Cynosure Looking for Senior IT Security Auditor at Chennai, Tamil Nadu Full Time

Job Information

Industry

Telecommunications

Work Experience

7-10 years

City

Chennai

State/Province

Tamil Nadu

Country

India

Zip/Postal Code

600018

Job Description

Partners with Technology, business units and external auditors to evaluate IT general control design, implementation, and operating effectiveness in support of ITGC

Perform walkthroughs with management and designs and executes tests of application controls for ISO 27001:2013

Support PCI DSS mock audit and maintenance of PCI DSS certification

Provide Business and IT management with guidance on IT risk management matters,information security, infrastructure security, operational risks

Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness, (Including for risk assessments).

Perform and document IT audit test procedures according to departmental procedures and updates documentation

Identify and report on control deficiencies as appropriate and conduct follow up to ensure significant control deficiencies are correct.

Participate in audits and special engagements related to technology platforms (including Windows, Linux, AWS), systems development lifecycle (including Agile methodology) networking, database and data warehouse architecture, technology strategy, disaster

recovery, data communication, cyber security, and emerging technologies

Provide input to annual audit planning activities and maintain Risk register

Plan, lead, and deliver risk based internal audits business process, risk management and controls across the business

Provide practical and value-adding recommendations to improve business processes and controls

Act as a business partner at both corporate and local level on continuous improvements of the Group’s IT governance.

Follow up and report on key recommendations to ensure agreed actions have been implemented

Act as a business driver to remedy any IT issues, performing pre & post implementation audits while assessing controls and risks on new systems.

Requirements

Skills Required :
Experience auditing or working in the First or Second Line of Defense IT, information security and operational risk functions, or experience with payments and international transactions would be advantageous

Knowledge of risk-based auditing and risk management frameworks (e.g. ISO27001, NIST, COBIT, COSO)

Strong technical knowledge and experience of auditing large and complex networks, preferably in the telecom industry

Experience of managing risk registers, monitoring risks and communicating the treatment of risks to the business

BA/BS in Management Information Systems, Finance or Accounting, Masters or other advanced degree in related areas is a strong plus CRISC, CISA, CISSP, and/or CISM or equivalent certification

Knowledge of COBIT, ISO, NIST, PCI DSS, frameworks.

Ability to evaluate business processes and IT technology, identify risks and evaluate controls

Ability to manipulate large amounts of data and to compile detailed reports

Ability to work well within a team environment and participate in department projects

Minimum of 10 years IT auditing experience

I’m interested