IKS Healthcare - AVP - Internal Audit

Key Responsibilities :

- Responsible for planning and execution of risk based internal audits across various business process and enabling function

- Responsible for ensuring adequate coverage of audits based on criticality of the business process, existing risk governance framework

- Responsible for identification of right set of individuals for performing audits as per their skill set to meet the requirements of the planned audit calendar

- Responsible for preparation, review and periodic revision of audit checklists, audit methodology, sampling guidelines

- Provide guidance and assistance to team on performing objective and evidence based audits

- Responsible for ensuring professional audit work is performed by the team and self in conducting reviews of assigned organizational activities to provide objective assessment of internal controls and operational performance

- Responsible for driving closure of audit identified issues and mitigation of risks on a timely basis

- Responsible for conducting analysis of audit issues, identification of trends, patterns and designing of policies and processes to ensure audit issues are not repeated

- Responsible for liaison with external audit firms for ongoing certification assessments and new certification projects

- Responsible for handling end to end activities for certification/attestations to various standards such as ISO 27001, SSAE16, PCI-DSS

- Responsible for providing guidance to internal departments and performing audit activities related to in areas of Ethical hacking, Penetration testing, Cloud security, Application security testing

- Participate in reviews of internal controls and security of systems under development as well as major IT projects and initiatives

- Review all system-related information security plans throughout the organization's network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department

- Facilitate the development, implementation, communication and enforcement of privacy policies throughout the system

- Support conformity with the privacy and security policies and procedures as part of the performance evaluation process for all employees and the privileging process for credentialed providers

- Perform IT & IS Vendor evaluations to ensure all new vendors meet the security requirement

- Responsible for review the client and organization IT connectivity in transition stage to ensure all security requirements are built

- Responsible for managing trainings for educating stakeholders on compliance aspects related to HIPAA, Data Security and Privacy

- Responsible for investigating security incidents and preparing investigation reports for internal and external stakeholders

Functional Competencies (Qualification & Relevant Experience) :

- Overall 8 + years of experience

- Lead Auditor for ISO 27001/ISO 9001/PCI-DSS Implementer, CISA/CISSP Certification

- Risk Management certification (CRMA/RMI-PMP/RIMS-CRMP)

- Project Management certification (PMP)

- Experience and knowledge on US Regulations, Data Privacy, Information Security controls and Risk Management methodology

- Experienced in Report Writing Skills

- Experienced in performing analysis and creating dashboards/presentations

Behavioural Competencies :

- Vigilance

- Technical Aptitude

- Quality Orientation

- Result focused

- Risk Management

- Conceptual Thinking

- Delegation

Jasleen