9+ Risk assessment Jobs in India

Who we are:

At Qiro, we are a dynamic team united by a mission to foster a fair, transparent, and decentralized global lending market. Our focus lies in developing an institutional private credit protocol that seamlessly connects on-chain stablecoin lenders with off-chain fintech borrowers.

What are we looking for:

We are seeking a highly skilled and experienced Head of Credit to lead our credit department and drive our lending strategies. As the Head of Credit, you will be responsible for overseeing all aspects of credit risk management, ensuring that our lending practices align with regulatory requirements and industry best practices while maximizing profitability.

Responsibilities:

• Head the Risk Policy, Credit Underwriting and Collection functions of corporate card, credit line, and working capital loans.
• Facilitate the development and constant update of risk policies and related frameworks.
• Proactive risk assessment of existing portfolio on regular basis identifying weak accounts.
• Constantly monitor and evaluate Early Warning Signals and deploy/ amend the limits structure for managing the risk concentration across a broad range of parameters.

Requirements:

• 5-7 years of experience in the Banking/NBFC/Fintech space with at least 3-4 years of experience at management level.
• In depth knowledge of Web debt fund, Structured debt, corporate financing and lending. 
• Strong understanding of regulatory requirements and compliance issues related to lending operations.
• Exceptional skills in understanding data, trend analysis, score cards and behavior scores is must

Nice to have:

• Excellent communication skills along with strong presentation and data analytics skills
• Professional certifications such as CFA, FRM, or similar credentials are a plus.

Benefits:

• Competitive salary and performance-based bonuses.
• Flexible remote work.
• Flexible working hours.
• Opportunities for professional development and career growth within a dynamic fintech company.

Policies, Systems, Processes & Procedures

•  Review and ensure the India information security policies are aligned with group policies and practices.
•  Review and provide recommendations to India policies, standards, guidelines/ processes concerning RBI (Reserve Bank of India) regulatory requirements
•  Coordinate with business units to define SLA for India
• Formulate the security strategy and roadmap for India

Information Security

•  Identify and ensure compliance to unique security requirements for RBI (Reserve Bank of India) related to RBI cyber security framework and RBI Guidelines on Information security.
•  Establish contacts with RBI (Reserve Bank of India) regulators to receive security updates, circulars
•  Coordinate for the group for various regulatory security audits at the Singapore location.
•  Monitor and track all India open issues with IT and concerned international SPOCS
•  Assist the GSO office and BU in attaining information security compliance objectives.
•  Identify issues that could impact the bank and escalate any serious issues/ breaches/ violations; develop/monitor action plans for its closure in liaison with local, and overseas branches, and business groups.
•  With the support of the Head office GSO team, perform risk assessments for locally implemented IT solutions and track open issues to closure
•  Instigate and maintain contact with RBI Regulatory Authorities, Regulatory compliance department, and ensure good & healthy working relationships.
•  Review new regulatory legislations; promptly communicate all regulatory notices/circulars to all concerned areas, provide interpretations if necessary; develop/monitor action plans towards its implementation.
•  Assist Head office during Regulatory Examinations; ensure implementation/regularization of observations linked to compliance while meeting the deadline(s).
• Respond to queries that are sought by local Regulatory Authorities / Law Enforcement Agencies Head Office & Overseas branches, in a timely manner with complete and accurate information.

Job Context

•  Security Compliance requirements at the India location.
•  Highlight security status & concerns to management.
•  Consult with IT and information security staff to ensure that an implementation plan is established.
•  Actively participate and contribute to GSO initiatives
•  Track open Audit issues on information security to closure
•  Risk assessments for local implementations
• Inform HO of any new 3rd party technology vendor for vendor assessment

Overview:

The Risk Manager will oversee the organization's risk management program, assessing and identifying risks that could impede the reputation, safety, security, or financial success of the organization.

