61 Tprm Jobs - Page 2

We are inviting applications for multiple opportunities in our ServiceNow Practice. Candidates will be required to attend an In-person/Face-to-Face round of interview at our Bangalore, Pune, Hyderabad and Chennai campuses on 19th April 2025. Please Note : This is not a Walk-In recruitment event. Only scheduled candidates with valid invite letter will be allowed to participate in the event. ServiceNow Developer/Consultant We are seeking skilled and experienced ServiceNow ITOM, HRSD and GRC professionals to join our team. The ideal candidate will have a strong background in ServiceNow platform development and configuration, with a specific focus on IT Operations Management (ITOM), Discovery, Configuration Management Database (CMDB) and Human Resource Service Delivery (HRSD) solutions. As a ServiceNow Consultant, you will collaborate with internal and customer stakeholders to design, develop, and implement ServiceNow applications to support ITOM, HRSD and GRC processes within our organization Location of posting: PAN India Experience: 3 to 6 years ServiceNow ITOM Collaborate with stakeholders to gather requirements and translate them into technical specifications for ServiceNow ITOM - Discovery solutions. Design, develop, and configure ServiceNow ITOM and CMDB modules, including Discovery, Service Mapping, and Configuration Management. Design and Develop Discovery Patterns and Schedules to Ensure successful Discovery of CIs through MID Server, Horizontal Discovery, Top Down Discovery, Patterns and probes for Discover Data Center, Network , SAP and Cloud CIS. Customize ServiceNow workflows, business rules, UI policies, and notifications to support ITOM and CMDB processes and automation. Configure and maintain the CMDB data model as per CSDM framework, ensuring accurate and up-to-date configuration item (CI) information. Integrate ServiceNow with other internal and external data sources. Provide ongoing support and maintenance for ServiceNow applications, troubleshooting issues and implementing necessary fixes or enhancements. ServiceNow HRSD Implement the Human Resources application in order to set up HR data Configure applications to work with the organisation's HR processes Strong experience with HR Service Management, Knowledge Management, Service Portal, Chat, Reporting, Integrations and HR Hub Demonstrated competence in the various HR functional areas, especially employee relations and change management Experience on Human Resources dashboards, reports, and other HR management modules to monitor and manage HR cases and employee satisfaction Design and develop new ServiceNow applications and services for HR Modules; including Case Management, HR Administration, Knowledge Base and Employee Service Centre Preferred Certifications: ServiceNow certifications such as Certified System Administrator (CSA) and Certified Implementation Specialist (CIS) in ITOM or CMDB are highly desirable Certified ServiceNow Administrator(CSA) and Certified Implementation Specialist(CIS) with ITSM/HRSD or ServiceNow Certified Application Developer (CAD) certification Experience with Agile development methodologies is a plus

Job Title: TPRM (Third Party Risk Management) Level: Associate Level of experience: 2-4 yrs About the Job: Introduction to PwC Service Delivery Center PricewaterhouseCoopers Service Delivery Centre (Kolkata) Private Limited is a joint venture in India among members of the PricewaterhouseCoopers Network that will leverage the scale and capabilities of its network. It is a member firm of PricewaterhouseCoopers International Limited and has its registered office in Kolkata, India The Delivery Center will provide a professional an opportunity to work in a dynamic environment where you will have the ability to develop process and quality-based skills Job Description: Activity Cybersecurity & Data Privacy Main purpose of the job and key background information Team members will assist territory engagement teams in performing vendor assessment and managed services in accordance with territorial reporting guidelines. Team members would be expected to perform activities that will include: - Preparation of vendor assessment reports which will include an analysis of the business profiling questionnaire and due diligence questionnaire of the vendor, review supporting documentation, performing research on the operations and other relevant information about the vendor/supplier. - Assessment of compliance of vendors against set standards/controls, SOC and PCI reports etc. - Communicate with the clients and vendors and get clarification - Assist in the administrative requirements of the team Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement. Team members would be required to handle multiple tasks at the same time. Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary. Key personal attributes Consulting experience Minimum Degree(s): Bachelors/masters in information security Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX Other relevant qualification/certification Knowledge Required: Strong knowledge of information security concepts, risk and controls concepts Sound knowledge on IT controls (especially IT risks) Sound knowledge of Internal Controls and Compliance Good knowledge on Privacy, Governance and reporting Skills Required: Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.), Candidates should have strong verbal and written communication skills Knowledge / experience in fields of Vendor Risk Assessments, Internal Audit, External Audit / Statutory Audit projects Candidates should exhibit good client service skill collaterals with a strong focus on building relationships. Education/qualifications Any Graduation

Role & responsibilities: Responsibilities The role will be responsible for maintaining various day-to-day activities in the Global Outsourcing Control (GOC) team. The job holder will work on all aspects of the GOC team providing support to Morgan Stanleys various business units and support functions to ensure that the organization acts in compliance with the firms GOC program. Specific responsibilities include: Develop a strong understanding of outsourcing regulatory requirements as they relate to outsourcing and how the Firm must meet those requirements Shepherd Intake Forms through the multiple project phases and ensuring the agreed Service Level Agreements (SLAs) and go live deadlines are met Provide project management support for the entire lifecycle of an engagement, to ensure that all project related deliverables are met (i.e., completion of calls, governance and regulatory requirements, clearance and acknowledgments from control groups, including Compliance, Tax, Legal, BU, etc.), including project status reporting Provide support to ongoing project initiatives Shows strong emphasis towards data integrity to track and report progress of each engagement under management, to plan appropriately while ensuring risks and issues are identified, escalated and resolved Support GOC Management in identifying process improvements, defining business requirements and suggesting enhancements for any technology and tools supporting in scope processes Support execution of change and remediation programs led by TPPM as and when required Support Outsourcing initiatives as needed. Preferred candidate profile: Must have skills Third Party Program Engaging and Manage Stakeholder and their Reg. related requirements Vendor Management, Project Management, Stakeholder Management, Supply Management Understanding and some experience of Third Part program Looking for professionalism and maturity. Domain Investment Banking Do not look for candidates from IT project management Perks and benefits: Fixed Pay / HYBRID Contact: Kishore Kumar - Kishore.kumar@russelltobin.com / 9384052856

