859 Risk Assessment jobs in India

Position Summary - The position is a member of Risk & Compliance team within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements.

Key Responsibilities - Perform the following functions:

• Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection
• Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)
• Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process
• Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level
• Partner with awareness and training elements to develop and ensure rollout of programs to increase the level of awareness of compliance with policy and process
• Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready
• Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments
• Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities.
• Ability to provide effective management of junior employees.
• Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security
• Coordinates with other DCO and Delivery Compliance representatives to build out world class compliance program components to include processes, procedures, and technologies.
• Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program
• Demonstrates ability to work in virtual team with help of tools and technologies
• Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills
• Must have systematic and pragmatic approach to problem solving
• Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues and staff
• Have a good technical awareness and the aptitude to remain up to date with information security and IT developments
• Ability to communicate Risk to non IT business owners and support function such as delivery, HR, Admin, Legal, Contracting and others
• Ability to communicate risk at all levels of management up to and including C-Level executives.
• Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives
• Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.

Education Qualification - Graduate or master's degree in IT, Risk Management, Business Management, or a related field.

Certifications Required - Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.

Attributes of Ideal Candidate –

• At least 10 years’ experience in Information Risk Management/Information Security or auditing.Direct client and leadership experience
• Preferably, experienced in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)
• Excellent with Management Reporting, Reviews, Data Analytics
• Hands-on experience in Policy management and Governance, Risk modelling, Risk sensing and Data analytics.
• Strong communication skills
• Ability to provide effective management of junior employees
• Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues, and staff

• Developing and implementing comprehensive risk assessment frameworks and methodologies.
• Analyzing insurance applications, policy terms, and client data to identify and quantify potential risks.
• Conducting financial modeling and scenario analysis to predict potential losses and their impact.
• Assessing the financial solvency and stability of the company by evaluating underwriting and investment portfolios.
• Monitoring and analyzing market trends, economic conditions, and regulatory changes that may impact risk exposure.
• Collaborating with underwriting, claims, and finance departments to ensure effective risk management practices.
• Developing and recommending strategies for risk mitigation and control.
• Preparing detailed reports and presentations for senior management on risk exposure and mitigation plans.
• Ensuring compliance with all relevant insurance regulations and industry best practices.
• Staying up-to-date with emerging risks and evolving risk management techniques.

• Bachelor's or Master's degree in Finance, Economics, Actuarial Science, Statistics, or a related quantitative field.
• Minimum of 4 years of experience in risk management, actuarial analysis, or financial analysis within the insurance industry.
• Strong understanding of insurance products, underwriting principles, and claims processes.
• Proficiency in statistical analysis, financial modeling, and risk assessment software.
• Excellent analytical, problem-solving, and critical thinking skills.
• Ability to interpret complex financial data and present it clearly and concisely.
• Strong communication and presentation skills, with the ability to influence stakeholders.
• Experience with regulatory compliance requirements in the insurance sector.
• Professional certifications such as FRM, PRM, or actuarial designations are a plus.

IT Advisory Risk Consulting—IT Audit & Assurance 

Our client’s IT Advisory – Risk Consulting team is looking for Associate Consultants/ Consultants/ Assistant Managers to join their IT Audit & Assurance team in Bengaluru. Team provides Independent assurance on controls in place across client’s IT environment and ways to mitigate Technology risks. 

Following are some of our key solution offerings

• Risk Based IT Internal Audit
• IT SOX 404 Controls Testing, Quality Assurance
• Internal Financial Controls related to IT General Controls 
• IT General Controls as part of Financial Statements Audits
• IT Risk & Control Self-Assessment 
• Business Systems Controls / IT Application Controls 
• Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc.
• IT Attestation (SOC1/SOC2/ISAE 3402, ISAE 3000 etc.)
• Third Party/Vendor Risk Assessments 

Position: Associate Consultants/ Consultants/ Assistant Managers

Location: Bengaluru  

Requirements

Industry Experience:

