Following are some of our key solution offerings · Risk Based IT Internal Audit · IT SOX 404 Controls Testing, Quality Assurance · IT Attestation (SOC1/SOC2/ISAE 3402, ISAE 3000 etc.) · Internal Financial Controls related to IT General Controls · IT General Controls as part of Financial Statements Audits · IT Risk & Control Self-Assessment · Business Systems Controls / IT Application Controls · Auditing Emerging Technologies such as Cloud, Intelligent Automation etc. Position: Associate Consultants/ Consultants/ Assistant Managers Location: Bengaluru .
Responsibilities
Industry Experience: · Plan and execute the day-to-day activities of IT audit engagements for clients, including system development, package implementation, SSAE 16 readiness assessments, and/or platform reviews within multiple industries · Evaluate the design and effectiveness of technology controls throughout the business cycle · Identify and communicate IT audit findings to senior management and clients · Help identify performance improvement opportunities for assigned clients Additional Responsibilities for Assistant Managers: · Supervise associates and interns on engagements · Serve as a liaison between financial services clients and upper management
Qualifications
· Engineering / MBAs with atleast 3 years of experience · Preference would be given to significant experience in relevant technical knowledge: (a) financial statement – IT Audits; (b) SSAE 18/ ISAE 3402 audits; (c) IT SOX engagements (d) Emerging Technology Risks
· Certified Information Systems Auditor (CISA), COBIT Foundation, ITIL Foundation, CISSP, CRISC would be an added advantage · Possesses extensive experience in at least two of the key solutions of IT Audit & Assurance · Prior experience in client facing / account management roles · Possess strong domain knowledge, understanding of IT processes supporting business and possible risks in operations of at least two industry sectors · Strong analytical and problem solving skills · Strong written and verbal communication skills · Ability to work well in teams · Ability to work under pressure – stringent deadlines and tough client conditions which may demand extended working hours · Willingness to travel within India or abroad for continuous long periods of time · Demonstrate integrity, values, principles, and work ethic and lead by example
Similar jobs
What The Role Is
We are looking for an GRC Operations Officer based in Chennai. This is a new role within the growing IT Compliance function, where you will be responsible for handling audits, implementation of information security policies etc,. The successful candidate will be comfortable working with the team on implementing frameworks and providing support for internal and external stakeholders. Reporting to the IT Compliance Officer for our Chennai team, this role is integral to the successful growth of the team as well as wider company performance.
What You’ll Do
- Contribute and assist with continuous improvement of company policies, practices, and procedures
- Review, modify and maintain existing practices and policies to reflect our operations and values within specific industry-standard frameworks like ISO and NIST, among others
- Provide support for internal and third-party audits
- Respond to due diligence and TPRM requests from customers and other interested parties.
- Support internal staff with GRC-related questions and topics
- Develop, maintain and execute awareness programs
- Be a local representative of the company’s GRC group and manage the physical security requirements for the location
- Work independently and prioritize multiple tasks and adapt to needed changes
- Effectively communicate risks to diverse audiences, both in writing and verbally
- Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process;
What You’ll Bring
- 2-5 years IT Security, IT risk, IT auditing, and/or IT Compliance experience within a technology company, accounting firm, or others.
- Bachelor's degree or equivalent work experience working in compliance/GRC team.
- Exceptional organisational skills and attention to details.
- Knowledge of applicable domestic and internationally recognized information security management, governance, and compliance principles, practices, laws, rules and regulations;
- Information systems auditing, monitoring, controlling, and assessment process.
Perks & Benefits:
- Competitive base salary
- Equity - every employee is a stakeholder in our enormous upside
- A tech-first company culture driven by entrepreneurial thinking and talent
- A great team working in unison towards the same mission
- Transparency is what our product is built on—and so is our culture
- Generous health insurance benefits for employees and their dependents
- Parental leave.
- Flexible work schedule and work-from-home options
- Flexible PTO
Overview:
The Risk Manager will oversee the organization's risk management program, assessing and identifying risks that could impede the reputation, safety, security, or financial success of the organization.
Key Responsibilities:
- Designing and managing the consumers' credit portfolio and risk within the desired target
- Driving new experiments with deeper cust understanding and segmentation
- Leverage traditional and alternate data to create risk policies and ensure effective implementation
- Continuously plans, monitors, and reviews risk management and perform regular checking and/or surveillance to ensure that risk treatment is effective
- Establish, implement and manage risk policy and control frameworks, ensuring that minimum standards, ownership and operation are documented and communicated across the Group
- Manage a governance structure to monitor, challenge and test business compliance with risk policies and control frameworks
- Develop, lead and maintain a center of expertise within 1st line risk management
- Maintain comprehensive credit policy inventory and facilitate timely periodic review/approval of credit policies
- Monitor and communicate new regulatory issues/guidance impacting credit policy, analyze the impact, interpret and implement into policy
Education and Experience:
- Bachelor's degree in Risk Management, Finance, or related field required.
- At least 7+ of related experience is preferred.
- Strong knowledge and experience in risk management and policy
- Excellent verbal and written communication skills.
- Excellent mathematical and critical thinking skills.
- Excellent analytical and problem-solving skills.
- Excellent organizational skills and attention to detail.
- Strong supervisory and leadership skills
- 8-10 years of experience into IT SOX, IT Audits, ITGC testing
- Tech, M.Tech, BE, MBA or similar qualification.
- CISA (Certified Information Systems Auditor), Certified Internal Auditor (CIA), Certified Risk and Information Systems Control (CRISC), or similar professional certification preferred.
- Firm understanding of information technology, including IT process, IT general controls, as well as COSO and COBIT frameworks.
- Good technical knowledge of Application security and Access Management
- Hands-on experience on Excel, PowerPoint, PowerBI, etc.
Qualifications & Responsibilities
Year of Experience : 3- 8 yrs
Location : Bangalore, Delhi, Mumbai, Pune
Work on ISO 27001 & NIST based Information Security Management System implementation and sustenance.
- Responsible for SOX (IT Security Controls) and track the monthly/quarterly/annual control reports and drive effectiveness of SOX controls.
- Work on Business Continuity Planning, IT Disaster Recovery as per ISO27001 & NIST requirements
- Assess information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk
- Conduct Information Systems audits covering IT infrastructure assets
- Working knowledge in security domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection
- Experience in leveraging industry standards and frameworks such as ISO/IEC 27001, NIST CSF/800-171, etc.
- Possesses certifications such as ISO27001 LA. CISSP, CISA certification- preferred
Why NCG?
WHO WE ARE DRIVES WHAT WE DO!
We Don't build the organization; we create an everlasting family. Our people express a sense of winning together when times are good and sticking together when times are tough.
Are you a Doer or Achiever?
Well, at NCG, our doors are Open for Doers and Achievers alike. We are a Cult where we create, innovate, learn and Contribute in a comfortable, transparent, and fair environment.
Joining NCG means contributing to a shared ambition for reliable work culture, tackling extraordinary technological challenges in multicultural teams, preserving your work/life balance, and more!