Responsibilities and Impact: This position within the Proposal & Assessment Team is integral to supporting Market Intelligence commercial teams in responding to the growing volume of client audits and inquiries. The person will collaborate closely with product, risk, compliance, legal, and functional teams, to ensure client requirements are met effectively. Responding/Managing client audits and risk assessments from end to end, maintaining awareness of internal controls and audit trends to uphold the efficacy of the audit process. Serving as the primary point of contact for our top customers, assisting them in meeting their vendor management requirements. Cultivating partnerships and closely collaborating with corporate and divisional groups to seek information and influence approaches and outcomes. Developing familiarity with Market Intelligence's audit processes and the company's cyber security policies, standards, processes, and controls. Tracking assessment and audit outcomes, management responses to address findings, and follow-up activities, and producing reports for executives and management. Undertaking additional tasks and responsibilities as directed by the team manager, while continuously enhancing the overall process to align with evolving industry standards. What W ere L ooking F or : Bachelor's degree in a related field, or equivalent professional experience in Third-Party Risk Management (TPRM), Audit, and Risk. 6-7+ years of relevant experience in conducting audits or responding to audits, within a SaaS-related business environment. Demonstrated understanding of client-initiated audits and organizational controls. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record of building strong relationships resulting in successful outcomes. Ability to collaborate effectively with a global team spanning multiple time zones. Competencies : Exceptional communication and interpersonal skills, adept at engaging and influencing stakeholders across all levels. Demonstrated flexibility and negotiation prowess to achieve optimal outcomes. Proficient in efficiently managing multiple concurrent projects, with a keen ability to adapt as priorities evolve. Exhibits creativity and perseverance in devising solutions. Possesses strong analytical and problem-solving capabilities, proficient in assessing complex information and formulating actionable strategies. Fosters robust working relationships with internal colleagues, facilitating collaboration and synergy within teams.

The Role Are you passionate about security architecture and driven to protect against the latest threats? We are seeking a Security Architect who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Security Architect, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customers assets. Who You Are Youre good at what you do and possess the required experience to prove it. However, equally as important you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused someone who prioritizes customer success in their work. And finally, youre open and borderless naturally inclusive in how you work with others. Required Skills and Experience Strong expertise in IT risk management, risk assessment, and mitigation strategies. Experience in conducting risk analysis for business requests, new applications, and projects. Ability to register Risk Acceptance Forms (RAF) and follow up on action plans. Hands-on experience in supplier security assessments and security exception validation. Expertise in IT security compliance frameworks such as ISO 27001, GDPR, and other relevant regulations. Incident management skills, including the ability to investigate, document, and resolve security incidents. Proficiency in developing and enforcing IT risk management policies and procedures. Experience in monitoring IT systems for potential risks and vulnerabilities. Excellent analytical and problem-solving skills. Ability to create risk reports and communicate findings to senior management effectively. Preferred Technical & Professional Experience Hands-on experience in responding to customer security RFPs and reviewing security clauses. Experience in supplier security assessment and third-party risk management (TPRM). Relevant cybersecurity certifications such as CISSP, CISM, or CRISC. Strong communication and interpersonal skills to collaborate with cross-functional teams including IT, legal, and business teams. Experience in delivering training programs on IT risk management best practices.

Role & responsibilities : • Create/ review and uplift/ implement the third-party risk management framework. • Conduct comprehensive information security risk assessments of the suppliers for the cyber risks in alignment with the organizational policies, industry best practices and standards/regulatory requirements. • Collaborate with internal stakeholders to identify and mitigate potential risks. • Monitor and report on the risk status • Establish and maintain effective vendor management processes. • Provide risk management guidance and training to third party risk management teams. • Stay up to date with industry best practices and regulatory changes • Project management experience • Stake holder management • Communication management Mandatory skills CrowdStrike- Third-Party Risk Management (TPRM)

