The candidate would perform various IT SOX / ISAE 3402 audits, conduct audit meetings, audit scoping, develop audit plan, RCMs, process documentations, flow charts & process maps and reviews of test results.
Responsibilities of the Role
Independently perform IT audit assessments in a client facing environment related to various IT applications (like SAP ERPs, Ariba, Web applications etc) or IT infrastructure (like database security, OS security, network security, cloud security, firewall, routers, switches, VPNs and other network device security etc).
Perform IT SOX / ISAE 3402 audits, conduct audit meetings, audit scoping, develop audit plan, RCMs, process documentations, flow charts & process maps and reviews of test results.
Handle multiple projects adhering to the project deadlines.
Create audit reports and present them to the top management (of client organization).
Schedule periodic meetings with the client & various stakeholders for completing the audits & provide periodic status updates.
Perform data analytics & reporting using advanced excel / SQL / CAATS etc
Requirement:
Prior experience in a similar role (into IT audits, IT security assessments, ISO 27001 audits) is desirable.
Should possess strong conceptual knowledge about IT processes and technologies.
Should be a highly motivated self-starter and possess very good English communication skills (both written and verbal) as he/she would be responsible for building and developing senior stakeholder relationships across the globe.
They must be able to converse with technical and non-technical personnel to understand their requirement and provide necessary security related advises.
Knowledge or experience in SAP security / SAP BASIS activities / SAP GRC / Identity & Access management would be desired. Other ERP application knowledge (like Oracle ERP etc) would be an advantage.
Knowledge of advance MS Excel and MS office suite.
Academic Degree:
B.E / B.Tech / MCA / Masters in Science or any degree in information security / cyber risk & security / digital forensics.
Desirable Certifications:
CISA / CISSP / CEH / CISM / ITIL / ISO 27001 / Oracle Administrator / SAP BASIS (At least one of these).