דרושים Tc-cs-ngso Tem-application Security Analyst_cyber_3-7 Years ב-Ey ב-India, Thiruvananthapuram

Oracle Security Design and ITAC – Senior

As part of our Risk Consulting Service Line, you will be part of the team performing reviews and assessment of Oracle Security Design and IT Application Controls testing for Oracle ERP solutions for various clients across the MENA region. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also involve in identifying potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.

We are seeking a highly motivated and experienced Oracle Security Senior to perform our technical reviews and assessment of complex Oracle ERP security design control reviews and assessment projects. The ideal candidate must possess deep technical expertise in Oracle ERP solutions including Oracle Fusion Cloud applications etc., strong technical skills, and a proven track record of working and delivering high-quality work for Oracle solutions. This role requires excellent communication and client management abilities.

Your key responsibilities

• Perform technical review in the Oracle Security Design, implementation of Oracle ERP and Oracle Cloud solutions.
• Review technical specifications and design documents.
• Expertise on coding standards and best practices for Oracle Solutions.
• Conduct technical design control review sessions and provide guidance to the team & serve as a technical point of contact for clients and stakeholders
• Expertise in Oracle Integration Cloud (OIC), Oracle Analytics Cloud (OAC), and other related Oracle Cloud technologies.
• Experience in Implementations (Oracle EBS/Financials – GL, AP, AR, CM, FA, Projects Costing, Contracts & Billing in Fusion and R12)
• Strong understanding of Oracle Fusion Cloud security and access controls.
• Experience with data migration and conversion strategies
• Manage client expectations and ensure client satisfaction.
• Proactively find ways to improve client systems, and processes that improves their technical environment
• Perform control testing for both ITAC & ITGC as per the client scope and requirement.
• Contribute to the Risk Consulting team as a key member and assist with facilitating practice wide training (Oracle ITGC/ Oracle ITAC /Oracle Pre & Post Implementation reviews) curriculum.
• Work closely with onshore, cross-functional teams and develop strong relationships across the organization, especially with Onsite team.

Skills and attributes for success

• Minimum 3 years of experience in Oracle Solution security design, review and implementation.
• Bachelor’s or Master’s degree in computer science, Information Technology, or a related field.
• Extensive experience in Oracle Integration Cloud (OIC), including designing and developing complex integrations.
• Strong understanding of OIC Adapters (Database, Oracle ERP, HCM, and SCM Cloud Adapters).
• Hands-on experience in OIC process automation, orchestration, and monitoring. Developing OIC connections, integrations, and lookups for seamless data exchange across Oracle Cloud applications.
• Experience in Fusion ERP modules across Finance, SCM, HCM, and Projects.
• Proficient in Oracle Technologies like OTBI, BIP/XML Publisher, SQL, PL/SQL, and Oracle Reports.
• Experience in Web ADI and Knowhow in Payroll Fast Formulas, Proven ability to integrate with third-party providers.
• Experience in Data Migration using FBDI (File-Based Data Import) Templates, Knowledge of data models and web services in Oracle EBS/Cloud. Experience in Data Loading/Conversions using Data Loader (HDL) and Spreadsheet Loaders.
• Hands-on experience in Documentation, writing Technical Specs, Test Scripts, SIT, UAT, Code Reviews, Deployments, and SDLC Change Management processes.
• Strong expertise in Oracle Fusion Cloud technical components, including OTBI, BIP, SQL, PL/SQL, and REST APIs.
• Experience in performance tuning of Fusion Applications. Oracle Analytics Cloud (OAC) is highly desirable.
• Strong team player, highly motivated, with excellent communication and interpersonal skills.
• Knowledge of Oracle EBS, Oracle Financials, Oracle Cloud Infrastructure (OCI) services and architecture.
• Experience with DevOps practices and tools, such as Jenkins, Docker, and Kubernetes.
• Familiarity with Agile methodologies and tools like JIRA.
• Basic Experience with machine learning and AI integration in Oracle Cloud applications.
• Knowledge of security best practices and compliance standards in cloud environments.

To qualify for the role, you must have

• Should have hands on experience and strong knowledge on technical activities performed in EBS and Fusion covering all key modules of Finance, SCM and HCM
• Must have valid passport with minimum 6 free pages and should be willing to travel on short term for client site work assignments especially to Middle East as and when required depends on project requirements.
• Excellent communication, presentation skills and consulting mindset
• Client handling experience.
• Willing to work in MENA Shift timings (Sunday to Thursday).
• A valid passport for travel.
• Minimum Education Qualification
• Oracle certified professional

Ideally, you’ll also have

• A bachelor's or master's degree (B.TECH/B.E/M.TECH/MBA-Finance)
• Core experience in Oracle Solutions design and implementation functions.
• Minimum 3-5 years of relevant experience working in Oracle Financials (EBS /Fusion)
• Experience in at least one full life cycle implementation, with at least one implementation on EBS or Fusion Financials.
• Experience in a client-facing delivery role.
• Experience in major industry sectors like retail, government, energy, real estate, oil & gas, power & utilities.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

TEM Manager – DevSecOps

As part of our Cyber Security team, you will build and manage a secure cloud/on-prem platform while ensuring seamless development, build and deployment capabilities. You will be responsible for the security assessment of infrastructure, database and applications, setting up processes and guidelines. You will work closely with DevOps, Architects and Developers and QA to build highly reliable and secure products. You shall also perform in-depth analysis of security test results and create report that describes findings, exploitation procedures, risks and recommendations.

