Manager - IT General Control/Systems & Process Assurance

Key Responsibilities:

- Lead ITGC and IT application controls (ITAC) reviews as part of financial audit support and independent assurance engagements.

- Plan engagement scope, design testing strategies, and oversee execution of controls testing across IT environments (databases, applications, networks, cloud).

- Evaluate IT policies, processes, and internal controls to identify design and operational control weaknesses.

- Support statutory and regulatory audits with focus on technology-related risks impacting financial reporting.

- Lead SOC 1 / SOC 2 readiness assessments and reporting engagements.

- Manage cybersecurity control review engagements aligned to ISO 27001, NIST, and other frameworks.

- Work closely with financial audit teams ensuring timely and accurate reliance on IT controls.

- Guide clients in enhancement of internal control environment, access management, change management, and incident/problem management processes.

- Supervise and mentor team members, ensuring high-quality deliverables and engagement profitability.

- Build strong client relationships and contribute to business development activities.

Qualifications & Experience:

- Bachelor's / master's degree in information technology, Computer Science, or related field.

- Minimum 7-10 years of relevant experience in ITGC, IT audit, or technology risk advisory roles.

- Preferred certifications: CISA, CISSP, CIA, CPA/CA with IT emphasis.

Strong knowledge of:

I. SOX 404 requirements

II. IT Governance (COBIT)

III. SOC 1/SOC 2 reporting standards

IV. ITIL processes and cloud environments (AWS/Azure/GCP)

- Experience working with Big Four or large advisory firms is advantage

- Understanding of ERP systems (SAP, Oracle, MS Dynamics) and application security concepts.

Core Competencies

- Strong analytical ability to translate IT risks into business implications

- Excellent communication and project management skills

- Ability to manage multiple engagements simultaneously

- Leadership, coaching, and stakeholder management capability

- Aptitude for technology trends and emerging risks (RPA, AI, cloud, cybersecurity, NFTs, Blockchains)

- Opportunity to work with dynamic and high-profile clients

- Exposure to cutting-edge technology risk practices

- Growth-oriented environment with rapid career progression opportunities