Job
Description
Skill required: Risk & Compliance - Risk Management Designation: Risk and Compliance Senior Analyst Qualifications: Any Graduation Years of Experience: 5 to 8 years What would you do? We are seeking a highly skilled and motivated Risk & Compliance Specialist to join our dynamic team at Accenture. The ideal candidate will be responsible for executing risk-based audits, focusing on information technology global processes and controls. This role involves planning and developing audit work programs, executing audit test procedures, and identifying recommendations for continuous improvement of our Third-Party Risk Management (TPRM) program. The specialist will play a crucial role in third-party risk assessment, ensuring that our vendors and partners adhere to our stringent compliance standards. What are we looking for? Qualifications & Certifications: Bachelor's degree in information technology, computer science, or a related field. ISO 27001 LA/LI certificate is a must. Professional certifications such as CISSP, CISM, CISA, or CRISC certification preferred. Minimum of 4-7 years of experience in risk management, compliance, or a related field. Experience in conducting third-party risk assessments is essential. Experience in Big 4, global internal audit functions, or cybersecurity is a plus. Demonstrated experience in third-party risk management, operational risk, or other risk management roles with knowledge of third-party regulatory requirements.Technical Skill Requirements: Expertise in IT internal audit, information security/cybersecurity, third-party risk assessment reporting (e.g.,SOC1, SOC 2). Relevant expertise on CSA STAR requirements, ISO control, NIST standards, PCI DSS, and GDPR requirements. Experience in performing control testing, IT/infosec risk assessments, network security, and infrastructure assessments. Knowledge of technical domains such as cloud security and application security. Certification:CISA, CISSP, CEH, ISO, PCI DSS, NIST. Strong understanding of risk management and compliance principles. Roles and Responsibilities: Ensure third-party risk management policy and procedures, and third-party management software are implemented and completed according to Accenture requirements. Complete vetting on incoming third-party engagements and work with business partners to ensure data and due diligence is complete and accurate, and inherent risks are identified and mitigated in accordance with risk appetite. Coordinate the distribution of due diligence questionnaires to third parties, review submitted questionnaires for completeness, ensure risk stakeholders finalize reviews, and determine overall residual risk rating. Act as a strong liaison to ensure that risk stakeholder questions are answered by the business, or third party as required. Conduct certain aspects of third-party due diligence not covered by risk stakeholders. Store the artifacts of the third-party oversight process in the system of record. Contribute to the development of detailed procedural documents and ensure alignment of TPRM with regulatory requirements. Identify, prioritize, and pursue opportunities to enhance Accenture's third-party risk management processes and introduce innovative approaches and solutions to optimize efficiency and effectiveness. Support the company's commitment to protect the integrity and confidentiality of systems and data. Conduct comprehensive third-party risk assessments to evaluate the compliance and risk posture of vendors and partners. Execute risk-based audits and communicate specific elements of the risk-based work plan as per stakeholder requirements. Perform audit projects in accordance with Accenture s audit methodology, focusing on IT global processes and controls, and computerized information systems. Plan and develop audit work programs, execute audit test procedures, identify recommendations for continuous improvement, communicate results, and follow up on reported issues. Prepare audit reports and work papers to ensure adequate documentation exists to support the completed audit and conclusions. Verify the adequacy of IT operating procedures through systematic audits. Conduct IT integrated audits with operational, compliance, financial, and investigative audit teams. Support Information Security, Business Continuity, and GDPR initiatives. Contribute to internal business growth and development. Qualification Any Graduation
