Senior Manager - Internal Audit/Quality - IT

Internal Auditor/Quality

Job Responsibilities:

1. Develop and maintain audit plans, scenarios, schedules and checklist in accordance with standards and requirements

2. Conceptualize and drive implementation of a comprehensive internal audit framework as part of new initiatives

3. Review the suitability of internal control design and procedures

4. Responsible for information dissemination on Information Security policy, Procedures, Best practices etc. within the specific clients / lines of businesses

5. Collecting data from different sources, maintain database and preparing driving reports

6. Determine the operational efficiency and effectiveness of the systems deployed and identify new process improvement opportunities

7. Determine compliance with policies and procedures

8. Audit assignments includes but not limited to, Business Process Audit, back office team procedures, Financial audit

9. Monitor changes in relevant regulations and accreditation / certification standards affecting information security and make recommendations to the internal stakeholders on the need for policy changes

10. Work with other groups in Information Security and other Technology functions in ensuring seamless integration with security and other processes

11. Own the process of preparation of management dashboards outlining information security compliance measurements against established baseline

12. Knowledge of cyber-security concepts (threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network/application security, web security, etc.)

Qualification:

1. Professional certifications such as CISA / ISO27001 LA and similar International Certification are preferable (though not mandatory)

2. Must have overall experience in Information Security / IT compliance / Systems Audit/Contract Management

3. Sound knowledge of Risk management with an ability to talk to process owners, identify potential risks within organizational context, and work with stakeholders in recommending and implementing mitigating controls

4. Experienced at collating and preparing information security and compliance metrics for management consumption

5. Must have worked with a reputed consulting organization or IT Services Organization

6. Understanding of industry and regulatory governing bodies standards such as ISO 9001-2015, ISO 27001-2013, CMM etc. and other relevant Regulatory guidelines, Data Privacy Laws etc.

7. Expert knowledge of Internal audit standards, best practices and various control frameworks

8. Very strong communication (written and oral) and presentation skills

9. Strong data analytical skills along with knowledge in use of various data analytical tools

10. Proven ability to conduct Internal Process and security compliance audit independently

11. Strong project management skills