5+ IT security audit Jobs in India
Apply to 5+ IT security audit Jobs on CutShort.io. Find your next job, effortlessly. Browse IT security audit Jobs and apply today!
1) Determine client needs and expectations and participate in the development of the overall client service plan. Analyse, develop, and implement information security programs, including organizational design and key processes for our clients as per plans
2)Design and develop cyber security strategies and programs for large and complex organizations
3)Define and implement cyber risk management structures, governance models, organizational transformations in the areas of cyber security
4)Develop security policies, processes, procedures. Map controls and compliance requirements. Responsible for risk assessments, gap analysis (against standards and benchmarks), risk mitigation strategy development.
4)Roll out the GRC Cybersecurity controls framework while balancing the approach with end user experience and compliance
5)Develop and tailor approaches, methods and tools to support clients cyber risk programs and initiatives
6)Provide strategic and operational advice in the areas of safeguarding critical information. Identify areas requiring improvement in the client's business processes to enable preparation of recommendations. 7)Evaluate, implement and operationalize security controls, define metrics for measure performance and establish a framework for continuous monitoring and improvement and Play substantive role in internal and external client relationship and communication
8)Interact with CxOs to define the roadmap for GRC strategy.
9Help build Cyber Transformation practice by getting involved in areas beyond engagement delivery such as pre-sales, RFP response, solution designing, competency development and Go to market strategies
10)Create or help create though leadership content in the emerging areas of Cyber Strategy and Risk Transformation .
Immediate Joiners
IT services provider based out of the US
Job description – Information Security (Network)
Roles and Responsibilities
Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be responsible for implementation of new projects under Information Security Domain
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
- Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
- Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Good knowledge on Privacy, Governance and reporting
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
IT services provider based out of the US
Job description- Information Security(Financial)
Roles and Responsibilities
HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements.
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
- Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
Information Security Specialist
Notice Period: 45 days / Immediate Joining
Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA.
We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.
It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges.
Key Qualifications
· Design, deploy, and support Information Security Solutions provided by BDS
· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms
· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.
· Research and strategic analysis of existing, and evolving all IT and data security technologies
· Establish baselines to define required security controls for all infrastructure components and application stack
· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.
· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts
· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up
· Must be able to work a flexible schedule during off-hours
Key Skills & Qualification
· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance
· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)
· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk
· Exposure of the security audit tools on public cloud platforms
· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture
· Certified Ethical Hacker would be a plus
· Handling of Security audits is a must
· Proven interpersonal skills while contributing to team effort by accomplishing related results
· Passion for learning new technologies and the ability to do so quickly.
http://www.banyandata.com" target="_blank">www.banyandata.com
Position: IT Auditor
Experience: 4-12 Years
Location: Pune
Key Skills Required:
CISA, CISSP, CISM, IT Audit, Technology Audit, IT Infrastructure Audit, Application Security Audit, Information Security Audit, Cyber Security Audit, Cloud Security, Ethical Hacker
Additional key words: Vulnerability assessment, Penetration Testing, ITGC testing, Cloud Computing,
IT AUDITOR is responsible to plan and perform the audit assignment starting from audit announcement, audit planning, field work, audit quality reviews, pre-closing / closing meetings with the respective Directors / Head of the Departments including writing of the audit report and its finalization as well as follow up of the audit actions. Additionally IT AUDITOR will also be responsible to:
• Evaluate IT systems, processes and projects in place;
• Determine risks to the Group’s information assets, and help identify methods to minimize those risks;
• Ensure information management processes are in compliance with IT-specific laws, policies and standards;
• Determine inefficiencies in IT systems, IT projects and associated management processes and
• Consult in IT projects, new initiatives and organizational frameworks.
Description
Audit Planning
1) Perform audits at Volkswagen Group entities. and other concerned Volkswagen Group Companies with focus on IT processes keeping the associated business risks in mind.
2) Participate in the preparation of audit objective & scope document along with audit schedule based on the audit objective and timeline specified by Head of IT Audit India Hub.
3) Participate in the preparation of work program
Audit Process
1) Prepare and conduct preparatory interviews with the Directors and Heads of the audited departments to identify the processes to be assessed during the audit.
2) Request and collect relevant audit data for analysis from respective business areas.
3) Prepare audit matrix on periodic basis to record the audit field work and update the progress of the audit to IT Audit Manager and the Head of IT Audit Hub India.
4) Define actions including relevant controls to mitigate the business risks identified based on the evidences provided during the audit.
5) Organize and conduct pre-closing meetings with business areas to agree upon audit observations and relevant actions.
6) Prepare and conduct closing meetings with the Directors / Heads of the Department for audited division to agree upon the audit observations, risks and proposed actions.
7) Prepare the draft audit report and submit the same to the IT Audit Manager and the Head of IT Audit India Hub for review.
8) Ensure that adequate documentation is prepared for the audit assignment. Peer review changes are done before release of the final audit report to the business area.
9) Contact business area to review the progress of the implementation of audit actions defined in the final audit report. Based on the review, write the status of the follow up and submit the same for upload in RIAS.
10) Obtain necessary certifications / qualifications to support the job requirements by attending relevant trainings
11) Support the conduction of unscheduled audits/special investigations and audits from the anti-corruption system.
12) Relevant knowledge is shared among the team members.
13) Consult in IT projects, new initiatives and organizational frameworks.
14) Ensure information management processes are in compliance with IT-specific laws, policies and standards.
15) Determine risks to the Group’s information assets, and help identify methods to minimize those risks.
16) Evaluate IT systems, processes and projects in place.
17) Determine inefficiencies in IT systems, IT projects and associated management processes.