3,110 Conducting Security Audits jobs in India

Risk Assessment & Management

Ad-hoc in risk assessments

Responsible for identifying, assessing, and mitigating risks associated with IT systems, data, and operations.

certification:
•CISA , CISM,CCSP

Required Candidate profile

Exp: 4+YEARS

Loc: Mumbai-Andheri

np: 30 Days

Talworx is hiring!

Our client in India, a professional services firm, is the Indian member firm affiliated. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. Our client has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai,

Noida, Pune, Vadodara, and Vijayawada.

Our client in India offers services to national and international clients in India across sectors. We strive to

provide rapid, performance-based, industry-focussed and technology-enabled services, which reflect a

shared knowledge of global and local industries and our experience of the Indian business environment.

Our professionals provide the experience to help companies stay on track and deal with risks that could

unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth,

quality and operational challenges and working in partnership with us.

Requirements

Roles & Responsibility:

• Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital

infrastructure, systems, and security controls.

• Collaborate with cross-functional teams to gather essential information and data required for

comprehensive risk assessments.

• Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide

actionable recommendations for risk mitigation.

• Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the

effectiveness of risk assessments.

• Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients

and internal stakeholders.

• Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity

risk management strategies.

• Mentor and support junior team members to foster their professional growth and skills in cyber risk

assessments.

Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related

fields.

• A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related

security assessments.

• Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/2000 LI/LA or

equivalent are highly valued.

• Profound knowledge of cybersecurity frameworks, industry standards, and best practices.

• Proficiency in using various security assessment and techniques.

• Strong analytical and problem-solving skills, with the ability to think critically and strategically.

• Excellent communication and presentation skills, capable of effectively communicating technical

concepts to both technical and non-technical audiences.

• Demonstrated experience in project management and handling multiple assessments simultaneously.

• A proactive and self-motivated approach to work, with a commitment to continuous learning and

professional development.

• Network Security, infrastructure assessment and network architecture design review.

• Conceptual knowledge of OT Security/ISA 62443 standard is preferable.

>> CRITERIA

o Education 60% above throughout academics

o One 3 years (at least) regular course is must either Diploma or Graduation

o Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent

o Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/2000 LI/LA (At least

one)

o CCNA (Mandatory), CCNP or equivalent(optional).

>> COMPENSATION

O Compensation is competitive with industry standards

o Details of the compensation breakup will be shared with short-listed candidates only

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work Life Balance

1. The purpose of this role is to measure the customers risk exposures, analyze historical data and assist in determining the premium that needs to be charged to ensure that risk.

2. The individual will play an essential role in implementation of these projects from the prospect of our insurance domain.

3. Major responsibilities include analyzing customer data set and aggregating the risks of different lines of business (such as General Liability & Automobile Liability) with the help of prescribed tools and techniques.

4. Assessing the risks, and further segregating the various types of exposures amongst key factors such as state, territories, vehicle type, weight, radius, etc.

5. Accurately checking data discrepancies, and proactively highlighting them to the underwriters.

6. Summarizing the key findings, assumptions, and factors to keep in mind which would help Underwriters make accurate pricing decisions.

7. Working with risk assessment information and identifying data sources that can be used for making accurate pricing decisions.

8. Knowing relevant legal, regulatory, ethical, and social requirements with clients mandates and adhering to them while processing various accounts.

9. Contributing to the organizational values by actively engaging in the larger learning and development process.

10. Driving concise, structured, and effective communication with peers and clients.

Preferred candidate profile

1. Fundamental understanding of insurance, its key terminologies, and the insurance value chain as a whole

2. Awareness of the different kinds of insurance products within various lines of business (commercial and personal lines)

3. Awareness of basic underwriting criteria for a product or line of business.

4. Cognizant of how premium calculations work.

5. Valuable insights on policy extensions, limitations, and exclusions for business being underwritten.

6. Recognizes various concepts, jargons, products employed in underwriting and the insurance industry.

Skills

1. Proficient with MS Office.

2. Work with clients system for Underwriting.

Roles and Responsibilities

• * Conduct risk assessments to identify potential threats and vulnerabilities in the organization's IT systems, networks, and applications.
• * Develop and implement risk management strategies to mitigate identified risks, ensuring compliance with industry regulations such as HIPAA, PCI DSS, and ISO standards.
• * Collaborate with cross-functional teams to ensure effective implementation of security controls and monitoring of risk mitigation efforts.
• * Provide regular reporting on risk assessment findings and recommendations for improvement.

