Sr. Manager- II - IT SC

Job Description
Key Responsibilities Coordinate with business and IT process owners to initiate, scope, plan, and conduct periodic controls assessments to identify areas of risk by evaluating the design and operating effectiveness of Information Technology General Controls (ITGC) over applications, operating systems, and databases as well as the network infrastructure including cybersecurity controls Planning, testing, documentation and reporting Communicate issues to process owners, ensuring their understanding of associated risks and the actions needed to remediate those risks Prepare reports based on the adequacy and effectiveness of controls evaluated/tested Track and Monitors open issues and conducts follow-up to evaluate the adequacy of remediation efforts Communicate with external auditors and support their initiatives effectively from an IT audit standpoint. Lead ISO, SOX and ICoFR audit planning, fieldwork (testing and documentation), and reporting Interact with the IT application owner and provide assistance as needed during the SOX control testing processes, including attending walkthrough meetings and performing testing on their behalf Aware about IT Controls and related compliances Evaluate compliance with Company policies and procedures and regulatory standards Build collaborative working relationships with internal stakeholders (appropriate levels of management Education BE / B.Tech Computer Science / MBA – Systems Competencies (Knowledge & Skills) Knowledge of SDLC (Software Development Life Cycle) Certification of CA, CPA or CIA (or actively working towards) or other similar certifications would be an added advantage. Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cybersecurity, physical security, security architecture and design, business continuity/disaster recovery, network security, application & operations security and compliance/incident management. Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks. Strong understanding of ISO, SOX and IT frameworks including COSO and COBIT.