ZS Logo

ZS

Governance & Risk Lead

Posted 3 Days Ago
Be an Early Applicant
Hybrid
Pune, Maharashtra
Senior level
Hybrid
Pune, Maharashtra
Senior level
The Governance & Risk Lead will manage compliance and operational risks, provide expert guidance, and ensure effective risk identification and remediation across various domains.
The summary above was generated by AI
ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS.
Our most valuable asset is our people .
At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and
make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.
As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.
What you'll do:
  • Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains - Cyber, HR, Legal, Finance, etc.
  • Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
  • Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate.
  • Support the CIO and CISO, and work with internal stakeholders to:
  • Participate in consultation and conduct gap analysis against new requirements
  • Coordinate and facilitate IT / cyber security audits.
  • Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc.
  • Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route
  • Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees.
  • Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures.
  • Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis.
  • Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.)
  • Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.)
  • Provide first line of defense support in assessing risk and reviewing control issues
  • Documentation of control procedures, standards and guidelines, etc.

What you'll bring:
  • Bachelor's degree in IT or relevant field with a strong academic background
  • A minimum of 7-10 Years of experience in Risk management and internal controls governance
  • Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments.
  • Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation.
  • Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
  • Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies.
  • Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred
  • CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification
  • Basic working knowledge of following (Majority of the points, if not all):
    -COBIT - Control Objectives for Information and Related Technology
    -ISO/IEC 27001:2013 - Code of Practice for Information Security Management
    -NIST SP 800-53
    -NIST CSF
    -SOC1/SOC2/SOC3
    -HIPAA/HITECH Security and Privacy Audit Protocol
    -Shared Assessments Standard Information Gathering (SIG) framework
    -US SOX - Sarbanes Oxley Act
    -US HIPAA/HITECH Act
    -EU GDPR - General Data Protection Regulation
    -US EU Privacy Shield
    -India Companies Act

Additional Skills:
  • Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives.
  • Program level management up to and including Executive presentation and reporting.
  • Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security
  • Stakeholder management
  • Willingness to adapt to evolving industry standards and technologies
  • Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability
  • Proven ability to work creatively and analytically in a problem-solving environment

Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Travel:
Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.
Considering applying?
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.
ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.
To Complete Your Application:
Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com

Top Skills

Cobit
Eu Gdpr
Hipaa
Hitech
Iso/Iec 27001
MS Office
Nist Csf
Nist Sp 800-53
Soc1
Soc2
Soc3
Us Sox

ZS Pune, Mahārāshtra, IND Office

ZS Pune (International Tech Park) Office

International Tech Park, Panchshil Towers Tower-C, ITPP, Vitthal Nagar, Kharadi, Pune, Maharashtra, India, 412207

ZS Pune, Mahārāshtra, IND Office

ZS Pune (World Trade Center) Office

ZS moved to its state-of-the-art World Trade Center office in 2016. Pune is a leading hub for tech talent in India.

Similar Jobs at ZS

Yesterday
Hybrid
Pune, Maharashtra, IND
Junior
Junior
Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
The Compliance & Audit Administrator will conduct audits, establish compliance controls, assist in training, and support IT policy development and compliance initiatives.
Top Skills: CobitHipaa HitechIsae 3402Iso/Iec 27002:2005ItilNistPci DssSaaSSas 70SoxSsae 16
4 Days Ago
Hybrid
Pune, Maharashtra, IND
Senior level
Senior level
Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Responsible for managing information security projects, estimating resources, maintaining project efficiency, and liaising with InfoSec and end-users. Requires strong communication, project management, and technical skills.
Top Skills: AgileInformation SecurityProject ManagementSecurity+
6 Days Ago
Hybrid
Pune, Maharashtra, IND
Mid level
Mid level
Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
The Cloud Network Engineer ensures stable IT infrastructure operations by managing network and security, troubleshooting, and documenting processes.
Top Skills: AviatrixCisco AsaCloud ArchitecturesF5Palo AltoRouterSwitchesZscaler

What you need to know about the Pune Tech Scene

Once a far-out concept, AI is now a tangible force reshaping industries and economies worldwide. While its adoption will automate some roles, AI has created more jobs than it has displaced, with an expected 97 million new roles to be created in the coming years. This is especially true in cities like Pune, which is emerging as a hub for companies eager to leverage this technology to develop solutions that simplify and improve lives in sectors such as education, healthcare, finance, e-commerce and more.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account