Sr. Analyst – Control Resilience Assessor – 4-8 years
Job opportunity for a working professional having at least 4 years of experience conducting design adequacy and operating effectiveness testing of on-prem and cloud controls associated with different audit regimes such as SOx 404, SOC2, SSAE18, ISO 27001, CCPA, NYDFS etc.
Location: Mumbai
Shift: Afternoon
Your Employer: A leading, global group with a strong foothold in specialty financial services serving millions of customers across the full spectrum.
Responsibilities:
Performing controls (On-prem & Cloud) including assessment of,
Control design Adequacy
Control Operating effectiveness
Demonstrable knowledge on different audit regimes such as SOx 404, SOC2, SSAE18, ISO 27001 etc
Establishing and operating processes and procedures for control testing
Excellent executional skills with respect to control testing
Reporting and tracking on prem and cloud control gaps as well as ineffective or inadequate controls
Identifying opportunities and recommendation to improve the design and implementation of controls
Supporting control owners in the design and maintenance of controls and documentation
Undertaking such other tasks and responsibilities as assigned by Manager
Keeping yourself up-to date with latest IS related regulation and standards
Requirements:
Qualified to degree level, preferably in a Business, IT or Security related subject with
Information security qualifications (e.g., CISA, CISM, CISSP) are preferable.
Interested in developing skills and knowledge of IT Risk Management, and willing to work towards appropriate professional qualifications, such as CISA
Formal training in security, risk management or compliance is beneficial.
Whilst this is not a hands-on technical role, the role holder will be expected to demonstrate a strong awareness of technology and how IT is used to enable business processes.
Knowledge/Experience:
Essential
Knowledge and understanding of IT Auditing and IT Risk concepts
Knowledge and understanding of ERPs, Active Directory, SIEM, Identity Access Management, Privileged Access Management tools.
Experience working as part of a business support function such as Risk, Compliance or Information security in a large enterprise.
Beneficial
Existing IT Audit experience of around 4-9 years
Demonstrable knowledge of Cloud Security & Cloud Control Testing
Demonstrable knowledge of Risk management tools, methodologies and practices
Knowledge of IT standards, frameworks, regulation and legislation
Experience of managing own workload and delivering to tight timescales.
Other relevant experience, e.g. Information Security, experience of working in a regulated environment, not necessarily insurance or financial services.
What is in it for you?
A stimulating working environment with equal employment opportunity
An opportunity to define, lead and coordinate the operations of the company
Reach Us – If you think that this role will add value to your career, kindly write me an email along with your updated CV on Nishant.sharma@crescendogroup.in
DISCLAIMER: We are an equal opportunity recruitment firm and value diversity in the talent we identify for our clients. We do not discriminate on the basis of race, religion, colour, origin, gender, sexual orientation, age, marital status, veteran status, or disability status
Profile Keywords: Audit regimes such as SOx 404, SOC2, SSAE18, ISO 27001 etc