Opportunity for " IT GRC "

Ikya Human Capital Solutions Pvt Ltd
  • Chennai
  • 10-14 lakh
  • 5-10 years
  • Views
  • 26 Dec 2016

  • IT/ Information Technology

  • IT/ Technology - Security
Job Description

Essential Job Functions:
Independently assess the design effectiveness of IT General Computer Controls for Information Security, Change Management, and IT Operations
Develop test plans and detailed test procedures to assess operating effectiveness of the IT General Computer Controls for Information Security, Change Management, and IT Operations
Collect, evaluate, and maintain data to ensure that required management reporting is completed as needed (this also includes inputting appropriate data into systems such as RSAM & Bwise)
Assist in ISO 27001 & ISO 20000 certification efforts, including risk assessments, internal compliance assessments, and program management
Assist in monitoring open audit items form audits, such as WBG internal audit department (IAD) IT audits, external financial audits on Internal Controls over Financial Reporting (ICFR), and ISO 27001 & ISO 20000 certification audits to ensure execution of remedial activities defined in the agreed action plans and risk treatment plans
Perform other duties in the compliance work program, as assigned

Role Specific Experience:
5+ years of experience working in a policy writing capacity in the areas of information security, information technology, or emerging technologies
Experience in conducting design and operating effectiveness testing for the ITGCs
Demonstrated experience in implementing compliance frameworks for financial services organization or organizations with similar information security needs and requirements
Experience in conducting assessments, designing processes, and implementing SOX controls for the IT General Computer Controls (ITGCs) areas for the IT General Computer Controls (ITGC) for Information Security, Change Management, and IT Operations

Certification Requirements:
Industry certifications highly preferred, including but not limited to Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Information Systems Security Management Professional (ISSMP)
Required Skills/Abilities:
Familiarity and understanding of broad range of IT hardware and software products
Good understanding of industry standards and regulations including COBIT, COSO, and SOX
Good knowledge and demonstrated work experience of the use of ISO 27001 control framework and Information Security Management System (ISMS) implementation
Demonstrated knowledge of IT and security controls for network, database, application and operating systems. Strong knowledge and work experience with logical access controls
Knowledge of ERP and financial system including but not limited to SAP, PeopleSoft and Summit, Enterprise GRC systems such as BWise and RSAM
Self-motivated with the ability to work independently and within groups with minimal supervision
Excellent written and verbal communication skills, presentation, and problem solving skills, and ability to interact well with peers and internal customers
Highest ethical standards

Job Posted By