5 Infrastructure Audits Jobs

At EY, you will have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help them become even better. Join EY and build an exceptional experience for yourself, contributing to creating a better working world for all. As part of the EY- Technology Risk team, you will contribute technically to IT Risk and Assurance client engagements and internal projects. You will actively establish, maintain, and strengthen internal and external relationships. Identifying potential business opportunities for Ernst & Young within existing engagements and escalating them as appropriate will be a crucial part of your role. Additionally, you will anticipate and identify risks within engagements and share any issues with senior members of the team. We are looking for an Analyst to join the leadership group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities will include evaluating a portfolio of controls for design effectiveness, operating effectiveness, and/or risk management outcomes. You will ensure that assigned control assessments are accurate, effective, abide by policy, procedures, and templates, and meet quality control requirements, delivering them on time according to the assessment plan. Testing and supervising the delivery of assigned controls will involve various areas such as ITGC, ITAC, System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management, ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies and Standards Assessment, and Software Development Lifecycle (SDLC). Managing control owners and stakeholders, applying judgment and risk management concepts to identify findings, provide valuable insights to clients, reviewing IT Policies and Standards, working closely with cross-functional teams, and staying current with regulatory standards and industry best practices are all key aspects of the role. Skills and attributes for success include providing guidance, sharing knowledge, conducting information security assessments, maintaining client relationships, demonstrating a thorough understanding of complex information systems, utilizing extensive knowledge of the client's business/industry, and demonstrating excellent project management skills. To qualify for this role, you must be a Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with at least 2-7 years of experience. Your significant experience in applying relevant technical knowledge in engagements such as ISO assessments, NIST assessments, Data privacy audits, Network and Infrastructure audits, Cyber Maturity Assessment, IT Policies and Standards Assessment, IAM and IT Asset Management, and IT Health Check is required. Ideally, you will also have a robust understanding of program and project management practices and familiarity with a typical IT systems development life cycle. EY offers support, coaching, feedback, opportunities for skills development and career progression, as well as freedom and flexibility in handling your role. Working at EY provides opportunities to work with inspiring and meaningful projects, with a focus on education, coaching, and personal development within an interdisciplinary environment that emphasizes high quality and knowledge exchange. EY exists to build a better working world, creating long-term value for clients, people, and society, and building trust in the capital markets. Across assurance, consulting, law, strategy, tax, and transactions, EY teams in over 150 countries provide trust through assurance, help clients grow, transform, and operate, by asking better questions to find new answers for the complex issues facing our world today.,

As an Internal Audit IT Professional at Fiserv, you will be responsible for efficiently conducting audit projects in compliance with The Institute of Internal Auditors standards and Fiserv global Internal Audit framework. Working under the guidance of the Audit Lead, you will contribute to audit planning, execute field work, review materials, design and conduct audit testing, analyze results, and draw conclusions. You will also assist in documenting test results and conclusions, preparing draft and final audit reports, and summaries of findings. In this role, you will be expected to handle a variety of audits, including operational, compliance, or IT-focused audits under various financial or info-security/cybersecurity regulations in both the US and international locations in APAC, EMEA, and LATAM. You will be involved in preparing Test of Design and Effectiveness documents, as well as validating audit issues. To excel in this position, you should possess a BSc/MSc-IT or BCA/MCA degree with a focus on information technology or an equivalent degree. Additionally, you should have at least 2 to 4 years of experience in assessing technology/IT controls, preferably in Internal Audit, Compliance & Risk Advisory services within the Banking and Financial services domain. It is preferred that you have experience in IT General Controls (ITGC) reviews, Cybersecurity controls, Infrastructure audits, application security audits, and Network security control risk reviews. Strong client interfacing skills, communication, interpersonal skills, and proficiency in Microsoft Office products are also essential for this role. Thank you for considering employment with Fiserv. To apply, please use your legal name, complete the step-by-step profile, and attach your resume. Fiserv is committed to Diversity and Inclusion. Please note that Fiserv does not accept resume submissions from agencies outside of existing agreements, and fraudulent job postings not affiliated with Fiserv may target your personal or financial information. Any communication from a Fiserv representative will come from a legitimate Fiserv email address.,

As an Internal Audit IT - Professional I at Fiserv, you will efficiently conduct audit projects in compliance with The Institute of Internal Auditors standards and Fiserv global Internal Audit framework. Working under the guidance of the Audit Lead, you will contribute to audit planning, execute field work including scheduling interviews, reviewing materials, designing and conducting audit testing, analyzing results, and drawing conclusions. Additionally, you will assist in documenting test results, preparing draft and final audit reports, and summarizing findings. You will be responsible for a variety of audits, including operational, compliance, or IT focused, under various financial or info-security/cyber security regulations in different international locations. To excel in this role, you are required to have a BSc/MSc-IT / BCA/MCA degree with an emphasis in information technology or equivalent, along with 2 to 4 years of experience in assessing technology/IT controls, preferably in Banking and Financial services domain. It is preferred that you have experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, and Network security control risk reviews. Good client interfacing skills, communication, interpersonal skills, and proficiency in Microsoft Office products are essential for this position. Thank you for considering employment with Fiserv. To apply, please use your legal name, complete the step-by-step profile, and attach your resume. Fiserv is committed to diversity and inclusion. Please note that Fiserv does not accept resume submissions from agencies outside of existing agreements and warns against fraudulent job postings not affiliated with Fiserv that may be used by cyber criminals. Any communication from a Fiserv representative will come from a legitimate Fiserv email address.,

At EY, you have the opportunity to shape a career that reflects your uniqueness, supported by a global network, inclusive culture, and cutting-edge technology to help you reach your full potential. Your distinct voice and perspective are valued in contributing towards making EY even better. Join us in creating an extraordinary experience for yourself while striving towards a better working world for all. As a Technology Risk Manager at EY, you will play a pivotal role in IT Risk and Assurance client projects and internal initiatives. Building and maintaining relationships, identifying business opportunities, and proactively addressing risks are key aspects of your responsibilities within the EY- Technology Risk team. You will have the chance to lead as a Manager within the EY- Technology Risk Team, contributing to the growth of a new service offering and shaping the direction of the firm. Your primary duties include evaluating control portfolios, ensuring compliance with policies and standards, supervising control assessments, and providing valuable insights to clients for enhancing processes and managing risks effectively. Key Responsibilities: - Conduct assessments of control design, operating effectiveness, and risk management outcomes - Ensure accuracy, effectiveness, and timely delivery of assigned control assessments - Manage relationships with control owners and stakeholders, resolving issues and escalating when necessary - Apply risk management concepts to identify and formulate findings, offering insights for process improvement - Stay updated on regulatory standards, industry best practices, and control frameworks Skills and Attributes: - Ability to guide team members and perform procedures related to complex issues - Experience in information security assessments and audits - Proficiency in conducting NIST assessments, ISO assessments, and privacy impact audits - Strong project management skills and understanding of complex information systems - Extensive knowledge of clients" business/industry to identify technological impacts Qualifications: - Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with a minimum of 6 years of experience - Significant experience in technical knowledge relevant to IT assessments and audits Preferred Qualifications: - Familiarity with program and project management practices - Understanding of IT systems development life cycle EY offers a dynamic work environment where you can collaborate with talented individuals globally and engage with leading businesses across diverse industries. Your growth and development are prioritized, supported by coaching, feedback, and opportunities to enhance your skills and advance your career in a way that suits you best. Join EY in building a better working world through creating long-term value, fostering trust, and providing innovative solutions to complex global challenges.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY- Technology Risk team, you'll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with members of the team. We're looking for a Manager to join the leadership group of our EY- Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities are to: - Evaluate a portfolio of controls for design effectiveness, operating effectiveness, and/or risk management outcomes, raising issues as appropriate. - Ensure that assigned control assessments are accurate, effective, abide by policy, procedures, and templates, and meet quality control requirements and are delivered on time, in accordance with the assessment plan. - Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management, ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies and Standards Assessment, and Software Development Lifecycle (SDLC); using experience and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. - Manage control owners and other stakeholders, ensuring the success of each assigned review, minimizing contention where possible and requesting support where deemed necessary. - Apply judgment and risk management concepts to identify, formulate findings, and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. - Review IT Policies and Standards and ensure that they are as per the different industry standard. - Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. - Stay current with and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Familiar with IT industry frameworks such as ISO27001, NIST, PCI-DSS, SOX, FDA, HIPAA: Privacy, HIPAA: Security, and HITECH Act. - Third-party reporting standards (particularly SSAE16), other reporting and industry-specific standards, and, if applicable, trust-based standards such as SysTrust and WebTrust. Skills and attributes for success: - Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental, and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. - Experience in conducting information security assessments including business continuity plan audits, network security audits, and infrastructure audits. - Perform NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. - Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. - Bring and utilize extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. - Understand EY and its service lines and actively assess what the firm can deliver to serve clients. To qualify for the role, you must have a Graduate (CS/IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with at least 6 years of experience. Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments, (b) NIST assessments, (c) Data privacy audits, (d) Network and Infrastructure audits, (e) Cyber Maturity Assessment, (f) IT Policies and Standards Assessment, (g) IAM and IT Asset Management, (h) IT Health Check. Ideally, you'll also have a robust understanding of program and project management practices and familiarity with a typical IT systems development life cycle. What we look for: A team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment. Opportunities to work with EY technology risk practices globally with leading businesses across a range of industries. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer support, coaching, and feedback from some of the most engaging colleagues around, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,