Risk Assurance Role - IT Audit/ISO Audit/IT Risk Assurance/IT Governance/Risk Compliance

Risk Assurance Role - IT Audit/ISO Audit

We are looking out for professionals who are into IT audit / IT risk assurance /ISO audit/ IT Governance/ risk compliance.

Please find below the JD :

Key Responsibilities :

- Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement

- Brief the engagement team on the client's IT environment and industry IT trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations

- Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business.

- Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients

To qualify, candidates must have :

- Professional with experience in Information Technology experience in the field of ITGCC, SOX Compliance,SSAE16.

- Expertise in IT SOX compliance, Proficiency in General IT Controls, Business Continuity management, SAP testing, applications controls and performing SAS70 Reviews.

- Risk based Internal Audits - Managing risk based internal audits

- IT strategy consulting services - IT strategy reviews and assistance in implementation of a value governance framework.

- Assisting in application security assessments, business cycle controls (BCCs) review, general computer controls (GCCs), Segregation of duties analysis.

- Security policy and procedure development in alignment with business needs

Business Continuity Plans & Disaster Recovery (BCP/DR) -

- Conducting business Impact Analysis, Identify controls, Develop recovery strategy, plan testing, training and user awareness, and plan review and maintenance for development of effective business continuity management solutions .

Service Delivery : Engagement planning, management, client report review and delivering client presentations.

Knowledge Management : Developing work programs and methodologies to build specific competency and enhance value proposition.

Team Building : Knowledge sharing, training, motivating and development of team members.

- Performing IT-GCC testing for multiple applications, Database Security Audits, SDLC & SQL Reviews, Process Automation, IT Asset Management, Software License Reviews, Operating Systems Security Audits for UNIX (Solaris, Linux, HP-UX, AIX), Windows

- Defining and performing Audit procedures to assess if any identified deficiencies in the application were exploited