• Plan, budget and execute the day-to-day activities of infrastructure audit engagements for clients
• Assess client's security landscape, assess, evaluate and recommend most suitable security solution, tools & techniques to create a threat resilient landscape using our client's differentiated approach and methodologies. Provide security concept, framework & standards for development & support client teams for the solution design, customization build and roll out to end users. 
• Perform a holistic security risk assessment of the client’s IT landscape taking various assets, threats, vulnerabilities, business impact & legal aspects into consideration. Designing and implementing controls to mitigate identified risks by lucid communication to client stakeholders. Effective persuasive/convincing abilities while communicating gaps detected during audits, risk assessments, attestation engagements.   
• Collaborate with other practice groups to review the effects of new threats and vulnerabilities in the security space to assess, remediate, test and protect client application artefacts, data and enterprise ecosystems from threat vectors as they emerge. 
• Work with other technology groups to provide cohesive solutions in Risk assessments, Financial statement audits, Attestation engagements encompassing network architecture, application, database, , standards and implementation related mandates for development, deployment and maintenance. 
• Manage teams delivering co-working discovery workshops & support delivery teams to provide assessment, remediation, testing and standards refresh for the application security practice. 
• Present and distill complex Security solutions into simple, easy to understand concepts for both technical and non-technical audiences especially in the context of opportunity pursuit. 
• Drive Innovation through Offerings: — Drive profitable growth through the execution of the strategy and the strengthening of the audit and assurance practice 
• Building innovative & collaborative solutions to bring combined offerings such as security related combinations with J2C, API, Data security as advisory & execution footprint to capture opportunities & illustrate convergence 
• Bring the audit and assurance practice to life to achieve sales and commercial opportunities in a collaborative ecosystem and follow through with support for cost effective high quality execution. 

Additional Responsibilities for Assistant Managers:

• Supervise associates and interns on engagements
• Serve as a liaison between financial services clients and upper management
• Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment
• Works with the client to minimize delivery disruptions and effectively manages client urgencies.
  Qualifications
• Engineering / MBAs with atleast 6+ years of experience 
• 3+ years of experience with hands on exposure to Infrastructure / Mobile/ Web application security spanning across various technologies. 
• Working level familiarity of advanced security assessment concepts, including but not limited to –, Malware analysis, OT/ICS security, Cloud security, security in IoT, Blockchain, RPA and emerging technologies, etc. 
• Working level familiarity with Static and Dynamic Analysis tools (SAST, DAST, IAST). Ability to manage deployment & use of OWASP tools and methodologies. 
• Ability to elucidate vulnerabilities and weaknesses in the OWASP Top10,WASCTCv2, SANS Top-25 and CWE25 to client IT/ISO audiences and discuss effective defensive techniques. 
• Comprehensive understanding and previous oversight of IT hardware, software, networking, databases, API services, J2C storage, licensing and related hosting needs.
• Infrastructural configuration reviews to identify the security related gaps within the IT environment
• Preference would be given to significant experience in relevant technical knowledge: (a) financial statement – IT  Audits; (b) IT internal or IT operations audits; (c) IT SOX engagements (d) Emerging Technology Risks (e) Data Privacy and PCI-DSS risks
• Good to have, add on skills - Working level familiarity with relevant vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint or any other open source tools). Working level familiarity with web application vulnerability scanning tools (e.g. IBM AppScan, HP Fortify, Accunetix, NTO Spider, Burpsuite Pro or any other open source tools), SIEM tools (SolarWinds, Splunk, LogRhythm, IBM QRadar) 
• Ability to understand/identify best practices for infrastructure process and controls.
• CISA, CISM, CISSP, CRISC, TOGAF certifications would be an added advantage
• Prior experience in client facing / account management roles
• Possess strong domain knowledge, understanding of IT processes supporting business and possible risks in operations of at least two industry sectors
• Demonstrate integrity, values, principles, and work ethic and lead by example

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work Life Balance

• Permanent full time position available
• Predominantly remote working
• Practising legal role - with no billable hours

DISCOVER  more opportunities to DEVELOP  your talents and THRIVE  in a dynamic legal landscape.

