Looking for Con/ Sr Con : IT Audit
Client responsibilities :
- Participate in IT Risk and Assurance engagements
- Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
- Help prepare reports and schedules that will be delivered to clients and other parties
- Develop and maintain productive working relationships with client personnel
- Build strong internal relationships within the organization and with other services across the organization
People responsibilities :
- Conduct performance reviews and contribute to performance feedback for staff
- Contribute to people-related initiatives including recruiting and retaining IT Risk and Assurance professionals
- Maintain an educational program to continually develop personal skills of staff
- Understand and follow workplace policies and procedures
Technical skills requirements :
- Preferably B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA .
- Knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one :
a) IT governance and risk
b) IT assurance and compliance
c) Data Analysis
d) Depending upon your specific area(s) of focus, you- ll have additional skills and knowledge in :
- IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines
- Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX
- Internal audit services with a specific focus on IT, and related industry standards
- Common IT governance, control and assurance industry frameworks, including CObIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices
- IT industry frameworks such as ITIL and CMM
- Third party reporting standards (particularly SSAE16), other reporting and industry specific standards and, if applicable, trust based standards such as SysTrust and WebTrust
- Security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems
- Familiarity with IT analysis, delivery and operations methods, including SDLC and CMM
- Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL,COBIT
- Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing
- An understanding of web-based application vulnerabilities, and experience inapplication security review and testing
- Experience ofmanual attack and penetration testing above and beyond the running of automated tools
- Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)
- Application controls and security experience :
a) Sensitive access and SoD testing
b) Controls testing
- Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc.
Additional requirements :
- Demonstrated track record with a blue chip consulting organization and/or a blue chip organization
- Strong academic record including a degree
Didn’t find the job appropriate? Report this Job