XML job scraping automation by YubHub

Influencing EUS platform leads and cross-CTO stakeholders to align on resilience outcomes, dependencies, and delivery commitments, coordinating delivery across IT Operations, Cybersecurity, Technology Risk, Operational Resilience/BCM, and Third-Party Risk to ensure consistent execution and escalation, operationalising evolving regulatory and control expectations, and maintaining audit-ready evidence with timely gap closure.

Running/supporting resilience maturity assessments, translating findings into prioritised roadmaps, and maintaining KRIs/KPIs and executive dashboards, strengthening accountability and capability by identifying systemic risks, supporting incident/exercise escalations and governance communications, and delivering playbooks/templates/coaching to uplift resilience practices across EUS.

To be successful in this role, you will require experience in operational resilience, technology risk, controls, service reliability, or IT governance in a regulated environment, a strong understanding of control design, evidence, and risk-based prioritisation, and the ability to translate mandates into practical operational/technical actions and measurable outcomes.

Strong stakeholder management and influencing skills in a matrix environment, experience producing metrics and executive reporting, and a composed, structured approach during incidents/exercises are also essential.

XML job scraping automation by YubHub

We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300,000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready?

As a SAP Security/GRC Consultant, you will work closely with diverse clients to assess their SAP security risks, design and implement tailored SAP Security and Governance, Risk & Compliance (GRC) solutions, and drive successful project delivery. You will act as a trusted advisor, helping clients align SAP security frameworks with business objectives and compliance mandates.

Responsibilities:

• Lead SAP Security and GRC assessment, design, and implementation projects for clients across industries.
• Conduct client workshops and requirements gathering sessions to understand business and security needs.
• Design and configure SAP security roles, authorizations, and GRC Access Control components (Access Risk Analysis, Emergency Access Management, Access Request Management).
• Develop and enforce Segregation of Duties (SoD) policies to mitigate risks and ensure compliance.
• Deliver SAP Security and GRC gap analysis, risk assessments, and remediation plans.
• Support clients during audits by preparing documentation, reports, and facilitating access reviews.
• Collaborate with cross-functional teams including Basis, functional consultants, and IT auditors to implement secure SAP landscapes.
• Conduct end-user training sessions and knowledge transfer workshops.
• Stay abreast of SAP security trends, new releases, and regulatory changes to provide proactive consulting.

Requirements:

• 5-8 years of consulting experience is necessary.
• 3+ years of SAP Security and GRC consulting experience with multiple end-to-end implementations.
• Hands-on expertise with SAP ECC and/or S/4HANA Security.
• Strong experience configuring SAP GRC Access Control modules (Access Risk Analysis, Emergency Access Management, Access Request Management).
• Excellent client-facing and communication skills with the ability to explain technical concepts to non-technical stakeholders.
• Proven track record of managing multiple client engagements and delivering quality results on time.

Functional / Content Skills

• Strong knowledge of Sarbanes-Oxley (SOX), Business Process controls, IT General Controls and IT governance.
• Deep understanding and practical experience Analysis and Design/Re-Design of Business process and IT General controls in SAP and Non-SAP landscape.
• Strong analytical skills and a deep understanding of the overall context of underlying business processes and technologies.
• Understanding the purpose, procedures and ways of work of internal/external audits.
• Ability to support audits and to provide the right information & data, and to mitigate and/or solve identified deficiencies and gaps.

Technical Skills (Data, Technology, Implementation)

• Ability to retrieve and analyze and report/present data from various sources.
• Understanding of data structures, sources, flow and integration across infrastructure platforms, functional domains, and application landscapes/service.
• Up-to-date understanding of Concepts & Integration of Cloud Services, and multi-cloud environments

Tool Skill Requirements

• A variety of ERP systems (SAP & Non-SAP), Operating systems, Databases and financial applications
• Identity and Access Management solutions and monitoring solutions such as Splunk, Qualys, Tripwire, but also in Authorization & SoD
• Analytics & reporting in area of ITGC/GRC
• IT Service Management Tools, Market Leader (SNOW, BMC, JIRA, ..)

Experience with SAP Identity Management (IdM).

Knowledge of cloud-based SAP security and hybrid environments.

Experience working in Agile/Scrum environments.

Experience in global delivery and working with offshore resources.

Project-related mobility/willingness to travel

Qualifications and certifications

• Bachelor’s degree in Computer Science, Information Technology, or related field.
• More than 7 years of experience in Financial / IT compliance, risk management, IT audit and/or IT controls; strong experience in an audit firm (e.g. Big Four).
• SAP Security or GRC certifications are a plus (e.g., SAP Certified Technology Associate – SAP Access Control).

Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now.

XML job scraping automation by YubHub

You'll evolve the technical foundation of our Trust program by automating security controls, building integrations between security tools and GRC platforms, and creating scalable processes that enable Brex to maintain compliance efficiently as we expand into new markets.

You'll work at the intersection of security, engineering, and compliance , translating regulatory requirements into technical solutions and building automation that eliminates manual toil.

You'll leverage your deep understanding of SOC 2, PCI DSS, ISO 27001, AI governance frameworks, and others to both design controls for emerging compliance requirements and mature existing programs through automation and continuous monitoring.

You’ll support Trust Assurance, Third Party Risk Management, and other Security Risk Management initiatives.

Working with our Engineering, Infrastructure, and Product teams, you'll translate compliance frameworks into technical controls and build automated systems that help us achieve world-class security as Brex expands.

Your contributions will directly accelerate Brex's maturity.

You'll design workflows using Tines, build integrations between security and GRC systems, and create dashboards for security metrics.

You'll implement controls across the technology stack, support multiple audits (SOC 2, PCI DSS, SOX/ITGC, FINRA, ISO), and contribute to AI governance framework implementation (ISO 42001, NIST AI RMF, EU AI Act).

You'll have autonomy to build innovative solutions, collaborating cross-functionally to implement controls that enable growth while communicating technical concepts effectively across the organization.

This role will be based in our San Francisco office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home.

Responsibilities:

Manage and scale IT infrastructure, services and tooling

Work with a diverse group of IT partners to optimize our provided services

Implement new services in support of Information Technologies vision

Scale our services by implementing configuration as code via Terraform providers or APIs

Operationalize and upskill IT and its partners by producing documentation and leading training sessions

Evangelize best practices both internally and externally facing

Requirements:

5+ years of experience in GRC, IT Governance, or Security Engineering with a strong track record of automating manual compliance workflows.

Deep experience with security frameworks such as SOC 2, PCI DSS, ISO 27001, and NIST CSF, specifically within cloud-native environments.

Technical proficiency in Python (or similar scripting languages) and experience building integrations using APIs to connect security tools with GRC systems.

Builder mindset with the ability to design and implement automated control testing, continuous monitoring, and data-driven security metrics.

Exceptional cross-functional collaboration and communication skills.

Strong systems thinking.

Bias for action.

Bonus points:

Previous experience in Fintech or banking environments navigating complex regulatory landscapes.

Hands-on experience with Tines or other SOAR platforms to automate security operations.

Familiarity with AI/ML governance frameworks (NIST AI RMF, ISO 42001) or securing agentic systems.

Deep knowledge of Cloud Security (AWS/GCP), infrastructure-as-code (Terraform), or DevSecOps practices.

Relevant industry certifications such as CISSP, CISA, or CCSP.

Experience building metrics dashboards for security visualization and reporting.

Active contributions to the GRC or Security community through open-source projects or public research.

Compensation: The expected salary range for this role is $153,600 - $192,000.

XML job scraping automation by YubHub

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

OpenAI's Legal team plays a crucial role in furthering OpenAI's mission by tackling innovative, fundamental legal issues in AI. If you're passionate about doing significant and unique work as a technology lawyer, this team is for you. The team comprises professionals from diverse fields, including technology, AI, privacy, IP, corporate, employment, tax, regulatory, and litigation.

About the Role

As Associate General Counsel, Non-Profit you will support and lead on a broad range of matters spanning nonprofit tax, governance, and related corporate issues. This role offers a unique opportunity to advise on complex, high-impact legal issues at the intersection of mission, governance, and AI. You will work closely with OpenAI leadership, as well as partner deeply with the OpenAI legal team, to support both the nonprofit and affiliated organizations within the broader OpenAI enterprise.

In this role, you will:

• Serve as the primary legal advisor on nonprofit tax, governance, and fiduciary matters for OpenAI’s affiliated nonprofit. Advise on compliance with federal and state nonprofit law, tax-exempt status requirements, grants administration compliance, private benefit and excess benefit rules, and mission-aligned governance.

• Lead nonprofit governance initiatives, including advising on governance matters, conflicts-of-interest processes, and implementing and operationalizing policies required for a complex, high-profile nonprofit operating alongside a PBC affiliate.

• Advise on the legal and tax implications of transactions and arrangements between the nonprofit and affiliate entities, including shared support services, funding, IP and commercial relationships, and other intercompany matters.

