Protiviti - Senior Consultant - Risk Consultant - Technology Consulting (1-4 yrs)
Risk consultants work in a client facing role and take on the responsibility of identifying, assessing and monitoring risks by developing a risk management plan and strategy. They assist clients in addressing compliance, financial, operational and strategic risk. They work in teams to provide high-quality execution of projects for clients across a wide range of industries. Typical projects comprise of conducting reviews of systems, processes and internal controls. They provide recommendations to clients for improvement or remediation and draft reports on gaps & key issues requiring redress.
Risk consultants demonstrate in-depth technical capabilities and professional knowledge by staying abreast of current business and industry trends relevant to the client's business. They establish deep relationships with client personnel (at appropriate levels) by understanding client's perspective and become the de-facto - go-to-person- . Their work output is expected to be of outstanding quality. They constantly monitor project progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes.
Risk consultants also participate in sales and support business development initiatives. In addition, they get opportunities to perform research and contribute to the development of thought leadership. If assigned, they are expected to coach, train and support junior members in the team.
Risk professionals assist clients with testing internal process controls and developing internal audit plans. They assess the current state of an organization's internal control/Sarbanes-Oxley Act framework and help clients drive value and efficiency in their internal controls utilizing the latest technology and leading practices.
- Experience in Information Security and related functions such as IT audits and IT Risk Management
- Qualification - BE, MBA (desirable) and Certifications (desirable) - CISA, CISSP, PMP, ITIL, CEH, COBIT, ISO 27001
- Experience in conducting Information Security Assessment and Risk management in accordance with established standards such as ISO27001 etc.
- Experience of information security standards and frameworks such as: ISO 27001, ISO 22301, PCI DSS, ITIL, COBIT
- Experience in the areas of formulation and implementations of information security policies and procedures
- Experience in conducting application security reviews including
- Application functionality
- Application controls including segregation of duty (SOD), work flows etc.
- ITGC Reviews
- Experience in developing Business Continuity Planning and Disaster Recovery plan
- Experience in the areas of IT SOX testing. Experience in ERP controls (SAP/Oracle) would be an added advantage
- Experience in the areas of establishing procedures and policies for the design, installation and commissioning of the Systems infrastructure.
- Experience in performing IT Security reviews including third party/vendor reviews and experience in developing vendor risk framework
- Industry domain knowledge from BFSI, Capital markets, telecom, IT/ITES, Service etc. would be an added advantage
- Strong knowledge and experience in ISMS/BCMS implementation
- Proficient in Microsoft Office suite applications (Ms word, Ms Excel, PPT, Visio and Project)
- Should possess interpersonal skills to interact in team environment and foster client relationships and should have the ability to communicate technical risk issues effectively, to customers who may, at times, have a non-technical background
- Must have the ability to write technical reports, detailed presentations and documentation
- Demonstrate understanding of the importance of business ethics
- Should have sound job administration skills and must be able to handle highly confidential information in a strictly professional manner
- Must be able to maintain professional demeanor in times of high stress
- Open to travel as per the job requirements. It would depend upon the assignment as well.
Key Personal Attributes :
- Direct, client-facing engagement responsibilities
- Demonstrates the attributes of excellent client service and assists team members in developing technical and professional competency
- Identifies areas of IT risk and opportunities to improve IT business processes
- Serving as both role model and trainer, demonstrates the attributes of excellent client service and assists team members in developing technical and professional competency.
- Establishing procedures and policies for the design, installation and commissioning of the systems infrastructure
- A good blend of creative thinking and rigorous analysis in solving business problems
- Possesses excellent oral, written communication and presentation skills. Adept at preparing and presenting reports to an audience.
- Must work well in a team-oriented environment as well as independently. Work with team members to set goals and responsibilities for specific engagements. Fosters teamwork and innovation.
- Mature, proactive and displays initiative. Manages own and others time well. Able to work under pressure.
Protiviti delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders face the future with confidence. Our consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit. We are committed to attracting and developing a diverse workforce of professionals that share the common value of collaboration. As an organization, we believe that by teaming together, with each other, and our clients, we can see beyond the surface of changes and problems organizations face in this fast changing world to discover opportunities others might miss and face the future with greater confidence.
Our more than 4,500 people serve clients through the network of Protiviti and independently owned Member Firms in more than 70 offices in over 20 countries. We have served over 60% of FORTUNE 1000- companies and 35% of FORTUNE Global 500- companies. Our people and organization have consistently been recognized by FORTUNE and Consulting Magazine as a best company to work for. In India, Protiviti's member firm (Protiviti India Member Private Ltd.) is a leading provider of business consulting, internal audit, risk management, technology, tax and regulatory, financial reporting and IFRS advisory, forensic and fraud investigation, information management and transaction services. Protiviti member firms are separate and independent legal entities, are not agents of other firms in the Protiviti network, and have no authority to obligate or bind other firms in the Protiviti network.