Manager - IT Audit/SOX (6-9 yrs)
We are looking to hire a new person with and experience of 6-9 years in GRC (Governance Risk and Compliance) skills.
You are best fit if you have :
- Worked in industry or helped clients in consulting in maintaining and managing ISO27001, ISO22301, NIST and ITGC Sox activities and certification
- Hands on experience of performing security-based risk assessment
- Hands on experience of managing and updating policies and procedures
- Hands on experience of managing the certification
Core Skill Set Required :
- Experience in IT audits and IT Risk Management.
- Experience of Information security standards and frameworks such as: ISO 27001, ISO 22301, PCI DSS, ITIL, COBIT.
- Experience in ISMS/BCMS implementation.
- ITGC Reviews,ITAC and IT SOX
- SAP Audits experience(SAP Basis Configuration review) with automated controls reviews + ITGC skills + GRC knowledge.
- Conducting Information Security Assessment and Risk management in accordance with established standards such as ISO27001 etc.
- Experience of information security standards and frameworks such as: ISO 27001, ISO 22301, PCI DSS, ITIL, COBIT
- Experience in the areas of formulation and implementations of information security policies and procedure
- Strong knowledge and experience in ISMS/BCMS implementation
- Experience in conducting application security reviews including:
Application functionality :
- Application controls including segregation of duty (SOD), work flows etc.
- ITGC Reviews and IT SOX
- Establishing procedures and policies for the design, installation and commissioning of the Systems infrastructure.
- Performing IT Security reviews including third party/vendor reviews and experience in developing vendor risk framework
- Industry domain knowledge from BFSI, Capital markets, telecom, IT/ITES, Service etc. would be an added advantage
- Open to travel to Middle East countries as per the job requirements