Security Governance | 4 to 6 Years | Mumbai & Bengaluru

Job Description

•    Manages own time and audit activities / participants per strict schedules
•    Demonstrates ability to communicate clear and concrete audit requirements to audit members.
•    Ability to multitask and work on various audits and projects in different phases 
•    Ability to make good judgments based on observations and supporting information
•    Good interpersonal skills, including oral and written communications, listening, interviewing, fostering open communications, facilitating and influencing
•    Analytical and inquisitive, dig deep to obtain a solid understanding of business processes and IT controls 
•    Take responsibility for assigned tasks, understanding and achieving expectations
•    Recognize opportunities and propose solutions to improve business processes
•    Responsible for coordination of IT Control assurance audits 
•    Interacts with external auditors and internal delivery personnel to ensure timely and accurate delivery of audit evidence / control testing.
•    Maintains regular contact with external Auditors, internal management, and Service Delivery regarding status, issues and risks
•    Common activities could include:
•    Maintain audit scope document
•    Maintain client application matrices and exemptions
•    Formal annual review conducted in Q4
•    Maintain audit Team room and security to the individual TROOMs
•    Maintain control owner list
•    Meet with external auditor to review request list and address any issues/concerns;
•    Coordinators own the request list and all updates until first Tuesday after fieldwork begins
•    Send out request items to controls owners, providing location to populate evidence and when required
•    Review audit evidence when received to verify accuracy and completeness
•    Provide status report to audit lead, IT Controls lead, and external auditor field lead with status of evidence obtained. 
•    Weekly meeting with external auditor, IT Controls lead, and audit coordinators to review issues and risks, not detailed activities
•    Weekly meeting with external auditor, audit leads to review detail status items
•    Create control objective testing schedule: based upon defined control priorities. This schedule also used as input into the timeline required for audit evidence (populations and samples) including follow up
•    Monitor, report status and escalate issues or risks within the plan; internal metrics to include: actual vs. Planned, accuracy of testing (i.e. Does External auditor India or External auditor US disagree with the results)


Primary Skills

CISA Certified
ISO 27K/PCI added Advantage

Secondary Skills

Experience with IT Controls testing / auditing (SSAE 16 SOC reports)



Posted on:

March 17, 2021

Experience level:


Contract type:





Cyber Security