Control Resilience Assessor

Mumbai - India

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Description

About the team:

The Information Security (InfoSec) team is responsible for protecting the organizations information systems and data from security threats. The team delivers security services that help identify prevent detect and respond to cyber risks while supporting business and regulatory requirements.

The Role:

Perform controls testing across On-Premise and Cloud environments assessing Control Design Adequacy and Control Operating Effectiveness.
Demonstrate knowledge of audit and compliance frameworks such as SarbanesOxley Act Section 404 (SOX 404) SOC 2 SSAE 18 and New York Department of Financial Services Cybersecurity Regulation (NYDFS).
Establish and maintain processes and procedures for control testing across diverse IT environments.
Conduct control walkthroughs with system owners engineers architects and business stakeholders to validate control processes and requirements.
Gather audit evidence perform testing and document results in accordance with organizational standards.
Adapt quickly to new domains and complex assessment activities while ensuring high-quality testing execution.
Lead assigned projects independently ensuring end-to-end ownership and timely delivery.
Support team members through knowledge sharing guidance and collaboration.
Identify report and track control gaps across on-prem and cloud environments including ineffective or inadequate controls.
Assess risk impact and severity associated with identified control deficiencies.
Recommend improvements to control design and implementation to strengthen security and compliance posture.
Support control owners in designing implementing and maintaining controls and documentation.
Prepare comprehensive control testing reports including issue descriptions evidence analysis and recommendations.
Perform additional tasks and responsibilities assigned by management.
Stay updated with evolving information security regulations standards and industry best practices.

Responsibilities

Qualifications

Educated to degree level or equivalent
7-8 years experience with IT and technology controls/audit related engagements
Experience of working within a Global Financial organization
Problem Solving
Delivery focused
Strong communications and stakeholder management

Were committed to equal employment opportunity and provide application interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers from the application process through to joining WTW please email.

DescriptionAbout the team:The Information Security (InfoSec) team is responsible for protecting the organizations information systems and data from security threats. The team delivers security services that help identify prevent detect and respond to cyber risks while supporting business and regulat...

Description

About the team:

The Role:

Perform controls testing across On-Premise and Cloud environments assessing Control Design Adequacy and Control Operating Effectiveness.
Demonstrate knowledge of audit and compliance frameworks such as SarbanesOxley Act Section 404 (SOX 404) SOC 2 SSAE 18 and New York Department of Financial Services Cybersecurity Regulation (NYDFS).
Establish and maintain processes and procedures for control testing across diverse IT environments.
Conduct control walkthroughs with system owners engineers architects and business stakeholders to validate control processes and requirements.
Gather audit evidence perform testing and document results in accordance with organizational standards.
Adapt quickly to new domains and complex assessment activities while ensuring high-quality testing execution.
Lead assigned projects independently ensuring end-to-end ownership and timely delivery.
Support team members through knowledge sharing guidance and collaboration.
Identify report and track control gaps across on-prem and cloud environments including ineffective or inadequate controls.
Assess risk impact and severity associated with identified control deficiencies.
Recommend improvements to control design and implementation to strengthen security and compliance posture.
Support control owners in designing implementing and maintaining controls and documentation.
Prepare comprehensive control testing reports including issue descriptions evidence analysis and recommendations.
Perform additional tasks and responsibilities assigned by management.
Stay updated with evolving information security regulations standards and industry best practices.