Grant Thornton - Assistant Manager - IT Risk Assurance

Roles and responsibilities:

- Providing support in IT Advisory services offered by Grant Thornton to its clients in the following domains:

- Disaster recovery and business continuity management

- Information privacy

- Information regulatory compliance (RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, IRDA, UIDAI)

- Information risk management

- Information security and information assurance

- Information technology controls for financial and other systems

- Identifying processes and technologies to maintain and enhance the security architecture

- Have a fair understanding of Business Continuity Planning and DR Drills

- Should have conducted Information Life Cycle management reviews in the past

Expected profile:

- One to eight years of overall experience in information security governance, risk and compliance

- BE/ B.tech/ ME/ M.tech/ MCA/ MS/ MBA from a reputed institute

- Should have at least one of the following certifications : CISA/ CISM/ CISSP/ ISO27001 LA/ ISO 22301 LA/ CBCP, or any other relevant certification

Required skills:

- Perform risk assessment, controls and documentation with expected standards (information technology/ business process)

- Perform SOX compliance audits, SSAE 18 audits, as well as testing and reporting

- Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2)

- Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.)

- Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable

- Ability to adapt to new scope areas and technologies

- Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more

- Ability to manage client communication and escalation

- Ability to make all attempts to guide the peers and self to improve client satisfaction scores

- Participate in proposal preparation