241 Conducting Security Audits jobs in Mumbai
Risk Assessment
Posted 1 day ago
Job Viewed
Job Description
Risk Assessment & Management
Ad-hoc in risk assessments
Responsible for identifying, assessing, and mitigating risks associated with IT systems, data, and operations.
certification:
•CISA , CISM,CCSP
Required Candidate profile
Exp: 4+YEARS
Loc: Mumbai-Andheri
np: 30 Days
Infrastructure Cloud Risk Assessment Manager
Posted 1 day ago
Job Viewed
Job Description
About the role
As an Infrastructure Cloud Risk Assessment Manager, you are expected to have a solid understanding and experience of major cloud-native architectures, expertise in identity and access management, familiarity with various data encryption methods, and knowledge of cloud compliance regulations. You need to ensure availability, reliability, security and performance and resilient architecture to address customers/client business challenges and accelerate technology adoption to improve the product services. You need to ensure control on security by designing principles of applications hosted in public cloud (Azure, AWS, GCP, OCI). Technical understanding on zero-trust architecture and micro segmentation along with hands-on experience with SIEM (Security Information and Event Management) tools to proactively monitor, analyse, and respond to security incidents is an important aspect.
Key Responsibilities
Identifying Vulnerabilities
Understanding of cloud architecture review, and virtualization. Conduct cloud security assessments, across but not limited to the following domains:
* Network and Perimeter Security
* Data Protection and Backup Management
* Identity and Access Management
* Log Management and Monitoring
Analysis & Reporting
Identify and analyse the risks associated. Provide recommendations for the identified findings and develop the road-map. Contribute in creating and enforcing security policies, procedures, and best practices across the organization.
Implement Security Measures
Develop and implement robust security measures for cloud environments, ensuring the confidentiality, integrity, and availability of data. Contribute in creating and enforcing security policies, procedures, and best practices across the organization.
Collaborate
Work closely with cross-functional teams to integrate security controls seamlessly into cloud-based architectures and applications. Collaborate with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes.
Qualifications & Skills
Educational Qualification
Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with certifications such as CISSP, CISM, AWS Certified Security, etc.
Compliance
Assist in securing the IT landscape/ecosystem built on-premises and multi-cloud environment.
Technical Skills
Proficient in cloud security assessment, across all the deployment and service models IaaS, PaaS, SaaS. Experience with the cloud-native services across major cloud service providers (AWS, GCP, Azure, OCI).
Communication skills
Outstanding communication abilities. Ability to effectively communicate the required recommendations.
Senior Insurance Underwriter - Risk Assessment
Posted 16 days ago
Job Viewed
Job Description
Key Responsibilities:
- Evaluate insurance applications and assess risk profiles for various insurance products.
- Determine appropriate policy terms, conditions, and pricing based on risk assessment.
- Analyze financial statements, loss history, and other relevant data to make underwriting decisions.
- Develop and implement underwriting guidelines and best practices.
- Collaborate with actuaries to ensure accurate pricing and reserving.
- Provide expert guidance and mentorship to junior underwriting staff.
- Communicate underwriting decisions and rationale clearly to agents, brokers, and clients.
- Monitor market trends and regulatory changes impacting underwriting.
- Identify opportunities for process improvement and efficiency gains in the underwriting function.
- Ensure compliance with all relevant insurance laws and regulations.
- Bachelor's degree in Finance, Economics, Business Administration, or a related field.
- Professional underwriting designations (e.g., AIC, CPCU) are highly desirable.
- Minimum of 5 years of experience in insurance underwriting, with a focus on complex risks.
- In-depth knowledge of various insurance lines and underwriting principles.
- Strong analytical, quantitative, and problem-solving skills.
- Proficiency in underwriting software and tools.
- Excellent communication, negotiation, and interpersonal skills.
- Ability to work independently and manage a workload effectively in a remote environment.
- Understanding of insurance regulations and compliance requirements.
Corporate Sector - Climate Risk Assessment
Posted today
Job Viewed
Job Description
**Key Responsibilities**
- Provide overall support to the team's climate and transition risk analytical frameworks, with focus on developing methodologies and conducting research on sectoral and corporate climate transition strategies
- Become an expert in the datasets we use to manage climate risk, forming conclusions on key trends and patterns and working with data providers to maximise our knowledge
- Help build, maintain and analyse outputs from climate risk assessment models and user tools
- Produce documentation to support climate risk assessment models and user tools
- Perform research on a range of climate related topics that affect the firm's activities Help address regulatory expectations and requirements for managing climate-related risk
**Desired Skills and Experience**
- Excellent analytical skills: proficient in Excel modelling and comfortable working large datasets; knowledge of Python/R would be an added benefit
- Strong sense of ownership and ability to work independently in producing deliverables with high standards and within tight deadlines
- Ability to convey information clearly, accurately and succinctly (both written and verbally)
- Ability to draft high-impact presentations and documentation, strong attention to detail
**We offer**
- An inclusive, collaborative and supportive environment
- Intellectual stimulation and the opportunity to partner with the business
- A clear path for career growth with opportunities for internal mobility
- Benefits including Healthcare and Insurance plans, Retirement Savings Program, Family Care, Wellness Programs and Employee Programs
**About JPMorgan Chase & Co.**
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law.
