Assistant Vice President - Enterprise Risk Management - SOC1/SOC2 Audits

Assistant Vice President - Enterprise Risk Management - SOC1/SOC2 Audits

Responsibilities :

- Design & implementation of IT risk controls on various inhouse/outsourced digital tools

- Creation of continuous control testing environment

- Manage team of Auditors/control testing team

- Facilitate external & internal SOC audits from inception to completion.

- Solutioning to resolve complicated IT, F&A and & application security issues

- Application of risk & controls on IT, F&A and applications security domains listed below:

Application security, ITGC, network security, WAN infrastructure & devices, change management, vulnerability assessment/penetrating testing, OS/DB access management, segregation of duties & logical access management, Antivirus, and patch management, DLP, Firewall, VLAN, MPLS, IVPN, encryption, backup, incident management, cyber security

- Application security risk (e.g., 10 OWASP), software development life cycle, application deployment & support, change management, risk management, data privacy basics, AP/AR data processing controls

Requirements :

- SOC1/SOC2 Audits with domain expertise on IT controls

- SOX Audits with domain expertise on F&A controls

- Client Audits with knowledge of F&A and non-F&A process controls

- Handling small to medium sized teams

- Experience to facilitate external & internal SOC audits from inception to completion

- Solutioning skills to resolve complicated IT, F&A and & application security issues

- Strong domain knowledge of IT, F&A and applications security domains listed below:

- Analytical skills, excellent problem-solving skills, ability to work within deadlines, excellent interpersonal and communication skills