6 Application Control Jobs

As a part of RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization.Qualification and Minimum Entry Requirements Job Description B.Tech(CSE/IT)/MCA/MBA/CA with 0-5 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Preferred candidate profile

Mandatory technical & functional skills: Knowledge of security measures and auditing practices within various operating systems, databases and applications. Experience in assessing risks across a variety of business processes. Experience of working on Financial Services sector clients. Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients. Hands on experience of working on IT General Controls, IT Application controls testing, IT Internal Audits, IT Risk Assessments, Third Party Risk Management. Knowledge of regulations impacting the privacy, integrity and availability of customer PII. Exposure of having led IT Audit engagements Exposure of working on Identity Access Management aspects like user management, authentication and authorization. Has team leading experience and has been a performance manager in current or last role Technical skills: Prior experience in evaluating the design and operating effectiveness of technology controls over varied IT platforms including ERP suites, Windows, Unix/Linux, iSeries, Oracle database, DB2 and SQL. Role & responsibilities Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Preferred candidate profile: IT Audit-Bangalore

Perform testing of IT Application Controls(ITAC), IPE, and Interface Controls through code reviews, IT General Controls(ITGC) review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including: Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed Risk Based IT Internal Audit for Financial Services Entities IT SOX 404 Controls Testing, Quality Assurance Internal Financial Controls related to IT General Controls as part of Financial Statements Audits Business Systems Controls / IT Application Controls Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc. Working knowledge of programming languages(C/C++/Java/SQL)

Experience : 5+ Yrs IT Application Control Role** (Immediate Joiner Preferred) This role is for the ERPM Migration Project, focusing on SAP and Oracle cloud-based systems. * Interface control and IT Automated control * Experience in IT Audit. * Designing, testing, and implementing Oracle and IT Automated controls * Strong experience with Oracle Fusion * The candidate will work independently and directly with stakeholders. **Key Skills:** * Mandatory: ITAC, IT Interface controls, Oracle Fusion * Soft Skills: Ability to manage work independently; experience with Oracle or ERP implementations is a plus.

Perform testing of IT Application Controls(ITAC), IPE, and Interface Controls through code reviews, IT General Controls(ITGC) review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including: Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed Risk Based IT Internal Audit for Financial Services Entities IT SOX 404 Controls Testing, Quality Assurance Internal Financial Controls related to IT General Controls as part of Financial Statements Audits Business Systems Controls / IT Application Controls Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc. Working knowledge of programming languages(C/C++/Java/SQL)

Role & responsibilities Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. Qualification and Minimum Entry Requirements Chartered Accountant with relevant 1 2 years’ experience in SSAE 18, SOC reports, IT General Controls and IT Application Controls. Candidate should have basic to intermediate knowledge of financials, operations and technology and its related risks Candidate should have basic knowledge for SOC 1, SOC 2, IT General Controls, and IT Application Controls Qualified to pursue a job-relevant certification (CIA, CISA) Strong Data Analytical skills including advanced Excel skills (VLOOKUP’s, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients Position and Key Responsibilities As an Associate in RSM’s growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the industry leading frameworks and methodologies for Sarbanes-Oxley, COSO, COBIT Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements