Job description:

Responsibilities
Job responsibilities include but not limited to,
Manage timely performance of control assessments, review of control supporting
evidence as second line of defense
Actively assist in annual IT Risk Assessment including the following: identification of all
systems supporting key financial processes; assessment of controls (general and
application) for key financial systems; assessment and/or development of test
procedures, including assessment of control testers.
Maintain IT Risk Control Matrix to document all key financial systems, controls and
testing procedures.
Ensure proper accounting of SOX documentation for ITGC to include IT Risk Control
Matrix, ITGC Process Narratives, ITGC testing, issue evaluation and reporting.
Identify opportunities and support automation in process and ITGC controls to improve
the efficiency.
Support coordination and perform testing and evaluation of IT systems and controls for
SOX compliance in a predominately SAP environment.
Support efforts for ITGC training and documentation as needed. Work collaboratively with the IT teams and business units in remediating control
deficiencies
Evaluate third party SSAE 18 (SOC 1) and/or SOC 2 reports for compliance to system
control requirements.
Make recommendations for enhancement of IT system controls and process
improvements.
Work on projects to implement IT risk and control / compliance requirements for new
systems.
Provide timely and complete communications within the IT department, Internal Audit
and Compliance including identification of ITGC issues and exceptions.
Serve as liaison to internal and external auditors for ITGC testing and other
compliance initiatives.
Ability to work on multiple projects, balancing a mix of resources, due dates and
requirements.
Develop and foster effective working relationships within IT at each of the Divisions as
well as key Business, Internal Audit and Compliance personnel.
Work collaboratively with necessary stakeholders and teams for GDPR compliance
and implementation.
Work closely with owners of the Access Control, Release Management, Change
Management and Vendor Management processes to ensure compliance with the ITGC
Framework.
As assigned, perform review of assigned SDLC key control deliverables and advice
Project Managers on SDLC risks and controls.
Audit projects for SDLC and key control compliance.
Besides above responsibilities and duties, this position may require to take up
additional responsibilities as assigned.

• To clearly understand the client's cybersecurity environment and respective product.
• To monitor, configure, and troubleshoot cybersecurity issues and related monitoring tools
• To analyse and validate cybersecurity incidents in-detail and help the L3 team with RCAordata or logs collection
• To enable knowledge transferortrainings through creationor maintenance of configuration documents, test plans, operational manuals and provide operational training to L1 team.
• To analyse and fine-tune cybersecurity policies, participate in cybersecurity review calls pertaining to change requests and recommendations on cybersecurity policy changes.
• To implement changes, monitor security device performance and implements performance tuning when necessary.
• To prepare analyses and reports to highlight the project progressorchallenges and ensure quality and accuracy to the client