'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Assistant Manager - IT Security Audit
Gurgaon/GurugramSOC Cybersecurity:
a. Lead in the detection, triage, analysis and response to cyber-attacks. Serve as a technical Cyber SME and onsite task lead.
b. Conduct quality assurance reviews of all SOC activities through reviewing of metrics and case analysis.
c. Training and mentoring Level 1 & Level 2 peers in order to improve SOC Analyst capability.
- ISO:
a. Profound knowledge of information security management systems and relevant regulations and industry standards (in particular ISO270xx, PCI-DSS, COBIT5).
b. Practical experience with provider management, IT outsourcing and related control frameworks (including Cloud providers).
c. Experience leading IT audit teams/ ISO/SSAE audits.
- GRC:
a. Knowledge of information security principles and practices, general procedures and guidelines.
b. A general understanding of technology use, trends and risks as it applies in a business context and environment.
c. Experience reviewing third party SOC reports.
d. Experience/working knowledge with PCI DSS.
e. Knowledge of information security principles, frameworks, and best practices (e.g., PCI DSS, COBIT, COSO, NIST and ISO 27000).
SOC Reporting:
a. Reviewing and preparing SOC 1 and SOC 2 reports, especially for US Healthcare clients as per AICPA norms.
b. Reviewing and performing various types of testing by Sampling method such as New/Existing/Terminated Employee Testing, Administrative Items Testing, Change Management Testing, Admin Access Testing, etc.
c. Reviewing and preparing SOC Memos as per defined format for US clients.
- HITRUST Reporting:
b. Testing the Policies/Procedures for HITRUST unique IDs/baselines for all 19 domains and recording the gaps therein.
c. Completing and reviewing the HITRUST upload process by attaching support documentation at the HITRUST MyCSF Portal and scoring the baselines as per HITRUST Rubric.
d. Performing the Implementation Testing by checking the evidences' provided by the client and recording the gaps.
e. Sending the baselines back to the client for revising the scoring for gaps identified while testing and agreeing on the same with client.
f. Scoring and signing-off the baselines in the testing Smartsheets.
- This role is defined for you to be working with our member firms & clients onshore. You shall be responsible for reporting to Manager/Senior Manager, working and coordinating & timely communicating with engagement teams by developing and exhibiting a command of I.T. Audit techniques and methods, while ensuring best business practices are in place along with client satisfaction.
A successful candidate should:
- Possess sufficient technical knowledge to lead engagements independently, including building the team from scratch ,coordinating the workflow & tasks with client; resolve intermediate to advanced client service issues; updating work papers and other products produced with utmost quality for engagement teams; and keep engagement progressing as planned and budgeted.
- Take ownership for delivery of high-quality audit work. Develop self and others through seeking and offering on the job coaching and audit engagement experiences.
- Start to build relationships across our client offerings and seek opportunities to work together.
- Build strong credibility through displaying good insight and business acumen, applying technical competence, and engaging in relevant discussions with clients' and engagement teams.
Key Responsibilities:
- Develop and maintain productive working relationships with onshore and engagement team.
- Assigning work to the team and reviewing team's work before sending the final output to the onshore team.
- Closing the client engagements during the project completion phase.
- Contribute ideas/opinions within the team.
- Develop an understanding of our service offerings.
- Ensuring and reviewing that all work papers are complete, consistent, and contains the testing performed, evidence obtained, and conclusions reached with appropriate documentations.
- Identify key issues while facing clients and discuss possible solutions to increase quality and efficiency.
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}