Consultant at Michael Page
Views:105 Applications:15 Rec. Actions:Recruiter Actions:8
IT Auditor - Governance/Risk/Compliance (2-6 yrs)
About the role:
Assistant Manager IT, GRC is responsible for planning, executing and reporting on Information Technology Audits, Tech Infrastructure Audits, IT Security/ Vulnerability/ Risk Assessments reviews, Data Privacy and Cybersecurity. Maintenance and periodic testing of automated controls in SAP and other in-house applications. Will also be responsible to maintain and review IT governance and Technology risks and corresponding.
Here's what you will do day to day:
- Executing IT, compliance and regulatory reviews/ audits;
- Conduct Infrastructure Audit, IT Security, Risk Assessment, Network Design, Web Applications Security and Source Code review;
- Conduct vulnerability assessment of System and cloud / physical infrastructure including penetration testing of networks and web applications using third party/ open source tools;
- Perform manual penetration testing of systems, web sites and networks to discover vulnerabilities;
- Establish policies and procedures for the design, installation and commissioning of the systems infrastructure;
- Perform ITGCs, and test of control in support of financial audit;
- Communicating to appropriate audience the audit scope, protocol, status, issues, risks and recommendations via written reports and presentation;
- Audit wide range of areas, including IT General Controls, IT Strategy, Change Management, Project Management, Cyber, Digital, Business Continuity & IT Disaster Recovery, Data Projection, and IT Infrastructure & Asset Management, etc.;
- Perform technical reviews of databases (including Oracle, AS400, SQL etc.) and other infrastructure components for example web server security/ firewalls/ networks/ encryption/ TCP/IP/ windows etc.;
- Perform data analytics to review processes, transactions and financial data;
- Tracking, compiling and reporting KPIs;
- Performing special projects, investigations, and other duties as assigned
Here's what we're looking for:
Education / Qualification :
- BE, CA, B Tech, ACCA (Required), MBA (desirable).
- Certifications (desirable) - CISA, CISSP, CSX, PMP, ITIL, CEH, COBIT, ISO 27001 LA.
- 3-5 years of relevant experience
- Experience of using data analytics & other CAATs (Computer-aided audit tools) to support internal and/or external audits;
- Experience of preparing and delivering internal and/or external presentations
- Has undertaken internal and/or external audit reviews of ERPs (including SAP and inhouse applications, G-suit applications etc.);
- Experience of working with large corporate entities from technology or e-commerce sector;
- Proficient in data analytics tools;
- Familiar with using good practice frameworks and regulatory standards, including COBIT, ISO 27001, GDPR/DPA 98, SOX404, Cyber Essentials, and Agile;
- Experience on Data privacy and Business Continuity would be an added advantage;
- Ability to communicate technical risk issues effectively, to stakeholders who may, at times, have a non- technical background;
- Demonstrate ability to evaluate, synthesize, organize and interpret data and information;
- Strong interpersonal, project management, analytical and supervisory;
- Excellent written and oral communication skills;
- Ability to work in a dynamic work environment;
- Ability to manage multiple projects & priorities simultaneously and be comfortable with ambiguity/ chaos.
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.