Desired Candidate Profile

• * 8-11 years of experience in Risk Management or a related field.
• * Strong understanding of Cyber Security, Information Security, and relevant industry regulations (HIPAA, PCI DSS).
• * Proven experience in conducting comprehensive risk assessments using various methodologies (e.g., NIST Cybersecurity Framework).
• * Certification in Risk Assessment or a related field (e.g., CISSP).

Position Summary - The position is a member of Risk & Compliance team within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements.

Key Responsibilities - Perform the following functions:

• Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection
• Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)
• Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process
• Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level
• Partner with awareness and training elements to develop and ensure rollout of programs to increase the level of awareness of compliance with policy and process
• Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready
• Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments
• Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities.
• Ability to provide effective management of junior employees.
• Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security
• Coordinates with other DCO and Delivery Compliance representatives to build out world class compliance program components to include processes, procedures, and technologies.
• Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program
• Demonstrates ability to work in virtual team with help of tools and technologies
• Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills
• Must have systematic and pragmatic approach to problem solving
• Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues and staff
• Have a good technical awareness and the aptitude to remain up to date with information security and IT developments
• Ability to communicate Risk to non IT business owners and support function such as delivery, HR, Admin, Legal, Contracting and others
• Ability to communicate risk at all levels of management up to and including C-Level executives.
• Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives
• Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.

Education Qualification - Graduate or master's degree in IT, Risk Management, Business Management, or a related field.

Certifications Required - Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.

Attributes of Ideal Candidate –

• At least 10 years’ experience in Information Risk Management/Information Security or auditing.Direct client and leadership experience
• Preferably, experienced in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)
• Excellent with Management Reporting, Reviews, Data Analytics
• Hands-on experience in Policy management and Governance, Risk modelling, Risk sensing and Data analytics.
• Strong communication skills
• Ability to provide effective management of junior employees
• Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues, and staff

Join us as a Compliance Risk Assessment Specialist at Barclays, where you'll spearhead the evolution of our digital landscape, driving innovation and excellence. You'll harness cutting-edge technology to revolutionise our digital offerings, ensuring unapparelled customer experiences.

The Compliance Risk Assessments is a team within Customer Protection, Wholesale Conduct and Regulatory Compliance (CWR) with responsibility for designing and executing the assessment of Compliance and Financial Crime risks across the business.

You may be assessed on the key critical skills relevant for success in role, such as experience with managing risk and controls to mitigate that risk exposure, as well as job-specific skillsets.

To be successful as a Compliance Risk Assessment Specialist, you should have experience with:

Basic/ Essential Qualifications:

• Understanding of risk and control environments.

• Knowledge of Regulatory Compliance: Familiarity with laws and standards, and internal compliance frameworks.

• Risk Identification & Control Design: Ability to spot compliance risks and implement controls to mitigate them effectively.
• Policy Adherence & Documentation: Ensuring business activities align with documented policies and maintaining control evidence.
• Data Analysis for Risk Insights: Capability to analyze data to detect compliance issues and improve control processes.
• Stakeholder Communication: Skilled in presenting risk findings and collaborating with compliance, legal, and operational teams.
• Exposure to operating controls in a previous role.

Desirable skillsets/ good to have:

• Experience of working in a risk management function or role.
• Experience of working in key control elements, including the identification of new and emerging risks and threats.
• Ability to analyse large data sets by applying and modifying existing processes.

This role will be based out of Pune.

Purpose of the role

To design and execute the risk management framework for identifying and assessing compliance risks that may arise from the bank's activities, products, or services.

