This role is primarily responsible for consulting in IT Risk Management in the area of Risk and Controls assessment / Security assessment around various Applications / ERP and RDBMS, identifying issues and providing recommendations on Risk Advisory engagements.
The role entails being a Team Member on IT engagements in the following areas:
Ø Regulatory Compliance including SOX, GLBA and other regulations
Ø Internal Audit Support
Ø Application / ERP Security Reviews
Ø Database Reviews
The role entails creation of audit plan, review of new systems / existing systems for appropriate security, management and data integrity risks and controls. The position requires preparation of written reports and communication of findings to all levels of management in accordance with traditional internal auditing standards (IIA) and requirements under regulatory compliances.
Successfully execute client engagements as per the project plan.
Create high quality and impactful deliverables in an efficient timely manner
Demonstrate and apply a thorough knowledge of IT controls, IT management frameworks and audit procedures to understand, document, analyze and assess client’s IT organization, processes and systems.
Assist in proposal development, project planning, project management, issue analysis, client presentation and reporting.
Independently manage/lead specific areas of project delivery and client relationships at different levels as determined by the project manager.
a. Good understanding of IT Management Frameworks such as COBIT, ITIL and regulations such as SOX, PCI Compliance, HIPAA
b. Domain Experience
i. ERP Implementation/Assurance experience/certification for one or more of the following: SAP; People soft ;Oracle; JD Edwards And/Or IT Security & Risk Management (UNIX, AS/400, Mainframe, Windows)
c. IT General Controls Review
d. SAS 70 Reviews
e. IT Operational review
Work Experience: Several years of IT advisory services experience in delivering IT audit, operations and application review projects to clients
The candidate must have worked in the area of Risk Management / Information Security around various Applications, ERP and Databases in either of the following industries:
Ø Private / International Banks
Ø Insurance Companies
Ø IT Industry
Ø Big 4 or other Accounting firms doing IT Audits
EXL - 18 months ago
copy to clipboard -
EXL is a leading provider of offshore business process outsourcing solutions to the Global 1000. EXL strives to build lasting relationships...