- Transition risks arise from the process of adjusting to a low-carbon economy. In addition to possible changes in climate policy and financial regulation, potential transition risks may include economic and other changes engendered by the development of low-carbon technological advances (e.g., electric vehicles and renewable energy) and/or changes in consumer preferences towards low-carbon goods and services. Transition risks could be further accelerated by the occurrence of changes in the physical climate. More information can be found in J.P. Morgan's 2021 ESG report, available at ( link ).
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Lead Insurance Underwriter - Risk Assessment Specialist
Posted 12 days ago
Job Viewed
Job Description
Key Responsibilities:
- Underwrite complex insurance applications, assessing risk and determining coverage terms.
- Develop and implement effective underwriting policies and procedures.
- Mentor and guide a team of junior underwriters, providing training and support.
- Collaborate with actuaries and product development teams on pricing and policy design.
- Review and approve or deny insurance proposals based on risk evaluation.
- Monitor underwriting performance and identify areas for improvement.
- Ensure compliance with all relevant insurance laws and regulations.
- Build and maintain strong relationships with agents and brokers.
- Analyze market trends and competitor activities to inform underwriting strategies.
- Prepare reports on underwriting results and portfolio performance.
- Bachelor's degree in Finance, Business Administration, or a related field.
- Significant experience in insurance underwriting, with a focus on risk assessment.
- Strong knowledge of insurance products, legal requirements, and market dynamics.
- Excellent analytical, quantitative, and problem-solving skills.
- Proven leadership and team management capabilities.
- Effective communication and presentation skills.
- Proficiency in underwriting software and MS Office Suite.
- Professional certifications (e.g., CPCU) are a plus.
AVP/Sr Manager - AI/ML Security Risk Assessment Specialist with a Large Private Bank
Posted today
Job Viewed
Job Description
Job Summary
The AIML Security Risk Assessment Specialist will play a critical role in validating reports and making final risk assessments for AIML models used in various business applications and use cases. This role will work closely with the Digital Risk Management Portfolio team to ensure the security and integrity of AIML models, use case along with applications.
Key Responsibilities
- Risk Assessment: understand the business requirement, finalise the scope and perform end to end risk assessment.
- Validate reports from various sources and make final risk assessments for AIML models, considering factors such as data quality, model performance, and potential security threats.
- Conduct Security Risk assessment for GenAI models, tools, and platforms risk assessment.
- Perform in-depth risk assessments of GenAI systems and associated data pipelines, both internally developed and third party.
- Evaluate the risk profile of different model architectures (e.g. transformer-based LLMs, multimodal models) and deployment types (cloud, edge, open-source, API-based)
- AIML Model Review: Review AIML models for potential security vulnerabilities, including data poisoning, model evasion, and adversarial attacks.
- Report Analysis: Analyse reports from AIML model testing and validation teams to identify potential security risks and provide recommendations for mitigation.
- Risk Classification: Classify risks associated with AIML models and provide recommendations for risk mitigation and remediation.
- Collaboration: Work closely with cross-functional teams, including data science, engineering, and security, to ensure secure AIML system development and deployment.
- Review AIML use cases and provide assurance/feedback/confirmation on feedback.
- Reasonable understanding on LLM security, Agentic and RAG security
Required Skills
- AIML Fundamentals: Strong understanding of AIML concepts, including machine learning, pipelines, model architecture deep learning, and natural language processing.
- Secure software development and MLOps (DevSecOps Principles)
- Hands-on experience with GenAI toolkits and APIs (e.g. OpenAI, Claude, Bard, LLaMA, Hugging face transformers.
- Security Expertise: Experience with security risk assessment, threat modelling, and vulnerability management.
- Analytical Skills: Excellent analytical and problem-solving skills, with the ability to interpret complex data and reports.
- Communication: Strong communication and collaboration skills, with the ability to provide clear and concise recommendations.
Experience
- Experience with AIML Security Frameworks: Familiarity with AIML security frameworks and guidelines Gartner / NIST 100 / ISO 42001
- Knowledge of Regulatory Requirements: Understanding of regulatory requirements, such as GDPR, HIPAA, or CCPA.
- Experience with Risk Management: Familiarity with risk management frameworks and methodologies, such as NIST or ISO 27001, ISO 31000.
- Experience overall in Information & cyber security domain
- Understanding of BFSI domain so that terms like DPSC, payments ecosystem, API banking, Cloud, IAM, application security etc in context of risk assessment and management.
