Consultant/Senior Consultant - IT Audit

Looking for Con/ Sr Con : IT Audit

Client responsibilities :

- Participate in IT Risk and Assurance engagements

- Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress

- Help prepare reports and schedules that will be delivered to clients and other parties

- Develop and maintain productive working relationships with client personnel

- Build strong internal relationships within the organization and with other services across the organization

People responsibilities :

- Conduct performance reviews and contribute to performance feedback for staff

- Contribute to people-related initiatives including recruiting and retaining IT Risk and Assurance professionals

- Maintain an educational program to continually develop personal skills of staff

- Understand and follow workplace policies and procedures

Technical skills requirements :

- Preferably B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA .

- Knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one :

a) IT governance and risk

b) IT assurance and compliance

c) Data Analysis

d) Depending upon your specific area(s) of focus, you- ll have additional skills and knowledge in :

- IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines

- Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX

- Internal audit services with a specific focus on IT, and related industry standards

- Common IT governance, control and assurance industry frameworks, including CObIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices

- IT industry frameworks such as ITIL and CMM

- Third party reporting standards (particularly SSAE16), other reporting and industry specific standards and, if applicable, trust based standards such as SysTrust and WebTrust

- Security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems

- Familiarity with IT analysis, delivery and operations methods, including SDLC and CMM

- Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL,COBIT

- Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing

- An understanding of web-based application vulnerabilities, and experience inapplication security review and testing

- Experience ofmanual attack and penetration testing above and beyond the running of automated tools

- Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)

- Application controls and security experience :

a) Sensitive access and SoD testing

b) Controls testing

- Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc.

Additional requirements :

- Demonstrated track record with a blue chip consulting organization and/or a blue chip organization

- Strong academic record including a degree