The Job logo

What

Where

Senior Governance & Risk Analyst

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
As a Senior Governance & Risk Analyst at ZS, you will be responsible for proactively identifying and mitigating risks, ensuring compliance with regulations, and enhancing our control framework. You will collaborate with stakeholders, analyze security findings, and provide input into the development of security risk scorecards. Your role will involve conducting risk assessments, managing third-party risks, overseeing remediation activities, and supporting audits. Additionally, you will contribute to the maintenance of GRC tools and play a key role in various risk governance-related initiatives and special projects. This is a full-time on-site opportunity located in Pune, Maharashtra, India.

The Senior Governance & Risk Administrator will serve as a key member of our IT Governance, Risk, and Compliance team, responsible for proactively identifying and mitigating risks, ensuring compliance with regulations, and enhancing our control framework. The role involves working closely with various stakeholders, analyzing security findings, and providing input into the development and maintenance of security risk scorecards. The candidate will also assist in the management of GRC tools and contribute to various risk governance-related initiatives and special projects.

 

Responsibilities:

  1. Conduct Risk Assessments: Collaborate with the ZS stakeholders from IT, HR, Finance, Legal, etc. teams to perform risk assessments and identify potential threats and vulnerabilities in our IT infrastructure and third-party relationships.
  2. Third Party Risk Management (TPRM): Develop, implement, and maintain effective TPRM processes, including third-party risk assessment, due diligence, and ongoing monitoring.
  3. Remediation Oversight: Assist in the management of remediation activities, including the development and monitoring of remediation plans for identified risks and vulnerabilities.
  4. Documentation and Reporting: Prepare comprehensive findings reports for various stakeholders, summarizing assessment results, remediation progress, and recommended actions, both internally and within the TPRM framework.
  5. Audit Support: Provide support during internal and external audits, assisting in audit planning, execution, communication, and reporting phases, with a specific focus on TPRM.
  6. Security Monitoring: Analyze findings from security monitoring systems, reviewing vulnerabilities for active and acceptable remediation plans, including third-party risks.
  7. Risk Mitigation: Collaborate with cross-functional teams to identify and proactively address potential gaps in security, especially in the context of third-party risks.
  8. GRC Tools: Assist in the management and maintenance of GRC tools, including configuration and reporting, with a focus on TPRM capabilities.
  9. Policy and Framework Compliance: Ensure that operational controls, including those related to third parties, are aligned with relevant control frameworks, standards, and regulatory requirements.
  10. Training and Awareness: Contribute to the development of information security training material and assist in conducting training sessions for relevant stakeholders, emphasizing TPRM best practices.
  11. Special Projects: Collaborate on various technology risk governance initiatives and other special projects as assigned, with a strong emphasis on TPRM improvements.
  12. Mentorship: Lead and mentor a team of Governance & Risk Analysts/Administrators to ensure efficient execution of risk assessment processes, risk treatment activities, and third-party risk management.

 

Qualifications:

  1. Bachelor's degree in IT or relevant field with a strong academic record.
  2. A minimum of 4 years of experience in IT Risk Management and Third-Party Risk Management roles.
  3. Knowledge and experience in conducting risk assessments, managing remediation activities, and enhancing TPRM practices.
  4. Familiarity with Industry standards and frameworks like ISO 27001, ISO 27701, ISO 27017, ISO 27018, NIST CSF, etc.
  5. Strong communication skills, both written and verbal, for reporting and interacting with stakeholders.
  6. Knowledge of control frameworks, information security policies, regulatory compliance, and TPRM best practices.
  7. Ability to work independently and as part of a team.
  8. Willingness to adapt to evolving industry standards and technologies.
  9. Certifications such as CISA, CISSP, or other relevant GRC and TPRM certifications are a plus.

Technical Expertise:

  1. Proficiency in MS Office, including Word, Excel, and PowerPoint.
  2. Experience with GRC tools (e.g., RSA Archer) and software for reporting and compliance management, with a focus on TPRM capabilities.
  3. Basic understanding of web-based applications, operating systems, databases, and TPRM tools.
  4. Knowledge of laws and regulations impacting data security, privacy, and third-party risk management is a plus.
Set alert for similar jobsSenior Governance & Risk Analyst role in Pune, India
ZS Logo

Company

ZS

Job Posted

a year ago

Job Type

Full-time

WorkMode

On-site

Experience Level

3-7 Years

Category

Corporate

Locations

Pune, Maharashtra, India

Qualification

Bachelor

Applicants

Be an early applicant

Related Jobs

ZS Logo

Revenue Analyst

ZS

Pune, Maharashtra, India

Posted: a year ago

As a Revenue Analyst at ZS, you will be responsible for maximizing hotel room revenue through effective management of room inventory and pricing strategies. You will work closely with hotels to implement revenue management and distribution strategies, analyze performance trends, and make data-driven decisions to optimize room revenues. This is a full-time on-site opportunity located in Pune, Maharashtra, India.