Asst. Manager - Supplier Relationship Management Center of Excellence (SRM COE) About your team Fidelity Global Procurement comprises approximately 65 employees based across India, UK, Continental Europe, and Asia Pacific. The team manages approximately $700m of spend split between technology and non-technology categories. Currently the team is undertaking a global transformation programme to deliver an improved Procurement user experience, simpler and more efficient Procurement processes, consistent and accurate Procurement related data. The transformation will drive significant changes to ways of working within and out of Procurement and will implement multiple new technology platforms. About your role The Assistant Manager - Supplier Relationship Management Center of Excellence will work with identified supplier relationship managers (SRMs) for key Business Functions in managing suppliers in line with risk appetite, optimising post-contract value, and developing a transparently sustainable supply base The role holder will run routines for a defined element of the supplier portfolio, and will ensure that the requirements, contractual obligations, Procurement policy, and business unit objectives are met and evidenced in regular routines. The role holder will collaborate closely with senior stakeholders from across FIL to establish broad internal stakeholder relationships, drive value from, and manage supplier risk. These stakeholders include but are not limited to onshore Procurement SRM Lead, Supplier Relationship Managers (SRMs) across FIL; Supplier Risk Oversight (Procurement 2LoD function); Senior Procurement Category leaders; and risk partners across FIL Be able to analyse and document contractual deliverables, business objectives and translate them to practical guidelines in line with TPRM framework. Monitor and lead the performance delivery of the suppliers against agreed benchmarks. Develop an understanding of key contractual clauses and ensure compliance. Measure and reaslise contractual credits arising out of rebates, penalties etc. Help business in creating supplier business continuity and exit plans. Create and run a mechanism for consistent and reliable handling of business queries towards SRM tasks, including ticket resolution, process trainings and process walk throughs. Liaise with Stakeholders on multiple forums and deal with any ad-hoc queries from stakeholders. Attend SRM process development sessions (Collaborate with SRM groups, TPRM and 2nd LOD) to develop processes and routines. Become a TPRM tool Champion for FIL and promote uptake of the tool across business units and geographies and track adoption across each 1LOD. Contribute to design and evolution of TPRM tool routines and operationally manage TPRM tool administration tasks. Remain fully aware of key risk, compliance and regulatory impacts of the Supplier Risk Management Lifecycle, and their impacts to FIL across all regulatory jurisdictions. Perform periodic supplier spend reconciliations for suppliers, tying back actual spend with contractual price. Deliver best in class supplier management function for the groups strategic and / or operational 3rd party suppliers and proven experience of delivering savings (avoiding contract leakage). Analyse and understand supplier contract pricing and incoming invoice to arrive at the best method for spend reconciliation / leakage monitoring. Provide business with data analytics and contractual review expertise required for SRM deliverables. Be an expert with strong individual contributor streaks, while being part of and managing small but high performing pods. Analyse and document variations to services, ensuring necessary discipline / agreed change acceptance methodologies and that all activities meet the desired cost, risk & service parameters Understand key policy requirements around different types of supplier risk, their identification and mitigation processes. Provide support to business users in performing risk identification and mitigation routines. Manage relationships with different risk SMEs. Ensure operational excellence through adherence to designed processes & process audits About You 6+ years of work experience in financial services (desirable) Experience in supplier due diligence and onboarding would be an added asset. Experience in a TPRM tool is required. Working experience under Supplier Relationship Management function entailing Structured governance for continuous review and monitoring of key relationships Measurement and reporting of supplier performance metrices and SLAs Tracking and reporting of contractual delivery as well as financial commitments Enthusiastic, self-driven and with a high level of self-motivation to overcome obstacles and a strong desire to make things happen. Ability to be flexible and responsive to a constantly changing environment. Strong analytical skills, attention to details with an appetite to dive into issues in depth as needed Strong personal presence, excellent interpersonal and communication skills, ability to establish a successful rapport, communicate and influence at all levels. Ability to complete multiple tasks against tight deadlines, able to prioritise and organise effectively.

About The Role : Job TitleThird-Party Control Assurance SpecialistCorporate TitleVice PresidentLocationBangalore, India Role description The Third-Party Control Assurance Specialist is responsible for supporting the Bank with managing third-party risks and execution of control assurance process for the relevant third-party vendors in line with the defined policy, process and guidelines. The specialist will oversee the third-party risk portfolio by tracking risk explore and ensuring compliance with the Banks risk appetite. In addition, the specialist will be coordinating with relevant internal and external stakeholders to assess and verify third-party vendor control effectiveness to meet the organizations control requirements. The role is essential for monitoring third-party risks and enabling risk mitigation to protect the organization. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities: Manage and oversee third-party risk exposure across the division and establish the outsourcing risk profile that is managed within the Banks risk appetite. Ensure compliance to the defined third-party risk standards and policies and Key Risk Indicators measurements. Evaluate the residual risk on outsourced engagements to identify any breaches against risk appetite, including tracking the mitigation status on identified gaps or breaches. Conduct outreach to relevant internal stakeholders and third-party vendors to initiate the assurance process and gather responses to the assurance testing questionnaire including other necessary information. Perform due diligence on third-party vendor by assessing gathered responses according to the defined internal process and guidelines. Escalate identified gaps to relevant Assessment Teams or 2LoD Risk Type Controllers. Assign risk scores to the third-party vendors according to the defined scoring matrix. Create and maintain third-party risk reports for senior stakeholders to outline identified risks, mitigation actions and outcomes. Your Skills & Experience: 15+ years of professional experience in third party risk management, vendor assurance or governance Strong understanding of third-party risk management framework, processes, and best practices Experience in managing cross-functional teams and engaging with senior leadership. Strong analytical, problem-solving, and critical thinking abilities Excellent oral and written communication skills Relationship building and stakeholder management skill set How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Primary Skill: Third Party Risk Management Basic JD for the role: Conduct vendor risk and supply chain assessments, ensuring compliance with IT/IS policies, RBI guidelines, and global security standards through detailed third-party reviews. Digital Risk Consulting,GRC - Risk management,Risk Management,Enterprise Risk Management,Third Party Risk Assessment, GRC - Compliance, GRC- Governance Exp:2-4 Years Who can join 15 days of Notice Work Location: Belapur, Navi Mumbai General Shift Monday to Friday working (every month1s or 3rd Saturday working) Thanks and regards, Ankita Ghosh ankita.patari@happiestminds.com

