Job
Description
**Job Description:** **Role Overview:** You will be part of the IT Application audit team at S&P Global, focusing on audit plan management and execution of Technology audits globally. This role will provide you with a companywide perspective of the state of the internal technology environment and act in a trusted advisory capacity. You will have extraordinary learning opportunities and will interact with senior management across the Company. **Key Responsibilities:** - Lead application security audits, ensuring efficient and timely execution of the approved Audit Plan. - Conduct comprehensive security audits, including penetration testing, to identify vulnerabilities across applications, infrastructure, databases, operating systems, and cloud environments. - Execute end-to-end audits in alignment with the annual audit plan, ensuring timely completion. - Review audit outcomes and collaborate with key auditees to agree on remedial action plans and facilitate smooth audit processes. - Leverage data analytics and automation to enhance the efficiency and quality of audit execution. - Collaborate with key stakeholders within the divisional technology functions to enhance audit effectiveness. - Stay informed about best practices in information security audits to ensure continuous improvement. - Keep abreast of emerging security threats, trends, and technologies to enhance security posture and refine internal audit processes. **Qualifications Required:** - 5+ years of experience handling several technology audits including web applications. Experience with a Big 4 firm would be an advantage. - Experience in conducting penetration testing using tools such as Burp suite, Metasploit, NMAP, Nessus, etc. - Exposure to Python programming and awareness of generative AI technologies. - Knowledge of risk management frameworks and proficient in carrying out in-depth Applications security including configurations. - Strong knowledge of cloud security and best practices for cloud penetration testing. - Familiarity with data analytics tools such as Alteryx, Power BI, and Tableau is an advantage. - Excellent report writing skills. - Strong written and oral communication, approachable style, and well-developed negotiation and listening skills. - Demonstrated experience in strong work ethic, initiative, teamwork, and flexibility in meeting department goals. - Excellent team collaboration skills to deliver results, innovate, and strive for excellence. *Note: No additional company details mentioned in the job description.* **Job Description:** **Role Overview:** You will be part of the IT Application audit team at S&P Global, focusing on audit plan management and execution of Technology audits globally. This role will provide you with a companywide perspective of the state of the internal technology environment and act in a trusted advisory capacity. You will have extraordinary learning opportunities and will interact with senior management across the Company. **Key Responsibilities:** - Lead application security audits, ensuring efficient and timely execution of the approved Audit Plan. - Conduct comprehensive security audits, including penetration testing, to identify vulnerabilities across applications, infrastructure, databases, operating systems, and cloud environments. - Execute end-to-end audits in alignment with the annual audit plan, ensuring timely completion. - Review audit outcomes and collaborate with key auditees to agree on remedial action plans and facilitate smooth audit processes. - Leverage data analytics and automation to enhance the efficiency and quality of audit execution. - Collaborate with key stakeholders within the divisional technology functions to enhance audit effectiveness. - Stay informed about best practices in information security audits to ensure continuous improvement. - Keep abreast of emerging security threats, trends, and technologies to enhance security posture and refine internal audit processes. **Qualifications Required:** - 5+ years of experience handling several technology audits including web applications. Experience with a Big 4 firm would be an advantage. - Experience in conducting penetration testing using tools such as Burp suite, Metasploit, NMAP, Nessus, etc. - Exposure to Python programming and awareness of generative AI technologies. - Knowledge of risk management frameworks and proficient in carrying out in-depth Applications security including configurations. - Strong knowledge of cloud security and best practices for cloud penetration testing. - Familiarity with data analytics tools such as Alteryx, Power BI, and Tableau is an advantage. - Excellent report writing skills. - Strong written and oral communication, approachable style, and well-developed negotiation and listening skills. - Demonstrated experience in strong work ethic, initiative, teamwork, and flexibility in meeting department goals. - Excellent team collaboration skills to deliver results, innovate, and