Education
- Bachelor's or Master's degree in Computer Science, Information Security, or related field.
- Minimum 7-15 years of experience with 2-3 years of experience* in AIML / GenAI security, risk management, or related field.
- CISA, CISM or at least AIML security certification
This job description highlights the key responsibilities and required skills for an AIML / GenAI Security Risk Assessment Specialist role. The focus is on validating reports, making final risk assessments, and providing recommendations for risk mitigation and remediation.
FIC Risk and Control Assessment
Posted 1 day ago
Job Viewed
Job Description
About The Role :
Job Title:
FIC Risk and Control Assessment (RCA)
LocationMumbai, India
Corporate TitleAVP
Role Description
The Business Control Unit (BCU) is a 1st Line of Defence (1st LoD) function within the front office created during the implementation of the Three Line of Defence (3LoD) programme. Its primary objective is to support the front office in executing Non-Financial Risk framework for its business line.
The primary responsibility of the candidate within the BCU would be to support the Risk and Control Assessment (RCA) process. The RCA is a key component of the Banks Non-Financial Risk (NFR) Framework to enable the effective profiling, monitoring, and management of Divisional NFR. The responsibilities would also include control testing, incident research, remediation and other ad hoc control initiatives and projects. Working closely with teams in and out of the division to understand risks impacting the group on a dynamic basis.
About The Role
The BCU team is principally responsible for:
- Identification and mitigation of non-financial risks (regulatory, conduct and systemic)
- Supporting the operations of an efficient supervisory and conduct framework.
- Ensuring the governance and remediation of a business audit portfolio
- Driving Change the Bank initiatives to support the control framework.
In addition to working closely with the business heads, the groups reach and interaction is broad, including engagement with the Corporate Relationship Management (Coverage) Divisional Control Officer (DCO) and those functions forming the 2nd and 3rd LoD, for example Compliance, Anti Financial Crime (AFC), Non-Financial Risk Management (NFRM), Legal, Group Audit and others. This role will be to support the Global BCU function in various capacities.
What well offer you
As part of our flexible scheme, here are just some of the benefits that youll enjoy
- Best in class leave policy
- Gender neutral parental leaves
- 100% reimbursement under childcare assistance benefit (gender neutral)
- Sponsorship for Industry relevant certifications and education
- Employee Assistance Program for you and your family members
- Comprehensive Hospitalization Insurance for you and your dependents
- Accident and Term life Insurance
- Complementary Health screening for 35 yrs. and above
Your key responsibilities
The Candidate within the team would be primarily responsible for RCA and would be required to-
- Collate and analyse contextual data and relevant data triggers (including read across from other assessments) to inform an accurate and up to date view of the Risk Profile as well as Emerging Risks.
- Update the Inherent Risk, Control Suite & Residual Risk rating and supporting rationale, liaising with Risk Types SMEs in their business.
- Consider the combined effectiveness of individual Key Controls, leveraging available Control Guardrail information, individual Control certification & assessment from Control Owners, and individual Control Assurance results for Control Suite ratings.
- Coordinating and incorporating Anti-Financial Crime and Compliance risk assessments within the business Risk Profile
- Coordinating and participating in quarterly US/ annual global RCA workshop to ensure Risks are discussed and mitigation decisions are documented in the RCA tool.
- Creating monthly RCA snapshot in the tool as a point-in-time Risk Profile for the division and coordinating capture of unresolved 2nd LoD challenges and obtain sign off from Risk Assessor.
Candidate would also be responsible for-
- Support Non-Financial Risk Councils (NFRCs).
- Support validation of DMA (Designated Market Activities) perimeter.
- Ensuring control inventory for Coverage is kept up to date.
- Support all aspects of Front Office Operational Risk Framework from an RCA perspective.
- Provide support for audit reviews and compliance testing.
- Creation and delivery of senior management reporting to support decision making.
- Provide analytical support to the BCU team and senior management decision making.
- Manage ad-hoc tasks as and when required.
Your skills and experience
- MBA in Finance from a premier institution with relevant experience
- Work experience in banking domain working on regulatory projects/ operational risk management.
- Strong interpersonal and excellent verbal and written communication skills. Experience in conducting and driving meetings with senior stakeholders.
- Able to work as part of a global team.
- Experience in managing the RCA process would be preferable.
- Strong computer skills, particularly in dealing with high volume of data, management of databases and Excel.
- Advanced exposure PowerPoint is must.
- Strong analytical skills and ability to formulate clearly and present information in a compelling manner.
- Confident to question the status quo business practice / existing control framework.
Be The First To Know
About the latest Conducting security audits Jobs in Mumbai !