About the role

Our global Conflicts and new Business Intake department is seeking a Conflicts Risk Assessment Lawyer to join our global team. This role will be permanent full time role with the opportunity to work in a hybrid or predominantly remote work environment (with the occasional in office meeting and social events). This global department, part of the Firm wide Office of the General Counsel function, is responsible for the critical tasks of handling new business intake requests and associated conflict checks, client due-diligence and compliance work.

 What does the role involve?

This is a great role which involves exposure to a variety of matters with daily interactions with colleagues all around the world. On a daily basis you will be:

• Analysing and evaluating conflict search requests;
• Conducting extensive corporate affiliation and client quality research;
• Applying relevant professional rules of conduct, firm policies, regulations, and risk guidelines;
• Identifying and resolving potential conflict issues and providing a concise and complete summary report for relevant stakeholders such as partners, senior management and the General Counsel;
• Reviewing, drafting and providing advice on client engagement agreements, conflict waivers, external publications and outside counsel guidelines; and
• Vetting all new business intake requests to ensure compliance with the Firm's business direction.

What are we looking for?

We value our culture at K&L Gates and are proud of our friendly and respectful reputation. We are looking for a likeminded individual who, in addition to possessing technical excellence, is able to work collaboratively in a team and support their colleagues.  In addition to this we are looking for:

• Qualified lawyers with a current practising certificate and a minimum of 2 years PQE;
• Experience in a risk management or compliance role is highly desirable, but not essential. (Candidates who have been practising law for 2 or more years will be considered); 
• Excellent people skills with the ability to communicate concisely, influence stakeholders and build strong business relationships;
• Strong research skills and knowledge of corporate affiliations;
• High level computer skills with the ability to learn new systems quickly; and
• A desire to work in a legal compliance role.

To be successful in this role, you will exhibit a high degree of professionalism and confidentiality while maintaining a good rapport with the firm’s partners, lawyers and staff.  We seek exceptional employees who want to become a part of our practice on all levels, to help us expand, challenge our limits, and push us to grow into the future. If you are motivated by job challenges and personal growth, then K&L Gates could be the right place for you.

The extras

K&L Gates promotes equal opportunities for all employees to progress in their careers. 

Initiatives include:

• Regular social events and an active social club;
• Salary continuance insurance;
• Pro-bono programs and community involvement via our payroll giving program, Global Day of Service and charitable fundraisers;
• Generous leave options as well as a broad range of flexible working options;
• 26 weeks paid parental leave;
• An extensive range of learning and professional development programs; and
• Committees that tackle the big issues including diversity and inclusion, Women in the Profession and work/life balance.

About Us

The firm’s Australian operations provide vast knowledge of the Australian legal marketplace across a wide spectrum of industries.  With lawyers located in four established offices in Australia’s leading financial and commercial centres and possessing substantial experience.

At K&L Gates, we foster an inclusive and collaborative environment across our fully integrated global platform that enables us to diligently combine the knowledge and expertise of our people to create teams that provide exceptional client solutions. We marry process with vision, success with dedication, method with passion, and innovation with creativity. The outcome: The K&L Gates Experience.

Located across five continents, we represent a broad array of leading global corporations in every major industry, capital markets participants, and ambitious middle-market and emerging growth companies. We also serve public sector entities, educational institutions, philanthropic organisations, and individuals. Our lawyers counsel clients on their most sophisticated legal challenges in all areas of corporate and regulatory law as well as litigation.

We are leaders in legal issues relating to industries critical to the economies of both the developed and developing worlds—technology, manufacturing, energy, transportation, telecommunications, financial services, and life sciences, among others.

Do you like what you see?

Please apply via our Careers page at

For more information, please contact Tania Brierley, Recruitment Consultant at

For more information about K&L Gates please see our website

Referrals from agencies are not accepted at this time.

K&L Gates reserve the right to close advertising earlier at our discretion.

K&L Gates is an equal opportunity employer and promotes the safety, wellbeing and inclusion of those with a disability. We welcome applications from people who have an indigenous and/or culturally and linguistically diverse background.

Stay safe when applying on-line and be aware of jobs and employment related scams via scamwatch.gov.au   

Attachments:
- K&L Gates Employee Benefits.pdf