Founder at Wellspring Consultancy
Views:326 Applications:15 Rec. Actions:Recruiter Actions:9
IT Auditor/Senior IT Auditor - ITGC/ITAC - Financial Services (3-8 yrs)
We are hiring IT Auditor & Senior IT Auditor - IT General Controls (ITGC) or IT Application Controls (ITAC) for our Financial Services client based at Bangalore.
Roles & Responsibility:
- Identify technology and cyber risk controls within processes.
- Lead internal audit projects related to IT controls, information security / cyber, pre/post system implementation, IT governance, and operational areas; drive consistency of methodology.
- Assists with the development of the audit budget and/or timeframe for how the audit will be completed based on the objective and risk of the areas covered within the engagement.
- Finalizes planning documents and conducts first level review of planning documents as required.
- Coordinates with other audit teams (business unit, regional, and specialist) to ensure evaluations of related areas occur timely and cover key areas within the audit.
- Demonstrates professional scepticism and comfort with questioning how certain processes are being performed in order to facilitate making improvements.
- Applies analytical skills to review information, perform assessments of the audit results, and evaluate the adequacy of controls.
- Reviews the work papers of the audit team members ensuring that departmental standards have been met.
- Communicates the audit status to business unit stakeholders and Audit Services management.
- Drafts findings and recommendations for the purpose of status updates, memos, and audit reports.
- Maintain technical competence by ongoing training, seeking development opportunities and applying new knowledge to daily work assignments.
Experience and Skills Required:
- Minimum of 3-8 years of IT Auditing and systems experience - IT General Controls (ITGC) and IT Application Controls (ITAC).
- Knowledge of audit procedures and technical security and control standards usually obtained through related work experience and a four year degree program is required to perform system audits.
- Solid understanding of IT and Cybersecurity controls.
- Skills as needed to perform testing of design and operational effectiveness of application controls (e.g., Interface and Application Security Controls).
- Skills as needed to perform testing of design and operational effectiveness of information security and Cybersecurity controls (e.g., Penetration Testing, SecOps, Security Information and Event Monitoring, Data Security, Vulnerability Management, Insider Threat).
- Knowledge of systems software applications and databases common to the mainframe and distributed environments, such as UNIX, iSeries, and Windows is a plus.
- Understanding of networks, routers, and firewalls is also a plus.
- Understanding of newer technologies (e.g., Containers, Kubernetes, CI/CD) and cloud infrastructure (e.g., AWS, MS Azure) is a plus.
- Knowledge and awareness of NIST Cyber Security Framework, SANS, and Center for Internet Security (CIS) benchmarks is a plus.
- Certified Information System Audit (CISA) certification is preferred. Additional certifications such as Certified Information Systems Security Professional (CISSP), or other related certifications is a plus.
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.