Mastercard Logo

Senior Technology Risk Analyst - Privacy

Mastercard

Pune, Maharashtra, India

Posted: a year ago

Our Purpose   We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.   Title and Summary Senior Technology Risk Analyst - Privacy Overview The Mastercard Technology Risk Team is looking for a Senior Technology Risk Analyst to support and lead an assurance and controls program supporting various privacy and security requirements to meet customer and regulatory obligations for Mastercard. Focus will be on providing compliance support, the implementation of design (up-to-date standard operating procedures) and operational (testing the validity of procedures periodically) effectiveness, monitoring, and reporting of the ongoing operating effectiveness of the internal control environment and working closely with application/product owners to document the flow of data at the application level. This role is a pivotal part of the Mastercard technology risk function and supports Mastercard's commitment to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals. The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices. Responsibilities • Supports assurance program, engages with internal partners to help build control frameworks to ensure needs and expectations over services are met for various certifications (e.g., SOC2) • Engages with Mastercard Privacy team to ensure privacy principles are adequately addressed • Engages with product and application owners to document data flows using Data Flow Diagrams •Engages with the auditors to test the control framework to ensure objectives are met and risk is managed effectively •Executes control assessments of various operational and business areas to assess potential risks or control gaps • Takes actions to address risk issues according to established policies; monitors the implementation of action plans to reduce risk • Tracks remediation internally and externally through to resolution to help improve design and operational effectiveness of controls • Assists with the implementation of cross-functional initiatives to deliver on risk goals, policies and procedures • Supports special projects as requested; provides ad-hoc support to management • Reports formally on the results of assurance/certification objectives, controls, and risk assessments • Helps develop and maintain reports, metrics and presentations of progress and results for meetings with customers and regulators Experiences • Demonstrated ability to operate with independence and autonomy • Experience with control frameworks (e.g., SOC2, ISAE3402/3000, ISO27001 and GDPR) • Bachelor’s degree or equivalent combination of education and experience/Bachelor’s degree in computer science, information technology or related field preferred • Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization • Professional certification like CISSP/CISA/CRISC/CIPP or similar, a plus • Contribute to work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds • Familiarity with the financial services industry and payment processing industry, a plus • Experience collaborating cross-functionally to identify and implement best practice risk processes • Exposure to security, including network and internet systems security • Demonstrates basic knowledge of Risk analysis; begins to develop relationships with risk managers, business and technology partners   Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

ZS Logo

Senior Finance Associate - Controllership

ZS

Pune, Maharashtra, India

Posted: a year ago

Primary responsibility requires ownership for the reporting and regulatory compliance for the company. Regulatory responsibilities are to ensure that the following are accurately filed and are managed timely in collaboration with outside professionals, where necessary: Person will be responsible for: Month end close process, MIS/Management report preparation for APAC entities, Cost Review at office, entity and region level To perform Trial Balance and Ledger scrutiny and pass various closing /adjustment accounting entries. Financial statement preparations as per the applicable accounting standards Point of contact for getting various audits concluded – External & Internal Other internal reporting/accounting matters. Cash flow and fund management, Intercompany transaction review and collaborating with Accounts Payable for payments Day to day correspondence with Bankers Participate in Accounting guideline review and update process Work collaboratively and lead adhoc local or global projects, assigned from time to time Respond to questions from internal stakeholders and vendors regarding invoice information and payment status. Support & collaborate with global controllership team   All entity and office level compliances from finance perspective, including below but not limited to: RBI and FEMA (annual, foreign exchange reporting/management) Provident Fund reporting and other labour law related matters. Corporate Laws and ROC compliance Corporate Income Tax including TDS and Transfer Pricing Regulations This position would report to India Accounting Head in Pune. Qualifications : CA/ CA finalist/ CA-Inter; with strong academic background. • Accountant with at least 2-5 years’ experience in a professional accounting capacity. • Experience in professional services and multi-branch/multi-currency and STPI/SEZ environment would be a strong plus.