Description
Compliance Consultant is being sought for global retail organisation.
Platform/Tool Expertise (all are not essential, a combination of the below is preferred):
GRC Tools
FIM Solutions
CRM Tools
VA Tools
IAM Solutions
Skills required
Technical understanding of IT General controls as applicable for SOX Compliance.
Experience in performing both process and technical IT General controls testing for both SOX & PCI Compliance.
Prior experience in Audit, risk management, governance, IT security and/or compliance functions
Experience in Network and IT Security setup and audits.
Very good understanding of frameworks such as ISO , COBIT, and other relevant compliance such as SOX, EU/UK Data Protection Act etc.
Experience working with different FIM (File Integrity Monitoring) and IAM Solutions.
Open to learning and working on new domains and technology.
Good written and spoken communications skills
Knowledge of Dutch, German & French language would be an advantage but is not essential.
Job Description:
Supporting the IT SOX testing program by performing control tests and assessment activities as per client's security compliance program.
Assess operational risks and perform tactical risk assessments for the client IT Operations.
Provide support of policy/standards exceptions, report status to management and advice on corrective actions.
Perform IT General control testing as per the defined frequency with the control owners.
Track timely closure of identified control gaps and actively support action owners during issue remediation.
Recommend change in Control execution for process improvement to the IT Teams.
Participates in process and control documentation pertaining to controls implementation.
Participates in regulatory audits (process and IT) and management reporting for external audits.
Liaise on with Client counterparts for compliance reporting & continually enhancing the SOX compliance framework.
Perform onsite validations as required.
Qualifications:
B.E/B.Tech with MBA preferred CISA/CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred