIB to be compliant with DORA regulation. The candidate will work closely with the first level of defence in charge of the DORA programme and ensure the programme actions and roadmap, adequately covers DORA requirements in a sustainable and risk-controlled manner. COORDINATION with business lines ORO for DORA requirements. with reporting on DORA updates from the CIB programme to wider RISK ORM CIB and OROss with Coordination with Group RISK ORM and IT teams on any updates and instructions on DORA requirements fulfilment with RISK ORM CIB T&TR practices and OROs (i.e., TPRM, Operational Resilience, ICT) FIELD WORK Working on HIs that are in scope of DORA and ensuring these are raised and challenged adequately Working with CIB Regulatory affairs team to ensure that all supervisory requests are answered and proactive monitoring of upcoming requests by interacting with peers and other banks. DORA TPRM aspects and coordination with TPRM OROs across CIB REPORTING to the wider RISK ORM CIB community to the business lines ORO for their respective scope to RISK ORM CIB management As part of the role, the candidate will as well coordinate the RISK ORM CIB community worldwide on the DORA aspects, especially in EMEA region and be the SPOC for any DORA related matters. CONDUCT Be a role model, supporting and fostering a culture of good conduct including respect for others. Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks. Considerate of the implications of actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure, Listens and responds to feedback. Gives feedback to others. Specific Qualifications Required EXPERIENCE The successful candidate will have a proven track record in managing risks and technology in a large/global organization, with robust knowledge of technology, risks and controls, third party technology risk management. Prior experience to ICT/Business Continuity/Operational Resilience Risk Management and exposure to financial services industry is a requirement Knowledge of DORA regulation 10 years or more of suitable professional experience QUALIFICATIONS Bachelors degree in business or risk management, Information Technology, Information Security (or equivalent professional qualification). Excellent written and verbal communication skills (ENGLISH) is an absolute requirement due to the need to foster strong relationships with a broad base of stakeholders across the Bank (beyond the market activities perimeter) and to present often at senior level of the bank. FRENCH language is a plus. Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate. Team player, contributes to the success of the whole T&TR team, as well as being able to be autonomous Ability to communicate, co-operate and work well with other teams The position requires a strong analytical background across the main categories of risk and the ability to synthesize large amounts of diverse information at any one time. A strong delivery focus is required as strict deadlines are to be respected and limited time is available to roll out the program.

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. About The Team/Project The Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will support security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the analysts will enable security controls aligning with client contractual obligations, regulatory requirements, and industry best practices. The analyst will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges What You’ll Do The position is within the Information Security team. Main activities will include but are not limited to: Internal Audit & Assurance: Support the implementation and operations of the ISMS within the region. Support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Support continuous assessment and improvement of security controls and processes. Information Security Risk Management Support, identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Support the delivery of security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Support the assessment and management of security risks associated with third-party vendors and suppliers. Support security requirements are included in vendor contracts and SLAs. Enable regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). • 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. • Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. • Experience in security risk management, audits, compliance, and client security assurance. • Knowledge of security operations, incident response, and managed security services. • Familiarity with supply chain security and third-party risk management. • Good communication and stakeholder management skills, with experience working with clients on security matters. • Ideally security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme. Flexible working hours, we value work-life balance. Maternity/ Parental (including secondary) leave policy. Cab facility available in Delhi/NCR. Meal facility available Free Medical Insurance So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. Position Overview The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. The position is within the Information Security team. Main activities will include but are not limited to: Responsibility Internal Audit & Assurance: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Information Security Risk Management Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so. Qualifications and Experience Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme 2 paid volunteering days and a range of community-based initiatives to get involved in Parental (including secondary) leave policy Free meals and transport So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Our client is leading Global IT Service and Consulting Organization Location : Pune NP: Immediate to 45 days Skill: Security Audits Role description: The role involves managing technology risks, driving compliance conversations with clients and regulators, and overseeing internal and external audits. Excellent communication skills are essential, as this person will need to constantly interface with clients and auditors. Additionally, the individual should have experience managing a team.

