IT Audit

1 day ago

GTB Nager, India Best Infosystems Ltd. Full time

IT Audit_Delhi NCR_Hybrid


Job Title: IT Audit

Job Type: Full-Time

Location: Delhi NCR

Eperience: 2-3 Years


Job Description:


- Client interface for understanding the SOX IT General Controls as applicable to Application & Infrastructure operations

- Conducting assessment of existing processes and align them to COBIT 2018 standard

- Conducting TOE and TOD for ITGCs

- Documentation of as-is SOX 404 IT General Controls as they are currently being executed in client environment

- Identify process exceptions and risk with respect to materiality defined by the SOX controller

- Evaluating 3rd parties and their ITGC environments by assessment of SSAE18 reports

- Create Process Summaries, Compliance runbooks and RCMs

- Define RACI for Control owners, executioners etc.

- Work with Senior Management of the organization and business teams in getting assertions

- Point of contact for the client compliance & IT audit team for provisioning SOX audit evidence within the SLAs defined

- Provide strategic guidance & consulting support on implementation of SOX controls for Networks, Operating Systems, System Security, Backup & Recovery, Storage, BCP/DR

- Identify technical remediations for SOX 404 ITGC and create short term and long term roadmap for remediation

- Conducting regular training for technical teams for SOX control implementation & audits

- Should have worked on consulting/implementation & audit of SOX IT General Controls associated with IT Operations (Mandatory)

- CGEIT, COBiT Experience & COSO ERM execution (preferred)

- Excellent understanding & experience in IT applications & infrastructure management which includes SDLC, App Security, DevOps, Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc.

- Excellent understanding of IT Service Management processes. ITIL certified.

- Should be able to identify & report risks related to SOX ITGC design effectiveness & operational effectiveness gaps

- Should have experience in executing end-to-end SOX ITGC audit life cycle

- Exposure to other regulatory compliances such as Data Protection Act


Candidate should have client facing experience


B.E/B.Tech with MBA preferred. Candidates with following Certifications will be preferred:

- CISA / CGEIT / CISM / CISSP

- ISO 27001 Implementer, Lead Auditor


ITIL V3.0