Title: Lead - Information Security GRC (ISO & TPRM) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Company Overview Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Description and Responsibilities: Conduct risk assessments and audits aligned with ISO standards (e.g., ISO 27001, ISO 31000) and other relevant compliance frameworks. Perform third-party risk management (TPRM) processes, including vendor assessments and continuous monitoring of third-party compliance. Assist in the development, implementation, and maintenance of GRC programs, policies, and procedures. Collaborate with internal and external stakeholders to identify and mitigate compliance risks. Perform gap analyses and provide actionable recommendations to achieve compliance with various regulatory requirements. Prepare and deliver compliance reports, including risk findings, corrective actions, and status updates. Support internal and external audits, including evidence collection, documentation, and follow-up on corrective actions. Assist in developing compliance training programs for employees and stakeholders. Track and remediate compliance-related incidents, ensuring timely resolution and continuous improvement. Document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities. Required Skills & Qualifications: 3+ years of experience in compliance, risk management, or GRC-related roles. Hands-on experience with ISO 27001, ISO 31000, or other relevant ISO standards. BS/MS/BE/BTech/MBA in technology-related or information security curriculum Strong knowledge of GRC frameworks such as NIST CSF, COBIT, or similar. Familiarity with regulatory compliance requirements (e.g., GDPR, HIPAA, SOC 2). Proficiency in compliance management tools and platforms. Ability to analyse risk and compliance data, identify trends, and make recommendations Experience with third-party risk management (TPRM) processes, tools, and methodologies. Professional certifications like ISO 27001 LA or LI preferred. Detail-oriented, ability to consistently provide high-quality products that are concise, thorough and accurate; Strong attention to detail with an analytical mind and outstanding problem-solving skills. Good communication and persuasive skills Work independently Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Title: Lead - Information Security GRC (PCI DSS) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Company Overview Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Description and Responsibilities: Conduct PCI DSS gap assessments and audits to identify non-compliance areas. Develop, review, and update PCI DSS compliance policies and procedures. Perform risk assessments related to PCI DSS and other frameworks such as ISO 27001, NIST CSF, and CIS CSC. Collaborate with internal teams and external vendors to implement security controls and remediate compliance gaps. Conduct IT and application risk assessments to identify and mitigate vulnerabilities. Perform IT control reviews and provide recommendations to strengthen security practices. Assist in creating comprehensive compliance reports and documentation for stakeholders. Assist in the development of security training and awareness programs. Stay updated on PCI DSS requirements and other industry regulations, ensuring the organization is aligned with current standards. Provide guidance on cloud security assessments and data protection best practices Required Skills & Qualifications: 3+ years of experience in conducting PCI DSS assessments, compliance, or IT audits. BS/MS/BE/BTech/MBA in technology-related or information security curriculum Prior experience in cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management Required 4+ years of relevant experience in information security domain Knowledge on PCI DSS, ISO 27001, NIST CSF, and other security standards. Experience with IT security programs, IT control reviews, and application risk assessments. Familiarity with cybersecurity regulations and frameworks Detail-oriented, ability to consistently provide high-quality products that are concise, thorough and accurate; Strong attention to detail with an analytical mind and outstanding problem-solving skills. Professional certifications like PCI DSS QSA, ISO 27001 LA or LI preferred. Good communication and persuasive skills Work independently Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

o Role Summary & Key Responsibilities: • Support the design, implementation, and documentation of GRC solutions under the guidance of senior architects. • Assist in conducting application risk assessments, DR tests, and quality reviews for compliance deliverables. • Contribute to process standardization, compliance reporting, and resolving technical issues related to IT compliance. o Key Skills & Qualifications: • 610 years experience in cybersecurity or IT compliance roles. • Solid analytical, problem-solving, and documentation skills. • Familiarity with compliance frameworks (such as NIST, SOX, DFARS) and risk assessment methodologies. • Excellent teamwork and communication skills; certifications like CompTIA Security+ or CCNA Security are desirable.

Role & r Role Description* As an Audit and Compliance Associate, you will be responsible for supporting the development and execution of Third-Party Risk Management (TPRM) practices within the organization. You will work closely with internal teams to identify, assess, and mitigate risks associated with third-party relationships while ensuring compliance with applicable laws and regulations. *Key Responsibilities:* 1. Assist in the implementation and execution of TPRM processes, ensuring third-party vendors are properly assessed and monitored for risk. 2. Conduct regular audits and assessments of third-party vendors to evaluate compliance with contractual obligations and company policies. 3. Collaborate with cross-functional teams (Legal, IT, Procurement, Compliance) to evaluate and manage third-party risks. 4. Assist in preparing and presenting audit reports, risk assessments, and compliance updates to senior management and stakeholders. 5. Contribute to the ongoing development and enhancement of third-party risk management policies and procedures. 6. Stay current on industry trends, best practices, and relevant regulations to ensure TPRM processes remain effective and compliant. 7. Provide support in vendor due diligence, ongoing monitoring, and resolution of compliance issues related to third-party vendors. 8. Document and track audit findings, compliance issues, and risk mitigation actions. *Qualifications:* 1. Bachelors degree in Engineering (preferably in Computer Science, Information Technology, Electronics, Electrical, or related branches) 2. 2-4 years of experience in audit, compliance, risk management, or a related role, with experience in Third-Party Risk Management being a strong plus. 3. Solid understanding of TPRM frameworks, compliance standards (e.g., SOC 2, ISO 27001, GDPR), and vendor risk management practices. 4. Familiarity with regulatory requirements and industry guidelines related to third-party risk, cybersecurity, and data privacy. 5. Strong analytical and problem-solving skills, with attention to detail and the ability to handle complex risk assessments. 6. Excellent communication skills with the ability to work collaboratively across teams and communicate effectively with senior leadership. 7. Proficiency with audit tools and software (e.g., Microsoft Excel, GRC platforms). 8. Relevant certifications (ISO 27001, CISA, CRISC, CISM, etc.) are a plus but not required.

You will be joining the TPM Operations team as part of the Global Procurement division. The teams purpose is: TPM Process is a cross functional risk type process for identifying, assessing, mitigating, and tracking risk associated with DBs portfolio of Vendors Develop The TPM Operations Team is a team with global operational reach, providing first level support to the Banks TPM process and associated stakeholders. The Team, deploys and manage processes and procedures to implement the TPRM Framework and RTCs requirements, performs TPM tasks as outlined by TPM Process including collecting evidences and questionnaires from the internal service relationship owners and the vendors, performing quality checks of evidences before RTC review, collaborating with the assessment teams and 2nd line functions as part of the assessments of evidences and track progress to ensure completion in time and quality. The team leverages several tools and innovative techniques to create value added insights for stakeholders across end-to-end Procurement processes including, but not limited to, Third party Risk, Contracting, Spend, Performance Management, etc. Your key responsibilities Engaging with internal service relationship owners and vendors to drive the TPM Process. Performing activities within processes related to service and vendor assessments requiring detailed interpretation / understanding of information provided. Review and analysis of medium to high complexity information to identify potential violations, adhering to core guidelines set out within agreed procedures/KOP as well as decide how to proceed. Focus on medium to higher complexity processes - requiring detailed interpretation & judgment calls to be taken. Contribution to meeting all TPM internal and associated quality assurance deadlines & thresholds thereby ensuring adherence to regulatory / audit requirements. Handling of potential issues escalated for further investigation and / or initiation of measures. Your skills and experience We are looking for talents with a degree (or equivalent) in Business, Economics or Low from an accredited college or university (or equivalent) to develop support our stakeholders by completing the TPM process and work on a constant process improvement by creating ideas and self-driven solutions. Knowledge and understanding of Vendor Risk Management principles and practices. Computer proficiency in Excel, Word, PowerPoint required - Experience with managing deadlines and working to tight deadlines. Ability to interact with, collaborate and communicate with stakeholders and SMEs within TPM and Risk Teams of other Divisions and Business, e.g. SROs in an intercultural environment. You enjoy working in a team and your language skills in English are convincing, making it easy for you to work in an international environment and with global, virtual teams.

Position: Consultant Risk and Compliance Experience: 3 to 5yrs Location: Noida OR Remote Responsibilities: • Independently manage multiple service engagements ensuring customer service deliveraccording to the company quality guidelines & methodologies. • Lead and manage data privacy and risk & compliance projects from initiation to completion, ensuring they are delivered on time, within scope, and within budget. • Expertise in delivery of risk and compliance advisory services • Experience on conducting privacy risk assessments and data protection impact assessments (DPIAs), and advice on corrective measures to mitigate data privacy risks. • Identify, develop, recommend and/or implement business processes to improve organizational privacy and information security compliance. • Provide analysis of legislative requirements, emerging knowledge, and trends to make recommendations to management. • Work with internal and external customers on consulting engagements and provide business as well as technical leadership to ensure that data, processes and technology are designed for data protection and compliance such as SOC 1/2, NIST, PCI-DSS, CIS 8, ISMS etc. • Knowledge of information protection methodologies and concepts, such as identification and authentication, access control, inception, and audit trails • Work collaboratively with the practice leaders and provide end to end engagement leadership on the projects. • Provide subject matter expertise to the engagement/project teams. Serve as the point of contact for requirements across various standards. • Build and maintain customer relationships by understanding and being responsive to customer needs and ensuring high quality of work. • Contribute in people and knowledge development initiatives within the team and organization. • Maintain an up-to-date understanding of emerging trends in information security and apply new techniques and trends, in-line with overall information security objectives and risk tolerance • Demonstrate strong analytical thinking and interpersonal skills, including the ability to research and understand sophisticated processes and effectively communicate them to interested parties. • Recommend security policy changes and enhancements • Support the Information Security program including development, collection, assessment, and reporting of metrics Requirements: • Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. • Exhibit a good understanding of GDPR, CCPA, or other privacy laws. • Excellent technical capabilities around information security, business continuity and technology risk assessments • Must be able to demonstrate outstanding communication skills to ensure the ability to articulate clearly IECnmotnpelfroindyaelnetia-CPleornsfoidneanl tial https://www.sdgc.com/ and negotiate with the relevant stakeholders. • Experience working with internal and external auditors/stakeholders/customers • Prior knowledge and experience on performing testing of internal controls specified in Information Security policies • Possess a sound knowledge of fundamentals of information security systems and data privacy requirements. • Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. • Effectively managing workflow, including multiple projects, in a proactive and highly responsive manner. • Strong attention to detail with an analytical mind and outstanding problem-solving skills. • Must be able to demonstrate outstanding communication skills to ensure the ability to articulate clearly and negotiate with the relevant stakeholders. • Experience working with internal and external auditors/stakeholders/customers. • Knowledge and auditing experience around some regulations/acts/standards, such as ISO 27001, NIST Cybersecurity Framework and Privacy Framework, SOC2, ISO 22301, NIST CSF and Cloud Security will be preferred. • Ability to work on a flexible schedule when needed, as part of cross-geography and cross-culture global team • Willingness to travel globally on need basis Certifications: • ISO 27001 Lead Auditor, CRISC, CISA, CISM (Must have) • FIP-IAPP (Essential) • Knowledge of compliance standards like ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, GDPR, SOX, SOC, HIPAA, FAIR, OWASP, CIS 20 (Good to have)

