Job Title- IT Lead- Information Security Location-Gurugram/Noida Experience- 15+ yrs Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. Key Accountabilities: + Responsible for the delivery of risk and compliance activities + Establishes and leads all aspects of the application of risk policies, tools, and governance processes that assist the firm in handling emerging and latent technology risks. + Lead delivery of a multifaceted function. Conduct risk and control-related activities that meet/exceed regulatory and client expectations. Carry out Governance, Risk & Compliance (GRC) framework that focuses on improvements in risk reduction, assessment, treatment and reporting. The role will lead in the design, socialization, implementation, and ongoing management of Risk and Compliance initiatives, including adoption of ERM methodology, framework and GRC tooling. + Engage partners to identify key control and risk indicators and maintain effective and efficient continuous control monitoring processes. Build relationships with technology and business leaders to drive adoption and alignment to the information security risk framework. + Provide career & professional development, advocate for the team, and provide assistance and guidance as the team supports their business partners. Review the current operating model to identify and implement efficiencies for operational and technical improvements. + Create and maintain an ongoing road map, create and publish critical metrics to leadership to offer transparency for ongoing and upcoming program needs. Drive proactive discussions of current compliance gaps and emerging IT risks and trends. + Must be able to demonstrate a broad technical knowledge across regulatory audits like Sox, FCA, GDPR, third-party audits SOC1, SOC2 etc. , and other emerging regulations matters and regulatory risk and regulatory change matters + Plan, execute, and report on various types of governance and assurance reviews, including post-remediation validations + The role of Risk and Compliance lead, will support both the Technology and the cross-geographical Teams, in designing, implementing & maintaining processes and systems to identify, assess, measure, manage, monitor, and report on risk. + Provides support and guidance to the business on ad-hoc risk & compliance queries and act in a consultative role on Aon Technology Transformation change projects. E.g. DC migrations.. + Support the activities of the Technology Oversight Risk Committee and contribute to the provision of risk updates to various Risk forums, relevant Boards, and Executive Leadership groups. + Work closely with Aon’s enterprise-wide specialists, both locally and globally, (Global Privacy Office, Legal, Compliance, Global Information Security) to supply perspective on our Risk and Compliance posture, but also align on any adjustments on global policies, projects or associated process changes. + Excellent organizational skills including prioritizing, scheduling, time management, and meeting deadlines + Excellent attention to detail to identify gaps and opportunities in procedures, and drive innovative, efficient solutions. Key Experiences: + Minimum 15 years of professional experience in the area of IT/Cyber Risk Management or IT control’s function + Prior experience leading a diverse control environment with multi-nodal risk vectors. + Proven understanding of risk management practices, including inherent risk assessment, control evaluation, and residual risk measurement. + Previous experience engaging with key risk partners (legal, audit, controllership, compliance, operations, etc.). + Executive Presence – Effectively communicates technical discussions into business terms and language for senior leaders, board, and audit/risk committees. + Drives for Results – An established record of successful delivery of risk programs and initiatives through collaboration, the steadfast pursuit of excellence, and operational command. + Practical experience in Risk and Control development and management + Strong knowledge of policy management and creation + Experience in global Data Protection regulation, legislation and guidance + Excellent stakeholder management, and interpersonal skills + Ability to investigate, question, and interpret internal and external security environments is required + Detailed knowledge of ITGC, Auditing principles / practices is must + Prior experience in IT audit, IT risk management, governance, IT security and/or compliance functions is must + Proven experience dealing with ambiguous situations, and producing a consistent result with varied input + Hands on Project management skill is highly preferable + Certification in Data Protection (IAPP, CDPO, etc.) or Risk / Compliance an advantage. Education – Bachelor's Degree in Computer Science, or equivalent work experience. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com #LI-RK2 2555337 Job Title- IT Lead- Information Security Location-Gurugram/Noida Experience- 15+ yrs Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. Key Accountabilities: + Responsible for the delivery of risk and compliance activities + Establishes and leads all aspects of the application of risk policies, tools, and governance processes that assist the firm in handling emerging and latent technology risks. + Lead delivery of a multifaceted function. Conduct risk and control-related activities that meet/exceed regulatory and client expectations. Carry out Governance, Risk & Compliance (GRC) framework that focuses on improvements in risk reduction, assessment, treatment and reporting. The role will lead in the design, socialization, implementation, and ongoing management of Risk and Compliance initiatives, including adoption of ERM methodology, framework and GRC tooling. + Engage partners to identify key control and risk indicators and maintain effective and efficient continuous control monitoring processes. Build relationships with technology and business leaders to drive adoption and alignment to the information security risk framework. + Provide career & professional development, advocate for the team, and provide assistance and guidance as the team supports their business partners. Review the current operating model to identify and implement efficiencies for operational and technical improvements. + Create and maintain an ongoing road map, create and publish critical metrics to leadership to offer transparency for ongoing and upcoming program needs. Drive proactive discussions of current compliance gaps and emerging IT risks and trends. + Must be able to demonstrate a broad technical knowledge across regulatory audits like Sox, FCA, GDPR, third-party audits SOC1, SOC2 etc. , and other emerging regulations matters and regulatory risk and regulatory change matters + Plan, execute, and report on various types of governance and assurance reviews, including post-remediation validations + The role of Risk and Compliance lead, will support both the Technology and the cross-geographical Teams, in designing, implementing & maintaining processes and systems to identify, assess, measure, manage, monitor, and report on risk. + Provides support and guidance to the business on ad-hoc risk & compliance queries and act in a consultative role on Aon Technology Transformation change projects. E.g. DC migrations.. + Support the activities of the Technology Oversight Risk Committee and contribute to the provision of risk updates to various Risk forums, relevant Boards, and Executive Leadership groups. + Work closely with Aon’s enterprise-wide specialists, both locally and globally, (Global Privacy Office, Legal, Compliance, Global Information Security) to supply perspective on our Risk and Compliance posture, but also align on any adjustments on global policies, projects or associated process changes. + Excellent organizational skills including prioritizing, scheduling, time management, and meeting deadlines + Excellent attention to detail to identify gaps and opportunities in procedures, and drive innovative, efficient solutions. Key Experiences: + Minimum 15 years of professional experience in the area of IT/Cyber Risk Management or IT control’s function + Prior experience leading a diverse control environment with multi-nodal risk vectors. + Proven understanding of risk management practices, including inherent risk assessment, control evaluation, and residual risk measurement. + Previous experience engaging with key risk partners (legal, audit, controllership, compliance, operations, etc.). + Executive Presence – Effectively communicates technical discussions into business terms and language for senior leaders, board, and audit/risk committees. + Drives for Results – An established record of successful delivery of risk programs and initiatives through collaboration, the steadfast pursuit of excellence, and operational command. + Practical experience in Risk and Control development and management + Strong knowledge of policy management and creation + Experience in global Data Protection regulation, legislation and guidance + Excellent stakeholder management, and interpersonal skills + Ability to investigate, question, and interpret internal and external security environments is required + Detailed knowledge of ITGC, Auditing principles / practices is must + Prior experience in IT audit, IT risk management, governance, IT security and/or compliance functions is must + Proven experience dealing with ambiguous situations, and producing a consistent result with varied input + Hands on Project management skill is highly preferable + Certification in Data Protection (IAPP, CDPO, etc.) or Risk / Compliance an advantage. Education – Bachelor's Degree in Computer Science, or equivalent work experience. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com #LI-RK2