Your key responsibilities

• Expertise managing large scale applications
• Understanding of OWASP SAMM, NIST SSDF, BSIMM frameworks.
• Ability to perform current state DevSecOps assessments, identify gaps and provide recommendations to the client.
• Experience with building an end-to-end DevSecOps program.
• Deep experience with CI/CD, DevSecOps automation
• Experience with Lean product development and agile software development principles and process
• Convey complex technical security concepts to technical and non-technical audiences including executives.
• Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams
• Ability to automate DAST/SAST solutions and reporting
• Support SDLC and agile environments with application security testing and source code reviews.
• Provide technical leadership and advise to junior team members on secure SDLC and DevSecOps engagements and Work closely with client development teams
• Develop automated solutions that mitigate risks throughout the organization.
• Support business development activities

Skills and attributes for success

• Experience with performing manual and automated SAST assessments.
• Experience with performing threat modeling and secure design reviews.
• Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.) updated and familiarized with the latest exploits and security trends.
• Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan)
• Familiarity with static code analysis tools and services (CheckMarx, Fortify Static Code Analysis tool, Veracode, Coverity, IBM AppScan Source)
• Experience in developing a DevSecOps CI/CD pipeline completely using open-source tools.
• Experience with SCM tools like Github, Gitlab, Bitbucket and their ability to integrated with CI/CD pipelines by using webhooks, actions, etc.
• Experience with implementing different phases of CI/CD like secret scanning, SAST, SCA, DAST, Infrastructure as code, compliance as code, vulnerability management.
• Experience with container security tools.
• Optimizing the pipeline to produce the best results and ability to plan a maturity model for the DevSecOps program.
• Understanding of web-based application vulnerabilities (OWASP Top 10).
• Experience with scripting / programming skills (e.g., Python or PowerShell or Java or Perl etc.).

To qualify for the role, you must have

• BE/ B.Tech/ MCA.
• Minimum of 10 years of work experience in application security, Secure SDLC and DevSecOps.
• Certifications: Mandatory to have any one of the below certifications,
  • Azure Security Architect (Az-500)
  • AWS security speciality certification (SCS-C01)
• Knowledge of Windows, Linux, UNIX, any other major operating systems.
• Strong Excel and PowerPoint skills.

Other recommended skills and certifications

• Project management
• Certifications: CSSLP, CISSP, Certified DevSecOps Professional

What we look for

A candidate who can design and build a complete DevSecOps programme and work around a maturity model, optimizing the pipeline to integrate the best tools according to the client requirement.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

: Consultant-National-Forensics-ASU - Forensics - Investigations & Compliance - Mumbai

Technical Excellence

• Fraud Investigation and Internal Audit

Qualification

• Bachelor of Commerce
• Master of Business Administration

Experience

• Data Analysis (2+ years)

People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful, and able to sustain positive energy, while being adaptable and creative in their approach.If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

• Ensure compliance to GDS EM protocols and guidelines.
• Manage end-to-end resource management – demand pipeline management, capacity planning, demand management, external recruitment coordination, headcount management, bench management and reporting/MIS
• Monitor demand – supply gaps and opportunities to cross/upskill resources to minimize bench and improve employee experiences.
• Monitor and actively drive governance on skills update on defined skills management platforms.
• Establish channels for regular stakeholder connects and business reviews.
• Provide thought leadership to the EM team in identifying and implementing resource optimization techniques.
• Implement and monitor quality compliance within the Experience Management team.
• Identifying and prioritizing opportunities for process improvement/automation.
• Develop a strong business continuity framework for self and team.
• Lead people engagement and people development activities to create a positive work environment for the team.
• Drive cross SL resource sharing for improved Collaborate with other EM team leads and share best practices

Graduates with 8-9 years of relevant workforce management experience. Understanding of business models, operational and financial aspects of service delivery is mandatory. The suitable candidate should have good analytical skills, can compute staffing demands, validate skills and experiences associated with the demand, identify suitable fulfilment options from the internal pool of professionals available for allocation or on bench and negotiate staffing solutions with the service delivery managers.