Key Responsibilities:

1. Designing and managing the consumers' credit portfolio and risk within the desired target
2. Driving new experiments with deeper cust understanding and segmentation 
3. Leverage traditional and alternate data to create risk policies and ensure effective implementation 
4. Continuously plans, monitors, and reviews risk management and perform regular checking and/or surveillance to ensure that risk treatment is effective
5. Establish, implement and manage risk policy and control frameworks, ensuring that minimum standards, ownership and operation are documented and communicated across the Group
6. Manage a governance structure to monitor, challenge and test business compliance with risk policies and control frameworks
7. Develop, lead and maintain a center of expertise within 1st line risk management
8. Maintain comprehensive credit policy inventory and facilitate timely periodic review/approval of credit policies
9. Monitor and communicate new regulatory issues/guidance impacting credit policy, analyze the impact, interpret and implement into policy

Education and Experience:

1. Bachelor's degree in Risk Management, Finance, or related field required.
2. At least 7+ of related experience is preferred.
3. Strong knowledge and experience in risk management and policy 
4. Excellent verbal and written communication skills.
5. Excellent mathematical and critical thinking skills.
6. Excellent analytical and problem-solving skills.
7. Excellent organizational skills and attention to detail.
8. Strong supervisory and leadership skills

Srijan is hiring for a Scrum Master/Senior Scrum Master role with a permanent WFH option.

A notice period of 30 days or less is preferred.
Remote working option available.


Roles and Responsibility:

 Backlog Maintenance

• Create and Manage Backlog
• Backlog grooming: Manage/Update “sprint-backlog” and “project-backlog” regularly after client calls and demos
• Plans forward-looking technology investigations (spikes / POC)
• After each sprint demo work with the dev team to estimate and re-estimate the backlog
• Facilitate prioritization of backlog first time;
• Facilitate prioritization of backlog during planning n+1 sprint with client
• Creating mock-ups/wireframes/Sketch images to illustrate or to detail for getting clarity from the client, and for communicating the task to the dev team
• Use JIRA for all backlog (no use of Google spreadsheets)

Daily Stand-ups

• Drive daily-stand-ups
• Ask what was done yesterday, what is the plan for today
• Ask probing questions in the stand-ups and outside of it
• Identify potential roadblocks or challenges that may come up
• Consult Group Lead and raise your concerns
• Implement advice by GL
• Ensure that the team is working towards completion of the sprint; each stand-up well did, will suggest if the velocity is enough to complete Sprint or no
• (Maintain and) Update the “information radiator board (with stickies)” for all sprints

Sprint Demos

• Run sprint demos
• Calls must be marked on the client and team’s calendar; no ambiguity in when calls happen
• Every member must be present on calls at least 2-mins before the scheduled time on the calendar; be the first to join the call as moderator
• If you are unable to join, ensure that the session is recorded; if it cannot be recorded, ensure the team has captured all feedback during the demo

Business Analysis

• Understand the business of the client and the project
• This will enable you to question business needs that clients communicate
• Validate and record agreements in stories, acceptance criteria
• Create mock-ups/wireframes/Sketch annotations to illustrate or to detail --  for getting clarity from the client; and for communicating the task to the dev team -- put these in stories in JIRA

Project Management

• The Plan -- Do -- Check -- Act (Complete control on the project)
• Create Physical boards “information radiator board (with stickies)
• Plan deliverables (JIRA/Sprint) along with the team
• Organize the Sprint, get re-estimates done,
• Plan Sprint n+1 with the client -- prepared stories for the n+1 sprint to be taken up by dev team; work with QA in
• Learn to read JIRA Burndown Charts to know if the project is on time or is there likely to be a delay
• If there is likely to be a delay, speak to the Agile Coach / Group Lead to decide the nature of communication to be sent to the client
• Release Planning - define release goals

Quality Assurance

• Detail out stories with acceptance criteria
• Ensure all stories have acceptance criteria
• Work with QA in improving quality of acceptance criteria
• Work towards zero-defect sprints
• Defect triage - accept/reject
• Support the Dev+QA team in testing yourself
• Use JIRA for all these activities
• Drive testing strategy
• Deliver stories piecemeal for testing throughout the sprint
• Validate technical architecture by asking relevant questions

