Con/Sr Con/Mgr - IT Risk & Assurance

Required Consultant/Sr Consultant/ Manager - IT Risk & Assurance professionals for one of the Top 4 Consulting firm in India

Job Description

As IT Risk and Assurance Senior, you’ll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships.

Role & Responsibilities

- Participate in IT Risk and Assurance engagements

- Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress

- Help prepare reports and schedules that will be delivered to clients and other parties

- Develop and maintain productive working relationships with client personnel

- Conduct performance reviews and contribute to performance feedback for staff

- Contribute to people-related initiatives including recruiting and retaining IT Risk and Assurance professionals

- Maintain an educational program to continually develop personal skills of staff

- Understand and follow workplace policies and procedures

Requirements (including experience, skills and additional qualifications)

Technical skills requirements

You’ll have knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one:

- Governance and IT management

- Data privacy

IT governance and risk:

- Control frameworks such as COSO

- Enterprise risk services with a specific focus on IT, and related industry standards

- IT risk management framework

- Common IT governance and control industry frameworks, including CObIT, RiskIT, ValIT, IT

- Governance Institute and ISACA good practices

- IT industry frameworks such as ITIL and CMM

Project risk:

- IT assurance and compliance

- A broad appreciation of business processes, data structures, IT applications and infrastructure, IT processes, and governance and internal control principles.

- An understanding of web-based application vulnerabilities, and experience in application security review and testing

- Experience of manual attack and penetration testing above and beyond the running of automated tools

- Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)

- Process systems and integrity, including risks and controls within business processes (manual, automated, security)

- Change management

- Project management and program management office (PMO) experience

- Project assurance/advisory services experience:

- System selections

- Targeted assessments

- Pre- and post-implementation reviews

- Basic programming compliant with ACL, DB and Microsoft Office skills/experience, e.g., Excel and Access

Additional requirements

- Demonstrated track record with a blue chip consulting organization and/or a blue chip organization

- Strong academic record including a degree

Certifications (desirable)

- CISSP, CISA, ISO 27001 LA/LI, ISO 20000 LA/LI, ISO 22301 LA/LI, etc.

Interested candidate can share resume at linkedin@neerinfo.com