54 Certified Safety Professional jobs in India

IT Advisory Risk Consulting—IT Audit & Assurance 

Our client’s IT Advisory – Risk Consulting team is looking for Associate Consultants/ Consultants/ Assistant Managers to join their IT Audit & Assurance team in Bengaluru. Team provides Independent assurance on controls in place across client’s IT environment and ways to mitigate Technology risks. 

Following are some of our key solution offerings

• Risk Based IT Internal Audit
• IT SOX 404 Controls Testing, Quality Assurance
• Internal Financial Controls related to IT General Controls 
• IT General Controls as part of Financial Statements Audits
• IT Risk & Control Self-Assessment 
• Business Systems Controls / IT Application Controls 
• Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc.
• IT Attestation (SOC1/SOC2/ISAE 3402, ISAE 3000 etc.)
• Third Party/Vendor Risk Assessments 

Position: Associate Consultants/ Consultants/ Assistant Managers

Location: Bengaluru  

Requirements

Industry Experience:

• Plan, budget and execute the day-to-day activities of infrastructure audit engagements for clients
• Assess client's security landscape, assess, evaluate and recommend most suitable security solution, tools & techniques to create a threat resilient landscape using our client's differentiated approach and methodologies. Provide security concept, framework & standards for development & support client teams for the solution design, customization build and roll out to end users. 
• Perform a holistic security risk assessment of the client’s IT landscape taking various assets, threats, vulnerabilities, business impact & legal aspects into consideration. Designing and implementing controls to mitigate identified risks by lucid communication to client stakeholders. Effective persuasive/convincing abilities while communicating gaps detected during audits, risk assessments, attestation engagements.   
• Collaborate with other practice groups to review the effects of new threats and vulnerabilities in the security space to assess, remediate, test and protect client application artefacts, data and enterprise ecosystems from threat vectors as they emerge. 
• Work with other technology groups to provide cohesive solutions in Risk assessments, Financial statement audits, Attestation engagements encompassing network architecture, application, database, , standards and implementation related mandates for development, deployment and maintenance. 
• Manage teams delivering co-working discovery workshops & support delivery teams to provide assessment, remediation, testing and standards refresh for the application security practice. 
• Present and distill complex Security solutions into simple, easy to understand concepts for both technical and non-technical audiences especially in the context of opportunity pursuit. 
• Drive Innovation through Offerings: — Drive profitable growth through the execution of the strategy and the strengthening of the audit and assurance practice 
• Building innovative & collaborative solutions to bring combined offerings such as security related combinations with J2C, API, Data security as advisory & execution footprint to capture opportunities & illustrate convergence 
• Bring the audit and assurance practice to life to achieve sales and commercial opportunities in a collaborative ecosystem and follow through with support for cost effective high quality execution. 

Additional Responsibilities for Assistant Managers:

• Supervise associates and interns on engagements
• Serve as a liaison between financial services clients and upper management
• Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment
• Works with the client to minimize delivery disruptions and effectively manages client urgencies.
  Qualifications
• Engineering / MBAs with atleast 6+ years of experience 
• 3+ years of experience with hands on exposure to Infrastructure / Mobile/ Web application security spanning across various technologies. 
• Working level familiarity of advanced security assessment concepts, including but not limited to –, Malware analysis, OT/ICS security, Cloud security, security in IoT, Blockchain, RPA and emerging technologies, etc. 
• Working level familiarity with Static and Dynamic Analysis tools (SAST, DAST, IAST). Ability to manage deployment & use of OWASP tools and methodologies. 
• Ability to elucidate vulnerabilities and weaknesses in the OWASP Top10,WASCTCv2, SANS Top-25 and CWE25 to client IT/ISO audiences and discuss effective defensive techniques. 
• Comprehensive understanding and previous oversight of IT hardware, software, networking, databases, API services, J2C storage, licensing and related hosting needs.
• Infrastructural configuration reviews to identify the security related gaps within the IT environment
• Preference would be given to significant experience in relevant technical knowledge: (a) financial statement – IT  Audits; (b) IT internal or IT operations audits; (c) IT SOX engagements (d) Emerging Technology Risks (e) Data Privacy and PCI-DSS risks
• Good to have, add on skills - Working level familiarity with relevant vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint or any other open source tools). Working level familiarity with web application vulnerability scanning tools (e.g. IBM AppScan, HP Fortify, Accunetix, NTO Spider, Burpsuite Pro or any other open source tools), SIEM tools (SolarWinds, Splunk, LogRhythm, IBM QRadar) 
• Ability to understand/identify best practices for infrastructure process and controls.
• CISA, CISM, CISSP, CRISC, TOGAF certifications would be an added advantage
• Prior experience in client facing / account management roles
• Possess strong domain knowledge, understanding of IT processes supporting business and possible risks in operations of at least two industry sectors
• Demonstrate integrity, values, principles, and work ethic and lead by example

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work Life Balance

• Permanent full time position available
• Predominantly remote working
• Practising legal role - with no billable hours

DISCOVER  more opportunities to DEVELOP  your talents and THRIVE  in a dynamic legal landscape.

About the role

Our global Conflicts and new Business Intake department is seeking a Conflicts Risk Assessment Lawyer to join our global team. This role will be permanent full time role with the opportunity to work in a hybrid or predominantly remote work environment (with the occasional in office meeting and social events). This global department, part of the Firm wide Office of the General Counsel function, is responsible for the critical tasks of handling new business intake requests and associated conflict checks, client due-diligence and compliance work.

 What does the role involve?

This is a great role which involves exposure to a variety of matters with daily interactions with colleagues all around the world. On a daily basis you will be:

• Analysing and evaluating conflict search requests;
• Conducting extensive corporate affiliation and client quality research;
• Applying relevant professional rules of conduct, firm policies, regulations, and risk guidelines;
• Identifying and resolving potential conflict issues and providing a concise and complete summary report for relevant stakeholders such as partners, senior management and the General Counsel;
• Reviewing, drafting and providing advice on client engagement agreements, conflict waivers, external publications and outside counsel guidelines; and
• Vetting all new business intake requests to ensure compliance with the Firm's business direction.

What are we looking for?

We value our culture at K&L Gates and are proud of our friendly and respectful reputation. We are looking for a likeminded individual who, in addition to possessing technical excellence, is able to work collaboratively in a team and support their colleagues.  In addition to this we are looking for:

• Qualified lawyers with a current practising certificate and a minimum of 2 years PQE;
• Experience in a risk management or compliance role is highly desirable, but not essential. (Candidates who have been practising law for 2 or more years will be considered); 
• Excellent people skills with the ability to communicate concisely, influence stakeholders and build strong business relationships;
• Strong research skills and knowledge of corporate affiliations;
• High level computer skills with the ability to learn new systems quickly; and
• A desire to work in a legal compliance role.

To be successful in this role, you will exhibit a high degree of professionalism and confidentiality while maintaining a good rapport with the firm’s partners, lawyers and staff.  We seek exceptional employees who want to become a part of our practice on all levels, to help us expand, challenge our limits, and push us to grow into the future. If you are motivated by job challenges and personal growth, then K&L Gates could be the right place for you.

The extras

K&L Gates promotes equal opportunities for all employees to progress in their careers. 

Initiatives include:

• Regular social events and an active social club;
• Salary continuance insurance;
• Pro-bono programs and community involvement via our payroll giving program, Global Day of Service and charitable fundraisers;
• Generous leave options as well as a broad range of flexible working options;
• 26 weeks paid parental leave;
• An extensive range of learning and professional development programs; and
• Committees that tackle the big issues including diversity and inclusion, Women in the Profession and work/life balance.

About Us

The firm’s Australian operations provide vast knowledge of the Australian legal marketplace across a wide spectrum of industries.  With lawyers located in four established offices in Australia’s leading financial and commercial centres and possessing substantial experience.

At K&L Gates, we foster an inclusive and collaborative environment across our fully integrated global platform that enables us to diligently combine the knowledge and expertise of our people to create teams that provide exceptional client solutions. We marry process with vision, success with dedication, method with passion, and innovation with creativity. The outcome: The K&L Gates Experience.

Located across five continents, we represent a broad array of leading global corporations in every major industry, capital markets participants, and ambitious middle-market and emerging growth companies. We also serve public sector entities, educational institutions, philanthropic organisations, and individuals. Our lawyers counsel clients on their most sophisticated legal challenges in all areas of corporate and regulatory law as well as litigation.