To qualify for the role, you must have

• Excellent domain knowledge in resource management, demand planning and MIS.
• Strong execution skills with focus on meeting timelines and delivering highest quality service.
• Solution oriented mindset.
• Excellent verbal and written communication skills.
• Strong working knowledge of MS Excel, Word and PowerPoint.
• Strong time management and analytical skills.
• Stakeholder management skills.
• 2-3 years’ experience in directly supervising a team.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Your key responsibilities

• Evaluate key cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Identity and Access Management (IAM), Cloud Access Security Brokers (CASB), Web Application Firewalls (WAF), Cloud encryption and key management services, Security Information and Event Management (SIEM), and security automation tools with respect to hybrid cloud security posture (AWS, Azure, GCP, and on-premises).
• Evaluate the effectiveness of the implementation and operations of vulnerability management and patching programs, including timely identification, prioritization, and remediation of cloud and on-premises vulnerabilities
• Evaluate security hardening standards and secure cloud configuration best practices across all environments.
• Evaluate DevSecOps implementation to embed security into CI/CD pipelines and cloud deployments.
• Evaluate the current practice followed of cloud security monitoring and incident management
• Conducting risk assessments and vulnerability analyses in cloud environments and propose mitigation strategies
• Support larger Internal Audit and Cyber security audits engagements especially on domains related to cloud security
• Develop cloud security policies/procedures to protect data in the cloud and prevent unauthorized access.
• Good understanding of cloud security standards/regulations globally and within the MENA region (KSA, UAE, Qatar)
• Communicate cloud security risks, strategies, and remediation plans clearly to technical teams and senior management
• Ability to translate complex technical details into clear, business-understandable language for effective communication with stakeholders/business users
• Good in report writing and convey the observations to the top management in layman’s language emphasizing on the business risks.
• Build a team under you focused on cloud security and mentor junior resources
• Facilitate knowledge sharing and cross-team collaboration to enhance cloud security skills within the group
• Should be open-minded and ready to take up additional challenges or tasks outside your core domain expertise

Skills and attributes for success

• Strong technical knowledge of AWS, Azure, GCP, OCI and on-premises security architectures and controls.
• Proven ability to evaluate cloud security technologies, policies and processes.
• Experience conducting cloud risk assessments against global/MENA specific standards/regulations
• Experience managing cloud security metrics, reporting, and audit readiness.
• Excellent communication and stakeholder management skills.
• Experience in incident management and response in cloud environments.
• Familiarity with DevSecOps and secure CI/CD practices in Cloud

To qualify for the role, you must have

• 7–14 years of experience in cloud security, with hands-on expertise in hybrid and multi-cloud environments.
• Excellent communication skills with consulting experience preferred

Ideally, you’ll also have

• A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline.
• CCSP (Certified Cloud Security Professional)
• AWS Certified Security – Specialty
• Microsoft Certified: Azure Security Engineer Associate
• Google Cloud Professional Cloud Security Engineer)

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

• Able to support rotational shifts 24/7*.
• Able to work on weekends if needed.
• Good knowledge on PKI and CLM.
• Operational experience with PKI and CLM.
• Able to work independently in shifts.
• Good communication skills and proactiveness.
• Worked on troubleshooting scenarios in the past for PKI and CLM.

Join our External Audit team and you will help our clients meet their reporting requirements by providing an objective and independent examination of their financial statements, timely and constructive discussions with management on accounting and reporting matters, and a robust and clear perspective to audit committees.

You will experience on-going professional development through diverse experiences, world-class learning and individually tailored coaching. That’s how we develop outstanding leaders who team to deliver on our promises to all of our stakeholders, and in so doing, play a critical role in building a better working world for our people, for our clients and for our communities.

Your key responsibilities

• Recognize potential audit issues or unusual relationships from basic analysis of the financial statements and communicate them to the team
• Clearly and accurately document the execution of specific audit procedures as defined by the engagement objectives, client's engagement history, and planned audit approach
• Challenge procedures used in the past and attempt to enhance audit techniques
• Demonstrate professionalism and competence in the client's environment
• Maintain a strong client focus, be responsive to client requests, and develop/maintain productive working relationships with client personnel
• Stay informed of current business/economic developments relevant to the client's business
• Contribute ideas/opinions to the audit teams and listen/respond to other team members' views
• Bring potential opportunities to the team's attention
• Seek, develop, and present ideas to apply EY's knowledge and services.
• Use technology to continually learn, share knowledge with team members, and enhance service delivery

Skills and attributes for success

• A dedication to teamwork and leadership
• Integrity within a professional environment

What we look for

• An undergraduate or graduate degree in Accounting or any other business related subject and/or currently enrolled in an accounting designation i.e. ACCA, CA, CPA
• At least 2-3 years of experience working as an auditor for a public accounting firm, or particular business/industry experience to meet special needs will be considered an asset