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

We re seeking a future team member for the role of Vice President to join our Information Security team. This role is located in Pune, Maharashtra -HYBRID BNYM is seeking an initiative-taking professional to join its Cyber Security Third Party Governance (CTPG) team. The successful candidate will work in a technically diverse and dynamic environment with a team of Cyber Security professionals responsible for the assessment, analysis and governance of cyber security for third party vendors. The successful candidate will have deep technical and assessment skills to identify vendor cyber vulnerabilities that puts the BNYM at risk. The individual works closely with the Cyber TPG Security Leader, Business Sourcing Leads (BSL), enterprise sourcing, technology risk management, engagement managers, business teams and vendors on identified cyber risks in vendor environments. This requires both good oral and written communications skills and the ability to negotiate. Must be able to keep sensitive information confidential and know how to use appropriately. In this role, you ll make an impact in the following ways: Assess the cyber security risk of third party vendors with an appropriate level of detail Travel to vendor locations for on-site assessments Interface with enterprise sourcing, technology risk management, business teams and engagement management on vendor cyber security issues identified Review and challenge vendor evidence for issue closure Assist in the design and implementation Cyber TPG related processes and tools Define and create relevant metrics, presentations and reports Review the cyber related attestations by third parties such as SOC2 and ISO 27001 and report any observations for further review and tracking Review vendor risk reports created by internal and external entities for impacts to cyber security Keep up to date on the latest trends, methodologies and tools related to third party Interface with industry coalitions working on third party cybersecurity issues To be successful in this role, we re seeking the following: Bachelors degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or CISM a plus 17+ years of experience in cyber security related activities required Firsthand experience in performing control-level technical cyber risk assessments In-depth technical knowledge in 1-2 cyber domains Experience in the securities or financial services industry is a plus Experience in third party governance and related tools is strongly desired but not required Ability to manage multiple projects and priorities Familiarity with various global regulations and industry standards concerning cyber security Strong verbal and written communication skills

You are a strategic thinker passionate about driving solutions in Sales, Research & Data Services Ops . You have found the right team. As VP of the SRDS Ops iMaintain team, you will lead efforts to manage regulatory-critical processes across various business areas, oversee transformation projects, and streamline operations using new technology. Based in Mumbai, you will develop metrics frameworks, identify business opportunities, and collaborate with stakeholders like Product Management, Operations, Technology, Risk & Control, and Finance to implement industry best practices for change and transformation, driving innovation and efficiency in regulatory processes. The primary responsibility of this position is to manage the iMaintain team in Mumbai, overseeing transformation projects and streamlining processes with new technology to contribute to the broader DCS vision. The candidate will maintain a strong control environment, define a future state vision for the functional area, and lead program execution from an operations perspective by building strategic platforms and decommissioning legacy systems. They will identify new business opportunities and synergies with other areas like Markets Operation, Research, and Sales, while managing people through training, upskilling, and hiring based on future needs. Collaboration with stakeholders such as Product Management, Operations, Technology, Risk & Control, and Finance is essential, leveraging industry best practices for change and transformation. Job responsibilities Maintain a strong control environment within the regulatory-critical iMaintain team. Define and implement a future state vision for the functional area with the BAU Operations team. Lead program and project execution, focusing on strategic platform development and legacy system decommissioning. Identify and pursue new business opportunities and synergies with Markets Operation, Research, and Sales. Manage people through training, upskilling, and hiring diverse skill sets for future team needs. Collaborate with stakeholders, leveraging industry best practices for change and transformation. Ensure a stable operational environment with robust controls, checks, and balances. Leverage new technology or tools to enhance processes, track metrics, and improve controls. Govern by providing updates to senior stakeholders and ensuring compliance with laws and regulations. Engage in each stage of the Project Delivery Framework (PDF) from requirements to implementation. Focus on the people agenda, including coaching, training, talent management, and recognition. Required qualifications, capabilities and skills Minimum 10+yrs experience with strong experience of 4-5 years on Tech Change programs, Process Improvements, Operating Model improvements Excellent problem-solving skills in order to identify, understand and address operational and technical issues. Proactive in displaying these skills and developing solutions. Strong knowledge of technology solutions available in the market for Operations business Must have Microsoft Office skills Excel, Word, Access and PowerPoint Influencing and negotiation skills - leverage subject matter expertise in driving conversations, challenging status quo and influence decisions/direction with stakeholders Ability to operate in a fast-paced environment under high pressure with time critical deliveries; multi-tasking, prioritizing and able to adjust to changing priorities Strong partnership record - ability to build effective relationships across different parts of the organization as required Should have a collaborative work style; fostering co-operation and teamwork. Ability to develop relationships across various stakeholders including senior business executives Control mindset to identify process control gaps, prioritize and mitigate operational risk Effective change management and transformation experience. Ability to challenge current state and mind set, adapt to a changing environment Good understanding of downstream impact of actions undertaken, particularly the requirement for strong and timely controls throughout the life cycle of the trade

