Lead the annual review of critical assets involved in financial reporting, ensuring alignment with protection standards and regulatory expectations. Collaborate with external auditors, platform/risk leads, and system SMEs to assess and strengthen information security controls.
Assets in Scope:
Applications:
SaaS platforms, in-house applications/tools, services, EUC solutions, ETL tools, etc.
Databases:
IBM DB2 AS400 (mainframe), Oracle, SAP, SQL, and other relational databases.
Servers:
Windows Server, Linux, Unix, and associated operating systems.
Scope of IT General Controls (ITGC):
Password Controls:
Evaluate password enforcement mechanisms across assets.
Review domain and application-level policies, password storage methods, and encryption algorithms.
Shared Account Management:
Assess use of vaults and PAM solutions.
Identify privileged accounts and review their usage and access controls.
Access Control:
Review provisioning and deprovisioning processes.
Evaluate periodic access reviews and recertification procedures.
Segregation of Duties & Environment Controls:
Analyze the development-to-deployment lifecycle.
Validate user role separation and technical constraints across environments.
Change Management:
Review change logging, testing, and approval processes.
Identify and assess configuration changes via system or deployment tools.
System Management:
Evaluate incident management processes, including error reporting and ticket tracking.
Additional Responsibilities:
Support external auditors with asset sampling, walkthroughs, and evidence gathering.
Document and report control assessments and manage audit findings in line with standards.
Communicate assessment outcomes to SMEs, helping them understand risks and control gaps.
Contribute to team knowledge sharing, testing activities, and training initiatives.
Skills and Knowledge:
Financial Reporting Control Framework (FRCF) Testing
Strong knowledge of ITGC framework
High-level technical knowledge of risk management and audit techniques
Understanding of IT Governance Frameworks & regulatory requirements
Strong relationship-building and communication skills
Ability to influence, negotiate, and manage conflict at a senior level
Strong IT and report writing skills
Corporate governance and compliance understanding
Self-motivated and driven to achieve excellence
Location:
Magarpatta City, Pune
Dimensions:
Operating model designed to deliver value-added services to stakeholders
Dynamic team of 50+ professionals
Works closely with business units, transformation, and risk teams
Coordinates with senior stakeholders and supplier partners
Preferred Qualifications:
BE (CS/IT/EC), MBA, MCA, or Inter CA with relevant ITGC experience
Experience:
2-3 years of relevant experience
Big 4 experience preferred
Job Types: Full-time, Permanent
Pay: ?1,000,000.00 - ?1,200,000.00 per year
Experience:
IT auditing: 2 years (Preferred)
Work Location: In person
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.