Job Description

Job Title: IT Security Auditor
Department: Compliance
Job Location-1: India-Ahmedabad
# of Position(s): 1
Salary Range: INR 5 Lac PA
Shift Timings: Night

Education: Bachelor\xe2\x80\x99s / Master\xe2\x80\x99s Degree in information systems or equivalent
Other Qualification:
CISA, CISM, ISMS Lead Auditor Certifications would be preferable
Active member of IT Security user groups with security certification (CISA, OSCP, etc.)

Experience:
CISA qualified with approximately 3 years\xe2\x80\x99 post qualification IT audit experience, in a professional services environment
KPO/BPO/ITIS experience would be ideal
Experience of working in both an assurance and advisory role would be preferred

Skill & Competence (Required - Must Have)
Knowledge of Service Management Standards, Security Management Standards, HIPAA, ARRA, HITRUST
Past implementation experience of BCMS, ISMS and/or ITSM
Expert knowledge of Information Security Frameworks and IT Governance frameworks & Demonstrated ability to apply IT in solving security problems

Roles & Responsibilities:
Perform HIPAA, ISMS, SOX-IT and SSAE 16 risk based internal audits and monitor gap remediation efforts;
Audit day-to-day security operations and high-visibility business processes;
Manage the end-user security awareness training program & Compliance Hotline;
Maintain a catalog of all internal security controls across the enterprise to include their mapping to the above security frameworks
Maintain security documentation and diagrams. Ability to complete tasks and deliver professionally written reports.
Review and coordinate changes to information security policies, procedures, and standards in an continuous improvement model
Performing Business Impact Analysis, Risk Analysis, Perform targeted fieldwork to test internal controls across the company\'s application, infrastructure, and databases, as well as key business processes;
Identify and develop recommendations to provide for productivity savings and/or enhance process efficiencies;
Supporting and challenging the business to effectively identify, manage and report on IT business risk, including ensuring that committees and governance structures are functioning effectively
Supporting the Compliance Head in developing and maintaining an effective Global Compliance Programme that ensures that the group\xe2\x80\x99s policies are embedded in the business, that good practice is shared, and that any compliance breaches are investigated and resolved promptly.
Develop and foster strong professional relationships within company;
Build the department\'s standing and credibility throughout the organization;

Powered by JazzHR

Advantmed