Work Location:- Bangalore / Hyderabad / Pune / Gurgaon Experience:- 4 - 10 yrs Leavel- AM/Manager JD Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred

Dear Candidate, We are hiring an IT Risk Analyst to identify, assess, and mitigate risks to the organization's information systems and data. This role supports compliance initiatives and strengthens the IT risk management framework. Key Responsibilities: Conduct IT risk assessments, gap analysis, and control evaluations. Develop mitigation strategies for identified security and compliance risks. Monitor regulatory changes and ensure adherence to frameworks (e.g., NIST, ISO 27001). Prepare risk reports, scorecards, and presentations for stakeholders. Collaborate with audit, security, and IT teams on risk response plans. Required Skills & Qualifications: Experience in IT risk, governance, or audit. Familiarity with frameworks like NIST, COBIT, ISO 27001, and SOX. Analytical skills to evaluate threats, vulnerabilities, and control gaps. Excellent documentation and stakeholder communication abilities. Certifications such as CRISC, CISA, or CISSP are a plus. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Consultant Specialist. In this role, you will: Identify opportunities and deliver consistent and interconnected risk and control environment reporting and governance Protect the bank via proactive regulatory risk reduction actions. Drive consistent regulatory reporting across regions, businesses, and global functions. Collaborate closely with global functions, businesses, and regional stakeholders to integrate risk and control insights into strategic technology planning and decision-making processes. Assist CTO RC Control teams to enhance technology control frameworks, ensuring they are inclusive and adaptable aligned with industry regulations and standards. Provide advice, guidance, and assessment of application of policies, control standards, and procedures. Advocate the desired behavioural changes across the CTO Enablement community required to mature the understanding and management of technology risk controls. Requirements To be successful in this role, you should meet the following requirements: Excellent understanding of HSBC Technology Controls, especially Cybersecurity Controls. Strong communication skills to be able influence and challenge stakeholders Analytical and problem-solving skills, with the ability to navigate technology landscapes. Excellent understanding of key reporting metrics. .

* Job Position Title: Senior Associate TRAS Location: Bangalore * Responsibilities : Roles & Responsibilities : The tasks, roles and responsibilities concerned with the job will include the following: • Apply current knowledge of IT trends and systems to identify security and risk management issues, and other opportunities for improvement. • Assist in the planning and execution of business process control reviews, information systems audits, and other Assurance offerings across a variety of industries. • A good understanding of clients Business Risks, Audit Risks, IT Risks and the mitigating controls in addressing these risks • Gain strong comprehension of client operations, processes, and business objectives and utilize that knowledge on engagements. • Evaluate and test business processes and controls and identify areas of risks. • Perform general computer and application controls reviews including ERPs like SAP, Oracle Application, JD Edwards, MFG Pro, etc. • Comply with requirements of ICAI Auditing Standards like AAS 29 • Data Analysis using CAATs tool like Excel, ACL, SQL etc *Mandatory skill sets Between 3 to 9 years in various aspects of IT audit, IT risk management function or General IT administration/management in IT risk consulting. Essential Skills: • Strong analytical ability • A thorough understanding of business process, accounts, emerging IT Trends • Ability to manage the field work and ability to work with cross functional team • Strong communication & writing skills • A good understanding of Internal Control Process • A good understanding of Sarbanes Oaxely requirements • A good understanding of COBIT, BS 7799 Responsibility Framework