Information Security
Posted 1 day ago
Job Viewed
Job Description
DEPARTMENT
Information Security
REPORTING POSITION
CISO
KEY RESPONSIBILITIES
Security Engineering:
Experience in review and /or implementation of technology components like networks, Infrastructure, security solutions like DLP, AD, end point security tools, Email Security, mobile device Security, proxy, firewall etc.
Review effectiveness of IT architecture, Data and User Security Controls, Cloud Security Assessment, Cryptography Controls, and other System Security Practices.
Conduct POCs for new Security Solutions, implementation of new Security Practices / Processes / Controls across organization, work closely with security partners and MSS vendors on day to day basis, and communicate updates
Should have good knowledge of various platforms / technologies and security controls (e.g. Firewall, proxy, load balancer, database, DLP, DRM, domain controllers, System Hardening, System Security Practices, Access Controls, Secure SDLC, Application Security etc.)
Conduct Review of all projects (e.g. new applications, system integration, secure architecture, confidential data requests, risk assessment etc.)
Security Operations Center (SOC) and Threat Intel:
The role will include complete governance and oversight on SOC processes, overseeing testing
Should understand of data protection techniques like encryption, vaulting, security in transit and at rest.
Analysing Security Advisories, identifying actionable with stakeholders & tracking closure.
Track vulnerabilities in the environment for remediation within timelines and ensure timely management reporting of all information security risks.
Involvement in SOC governance, to make sure all reported incident, advisories are actioned as per recommendations, review various reports, alerts generated by SOC
Regulatory Compliance:
Should have good knowledge of Indian IT laws, global security frameworks & regulatory requirements from IRDAI, RBI, SEBI etc.
Engage in Information security strategy and governance, risk and compliance, cyber resilience, information security transformation and co-sourcing, application and network security engagements.
Ensure Team is always audit / compliance ready, and support the internal / external audits.
REQUIRED QUALIFICATION AND SKILLS
Educational Qualifications:
Graduate, Post Graduate
Work Experience:
7+ Years of relevant experience in IT and Information Security
Certifications:
CISA, CISSP, CEH, ISO27001, BCMS, any security specific certificate will be added advantage .
FIC Risk and Control Assessment (RCA) - #VeteranHiring
Posted today
Job Viewed
Job Description
Description
The BCU team is principally responsible for:
In addition to working closely with the business heads, the group’s reach and interaction is broad, including engagement with the Corporate Relationship Management (Coverage) Divisional Control Officer (DCO) and those functions forming the 2nd and 3rd LoD, for example Compliance, Anti Financial Crime (AFC), Non-Financial Risk Management (NFRM), Legal, Group Audit and others. This role will be to support the Global BCU function in various capacities.
What we’ll offer you
As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
Your key responsibilities
The Candidate within the team would be primarily responsible for RCA and would be required to: -
Candidate would also be responsible for: -
Your skills and experience
How we’ll support you
Information Security Manager

Posted 4 days ago
Job Viewed
Job Description
This position is responsible for the leadership of the India Information Security (IS) department as part of the Global Information Security Directorate. Areas of responsibility will include coordination with the other IS Departments to ensure standard enforcement of security polices and controls, interfacing with local India IT teams and business leaders, and mitigating risks to the organization's information assets.
**Responsibilities :**
+ Manage India Information Security team's day to day operations.
+ Support the global Security Operations (SecOps) department to safeguard digital assets by assisting with detecting, investigating, and resolving cybersecurity threats
+ Assist the global Governance, Risk & Compliance (GRC) department with enforcing cybersecurity policies, overseeing cybersecurity risk, facilitating cybersecurity compliance audits, and conducting cybersecurity awareness training.
+ Assist the global Cybersecurity Infrastructure and Design (CID) department with management and maintenance of the cybersecurity systems, platforms, and controls.
+ Implement Secure Software Development Lifecycle (SSDLC) in India office by enforcing the compliance of global policies, processes, procedures and principles.
**Qualifications**
+ Bachelor's degree in Cyber/Information Security or Information Technology, Computer Science, Computer Engineering
+ Professional certifications such as CISSP, CISM, or equivalent multi-domain cybersecurity focused certification.
+ At least 10 years of experience in IT security management, with a proven track record of managing teams in global matrix environment
+ Experience with security technologies: EDR, SIEM, SOAR, CASM, CASB, CSPM, IAM, PAM
+ Excellent communication and interpersonal skills to effectively engage internal stakeholders.
+ Demonstrated ability to analyze complex security issues, devise solutions, and enforce established security controls.
+ Strong leadership skills to drive standardization of processes, procedures, and principles.
This job posting will remain open a minimum of 72 hours and on an ongoing basis until filled.
**Job** Engineering
**Primary Location** India-Maharashtra-Mumbai
**Schedule:** Full-time
**Travel:** No
**Req ID:**
**Job Hire Type** Experienced Not Applicable #BMI N/A