Accountabilities

• Identification of changes to the level of risk exposure through the assessment of business activities, client base, products, geographies and thematic key risks including laws, rules and regulations.
• Implementation of ongoing monitoring, review and challenge of risk assessments to verify that they remain relevant and effective considering changing circumstances arising from a control environment that is not designed and/or operating effectively.
• Development and implementation of a framework to identify where the residual risk of a business requires risk mitigation strategies, policies, and procedures to bring the organisation's exposure to identified risks to within appetite.
• Analysis of the likelihood and severity of identified risks to determine their overall impact on the organisation.
• Utilisation of governance risk and control technology and data analytics to identify and measure patterns and trends related to compliance risk.
• Collaboration with the business, Compliance and other risk functions to develop and maintain a risk assessment framework that meets Operational and Compliance Risk requirements.

Analyst Expectations

• To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.
• Requires in-depth technical knowledge and experience in their assigned area of expertise
• Thorough understanding of the underlying principles and concepts within the area of expertise
• They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources.
• If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.
• OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate.
• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Takes responsibility for end results of a team's operational processing and activities.
• Escalate breaches of policies / procedure appropriately.
• Take responsibility for embedding new policies/ procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex / sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

• Conduct detailed statistical analyses of historical claims data to identify trends and patterns.
• Develop and maintain actuarial models for pricing new insurance products and evaluating existing ones.
• Perform loss reserve analysis and provide recommendations for reserving levels.
• Assess the financial impact of regulatory changes and industry best practices on pricing and reserving.
• Collaborate with underwriters and product development teams to ensure accurate risk assessment and pricing strategies.
• Prepare actuarial reports and presentations for management, regulatory bodies, and other stakeholders.
• Utilize actuarial software and programming languages (e.g., R, Python, SQL) for data analysis and model development.
• Contribute to the development and implementation of new actuarial methodologies.
• Monitor the performance of insurance portfolios and identify areas for improvement.
• Ensure compliance with all relevant actuarial standards and regulations.

• Bachelor's degree in Actuarial Science, Mathematics, Statistics, or a related quantitative field.
• Progress towards actuarial exams (e.g., ASA, FSA) is highly desirable.
• Minimum of 3 years of experience in the insurance industry, with a focus on actuarial analysis.
• Strong understanding of insurance principles, risk management, and financial modeling.
• Proficiency in statistical analysis, data manipulation, and predictive modeling techniques.
• Experience with actuarial software (e.g., Prophet, GGY Axis) and programming languages is a plus.
• Excellent problem-solving skills and attention to detail.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.
• Ability to work effectively both independently and as part of a collaborative team in a hybrid work environment.
• Familiarity with Indian insurance regulations is an advantage.

• Developing and implementing comprehensive risk assessment frameworks and methodologies.
• Analyzing insurance applications, policy terms, and client data to identify and quantify potential risks.
• Conducting financial modeling and scenario analysis to predict potential losses and their impact.
• Assessing the financial solvency and stability of the company by evaluating underwriting and investment portfolios.
• Monitoring and analyzing market trends, economic conditions, and regulatory changes that may impact risk exposure.
• Collaborating with underwriting, claims, and finance departments to ensure effective risk management practices.
• Developing and recommending strategies for risk mitigation and control.
• Preparing detailed reports and presentations for senior management on risk exposure and mitigation plans.
• Ensuring compliance with all relevant insurance regulations and industry best practices.
• Staying up-to-date with emerging risks and evolving risk management techniques.

• Bachelor's or Master's degree in Finance, Economics, Actuarial Science, Statistics, or a related quantitative field.
• Minimum of 4 years of experience in risk management, actuarial analysis, or financial analysis within the insurance industry.
• Strong understanding of insurance products, underwriting principles, and claims processes.
• Proficiency in statistical analysis, financial modeling, and risk assessment software.
• Excellent analytical, problem-solving, and critical thinking skills.
• Ability to interpret complex financial data and present it clearly and concisely.
• Strong communication and presentation skills, with the ability to influence stakeholders.
• Experience with regulatory compliance requirements in the insurance sector.
• Professional certifications such as FRM, PRM, or actuarial designations are a plus.