IT Audit

Chennai - India

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Experience: 5 years
Location: Chennai
Work from Office

Top 5 Skill Set

Hands-on experience with security technologies
Hands-on experience with GRC platforms (RSA Archer MetricStream ServiceNow GRC).
Experience in Information security and business continuity internal audits
Strong Knowledge in risk management ISO 27001 ISO 22301 PCI DSS HIPAA GDPR SOC 2
Knowledgeable in security concepts techniques tools methods and practices
Good technical in cyber security products
Individually to perform the technical audits.
Necessary to be proactive/Assertive and manage the portfolio independently.

General description of the role:

Minimum 8 years of experience in managing security audits such as ISO 27001 HIPAA SOC 1 SOC2 PCIDSS
Coordinate/Lead the transformation of manual GRC processes into automated workflows using industry-leading GRC platforms (e.g. RSA Archer MetricStream ServiceNow GRC).
Including preparing control owners for audits interpreting control requirements reviewing control evidence for appropriateness testing control effectiveness presenting control evidence to external auditors and audit planning with external auditors
In-depth knowledge of security controls interpreting control requirements for SOC 2 ISO or HIPAA PCIDSS audits reviewing control evidence for completeness an accuracy and ensuring evidence provided to auditors satisfies control requirements.
Ability to of plan and lead meetings with control owners and external auditors.
Ability to clearly define control requirements to control owners or explaining control evidence to external auditors.
Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness following up on audit requests and helping to establish a continuous monitoring function.
Assist in testing and verification of all controls and formulating reports documenting findings.
Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies standards and procedures.
Work closely with internal business teams to assist in the identification and assessment of potential security risks and establish risk owners ratings and management action plans.
Ensure continuity of compliance with ISO27001 and ISO 22301 PCI DSS HIPAA GDPR
Analyse potential impact of new threats and communicates risks to relevant business units
Manage security operations analyse security exceptions gather necessary background information document exceptions and ensure that the risk is recognized and managed with compensating controls
Provide orientation to Business Units on Risk Assessment Business Continuity Plan and Business Impact Analysis
Facilitate in preparation of Business continuity plan for each project and functions
Conduct internal ISMS and BCMS audits and identify potential gaps in the system
Prepare detailed and summary reports of assessments remediation plans as needed and advise internal stakeholders
Report the audit findings on the potential weakness in the system and areas of improvement

Experience: 5 years Location: Chennai Work from Office Top 5 Skill Set Hands-on experience with security technologies Hands-on experience with GRC platforms (RSA Archer MetricStream ServiceNow GRC). Experience in Information security and business continuity internal audits Strong Knowledge in ri...

Experience: 5 years
Location: Chennai
Work from Office

Top 5 Skill Set

Hands-on experience with security technologies
Hands-on experience with GRC platforms (RSA Archer MetricStream ServiceNow GRC).
Experience in Information security and business continuity internal audits
Strong Knowledge in risk management ISO 27001 ISO 22301 PCI DSS HIPAA GDPR SOC 2
Knowledgeable in security concepts techniques tools methods and practices
Good technical in cyber security products
Individually to perform the technical audits.
Necessary to be proactive/Assertive and manage the portfolio independently.

General description of the role:

Minimum 8 years of experience in managing security audits such as ISO 27001 HIPAA SOC 1 SOC2 PCIDSS
Coordinate/Lead the transformation of manual GRC processes into automated workflows using industry-leading GRC platforms (e.g. RSA Archer MetricStream ServiceNow GRC).
Including preparing control owners for audits interpreting control requirements reviewing control evidence for appropriateness testing control effectiveness presenting control evidence to external auditors and audit planning with external auditors
In-depth knowledge of security controls interpreting control requirements for SOC 2 ISO or HIPAA PCIDSS audits reviewing control evidence for completeness an accuracy and ensuring evidence provided to auditors satisfies control requirements.
Ability to of plan and lead meetings with control owners and external auditors.
Ability to clearly define control requirements to control owners or explaining control evidence to external auditors.
Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness following up on audit requests and helping to establish a continuous monitoring function.
Assist in testing and verification of all controls and formulating reports documenting findings.
Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies standards and procedures.
Work closely with internal business teams to assist in the identification and assessment of potential security risks and establish risk owners ratings and management action plans.
Ensure continuity of compliance with ISO27001 and ISO 22301 PCI DSS HIPAA GDPR
Analyse potential impact of new threats and communicates risks to relevant business units
Manage security operations analyse security exceptions gather necessary background information document exceptions and ensure that the risk is recognized and managed with compensating controls
Provide orientation to Business Units on Risk Assessment Business Continuity Plan and Business Impact Analysis
Facilitate in preparation of Business continuity plan for each project and functions
Conduct internal ISMS and BCMS audits and identify potential gaps in the system
Prepare detailed and summary reports of assessments remediation plans as needed and advise internal stakeholders
Report the audit findings on the potential weakness in the system and areas of improvement