305 Itgc Jobs - Page 13

As a part of RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization.Qualification and Minimum Entry Requirements Job Description B.Tech(CSE/IT)/MCA/MBA/CA with 0-5 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as this a client facing role and it requires frequent communications with RSM International clients. Position and Key Responsibilities Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions Review and complete status documents for client delivery Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOB’s and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Preferred candidate profile

About the role: The global Identity Access Management team is passionately serving our stakeholders while evolving best practices. As an Identity Access Analyst , you have a pivotal operational role to provide and deprovision system access. You have an equally crucial role to partner collectively with stakeholders to mature, streamline, and automate Identity and Access Management procedures for Blackbaud. What you’ll do Ensure appropriate Control through timely removal of unnecessary or inappropriate system access? Expediently provision approved access, often utilizing evolving Role Based Access Controls (RBAC), for Blackbaud systems to prevent excessive permissions and rights. ?? Proactively expand approved RBAC roles through analysis, recommendation and adoption/rollout. Analyze and resolve access issues, coordinating with system owners or technical support resources as necessary. Participate in ongoing audits and assessments, and assist with implementation of audit or compliance recommendations? Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support? Identify , evaluate and recommend opportunities to eliminate, streamline, and automate access management practices. Partner with colleagues including application owners, cloud engineers, cyber security SMEs, etc. to effectively execute improvements based on expected value. Generate reports to perform in-depth analysis and data collection for issues associated with IAM? What you’ll bring 2 years of experience in Identity or Access Management?? Tireless adherence and attention to appropriate IT general computing controls? Ability to understand, work with and where appropriate leverage various technologies including PowerShell , ServiceNow, SailPoint's Identity-Now, Active Directory, EntraID , Salesforce, Workday, etc. Practical experience with SCA, ITIL, COBIT, NIST and/or other security and control frameworks? Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube ? Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Role & responsibilities We are seeking enthusiastic & technically savvy professionals to support the current team with the execution and management of engagements in our current and future Client portfolio. Information Security Governance, Privacy and Compliance and Security Assessment experience with a focus on IT and IS Risk Assessments and program reviews / establishment. Understanding on ISO 27001/ NIST 800-53/ PCI-DSS Interacting with onshore engagements and clients directly performing Vendor or Third-party security assessments Business Continuity planning and Disaster Recovery implementation and review experience. Perform remote assessments independently. Independently write reports of the assessments based on the discussions during remote reviews. Perform second level quality review of the reports written by peers/junior resources.

Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Required education Bachelor's Degree Preferred education Doctorate Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred Key behavioral attributes/requirements Ability to work well independently as well as part of a team Driven and enthusiastic with a can-do attitude and a strong sense of ownership to get the job done in a pragmatic fashion