Key Responsibilities Areas will be as follows - Control Audits goal/purpose is to Identify security controls gaps, remediate and drive compliance for all accounts/programs across Sutherland. ALL deviations MUST be remediated or have an APPROVED Exception Request. ALL non-compliance findings will be worked with peers across InfoSec Risk and Compliance and create a remediation plan by working with respective stakeholders. Results are tracked, trended and reported. Meetings are hosted with Senior InfoSec Leadership: results reviewed, gaps address, risks identified, remediation progress confirmed Audits are performed internally and via a 3rd party audit team that this leader oversees in tandem with Regional Risk and Compliance. Risk Assessments to be conducted and implemented as per various Complaince requirements to protects and prevents the misuse of Sensitive Customer Information (SCI) handled in client programs, in order to: Proactively identify risks and vulnerabilities Address potential data leakage areas Assess Sutherland s implementation of standards Identify Sensitive Customer Information (SCIN) belonging to clients. Remediates by tightening or establishing controls. Implements security best practices that minimize the risk & avoid incident / data breaches. 2. In addition to the above, the candidate will be asked to look beyond the task at hand and to question how can we do this better, how can we automate and improve upon business as usual, challenge the status quo so that we work smarter (not harder) 3. Demonstrate control effectiveness to the Infosec Leadership Core Infosec exp 4 yrs or IT domain exp of 5 yrs above Infosec certifications will be added advantage IT certification can also add value

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. What you'll do Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains – Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What you'll bring: Bachelor’s degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT – Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 – Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX – Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR – General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Bachelor s degree in information technology, Computer Science, Risk Management, or a related field; advanced degree or professional certification (e.g., CISA, CISSP, CRISC) Mandatory. Minimum of 10 years of experience in technology risk management, cybersecurity, or information security roles. Proven expertise in conducting technology risk assessments, developing risk management frameworks, and implementing controls and mitigation strategies. In-depth knowledge of regulatory requirements, industry standards, and best practices related to technology risk management and information security (e.g.,FAIR, NIST Cybersecurity Framework, ISO 31000, OCTAVE & TARA). Strong analytical, problem-solving, and decision-making skills with the ability to evaluate complex issues and develop practical solutions. Excellent communication and interpersonal skills with the ability to effectively engage and influence stakeholders at all levels of the organization. Demonstrated leadership abilities with a track record of driving results, managing projects, and leading cross-functional teams in a fast-paced, dynamic environment. Basic Requirements Effective verbal and non-verbal communication skills at all levels of the organization Leadership teamwork and collaboration Discretion Problem solving Critical Thinking Self-initiated/sufficient Motivated

