Manager Recruitments at Derive Management Solutions Pvt Ltd
Views:18 Applications:6 Rec. Actions:Recruiter Actions:2
IT Compliance Role - Accounting Firm (7-9 yrs)
IT - Compliance
Role Requirements :
- 7 to 9 years of work experience, BE / relevant experience in Group 4 consultancies, or likes of Group 4 . CISA / DISA / CIA preferred for SM roles.
- Has high ethical standards and are able to work diligently to complete your duties.
- Has an analytical mind able to "see" the complexities of procedures and regulations.
- Demonstrate the ability to plan and execute projects with minimal management support.
Job description - Regulatory & Compliance Audits
- Interpret IT control requirements from regulatory guidelines and circulars and prepare a detailed framework for implementation and Advisory on implementation of information security controls
- Ensure that IT regulatory requirements are tracked and continuously monitored.
- Plan audit calendars and schedule the same
- Manage all internal and external audits related to IT and Non IT .
- Plan and Overseeing all IT audits (12 audits including CISA (PPI) ,RBI/ ReBIT Audit, CIS (insurance), PCI DSS, partner bank audits, ISO 27k ,Stat audits ,NPCI audits etc.
- Fore fronting all the audits and act as POC for all escalations for any audit related activities
- Liaise with auditors to explain infosec posture, org structure, provide technical architecture overview, process understanding on IT controls etc.
- Support management to provide audit finding responses, implementation of controls as per audit recommendations etc and ensure all IT audit observations are taken to closure
- Ensure Review of policies and procedures on a periodic basis or whenever there is change and place it for Management approvals to board on a timely fashion
- Preparation of architectural diagrams and technical documentations for audit and regulatory purposes along with stakeholders and consultants
- Ensure the Business Impact Assessment of new businesses, applications etc.
- Ensure Risk assessments for all IT assets and processes periodically and ensure RA/ RT is in place.
- Run project management for implementation of various security controls by liaising with different teams.
- Renewal of certifications on time (ISO and PCI DSS)
- Review all merchant and IT vendor contracts for clauses w.r.t information security and regulatory requirements
Monitoring and Guidance :
- Exception management, review (periodic) controls, analyse and make appropriate recommendation
- Provide guidance to the stakeholders