• Advise and partner with the OpenAI legal team on general corporate, governance, and disclosure matters that require coordination with the Foundation, including public disclosures, compensation matters, governance initiatives, and other enterprise-level legal issues.

• Partner closely with Finance, Tax, Accounting, Investor Relations, and other Legal teams to design and maintain compliant structures, processes, and controls across OpenAI, including entity management, subsidiary governance, and regulatory compliance.

• Develop and scale legal frameworks and operating processes for nonprofit governance, tax compliance, and related corporate matters, in close collaboration with cross-functional stakeholders, to support the organization’s growth, complexity, and public profile.

You might thrive in this role if you:

• Have 12+ years of legal experience, including significant experience advising nonprofits on tax, governance, and compliance matters. Experience spanning both nonprofit and affiliated organizations is strongly preferred.

• Have deep expertise in nonprofit tax and regulatory issues, nonprofit governance, and the design and operation of compliance programs for complex, high-visibility nonprofit organizations.

• Exercise sound judgment in ambiguous, high-stakes situations and are comfortable serving as a trusted advisor to senior leaders and boards on important governance matters.

• Take strong ownership of your work, are intellectually curious, and are energized by novel legal issues at the intersection of technology, mission, and organizational structure.

• Communicate clearly and effectively, manage multiple complex workstreams in parallel, and collaborate well across legal, finance, tax, and other cross-functional teams.

• Operate with humility, integrity, and a strong sense of responsibility to mission, stakeholders, and the public interest.

• Hold a JD and are licensed to practice law in California, or are eligible to become licensed.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

Equal Employment Opportunity

We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic.

XML job scraping automation by YubHub

The Digital Platforms Practice helps some of the largest global firms and most recognizable brands deliver value and business transformation enabled by digital ERP solutions and services. Our ERP services, covering strategy, implementation and innovation, help clients deliver true value and achieve their transformation agenda.

As a SAP Security/GRC Consultant, you will work closely with diverse clients to assess their SAP security risks, design and implement tailored SAP Security and Governance, Risk & Compliance (GRC) solutions, and drive successful project delivery. You will act as a trusted advisor, helping clients align SAP security frameworks with business objectives and compliance mandates.

Responsibilities

• Lead SAP Security and GRC assessment, design, and implementation projects for clients across industries.
• Conduct client workshops and requirements gathering sessions to understand business and security needs.
• Design and configure SAP security roles, authorizations, and GRC Access Control components (Access Risk Analysis, Emergency Access Management, Access Request Management).
• Develop and enforce Segregation of Duties (SoD) policies to mitigate risks and ensure compliance.
• Deliver SAP Security and GRC gap analysis, risk assessments, and remediation plans.
• Support clients during audits by preparing documentation, reports, and facilitating access reviews.
• Collaborate with cross-functional teams including Basis, functional consultants, and IT auditors to implement secure SAP landscapes.
• Conduct end-user training sessions and knowledge transfer workshops.
• Stay abreast of SAP security trends, new releases, and regulatory changes to provide proactive consulting.

Requirements

• At least 5 years of consulting experience is necessary.
• 3+ years of SAP Security and GRC consulting experience with multiple end-to-end implementations.
• Hands-on expertise with SAP ECC and/or S/4HANA Security.
• Strong experience configuring SAP GRC Access Control modules (Access Risk Analysis, Emergency Access Management, Access Request Management).
• Excellent client-facing and communication skills with the ability to explain technical concepts to non-technical stakeholders.
• Proven track record of managing multiple client engagements and delivering quality results on time.

• Functional / Content Skills

• Strong knowledge of Sarbanes-Oxley (SOX) , Business Process controls, IT General Controls and IT governance.
• Deep understanding and practical experience Analysis and Design/Re-Design of Business process and IT General controls in SAP and Non-SAP landscape.
• Strong analytical skills and a deep understanding of the overall context of underlying business processes and technologies.
• Understanding the purpose, procedures and ways of work of internal/external audits.
• Ability to support audits and to provide the right information & data, and to mitigate and/or solve identified deficiencies and gaps.

• Technical Skills (Data, Technology, Implementation)

• Ability to retrieve and analyze and report/present data from various sources.
• Understanding of data structures, sources, flow and integration across infrastructure platforms, functional domains, and application landscapes/service.
• Up-to-date understanding of Concepts & Integration of Cloud Services, and multi-cloud environments

• Tool Skill Requirements

• A variety of ERP systems (SAP & Non-SAP), Operating systems, Databases and financial applications
• Identity and Access Management solutions and monitoring solutions such as Splunk, Qualys, Tripwire, but also in Authorization & SoD
• Analytics & reporting in area of ITGC/GRC
• IT Service Management Tools, Market Leader (SNOW, BMC, JIRA, ..)

• Experience with SAP Identity Management (IdM).

• Knowledge of cloud-based SAP security and hybrid environments.
• Experience working in Agile/Scrum environments.
• Experience in global delivery and working with offshore resources.
• Project-related mobility/willingness to travel

• Qualifications and certifications

• Bachelor’s degree in Computer Science, Information Technology, or related field.
• More than 7 years of experience in Financial / IT compliance, risk management, IT audit and/or IT controls; strong experience in an audit firm (e.g. Big Four).
• SAP Security or GRC certifications are a plus (e.g., SAP Certified Technology Associate – SAP Access Control).

Benefits

We offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We’d love to hear from you.... Apply today!

XML job scraping automation by YubHub

You will be part of a team that supports CIOs in managing central challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget restrictions. As a Cyber GRC Senior Consultant, you will work with security, IT, and compliance teams to strengthen cybersecurity, manage cyber risks, and ensure regulatory compliance.

Key Responsibilities

• Participate in global projects in an international team, supported by over 330,000 technical professionals from our parent company
• Contribute to the development of consulting offerings and innovative go-to-market solutions for the C-Suite to make cyber risks understandable and reducible
• Lead and conduct risk analyses according to the NIST CSF
• Be responsible for conceiving innovative new services using AI and ML where they offer real added value
• Support pre-sales, sales, and account management activities from the perspective of a subject matter expert

Requirements

• You have a clear career progression and experience working with renowned consulting firms and large commercial sector customers
• You bring a strong passion for cybersecurity and actively follow current industry trends and developments
• Your cybersecurity expertise includes:

+ A relevant university degree (Bachelor or Master) in Information Security, Cybersecurity, or IT Security + At least 1-5+ years of experience in the field of Cyber Security/Information Security + A broad business competence profile, including stakeholder management, problem-solving ability, and resilience + Experience in collecting, validating, analyzing, documenting, and communicating information to stakeholders

Desired Skills

• Good knowledge of the NIST Cybersecurity Framework (CSF)
• A further university degree in Cyber or Information Security
• Cyber Due Diligence Assessments
• Cyber Risk Management for third parties and supply chains
• Review of Incident Response Plans
• Support in tenders, RFP responses, and offers
• Conducting Crisis Management Exercises (CMX)
• Certifications such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM
• Participation in the development of Target Operating Models (TOMs) and RACI matrices
• Creation of Cyber Security Roadmaps
• Support in Post-Incident Reviews
• Analysis and summarization of Cyber Threat Intelligence Reports
• Implementation of Cyber Compliance Programs (DSGVO, DORA, ISO 27001, NIS2, SOX)
• Cyber Risk or Maturity Assessments
• Conception and/or implementation of Awareness Trainings
• Participation in Identity & Access Management Projects
• Participation in Privileged Access Management Projects

Ideal Candidate Profile

• Our ideal candidates have the following skills:

+ Strong business competence, particularly in stakeholder management and problem-solving + Experience in preparing and communicating complex information to stakeholders + Very good communication skills in German (C2) and English (C2) and project-related travel readiness + Enjoy working with customers from different industries + Experience in balancing technical and commercial requirements to develop practical solutions + Ability to build lasting business relationships at all levels + Ability to provide expert support and guidance to less experienced colleagues + Ability to explain complex cyber methods in a non-technical and understandable way (written and oral)

Benefits

You will be part of a team that supports CIOs in managing central challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget restrictions. Our team of business analysts, enterprise architects, and cyber security specialists combines operational, strategic, analytical, and innovative competencies to drive business-IT alignment, IT governance transformation, IT cost optimization, efficiency improvement, innovation promotion, and cyber risk, governance, and compliance topics.

About Infosys Consulting

You will be part of a globally renowned management consulting firm that is on the front-line of industry disruption. We are a mid-size player with a supportive, entrepreneurial spirit that works with a market-leading brand in every sector, while our parent organization Infosys is a top-5 powerhouse IT brand that is outperforming the market and experiencing rapid growth.

Our consulting business is annually recognized as one of the UK's top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity, and dedicated training and career paths we offer to our consultants. We are committed to fostering an inclusive work culture that inspires everyone to deliver their best.

XML job scraping automation by YubHub