Risk & Controls (Non-US) - Process Audit - Senior Associate - BLR/KOL/HYD

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Business Controls

Management Level

Senior Associate

Job Description & Summary

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation.

Reporting:
Position reports to the [Manager/SM]
Key skills and responsibilities:
You will need to demonstrate technical understanding/experience
across the following areas.
 Experience working in data protection and information security
compliance or a related field.
 Knowledge of cloud computing environments.
 Knowledge of characteristics of SaaS, PaaS and IaaS solutions.
 Evaluating the control environment including review of
compensating controls and risk mitigation.
 Information Security assessment processes, including audit,
vulnerability scanning, and security policy and standards review.
 Creating or managing IT security policies and standards.
 Experience in reviewing or generating assurance reports such as
SOC, ISO, PCI/DSS etc.
 Understanding of Information Security fundamentals across multiple
domains, including (but not limited to) security management,
security architecture, application security, network security, access
control, application development, operations security, physical
security, cryptography, telecommunications and networking,
business continuity planning, laws, investigations, and ethics.
Essential Criteria:
 2 or more years’ experience in professional roles involving
information security, data privacy and/or controls testing.
 Knowledge of information risk and compliance principles. Broad
understanding of security technology and related risk and
compliance issues
 Senior stakeholder relationship management
 Excellent attention to detail and a passion for delivering high quality
output for clients
 Ability to work independently and as part of a team.
 Great teamwork skills and ability to manage a varied workload.
Client management:
 Develop strong working relationships with the client and onshore
client teams.
 Maintain excellent rapport and proactive communication with the
stakeholders and clients.
Operational excellence:
 Suggest ideas on improving engagement productivity, including
using technology, and identify opportunities for improving client
service.
 Ensure compliance with engagement plans and internal quality &
risk management procedures.
People related:
 Display teamwork, integrity, and leadership. Work with team
members to set goals and responsibilities for specific engagements.
 In addition to being an exceptional individual contributor, manage
engagements and relevant teams allocated for the same.
 Foster teamwork and innovation.
 Utilise technology & tools to continually learn and innovate, share
knowledge with team members and enhance service delivery.
 Conduct workshops and technical training sessions for team
members.
 Be actively involved in team building activity for strong group/team
synergy
 Contribute to the learning & development agenda and knowledge
harnessing initiatives

Minimum qualifications:
 Relevant degree in technology, information governance, data
privacy, information security or similar.
 Cyber Security related certifications including ISO27001 Lead
Auditor, CISA, CISM, COBIT, CISSP, CIPM
 Degree in Information Technology or related subject or equivalent
experience
 Strong understanding of information security controls & ISMS
standards such as ISO 27001/2, COBIT and NIST
 Experience with SOC2 compliance standards

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date

January 31, 2025