ob Title: TPM Case Analyst Location: Pune, India Corporate Title: Associate Role Description You will be joining the TPM Operations team as part of the Global Procurement division. The teams purpose is: TPM Process is a cross functional risk type process for identifying, assessing, mitigating, and tracking risk associated with DB’s portfolio of Vendors Develop The TPM Operations Team is a team with global operational reach, providing first level support to the Bank’s TPM process and associated stakeholders. The Team, deploys and manage processes and procedures to implement the TPRM Framework and RTCs’ requirements, performs TPM tasks as outlined by TPM Process including collecting evidences and questionnaires from the internal service relationship owners and the vendors, performing quality checks of evidences before RTC review, collaborating with the assessment teams and 2nd line functions as part of the assessments of evidences and track progress to ensure completion in time and quality. The team leverages several tools and innovative techniques to create value added insights for stakeholders across end-to-end Procurement processes including, but not limited to, Third party Risk, Contracting, Spend, Performance Management, etc. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Engaging with internal service relationship owners and vendors to drive the TPM Process. Performing activities within processes related to service and vendor assessments requiring detailed interpretation / understanding of information provided. Review and analysis of medium to high complexity information to identify potential violations, adhering to core guidelines set out within agreed procedures/KOP as well as decide how to proceed. Focus on medium to higher complexity processes - requiring detailed interpretation & judgment calls to be taken. Contribution to meeting all TPM internal and associated quality assurance deadlines & thresholds thereby ensuring adherence to regulatory / audit requirements. Handling of potential issues escalated for further investigation and / or initiation of measures. Your skills and experience We are looking for talents with a degree (or equivalent) in Business, Economics or Low from an accredited college or university (or equivalent) to develop support our stakeholders by completing the TPM process and work on a constant process improvement by creating ideas and self-driven solutions. Knowledge and understanding of Vendor Risk Management principles and practices. Computer proficiency in Excel, Word, PowerPoint required - Experience with managing deadlines and working to tight deadlines. Ability to interact with, collaborate and communicate with stakeholders and SMEs within TPM and Risk Teams of other Divisions and Business, e.g. SROs in an intercultural environment. You enjoy working in a team and your language skills in English are convincing, making it easy for you to work in an international environment and with global, virtual teams. How we’ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Job Title: TPM Case Manager Location: Pune, India Corporate Title: Associate Skills: TPRM Framework, TPM Operations, Vendor Risk Management Role Description You will be joining the TPM Operations team as part of the Global Procurement division. The teams purpose is: TPM Process is a cross functional risk type process for identifying, assessing, mitigating, and tracking risk associated with DBs portfolio of Vendors Develop The TPM Operations Team is a team with global operational reach, providing first level support to the Banks TPM process and associated stakeholders. The Team, deploys and manage processes and procedures to implement the TPRM Framework and RTCs’ requirements, performs TPM tasks as outlined by TPM Process including collecting evidences and questionnaires from the internal service relationship owners and the vendors, performing quality checks of evidences before RTC review, collaborating with the assessment teams and 2nd line functions as part of the assessments of evidences and track progress to ensure completion in time and quality. The team leverages several tools and innovative techniques to create value added insights for stakeholders across end-to-end Procurement processes including, but not limited to, Third party Risk, Contracting, Spend, Performance Management, etc. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Engaging with internal service relationship owners and vendors to drive the TPM Process. Performing activities within processes related to service and vendor assessments requiring detailed interpretation / understanding of information provided. Review and analysis of medium to high complexity information to identify potential violations, adhering to core guidelines set out within agreed procedures/KOP as well as decide how to proceed. Focus on medium to higher complexity processes - requiring detailed interpretation & judgment calls to be taken. Contribution to meeting all TPM internal and associated quality assurance deadlines & thresholds thereby ensuring adherence to regulatory / audit requirements. Handling of potential issues escalated for further investigation and / or initiation of measures Your skills and experience We are looking for talents with a degree (or equivalent) in Business, Economics or Low from an accredited college or university (or equivalent) to develop support our stakeholders by completing the TPM process and work on a constant process improvement by creating ideas and self-driven solutions. Knowledge and understanding of Vendor Risk Management principles and practices. Computer proficiency in Excel, Word, PowerPoint required - Experience with managing deadlines and working to tight deadlines. Ability to interact with, collaborate and communicate with stakeholders and SMEs within TPM and Risk Teams of other Divisions and Business, e.g. SROs in an intercultural environment. You enjoy working in a team and your language skills in English are convincing, making it easy for you to work in an international environment and with global, virtual teams. How we’ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

Largest IT Consulting Company is hiring in large numbers in Mumbai Only immediate Joiners/ 15 days joiners need to apply Call on :7208835287 / 9359055605 send cv to zeba@contactxindia.com it@contactxindia.com Role & responsibilities Role detail 4 to 8 years of experience in assurance, information security, vendor/ supplier/ third party risk assessment Expertise in cyber security including standards such as ISO27001, PCI-DSS, ISO22301, privacy etc. Knowledge of technical domains such as network security, cloud security, application security, control testing Knowledge of concepts such as vendor risk profiling, country risk assessment, outsourcing/ technology regulation Experience in assessing emerging technologies such as robotics, IOT, DLT, Social, Mobile etc., Exposure to TPRM specific regulations (FED, MAS, OCC, etc.), Exposure in assessing different third parties e.g. Brokers, Exchanges, etc., Worked with TPRM tools, platforms & utilities such as KY3P, TruSight, ServiceNow, OneTrust, CyberGRX, Coupa etc, Strong Auditing skills is desired, experience in IT Compliance, ITGC testing, and Assurance is a plus Strong problem solving and logical approach skills Excellent written and verbal communication skills Consistent display of technical proficiency Ability to work well in teams Willingness to travel within India or abroad for project/assignments. Demonstrate integrity, values, principles, and work ethic and lead by example CISA/ CISSP/ CISM/ISO27001 LA / LI / Cloud security certificates Prior exp in IT Audit, SOC 1, SOC 2 Qualifications: • Bachelors degree in computer science or related field • Excellent communication and team collaboration skills Preferred candidate profile Perks and benefits

About The Role : Conduct security assessments of vendors, suppliers, and service providers to evaluate their cybersecurity posture. Ensure third-party security controls align with regulatory requirements (e.g., SOC 2, ISO 27001, NIST, GDPR). Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, GDPR, and other regulatory requirements. Experience with vendor risk assessment tools and cybersecurity risk management methodologies. Identify security risks in vendor environments and recommend appropriate remediation measures. Assess cybersecurity clauses in vendor contracts, service level agreements (SLAs), and data protection agreements (DPAs). Primary Skills ISO 27001 GDPR TPRM Secondary Skills Excellent written and verbal communication skills. Self-driven and able to work single handedly. Ability to multi-task, prioritize, coordinate, work well under pressure and meet deadlines.

