Risk & Controls (Non-US) - Process Audit - Senior Associate - BLR/KOL/HYD
Kolkata (AC) - Bangalore Quay - Bagmane Tech Park (KSDC)
PwC
We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Business ControlsManagement Level
Senior AssociateJob Description & Summary
A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation.Reporting:
Position reports to the [Manager/SM]
Key skills and responsibilities:
You will need to demonstrate technical understanding/experience
across the following areas.
Experience working in data protection and information security
compliance or a related field.
Knowledge of cloud computing environments.
Knowledge of characteristics of SaaS, PaaS and IaaS solutions.
Evaluating the control environment including review of
compensating controls and risk mitigation.
Information Security assessment processes, including audit,
vulnerability scanning, and security policy and standards review.
Creating or managing IT security policies and standards.
Experience in reviewing or generating assurance reports such as
SOC, ISO, PCI/DSS etc.
Understanding of Information Security fundamentals across multiple
domains, including (but not limited to) security management,
security architecture, application security, network security, access
control, application development, operations security, physical
security, cryptography, telecommunications and networking,
business continuity planning, laws, investigations, and ethics.
Essential Criteria:
2 or more years’ experience in professional roles involving
information security, data privacy and/or controls testing.
Knowledge of information risk and compliance principles. Broad
understanding of security technology and related risk and
compliance issues
Senior stakeholder relationship management
Excellent attention to detail and a passion for delivering high quality
output for clients
Ability to work independently and as part of a team.
Great teamwork skills and ability to manage a varied workload.
Client management:
Develop strong working relationships with the client and onshore
client teams.
Maintain excellent rapport and proactive communication with the
stakeholders and clients.
Operational excellence:
Suggest ideas on improving engagement productivity, including
using technology, and identify opportunities for improving client
service.
Ensure compliance with engagement plans and internal quality &
risk management procedures.
People related:
Display teamwork, integrity, and leadership. Work with team
members to set goals and responsibilities for specific engagements.
In addition to being an exceptional individual contributor, manage
engagements and relevant teams allocated for the same.
Foster teamwork and innovation.
Utilise technology & tools to continually learn and innovate, share
knowledge with team members and enhance service delivery.
Conduct workshops and technical training sessions for team
members.
Be actively involved in team building activity for strong group/team
synergy
Contribute to the learning & development agenda and knowledge
harnessing initiatives
Minimum qualifications:
Relevant degree in technology, information governance, data
privacy, information security or similar.
Cyber Security related certifications including ISO27001 Lead
Auditor, CISA, CISM, COBIT, CISSP, CIPM
Degree in Information Technology or related subject or equivalent
experience
Strong understanding of information security controls & ISMS
standards such as ISO 27001/2, COBIT and NIST
Experience with SOC2 compliance standards
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date
January 31, 2025* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security CISA CISM CISSP Clearance Clearance Required Cloud COBIT Compliance Cryptography Governance IaaS ISMS ISO 27001 Network security NIST PaaS Privacy Risk management SaaS Security assessment SOC SOC 2
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.