Sr.Spec.DDIT ISC Gov Indep.Control Asses
Hyderabad (Office)
Novartis
Working together, we can reimagine medicine to improve and extend people’s lives.Job Description Summary
We are looking for a motivated and skilled professional to join our DDIT ISC Governance Independent Control Assessments team as a Sr. Specialist. This role involves performing Control Assessments (CAs), identifying deficiencies, and reporting risks. The Sr. Specialist will also be integral in tracking risks and supporting initiatives beyond routine assessments. Furthermore, the individual will assist in developing and delivering awareness sessions and trainings related to Control Assessments.
Job Description
Job Description/ Major Responsibilities
- Conduct Control Assessments and assist in IT Compliance Services delivery across different assets, including in-house applications, SaaS systems, mobile apps, technical platforms, OS, and databases.
- Identify control deficiencies and potential risks during assessments.
- Track and monitor remediation progress.
- Help develop and update awareness sessions/trainings and deliver mandatory trainings to keep the team informed on control requirements and best practices.
- Assess complex technology risks and internal controls, identifying opportunities for improvement.
- Contribute to audit efficiency through automation and continuous control monitoring.
Key Performance Indicators/ Measures of Success
- Number of assessments done versus planned according to defined service levels.
- Identified deficiencies and potential risks from the assessment.
- SMART criteria used for defining recommendations and remediation actions.
- The 4-eyes principle is applied to ensure peer review, with report quality assessed against expected standards.
Minimum Requirements
- Bachelor’s degree in computer science, Information Systems, Accounting, or a related field. Advanced degree (Post Graduation) preferred.
- Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar credentials preferred.
Work Experience
- Minimum of 5 years of experience in IT audit, IT risk management, IT compliance, or a similar role.
- Strong understanding of SOX compliance requirements, internal control frameworks (e.g., COSO), and IT auditing standards (e.g., COBIT).
- Knowledge of IT systems and processes, including system development life cycle (SDLC), IT infrastructure, and cybersecurity.
- Knowledge of SOC Compliance (SOC1/SOC2) and skill in analyzing findings.
Language
Business fluent in English (written and spoken)
Skills Desired
Business Partnerships, Communication, Cybersecurity, Influencing Skills, Information Security Risk Management, IT Governance, Stakeholder Management* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CISA CISM COBIT Compliance Computer Science Governance IT infrastructure Monitoring Risk management SaaS SDLC SOC SOC 1 SOC 2 SOX
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.