Roles & responsibilities:

• Providing support in IT Advisory services offered by Grant Thornton to its clients in the following domains:
  • Disaster recovery and business continuity management
  • Information privacy
  • Information regulatory compliance (RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, IRDA, UIDAI)
  • Information risk management
  • Information security and information assurance
  • Information technology controls for financial and other systems
• Identifying processes and technologies to maintain and enhance the security architecture
• Have a fair understanding of Business Continuity Planning and DR Drills
• Should have conducted Information Life Cycle management reviews in the past

  Candidate profile:

• One to eight years of overall experience in information security governance, risk and compliance
• BE/ B.tech/ ME/ M.tech/ MCA/ MS/ MBA from a reputed institute
• Should have at least one of the following certifications: CISA/ CISM/ CISSP/ ISO27001 LA/ ISO 22301 LA/ CBCP, or any other relevant certification

Required skills:

• Perform risk assessment, controls and documentation with expected standards (information technology/ business process)
• Perform SOX compliance audits, SSAE 18 audits, as well as testing and reporting
• Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2)
• Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.)
• Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable
• Ability to adapt to new scope areas and technologies
• Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more
• Ability to manage client communication and escalation
• Ability to make all attempts to guide the peers and self to improve client satisfaction scores
• Participate in proposal preparation