We are leaders in legal issues relating to industries critical to the economies of both the developed and developing worlds—technology, manufacturing, energy, transportation, telecommunications, financial services, and life sciences, among others.

Do you like what you see?

Please apply via our Careers page at

For more information, please contact Tania Brierley, Recruitment Consultant at

For more information about K&L Gates please see our website

Referrals from agencies are not accepted at this time.

K&L Gates reserve the right to close advertising earlier at our discretion.

K&L Gates is an equal opportunity employer and promotes the safety, wellbeing and inclusion of those with a disability. We welcome applications from people who have an indigenous and/or culturally and linguistically diverse background.

Stay safe when applying on-line and be aware of jobs and employment related scams via scamwatch.gov.au   

Attachments:
- K&L Gates Employee Benefits.pdf

• Evaluate insurance applications to assess risk exposure and determine insurability.
• Analyze applicant data, including financial history, claims history, and other relevant factors.
• Apply underwriting guidelines and company policies consistently to make informed decisions.
• Calculate and set appropriate premiums based on risk assessment.
• Communicate underwriting decisions and rationale clearly to agents, brokers, and policyholders.
• Maintain accurate records of underwriting decisions and supporting documentation.
• Stay updated on industry trends, regulations, and risk management best practices.
• Collaborate with claims and actuarial departments to refine underwriting strategies.
• Contribute to the development and improvement of underwriting processes and tools.

• Bachelor's degree in Business Administration, Finance, Economics, or a related field.
• Minimum of 3 years of experience in insurance underwriting.
• Proven ability to analyze complex data and assess risk effectively.
• Strong understanding of insurance principles, risk management, and regulatory requirements.
• Excellent analytical, decision-making, and problem-solving skills.
• Proficiency in underwriting software and Microsoft Office Suite.
• Strong written and verbal communication skills.
• Ability to work independently and manage workload efficiently in a remote environment.
• Relevant professional designations (e.g., AU, CPCU) are a significant advantage.

The opportunity

The Technology Assurance, Risk, and Policy (TARP) function within Information Security strives to create and promote a holistic Governance, Risk, and Compliance (GRC) program by creating a robust, resilient, and proactive governance framework, supported by a strategic risk management approach and stringent compliance structures. It aims to integrate and align its GRC initiatives in line with the global firm's objectives and emerging threats within the cybersecurity landscape.

Furthermore, the Policy, Risk, and Controls (PRC) Enablement & Awareness team aims to establish policies and procedures that reflect the value we place on safeguarding our digital environment, while ensuring that these policies are effectively communicated and enforced across all levels of the organization. The Control & Risk Assessment team sits within PRC Enablement & Awareness and aims to directly enables the GRC program by designing control testing and risk assessment methodology to measure and quantify compliance to policies and control objectives.

Your key responsibilities

The Control & Risk Assessment Leader will be responsible for building and owning a control testing and risk assessment program, following the model for 1st line and 2nd line testing best-practice strategies, that routinely tests and assesses the effectiveness and efficiency of Information Security controls put in place to mitigate risks to determine if they are supporting the desired business outcomes. They will need to rank and prioritize Information Security and Information Technology controls based on their risk profiles and design testing plans, inclusive of testing procedures, which will be used to measure effectiveness while, simultaneously looking for opportunities to enhance and improve EY’s control landscape. In certain instances, they will need to plan and execute risk assessments to quantify assumptions over the risk profiles.

The Control & Risk Assessment Leader is responsible for building a team of experienced professionals to assist in executing the strategic vision and objectives of the Control & Risk Assessment testing and assessment program. The Control & Risk Assessment team will work collectively to support the Information Security Program in the areas of risk assessment methodology development and execution of risk assessments, control testing design and execution, and identification of gaps and areas of improvement utilizing testing and assessment results.

Collaboration with other Information Security groups and external stakeholders across EY is key to this role. The Control & Risk Assessment Leader will need to build a network of multi-departmental and multi-level stakeholders inclusive of, but not limited to Information Security, Client and Enterprise Technology, Data Protection, Global and Enterprise Risk Management, Internal Audit, Area and Regional Risk & Data teams, Service Line Quality Leaders, etc.

Skills and attributes for success

To qualify for the role you must have

Ideally, you’ll also have

What we offer

As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:

We ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodations.

EY is committed to being an inclusive employer, and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.