Position Summary: Sr Manager Information Security Governance The Incumbent would be responsible to manage the information security governance, risk, and compliance process. Standardize GRC policies, evaluate their impacts, and implement the relevant measure. Liaise with Internal Audit, Corporate Compliance, Office of General Counsel and Risk Management to remediate new and outstanding issues; track security-related issues in the electronic GRC system. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines and US. Certifications such as CISA, CISSP, CISM, CEH, ISO27001 LA are required (The Incumbent needs to possess at least two certifications). Incumbent should be a good effective communicator. Information security team is a healthy mix of exuberance, expertise and experience. Job Functions and Responsibilities: Develop and maintain a robust threat intelligence gathering and monitoring plan. Review external threat Advisories and determine relevance to organization and design an appropriate response strategy Conduct assessment / review of IT processes and recommend action for improving IT governance maturity using reference frameworks like ISO 27001/ ITIL/others. Provide reports to senior management for review of information security risks, governance and compliance. Keep abreast with latest security and privacy regulations, advisories and alerts. Ensure compliance with organizational information security policies and procedures Is responsible to manage security incidents and policy exceptions. Regular checks of strength and efficiency of security system and provides security expertise for the business unit and function managers Conduct IT security awareness through regular publishing of monthly security updates/bulletins and trainings (e.g., brown bags) to improve IT security knowledge of users and IT staff. Provide advice and consultancy on security risks and controls. Is responsible for keeping an up-to-date map of security risks, latest security and privacy regulations, advisories. To participate to internal and external audits, and in liaison with regulatory and market bodies Analysis on qualitative and quantitative Risk Approach i.e. Risk Assessment of all assets across group along with Risk Treatment Plan. To analyze and assess security risks and their impacts, and implement the relevant measures. Coordinates compliance and auditing activities and facilitates migration of non-compliant environments to compliant environments. Is responsible to monitor and manage security-related nonconformities Key Result Areas: High Quality Content creation for Information Security Presentations for councils such as MBR, TechOps and ITRC Identification and Management of Information Security Risks Manage Infosec risks in third party engagements and drive improvements across categories of vendors Qualitative review and upkeep of InfoSec Policies and Procedures Enhance Employee awareness to make it more engaging and effective. Proactive identification of resolution of risks to maintain high InfoSec Posture ratings. Track effective set of infosec metrics and drive improvement in security posture. Participate in and Respond to InfoSec Audits, Questionnaires and Examinations Enhance Incident Management preparedness and drive InfoSec incident management. Qualifications: BE / BTech / ME / MTech / MBA with specialized Infosec certifications such as CISSP, CISA, ISO 27001 LI/LA, CISM Bachelor of Engineering or equivalent 13-15 yrs of experience in the field of Information Technology & Security audits At least nine (11) years of Information Systems & Security audit experience Extended Knowledge of IT Security. Experience in implementing IT controls within the IT governance framework and designing overall governance framework. Good Understanding of Risk and Compliance concepts and Tools Good communication and documentation skills. WORK SCHEDULE OR TRAVEL REQUIREMENTS 3 PM IST to 12 PM PST Travel - Minimal. To attend office in-person at the base location as and when required.

Key Responsibilities Documentation Management: Take ownership of all cyber and security-related documentation, including policies, procedures, guidelines, and training & awareness materials. Ensure documents are up-to-date, accurate, and readily accessible. Security Alert & Incident Review: Review security alerts and incidents specifically related to governance & compliance, data loss prevention (DLP), and adherence to established policies & procedures. Escalate and assist in the investigation of incidents as required. Audit Liaison: Liaise with both internal and external auditors during security-related audits mainly ISO 27001 and IT General Control. Assist in the preparation of audit materials, respond to audit findings, and track remediation efforts. Third-Party Risk Assessment: Assist the business in conducting third-party risk assessments, ensuring vendors and partners meet the organization's security requirements. Project Support: Provide project support to Cyber Security projects, including documentation, coordination, and tracking of tasks. ISO 27001 Implementation: Contribute to the ISO 27001 implementation and documentation. Main Accountabilities Maintaining and updating cyber security documentation (policies, procedures, guidelines, training materials) Contributing to the effectiveness of the organization's security governance, risk, and compliance program. Supporting successful internal and external security audits. Assisting in the identification and mitigation of security risks associated with third-party vendors. Supporting the delivery of Cyber Security projects on time and within budget. Contributing to the successful implementation and maintenance of the ISO 27001 Information Security Management System (ISMS). Requirements Tertiary qualifications at a degree level in an appropriate discipline (e.g., Information Security, Information Technology, Computer Science) or equivalent industry-relevant experience. A minimum of 6 years of experience in a security-related role or IT Audit. Effective verbal and written communication skills, with the ability to clearly articulate technical concepts to both technical and non-technical audiences. Ability to explain security concepts to users and stakeholders in a clear and understandable manner. Demonstrated experience in the production of documentation using standards and notations (e.g., flowcharts, diagrams). Solid understanding of security governance, risk, and compliance principles and frameworks Location : Hyderabad Mode of work : Hybrid ( 2 days WFO) Shift : 8.00 AM to 5.00 PM Notice Period : Immediate to 30 days Full Time opportunity

Key Responsibilities: Conduct cybersecurity assessments, including ISO Audit, CPM, IRDAI, RBI Regulatory audits, ITGC, TPRM etc., Develop cybersecurity frameworks, policies, and procedures tailored to clients' specific needs and requirements, in alignment with industry best practices and regulatory standards. Assist clients in designing and implementing robust cybersecurity controls and technologies, such as firewalls, intrusion detection/prevention systems, encryption, and endpoint security solutions. Provide guidance and support to clients in incident response planning and management, including the investigation, containment, and remediation of cybersecurity incidents and breaches. Collaborate with cross-functional teams, including IT, legal , and compliance , to integrate cybersecurity into clients' overall business strategies and operations. Deliver cybersecurity awareness training and education programs to clients' employees and stakeholders to promote a culture of cybersecurity awareness and compliance. Stay abreast of the latest cybersecurity threats, trends, and technologies, and provide proactive recommendations and insights to clients to enhance their cybersecurity posture. Engage with clients to understand their business objectives, challenges, and risk appetite, and develop customized cybersecurity solutions to address their specific needs. Assist in business development activities, including preparing proposals, conducting client presentations, and participating in client meetings to identify new opportunities and expand our cybersecurity advisory services. Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree or relevant certifications (e.g., ISO, CISSP, CISM, CISA, CEH ) preferred. 2-3 years of experience in cybersecurity consulting, advisory , or related roles, preferably in a professional services environment or consulting firm. Deep understanding of cybersecurity principles, frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR, PCI DSS ) and their application in diverse business environments. Strong analytical and problem-solving skills, with the ability to assess complex cybersecurity issues, evaluate risks, and develop practical solutions and recommendations. Excellent communication and interpersonal skills, with the ability to effectively interact with clients, stakeholders, and team members at all levels of the organization. Proven track record of successfully managing and delivering cybersecurity projects and initiatives on time and within budget. Ability to work independently and collaboratively in a fast-paced and dynamic environment, while demonstrating a commitment to excellence and client satisfaction. Flexibility to travel to client sites and work on-site as needed.

Business Management Sales Support Analyst/Senior Analyst, Client Coverage Division Role Description The Client Coverage Global COO office has responsibility for the global sales management, handles business development projects across all regions and organizes the division's workforce management. The main customer relationships and the strategic development of the Client Coverage Division are coordinated here. About DWS: Today, markets face a whole new set of pressures but also a whole lot of opportunities too. Opportunity to innovate differently. Opportunity to invest responsibly. And opportunity to make change. Join us at DWS, and you can be part of an industry-leading firm with a global presence. You can lead ambitious opportunities and shape the future of investing. You can support our clients, local communities, and the environment. Were looking for creative thinkers and innovators to join us as the world continues to transform. As whole markets change, one thing remains clear; our people always work together to capture the opportunities of tomorrow. Thats why we are Investors for a new now. As investors on behalf of our clients, it is our role to find investment solutions. Ensuring the best possible foundation for our clients financial future. And in return, well give you the support and platform to develop new skills, make an impact and work alongside some of the industrys greatest thought leaders. This is your chance to achieve your goals and lead an extraordinary career. Your key responsibilities As Business Management Analyst, you will focus on supporting activities for our regional Sales teams globally. In this context, the tasks of the Business Management Analyst are quite diverse and may include (but are not limited to): Vendor Onboarding: Manage the full onboarding process for new verndors, ensuring all necessary documentation is completed and processed. Third-Party-Risk-Management (TPRM): Support Service Relationship Owners by managing the third-party riskmanagement for them to ensure proper risk assessments are completed Work closely with service relationship owners to gather necessary information for vendor assessments and onboarding Facilitate communication between risk assessment teams and the vendor onboarding process Purchase Order Creation: Handle the creation and management of purchase orders in the internal (dbBuyer) system, ensuring accuracy and compliance with company policies Invoice Processing: Process vendor invoices within the internal system, coordinating with finance and accounts payable teams to ensure timely payments Reporting & Tracking: Provide regular updates and reports to management on the status of vendor onboarding, purchase orders, and invoice management by extracting data from various tools e.g. dwsBuyer/dbBuyer and other governance related systems Your skills and experience Bachelor and/or advanced degree. 3-5 years of working experiences in Financial Industry is preferred. Strong analytical and presentation skills with an ability to understand/ dissect complex problems; strategic and creative thinking aptitude. Proficient in using Qlik Sense for data visualization, dashboard creation, and data analysis. Collaborative problem solver focusing on outcomes and strong project management skills. Comfortable working in a multi-dimensional/fast-paced environment. Excellent stakeholder management and communication skills to clearly articulate ideas, issues and solutions. Excellent communication skills in English (written and verbal), German is a plus. Excellent Microsoft Word/Excel/PowerPoint skill is essential.

Shift Timings: Night Shifts(US) Job Description: We are seeking an experienced Third-Party Risk Consultant to assess and manage vendor security risks, ensuring compliance with regulatory requirements and industry best practices. The ideal candidate will be responsible for conducting risk assessments, audits, and cloud security evaluations to identify potential threats and implement mitigation strategies. Key Responsibilities: Conduct comprehensive risk assessments of third-party vendors to identify potential security threats and vulnerabilities . Perform Cloud Security Assessments to evaluate vendor infrastructure and security controls. Lead audits to assess third-party compliance with security standards and best practices. Analyze and evaluate vendor security controls, policies, and procedures to ensure regulatory compliance. Develop and implement risk mitigation strategies to address identified vulnerabilities and reduce cybersecurity risks. Communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams . Monitor and track vendor compliance with security policies and procedures through ongoing assessments. Desired Skills & Qualifications: Strong experience in Third-Party Risk Management (TPRM), Cybersecurity, and Vendor Risk Assessments . Proficiency in conducting cloud security assessments (AWS, Azure, GCP preferred). Knowledge of regulatory compliance standards such as ISO 27001, NIST, GDPR, SOC 2, HIPAA, etc. Experience with risk assessment frameworks and tools. Strong analytical and problem-solving skills. Excellent verbal and written communication skills to present findings to stakeholders.

We are looking for an experienced ServiceNow Developer GRC to join our team. The ideal candidate will have extensive knowledge of ServiceNow development, configuration, and deployment , with a focus on Governance, Risk, and Compliance (GRC)/Integrated Risk Management (IRM) . You will work closely with stakeholders to enhance and maintain our ServiceNow platform, ensuring high-quality solutions aligned with business needs. Key Responsibilities: Design, develop, configure, test, deploy, and maintain ServiceNow applications, specifically GRC/IRM, VRM, and Vulnerability Management . Implement and customize ITSM, ITOM, ITBM, ITAM, SecOps, and GRC applications as needed. Develop automation scripts using Python, Shell/PowerShell, and Ansible . Integrate ServiceNow with other enterprise tools and technologies. Troubleshoot and resolve technical issues within the ServiceNow platform. Work in an Agile/DevOps environment, collaborating with cross-functional teams. Continuously improve ServiceNow solutions by incorporating best practices and new features . Ensure compliance with ITIL, governance, and security standards . Required Technical & Professional Experience: 8+ years of experience in ServiceNow development, configuration, and administration. Expertise in ServiceNow GRC/IRM, Vendor Risk Management (VRM), and Vulnerability Management . Strong knowledge of ServiceNow workflows, UI policies, business rules, and scripting (JavaScript, Glide API) . Hands-on experience with ServiceNow integrations using REST/SOAP APIs. Experience with automation tools like Python, Shell/PowerShell, and Ansible . Basic knowledge of Linux and Windows operating systems . Familiarity with programming languages such as Java or .NET . Experience in Agile and DevOps methodologies . Strong problem-solving and troubleshooting skills. Preferred Certifications & Skills: ServiceNow Certified System Administrator (CSA) Mandatory . ServiceNow GRC/IRM, VRM, or Vulnerability Management Certification Preferred . ITIL Certification is a plus. Strong communication skills and ability to work in a collaborative team environment. A proactive mindset with a focus on continuous improvement and innovation.