About Us At ANZ, were shaping a world where people and communities thrive, driven by a common goal: to improve the financial wellbeing and sustainability of our millions of customers. About the Role As a Privacy Governance Manager in our Data and Technology Risk team, you ll play a key role in the ANZ Privacy Office to ensure ANZ s compliance with Privacy and Data Protection laws across the bank globally. The role will provide Subject Matter Expertise on Privacy and Data Protection obligations across the bank to support the operational governance oversight. This role will also assist business units across the bank to understand privacy risks by identifying and implementing appropriate control measures. Banking is changing and we re changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you ll be building your future, while helping to build ours. Role Location: Bengaluru Role Type: Permanent, Fulltime What will your day look like Monitoring and ensuring compliance with Privacy and Data Protection laws across various jurisdictions. Identifying, assessing, and mitigating privacy risks through reviews and assessments. Collaborating with ANZ stakeholders and business units to align privacy practices with organizational goals. Overseeing data mapping initiatives and maintaining records of processing activities (RoPA). Managing, evaluating and reporting third-party vendors attestation outcomes and identifying risks or concerns related to Privacy or Data Protection. Reviewing and updating new obligations in NFR Hub. Tracking and reporting privacy KPIs and metrics for the ANZ Privacy Office. What will you bring Minimum of 8 to 10+ years experience in Privacy or a related field, preferably with a bachelors degree in law. Recognised Privacy and Data Protection qualification (e.g., IAPP - CIPM, CIPT, CIPP/E). Comprehensive knowledge of global Privacy and Data Protection legislation (including AU Privacy Act, GDPR, PDPA). Thorough understanding of privacy management practices and the ability to identify privacy risks and manage interactions across business operations. Proficient writing, organisational and problem-solving skills. Effective communication and interpersonal skills for collaborative work with stakeholders and employees at all levels. You re not expected to have 100% of these skills. At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we d love to hear from you. Job Posting End Date 13th June 2025, 11.59pm, (Melbourne Australia)

A Day in the Life Responsibilities may include the following and other duties may be assigned. Provides project management and sourcing expertise to cross-functional, cross-divisional commodity teams. Facilitates these teams in the development and execution of long-term strategies that will optimize Medtronics position in terms of quality, cycle/response time, technology, risk, and total cost. Mitigates risk, leverages technology and purchase power, improves processes and systems, and reduces overall cost of ownership and acquisition. Negotiates, establishes and monitors supplier agreements. SPECIALIST CAREER STREAM: Typically an individual contributor with responsibility in a professional discipline or specialty. Delivers and/or manages projects assigned and works with other stakeholders to achieve desired results. May act as a mentor to colleagues or may direct the work of other lower level professionals. The majority of time is spent delivering and overseeing the projects - from design to implementation - while and adhering to policies, using specialized knowledge and skills normally acquired through advanced education. DIFFERENTIATING FACTORS Autonomy: Recognized expert, managing large projects or processes . Exercises considerable latitude in determining deliverables of assignments, with limited oversight from manager . Coaches, reviews and delegates work to lower level specialists. Organizational Impact: Contributes to defining the direction for new products, processes, standards, or operational plans based on business strategy with a significant impact on work group results . May manage large projects or processes that span outside of immediate job area. Innovation and Complexity: Problems and issues faced are difficult, moderately complex and undefined, and require detailed information gathering, analysis and investigation . Develops solutions to moderately complex problems, and/or makes moderate to significant improvements of processes, systems or products independently to enhance performance of job area. Implements solutions to problems. Communication and Influence: Represents organization as a primary contact for specific projects and initiatives; communicates with internal and external customers and vendors at various levels . May negotiate with others to reach understanding or agreement, and influence decision-making. Leadership and Talent Management: Typically provides guidance, coaching and training to other employees within job area. Typically manages major / moderately complex projects, involving delegation of work and review of work products, at times acting as a team leader. Required Knowledge and Experience: Requires mastery of a specialty area and full knowledge of industry practices, typically obtained through advanced education combined with experience. May have broad knowledge of project management. Requires a Baccalaureate degree (or for degrees earned outside of the United States, a degree which satisfies the requirements of 8 C.F.R. 214.2(h)( 4)(iii)(A) and minimum 7 years of relevant experience, or advanced degree with a minimum of 5 years of relevant experience. Benefits Compensation About Medtronic We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people. We are engineers at heart putting ambitious ideas to work to generate real solutions for real people. From the RD lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here