Stakeholder Management

• Send out weekly Status emails to internal and external clients -- must be on SM’s calendar
• Red, Amber, Green status
• Budget consumption
• Key activities this week
• Pre-empt and document roadblocks that you/team foresee
• Raise/Flag issues to clients and work aggressively within the team/org to mitigate this
• Coach clients on agile/scrum, our model, align them on our practices, using Jira, etc

Engineering Practices

• Drive towards Unit Testing
• Drive towards Continuous Integration (CI) using Jenkins; leads to a clear release and deployment strategy/plan
• Piecemeal UAT strategy
• Drive Intrinsic quality like Code, stories written, test scenarios written
• Continuously monitor and improve them. Question people on them
• Use Jira rigorously to track stories, defects, and manage it end to end.

People, Process and Tool Coach

• Coach people to improve in their role
• Challenge and question people on the way they are working to make it better
• Run sprint-retros
• During retros listen for “cause” behind the words; by asking probing questions
• Continuously strive to improve yourself
• Handhold team on Scrum way of doing
• Strategize which tool to use for what purposes.

• 8+ years of experience as a Scrum Master
• Must have experience leading a team of around 15-20 team members in an Agile environment.
• Experience working in multi-geo or offshore environment
• JIRA experience
• Excellent verbal, written, and presentation skills
• Proven success in delivering projects within budget and specified timeframes, while ensuring customer satisfaction
• Proven problem-solving skills from problem assessment to solution selection
• Ability to identify alternatives and make contingency plans
• Capacity to embrace change and quickly adapt to new situations, changes in direction, and altering priorities
• Proven ability to thrive in a fast-paced, dynamic environment
• Ability to handle multiple projects and assignments
• Ability to demonstrate critical thinking, providing options and recommendations relating to resolving issues, mitigating risks, and resolving escalated items.
• CSM (Certified) or PMP (Certified) Good to have

Following are some of our key solution offerings · Risk Based IT Internal Audit · IT SOX 404 Controls Testing, Quality Assurance · IT Attestation (SOC1/SOC2/ISAE 3402, ISAE 3000 etc.) · Internal Financial Controls related to IT General Controls · IT General Controls as part of Financial Statements Audits · IT Risk & Control Self-Assessment · Business Systems Controls / IT Application Controls · Auditing Emerging Technologies such as Cloud, Intelligent Automation etc. Position: Associate Consultants/ Consultants/ Assistant Managers Location: Bengaluru .

Responsibilities

Industry Experience: · Plan and execute the day-to-day activities of IT audit engagements for clients, including system development, package implementation, SSAE 16 readiness assessments, and/or platform reviews within multiple industries · Evaluate the design and effectiveness of technology controls throughout the business cycle · Identify and communicate IT audit findings to senior management and clients · Help identify performance improvement opportunities for assigned clients Additional Responsibilities for Assistant Managers: · Supervise associates and interns on engagements · Serve as a liaison between financial services clients and upper management

Qualifications

· Engineering / MBAs with atleast 3 years of experience · Preference would be given to significant experience in relevant technical knowledge: (a) financial statement – IT Audits; (b) SSAE 18/ ISAE 3402 audits; (c) IT SOX engagements (d) Emerging Technology Risks

· Certified Information Systems Auditor (CISA), COBIT Foundation, ITIL Foundation, CISSP, CRISC would be an added advantage · Possesses extensive experience in at least two of the key solutions of IT Audit & Assurance · Prior experience in client facing / account management roles · Possess strong domain knowledge, understanding of IT processes supporting business and possible risks in operations of at least two industry sectors · Strong analytical and problem solving skills · Strong written and verbal communication skills · Ability to work well in teams · Ability to work under pressure – stringent deadlines and tough client conditions which may demand extended working hours · Willingness to travel within India or abroad for continuous long periods of time · Demonstrate integrity, values, principles, and work ethic and lead by example

Qualifications & Responsibilities

Year of Experience : 3- 8 yrs

Location : Bangalore, Delhi, Mumbai, Pune

Work on ISO 27001 & NIST based Information Security Management System implementation and sustenance.

