Associate Consultant

Job Description

KEY RESPONSIBILITIES & JOB DESCRIPTION:

• Developing and overseeing control systems to prevent or deal with violations of legal guidelines, financial regulations and internal policies
• Design and implement company policies aligning local laws and standards
• Revising procedures, reports etc. periodically to identify hidden risks or non-conformity issues
• Conduct periodic internal reviews or audits to ensure that compliance procedures are followed
• Assess compliance, or risks and develop risk management strategies
• Identify compliance issues that require follow-up or investigation
• Advise internal management or business partners on the implementation or operation of compliance programs
• Evaluating the efficiency of controls and improving them continuously
• Provide assistance to internal or external auditors in compliance reviews
• Monitor compliance systems to ensure their effectiveness.
• Prepare reports for internal management and external regulatory bodies as appropriate
• Manage and execute a program of compliance certification to ensure that systems and services comply with their agreed policies, standards and designs
• Provide security SME advisory into projects and business units on group policies including management of policy exemptions processes.
• Point of contact for the client compliance & IT audit team for provisioning standards and regulations within the SLAs defined
• Provide strategic guidance & consulting support on implementation of controls for Networks, Operating Systems, System Security, Backup & Recovery, Storage, BCP/DR

SKILLS & EXPERIENCE REQUIRED:

• At least 7 years’ experience in the auditing, compliance, risk management, or other governance role, including related to information security
• Excellent knowledge and understanding of GDPR, ABS-OSPAR, ISO27001 and technical security requirements in banking industry
• Experience in audit and/or risk management and/or compliance
• Good knowledge of technical and procedural information security controls across different types of business relationships such as Application Service Providers, Infrastructure, & Telecommunications
• Excellent understanding of IT Service Management processes
• Should have worked on consulting/implementation/audit of IT General Controls associated with IT Operations (Mandatory)
• Excellent communication skills, both verbal and written
• Ability to manage and prioritize work
• Methodical and diligent with planning abilities
• Detail-Oriented and an analytical mind and personal Integrity

QUALIFICATIONS:

• B.E/B.Tech in Information Technology or related field
• Following Certifications are preferred:
• CISA/CGEIT/CISM/CISSP/CRISC
• ISO 27001 Implementer, Lead Auditor
• ITIL V3.0
• Understanding of security governance frameworks such as NIST, ISO/IEC 27001, GDPR, regional Financial Regulatory controls
• Tertiary qualification in Business, Management, Audit, Information Technology, Risk or other associated fields