Cyber Risk & Reg - ER&CS - ITGC Senior Associate - BLR/KOL/HYD/MUM

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Business Controls

Management Level

Senior Associate

Job Description & Summary

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Invite and give in the moment feedback in a constructive manner.

• Share and collaborate effectively with others.

• Identify and make suggestions for improvements when problems and/or opportunities arise.

• Handle, manipulate and analyse data and information responsibly.

• Follow risk management and compliance procedures.

• Keep up-to-date with developments in area of specialism.

• Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.

• Build and maintain an internal and external network.

• Seek opportunities to learn about how PwC works as a global network of firms.

• Uphold the firm's code of ethics and business conduct.

Essential Duties and Responsibilities:

• Manage the work streams related to IT SOX compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s).

• Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations.

• Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews.

• Provide technical support in the assessment, design, and implementation of ITGC requirements.

• Review control evidence for adherence to accuracy, completeness, and precision of control execution for all ITGC.

• Develop, implement, and test controls for new acquisitions and in-scope entities

• Work with control owners and operators to ensure quality, consistency, and operability of new and existing controls.

• Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment.

• Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT.

• Mentors and develops peer and Associates, monitors their work, and takes corrective action when necessary

• Builds and maintains strong peer relationships within the team and across the organization

• Coordinates work with External Auditors.

Interpersonal Skills:

• Ability to work independently under general supervision with latitude for initiative and independent judgment

• Effective verbal and written communications, including active listening skills

• Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors

• Detail-oriented

• Comfortable working on multiple projects simultaneously

• Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team. 

• Excellent Communication, written and verbal would be expected.

• In addition to being an exceptional individual contributor, manage engagements and relevant Teams allocated for the same. 

• Managing predominantly offshore engagements and relevant PwC Territory teams.

• Ensure client service delivery in accordance with the quality guidelines & methodologies.

• Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables.

• Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties

Client Management:

• Develop strong working relationships with the client and onshore client teams.

• Maintain excellent rapport and proactive communication with the stakeholders and client. 

Operational excellence:

• Suggest ideas on improving engagement productivity and identify opportunities for improving client service. 

• Ensure compliance with engagement plans and internal quality & risk management procedures. 

People related:

• Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements. 

• Foster teamwork and innovation. 

• Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery. 

• Conduct workshops and technical training sessions for team members. 

• Contribute to the learning & development agenda and knowledge harnessing initiatives

Minimum Qualifications:

• Bachelor’s degree in Information Systems, Computer Science Engineering, or Finance Preferred

• B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA

• Experience in technology audit, risk management, compliance, consulting, or information security

• Excellent knowledge of IT General Controls, automated and security controls.

• Knowledge of security measures and auditing practices within various operating systems, databases, and applications

• Experience in auditing financial applications, cyber security practices, privacy, and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases

• Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud)

• Experience designing continuous auditing and monitoring tools and techniques is a plus.

• Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC)

• Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients

• Knowledge of regulations impacting privacy, integrity, and availability of clients PII.

• Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS)

• Understanding of audit concepts and regulations

• Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework

• Candidates with 3-5 years of relevant experience in similar role, preferably with a “Big 4” or equivalent

• Chartered Accountant (would be added advantage)

Certification(s) preferred: 

• CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

Yes

Job Posting End Date

July 8, 2024