Job Description: IT Risk and Compliance Consultant
Business Domain: IT and Software
Qualifications: B.E./B.Tech / MCA
Expertise expected in: some of these areas (SOX compliance, COBIT , ISACA )
Only candidates with experience in IT Risk & Compliance need to apply
Additional experience may include CMMI v1.1, Six Sigma, Lean, ITIL, Metrics and project management.
Responsibilities:
- Working with IT process and control owners, design IT General controls (ITGC), and remediation plans. Assess, perform gap analysis, make recommendations for improvements.
- Assist IT process and control owners with testing and completion of ITGC testing for SOX compliance.
- Identify control deficiencies, mitigating controls and compensating controls
- Track and report on status of all SOX ITGC testing and reported deficiencies
- Support Compliance with internal audit, external audit IT control assessments, findings and deficiencies follow-ups and lead coordination efforts.
- Track and report on status of all Internal Audit and external audit IT controls testing and reported findings and deficiencies.
- Provide controls, compliance and risk assessment training to IT process and control owners.
- Provide leadership, guidance, mentorship to compliance analyst.
- Leads and coordinates other compliance assessments and audits
- Introduce a culture of Risk Management supported by policies and guidance
- Responsible for the development, auditing, testing and implementation of Business Continuity Plans.
- Create action plans which show how these policies and plans will be implemented and undertake regular audits to demonstrate that they are effective
- Ensure Periodic review of Risk Assessment.
- Develop a detailed understanding of the activity under audit and assess IT risks and effectiveness of controls.
- Provide support to the internal audit team through extraction of data from applications/databases under audit and perform data analytics inquiries
- Advise IT and business stakeholders on control best practices within their processes to reduce risks, improve efficiency and financial profitability
- Conduct reviews with respect BCP/DR plan and Test results.
- Responsible for Improvement opportunities like Six Sigma, Bench marking.
- Ensuring statutory and Regulatory compliances as applicable.
- Responsible for process improvement, Process automation and other corporate initiatives in Quality and Security.
- Carry out Process audits and follow-up for closing Non Conformities.
- Conduct Information Security Awareness session for the employees.
- Perform Access control review (ACR) for assigned projects.
- Ensure that Incident/Problem handling, change and configuration management process are strictly followed and are inline with the Industry best practices like ITIL and ISO20000.
General Abilities:
- Should have good client facing abilities. Solution Mindset. Should have good client presentation and client management skills.
- Good knowledge of Software Engineering, QC Techniques, Development methodologies, SPC techniques
- Good exposure to project management, Tools used in software development and process management(process mapping - Visio, Configuration mgmt tools, Defect tracking tools, MS Project etc)
- Consulting exposure.
- Should have ability of configuring solutions based on customer needs. Highly dynamic and proactive
Didn’t find the job appropriate? Report this Job