URL to Apply-

from 5 to 10 year(s) of Experience

Chennai, Gurgaon

Not Disclosed by Recruiter

Job Description

Roles and Responsibilities

Major Opportunities and Decisions:

  • Manage the IT Risk and Controls Book of Work including managing the resources and able to pivot based on resource availability and activities.
  • Provide leadership to the analysts and ensure proper completion of activities and manage escalation to senior leadership.
  • Provide solutions to IT areas to ensure proper controls are in place based on policies, regulations and best practices.
  • Perform the terminated worker quality assurance process, source report validation (prep for audit), spot-test manual access and investigate root cause - to help ensure controls are continuously operating effectively.
  • Manage remediated exceptions prior to formal retest by MAR, IA, and PwC auditors. 
  • Educate and influence IT employees and management on internal control issues and best practices.
  • Leverage resources across IT and business areas as needed

Principal Accountabilities:



SOX/MAR expanded testing support and Reporting - 50%

  • Expand SOX/MAR control testing to non-KFS based systems and components.
  • Educate platforms/systems owners on IT general Controls (Logical Security Administration, Change Management, Computer Ops, etc.)  
  • Work with owners on remediating any gaps identified and see it through completion.
  • Ensure that controls are monitored and operating as appropriate
  • Escalate un-remediated gaps to management

Work with the Application Access Mgt team to ensure completeness of the entitlement reviews 10%

  • Validate Completeness and accuracy of OS and database entitlement reports (e.g., directly from sample components and reconcile to the system generated reports to ensure groups, sub groups, user and Non-unique accounts, privileges, and all servers/DB are in the reports) [AD, wintel, DB2, UDB, SQL, AIX, LINUX, ORACLE] 

Monitor compliance with Guardian IT policies/GCSO - Password 10%

  • Through periodic inquiry and inspection of different platforms/servers/database ensure password attributes are setup according to Guardian policies.
  • Inspect any Fine Grain Password Policy
  • Ensure any default password set up is changed to comply with policies 

Monitor compliance with Default/non-unique accounts controls 10%

  • Ensure all Default accounts are disabled or renamed (e.g. Admin).
  • Through inspection ensure access to all non-unique accounts that have interactive log-on capabilities are either restricted or monitored.
  • On a Quarterly basis, ensure completeness of MAR in-scope accounts being monitored in Splunk/Sentrigo (AD, DB, Linux, etc.)

Monitor compliance with Change management controls 10%

  • Ensure all system and application production changes are following Guardian Change mgt methodology
  • Ensure authorization, testing, and segregation of duties (access of administrator, developers and production implementors).

Monitor compliance with Data backups and restore controls 10%

  • Ensure all production data are backed up according to the specified schedule (daily, weekly, etc.) through inspection of scripts configuration
  • Ensure all alerts are setup appropriately for missed/failed backups

Skills and Knowledge:


Achieve Results

  • Take ownership & accountability for actions and results
  • Convey a sense of urgency
  • Meet deadlines without compromising quality & accuracy
  • Set realistic goals, prioritizes appropriately and follows through
  • Persists in the face of obstacles & resolves issues as they arise

Values People

  • Show respect for & cooperate with individuals of a variety of backgrounds
  • Build effective working relationships, work to include others
  • Acts as a team player by collaborating and working toward common goals
  • Handle conflict & friction effectively

Learns & Adapts

  • Act with confidence even when faced with challenging situations
  • Respond quickly & effectively to new demands, priorities or changes in direction
  • Change behavior & adjust tactics in order to support a changing environment
  • Seek opportunities to grow & develop professionally
  • Apply new learning & experiences to current set of responsibilities

Does the Right Thing

  • Lives up to commitments
  • Demonstrate high standards of professionalism & customer service
  • Holds self and others accountable for actions/decisions
  • Acts honestly & fairly in business practices and dealings with others

Communicates Effectively

  • Gets point across in both written & verbal communications
  • Interacts with people openly & directly
  • Presents ideas in a clear, concise manner
  • Listens willingly and openly to others
  • Adjusts communication style to appropriately fit the audience
  • Openly shares information & provides people access to knowledge & resources

Demonstrates Business Knowledge

  • Demonstrates knowledge necessary to do the job
  • Understands impact of work on other areas of the business
  • Keeps up-to-date with new developments & applies this information to the job
  • Understands how individual contribution supports broader department goals

Puts Customers First

  • Actively listens to what customers (end users/sponsors/stakeholders) have to say & follows through on inquiries, requests and complaints
  • Takes action to resolve customer problems promptly & to ensure customer satisfaction
  • Knows & interacts with customers; understands & anticipates their needs/priorities
  • User\'s feedback as an opportunity to continuously improve customer service levels

Improves & Innovates

  • Proactively seeks out and encourages new ideas
  • Challenges the status quo
  • Takes thoughtful risks to find better ways of doing things
  • Finds opportunities to enhance products & services
  • Adopts best practices and lessons learned from within & outside the organization

Uses Sound Judgment

  • Breaks down problems into manageable parts & appropriately sets priorities
  • Analyzes issues from multiple perspectives; seeks the opinions of others
  • Seeks appropriate information and input before making decisions
  • Recognizes broader implications before making decisions
  • Anticipates problems & develops alternative solutions

Education and Experience:


  • Minimum Bachelor\'s Degree in Business Administration, Computer Science, Information Systems Administration or an alternative technology related field


  • Minimum of 6 years\' experience, preferably with 3-5 years as an IT audit manager for a Big 4 or large regional/national accounting firm
  • Demonstrated expertise with IT processes, controls and related standards and best practices
  • Expertise with some US Internal Controls frameworks: e.g. COSO, COBIT, Sarbanes-Oxley / MAR, etc.
  • Strong proficiency in identifying and evaluating complex business and technology risks, internal controls to mitigate risks and related opportunities for improving automated/IT controls
  • Excellent knowledge and experience assessing and auditing IT systems and controls; networks and operating systems and/or application support, IT General Controls and IT Application controls.
  • Independent, self-starter, with a strong work ethic, high degree of motivation and the ability to contribute to a positive team attitude; proven dedication to teamwork, and integrity within a professional environment


  • Familiar with ITGC domains (LSA, Change Mgt, Computer Ops, etc.)
  • Available during US eastern time business hours (M-F 9-5)
  • Strong Communication skills and command of English language.
  • Strong MS Excel skills in formula (Vlookup, Concatenate, Trim, etc.)
  • Familiar with Windows (Active Directory) and user access/groups/permissions.
  • Ability to analyze, create matrices, and update



Salary: Not Disclosed by Recruiter


Functional Area:IT Software - Network AdministrationSecurity

Role Category:Admin/Maintenance/Security/Datawarehousing

Role:System Security

Employment Type:Full Time, Permanent

Key Skills

It GrcISO 27001Information SecuritySOXRisk ManagementIT Security