IS Risk and Compliance Specialist

In this role, you will be responsible to lead and monitor the IS risk and compliance performance, implementation and management of IS IT related regulatory and digital compliance in the countries of EL Business Area. Ac-countable for strong overall Governance Risk and Compliance (GRC) for country management. Establish, monitor and perform continuous compliance improvement in EL operational facilities.

This role is contributing to the Electrification in Bangalore.

You will be mainly accountable for:

• Point of contact for IS compliance and risk management and collaborates with other IT functions & EL teams to ensure contribution and involvement.
• Process owner for IS / IT Risk management for Electrification business area. Single point of contact with group and countries for IS/IT Risk management leading the assessment and driving the results.
• Engages with the business to implement a risk-based methodology for identifying and mitigating organizational compliance exposure by ensuring implementation of IT & SAP compliance standards, ITGC controls, Data Privacy Controls, Trade Compliance Controls and processes and ensuring full compliance with all regulatory and audit requirements, standards and policies.
• Proactively evaluates compliance by conducting assessments ahead of audits or examinations, identifies and addresses gaps by defining remediation initiatives and managing the timely resolution.
• Provides External Audit Support by preparing IS teams to be audited and participating in the audit or review process to continually improve the communication and relationships between parties, leading to a clearer under-standing of control and compliance realities.
• Understand the requirement of Data privacy (GDPR) based on the ABB guidelines and work with business for implementation.

• Masters degree in information technology, Computer Science, Software Engineering, or a related qualification like CISSP, CISA, CIA, CISM, CA etc.
• 10 +years of strong experience in Information Security or IT general control compliance environment with at least 3-4 years in implementing ITGC controls, risk management framework, governance, IT risk assessment and management, IT Audit.
• Manage the end-to-end execution (testing and documentation) of annual ICoFR program for IT controls as required by financial reporting regulations
• Develop and review workpapers that support testing conclusions and provide clear, concise, and well-documented evidence of control testing.
• Keen to learn and proactive in compliance with new age digital regulations
• Familiar with the concept of General Data Protection Regulation (GDPR) and Personally Identifiable Information (PII) - Understand the Trade Compliance requirements and work with application team to classify the export control classification number (ECCN)
• Perform the risk assessment and implement the controls as per frameworks for different regulations e.g. Data Privacy,Trade Compliance & NIS 2