Dear Candidate, We are hiring an IT Compliance Analyst to ensure adherence to regulatory standards and internal security policies. Perfect for detail-oriented professionals with a risk and governance mindset. Key Responsibilities: Monitor IT processes for compliance with SOX, GDPR, HIPAA, etc. Conduct audits, risk assessments, and gap analyses Collaborate with security, legal, and IT teams Maintain documentation and support policy enforcement Required Skills & Qualifications: Knowledge of IT compliance frameworks (ISO 27001, NIST, COBIT) Experience with audit processes and risk management Strong communication and analytical skills Bonus: Certification (CISA, CRISC, or similar) Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firms robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity & Tech controls team , you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firms standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards. Job responsibilities Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Support implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firms risk posture Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Required qualifications, capabilities, and skills Formal training or certification on Tech Risk & Control concepts and 3+ years applied experience Experience in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders Proficient knowledge of risk management frameworks, regulations, and industry best practices Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, or other industry-recognized risk certifications

Visa is looking for a candidate to join its Cybersecurity 3rd Party Technology Risk Management (3PTRM) team as an Associate Cybersecurity Analyst, which works with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet Visa security requirements and mitigate any risks that are associated with engagement of third parties. The Analyst will work closely with Supplier Relationship Owners (SROs) and other Cybersecurity teams such as penetration testers, security architects, etc to assess and monitor third parties that do business with Visa. The role requires the candidate to have strong analytical, communication, and organizational skills, as we'll as a solid understanding of cybersecurity concepts and best practices. Essential Functions: Perform risk/security assessments of Suppliers and Third-Party relationships to identify, validate and remediate risks Cybersecurity Risks. This may include performing interviews, document design assessments and walkthroughs of cybersecurity controls. Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements. Participate and conduct onsite assessments of Third Parties against Visa s security framework and industry security standards. Support risk/security assessments for special projects involving Third Parties. Support PCI-related activities relevant to third parties to ensure compliance with PCI requirements. Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations. Proactively follow-up with Suppliers to ensure prompt remedial actions for assessment findings. Basic Qualifications: Bachelors degree, OR 3+ years of relevant work experience Preferred Qualifications: 2 or more years of work experience. Bachelor s degree in Computer Science, Information Systems, Engineering, or related field, or equivalent work experience. Minimum of 1 years of experience in cybersecurity, IT audit, or IT risk management. Experience in cybersecurity, IT audit, risk management, compliance, or related fields. Knowledge of cybersecurity frameworks and standards such as NIST, ISO, PCI, etc. Strong written and verbal communication skills, and ability to communicate effectively with technical and non-technical audiences. Ability to work independently and collaboratively in a fast-paced environment. Certifications such as CISSP, CISA, CISM, CRISC, or equivalent are preferred.

Risk Analyst (Equity Derivatives) Equity Derivatives Researcher Millennium s Global Risk Management Department is responsible for identifying, measuring, monitoring, managing, and reporting on the risks associated with Millennium equity derivatives portfolios. Our Risk Management organization is designed to accommodate the overall size, nature, and complexity of the firm s trading activities. We are looking to add an inquisitive minded Risk Modeler to join our team. You will have the opportunity to develop and maintain the quantitative frameworks used by our portfolio managers and senior management teams. You will be responsible for the risk framework which involves consistently evolving metrics, improved valuation methodologies and clear identification and resolution of issues associated with inadequate risk measurement. You will understand and monitor closely the strategies of PM s trading in equity derivatives and embed insights in quantitative frameworks. Your primary responsibilities will encompass: Development of Risk Measurement Techniques: Develop and maintain robust frameworks for risk measurements. You will create frameworks to deliver insights on PM strategies and risks through interacting with existing tools or building own framework Quantitative Framework Development: Assist in the creation and optimization of our quantitative framework, which includes collaborating with technology, risk, portfolio, and business managers. Tech Collaboration: Partner with the Technology department to streamline the transition of quantitative models into production environments. The priority is to ensure accuracy and efficiency in day-to-day workflows. Research Model Development: Lead research into and implementation of various quantitative models. Qualifications/Skills Required: The candidate should have a degree in a quantitative major: statistics, mathematics, engineering, and either professional experience of 1-4 years in a quantitative role in a financial organization, or an advanced degree in a quantitative field preferred. A good understanding of derivatives and valuation is a plus, and basic familiarity is generally expected. Prior experience with managing and deploying valuation models is a great add. Strong programming skills, prior experience with Python (Polars and/or Pandas) or SQL. Proficiency in at least a compiled and statically typed language is a plus; so is demonstrated programming ability on public repositories e.g., GitHub. Sense of responsibility and integrity. Intellectual curiosity and spirit of initiative. Ability to work independently and effectively manage ambiguity.

Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

Our Purpose Title and Summary Director, Technology Risk Management Overview: The Payment Gateway Team is seeking a Principal, Technology Risk Management to lead and build our strategy for designing and implementing assurance requirements to meet customer and regulatory expectations regarding security and availability risk and controls via assurance products such as SOC 2. The individual will coordinate and advise management to ensure customer and regulatory obligations are considered for the Payment Gateway Service. The individual will be responsible for reviewing and analyzing strategic plans and identifying risk and controls required to meet Mastercard policies and standards and apply the design of relevant risk and control assessments that meet our assessment obligations. Key Responsibilities: Lead the development of strategy, objectives, and action plans for assurance obligations. Conduct multi-stakeholder meetings and participate in senior-level discussions. Engage with internal and external stakeholders, and customers Plan and manage multiple initiatives and projects. Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Recognize complexity within the program and propose simplified solutions. Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions. Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment. Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks. About You: Bachelors degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred. Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus. Strong knowledge of IT general computer controls and related operations. Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR). Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Strong negotiation and consensus-building skills. Previous experience in significant process improvements, with the ability to meet project deliverables. Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.

About The Role : Job TitleInformation Security Analyst, AS LocationMumbai, India Role Description CRO DCO Resilience team Manages and Governs various risk types for Chief Risk Office (CRO) including but not limited to Information Security, Data Protection, Records Management, Business Continuity, Vendor / Third Party Risk Management (TPRM) The Resilience team in India is a part of CRO's Divisional Control Office (DCO) responsible for Governance on various risk types Information Security Analyst will be responsible for ensuring governance on information security and other risk types for various CRO Functions Information Security Analyst will support CRO DCOs efforts to identify, analyse and report the non-financial risks of the CRO Function, thereby ensuring that Group and Functional standards are consistently applied. The candidate is required to demonstrate very good understanding of risk management activities, paired with strong stakeholder management and Microsoft office skills. The role will have full exposure to all areas within CRO and requires working closely with a variety of stakeholders. The role has considerable scope for professional development across the Risk Management domain What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities As the Information Security & Technology Analyst your responsibilities will include (but not be limited to): Assume ISO ownership for assigned Risk applications Ensure execution of Information Security risk assessments and compliance evaluation Ensure implementation of controls for identified Information Security and Technology risks for designated business applications and functions Ensure implementation and maintenance of Identity and Access Management processes, as well as execution of periodical recertification of User Access Rights Ensure annual validation of key application documentation, including KOP and User access matrix for each assigned application and activities Provide timely updates to the DBISO and/or Risk Chief BISO regarding afore mentioned tasks Ensure accuracy of application entries regarding Information Security in the Group inventory of applications (NAR) Engage and create a positive network across external teams like Technology, respective functions, Chief BISOs, Risk type managers etc. Treatment of escalation questions regarding problems as well as assessments of potential violations of regulatory or internal guidelines regarding Information Security Cooperation in improving existing processes and workflows as well as independent implementation of new processes Regular attendance at scheduled meetings and telephone conferences, e.g., presentations of work results to senior decision-makers/workgroups, processing of meetings and telephone conferences (preparation of agendas, if needed, keeping the minutes) Management of urgent activities at short notice Management of enquiries from auditors and regulators Your skills and experience Core understanding of non-financial risk. Good understanding of risk management activities and internal control frameworks. Strong analytical skills to interpret and analyse data. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with diverse stakeholders across the bank Very good Microsoft Office skills, particularly Excel and PowerPoint A sound knowledge of Information Security would be preferred along with Information Security Certifications / skills How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs