Job Title:  Assistant Manager | CRISC | Pune | Cyber Strategy & Transformation

Position: Cyber - Senior Consultant

Project Role: Risk and control transformation  

Responsibilities include:

This role conducts independent comprehensive assessments and testing of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology and Infomation security (IT/IS) system to determine the overall effectiveness of the controls. Role includes and is not limited to: 

- SOX, Key,Cloud, Data Management IT/IS controls Testing

·       Design and execute controls testing strategies to evaluate the design adequacy and operating effectiveness of controls.

·       Testing Approach Review and Process Documentation 

·       -Develop methods to monitor and measure risk, compliance efforts. 

·                 Create test plan, test scripts etc.

·       Prepare detailed testing documentation, workpapers and reports to highlight findings and recommendations.

·       Collaborate with various departments for control walkthroughs, sampling, evidence collection etc.

·       Maintain up-to-date knowledge of industry standards and best practices related to controls testing.

·       Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. 

·       Review existing Risk control testing approach and methodology used by client to identify areas for improvement based on IT risk & control frameworks and industry good practices. 

·       Develop templates to facilitate the control testing and the documentation and reporting of the control testing outputs in line with the refined control testing approach and methodology. 

·       Liaise with designated stakeholders to identify the prioritised set of controls and document repeatable test scripts for testing design effectiveness (“DE”) and operational effectives (“OE”) of prioritised IT and IS controls.