-          Responsible for SOX (IT Security Controls) and track the monthly/quarterly/annual control reports and drive effectiveness of SOX controls.

-          Work on Business Continuity Planning, IT Disaster Recovery as per ISO27001 & NIST requirements

-          Assess information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk

-          Conduct Information Systems audits covering IT infrastructure assets

-          Working knowledge in security domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection

-          Experience in leveraging industry standards and frameworks such as ISO/IEC 27001, NIST CSF/800-171, etc.

-          Possesses certifications such as ISO27001 LA. CISSP, CISA certification- preferred

Why NCG?

WHO WE ARE DRIVES WHAT WE DO!

We Don't build the organization; we create an everlasting family. Our people express a sense of winning together when times are good and sticking together when times are tough.

Are you a Doer or Achiever?

Well, at NCG, our doors are Open for Doers and Achievers alike. We are a Cult where we create, innovate, learn and Contribute in a comfortable, transparent, and fair environment.

Joining NCG means contributing to a shared ambition for reliable work culture, tackling extraordinary technological challenges in multicultural teams, preserving your work/life balance, and more!

• 8-10 years of experience into IT SOX, IT Audits, ITGC testing
• Tech, M.Tech, BE, MBA or similar qualification.
• CISA (Certified Information Systems Auditor), Certified Internal Auditor (CIA), Certified Risk and Information Systems Control (CRISC), or similar professional certification preferred.
• Firm understanding of information technology, including IT process, IT general controls, as well as COSO and COBIT frameworks.
• Good technical knowledge of Application security and Access Management
• Hands-on experience on Excel, PowerPoint, PowerBI, etc.

The Risk team is responsible for overall risk framework and strategy for the organization. The team develops various risk models, arrives at various sector reports from a risk perspective and provides in depth analysis and recommendation around risk profiles of various clients.

In this role, the person is responsible for playing a leadership role in the Risk function to identify, assess, monitor and make timely and measured judgments on all current and potential future risks faced, in order to protect the organization’s interest, assets and reputation of the group along with growing shareholder value and profitability.

Responsibilities

• Manage risk for the retail and wholesale portfolio. Should have managed organization level Risk Policies, Credit Underwriting and Collection functions.
• Manage risk framework for the organization - including updating, establishing new risk management mechanisms, to identify, assess, monitor, measure and control a broad spectrum of risks. Ensure all policies and frameworks are kept updated and deployed to the optimum level.
• Develop continuous monitoring and improvement of the quality of the organization's credit and lending portfolio through credit policy direction and implementation.
• Possess a complete understanding the business. Evaluate, improve, and monitor the business, including assisting in reporting to the Board and Board Committees and providing leadership in the effectiveness of credit risk management controls, systems, and processes across the organization.
• Lead and mentor a team of analysts.

• Possess 7+ years of relevant experience in financial services industry in a risk role.
• Exposure to both wholesale and retail risk in a banking environment will be preferred. Some experience in a business / sales role within the banking / NBFC space will be an added advantage.
• Should have held a position of authority in terms of allocation and appropriating limits.
• Sector understanding in financial institution space and good knowledge of interpreting financial trends.
• High proficiency in Python and SQL/NoSQL.
• Experience with big data and cloud computing e.g., PySpark, data lake is a plus.
• Outstanding written, verbal and interpersonal communication skills.
• Ability to speak at various levels of an organization (CXOs to analysts).
• Have demonstrated resilience – stayed with companies and taking businesses to scale, have preferably not ‘hopped jobs. Strong organizational skills and excellent follow-through.
• Present / articulate / position an idea compellingly and ability to work in a fast-paced dynamic environment.
• Excellent communication and presentation skills.
• Takes personal ownership; Self-starter; Ability to drive projects with minimal guidance and focus on high impact work.
• Learns continuously; Seeks out knowledge, ideas and feedback.

Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption 
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting