Request Post for- Assessment & Assurance

Job Description

PRIMARY DUTIES AND RESPONSIBILITIES:
• Conduct high quality control assessment operations for Global Technology across annual firm wide regulatory programs ( Financial (SOX, CCAP, etc.), Privacy (GLBA, GDPR, etc.), Payments (PCI), AND Internal compliance to Application and Infrastructure Control Domains
• Integral part of a team responsible for execution of annual firm wide SOX/ CCAP program, testing the evidence of the controls and identifying any significant control deficiencies, working with the appropriate Assessment leads/ Technology Control Officer to identify appropriate remediation to improve the controls as necessary.
• Integral part of a team for execution of Application Risk Assessment (ARA) process that aims to gather risk specific information about an application.
• Integral part of a team for execution of firm wide PCI DSS compliance program and provide end-to-end control oversight, assurance of compliance with requirements of the Data Security Standard, as well as risk and issue management and analysis.
• Integral part of a team for execution of the Application Control Testing program including initial interviews regarding standard controls usage for applications in scope; assist with the identification and testing of shared controls. Perform testing of the evidence submitted to validate it justifies control effectiveness.
• Work with technology teams to walkthrough, gather control design requirements facilitate discussions and bring to closure control issues.
• Advise Lines of Business (LOBs), based on the testing their results to ensure they are in compliance with the Firms guidelines.
• Communicate issues and evaluate issues/findings and best practices with the rest of the team and manager.
• Perform QC reviews of control testing working papers.
• Work actively with the Assessment Leads/ Technology Controls Officers on the guidance and IT-related issues.
• Participate in additional key control projects related to enhancement of the Compliance and other assessment programs.
• Support internal education and best practices sharing with peers and colleagues, as well as information security education & awareness, as needed.
QUALIFICATIONS:
• Bachelors degree preferably in Computer Science or Information Technology.
• Minimum 5-7 years internal or external technology audit experience ( Big 4 experience preferred)
• Have a strong background in Auditing, understanding of internal controls, particularly General Computer Controls (GCC).
• Have an ability to effectively develop and communicate recommendations based on SOX Corporate Office (SCO) guidance.
• Experience in Application assessment and control testing.
• Experience in PCI DCC compliance requirement and control testing.
• Be detail oriented with ability to evaluate processes, controls and issues to determine the risks.
• Have an ability to maintain high standards with a drive to achieve the right answer in difficult and/or ever changing situations.
• Can work independently, collaborate within a team and is comfortable in a virtual environment.
• Proficient verbal and written communication skills, including the ability to effectively lead discussions and meetings with internal management, external/ internal audit and peer groups.
• Strong interpersonal skills - verbal communications, written communications, and a good track record of collaboration.
• Proficient in MS Office - Microsoft Word, Excel, Access and PowerPoint.
• CISA, CISSP, CISM, CRISC certification will be an added advantage.
• Should have reasonable knowledge of APAC technology regulatory requirements
,

Keyskills :
pci dssms officedata securityinternal auditcontrol designmicrosoft wordquality controlrisk assessmentcontrol testingcomputer scienceissue management