Control Resilience Assessor
1 week ago
**Position**:
**Control Resiliency Assessor**:
**Business Unit**:
Technology
**Job Family**:
Business Support
**Location**:
Mumbai
**Reporting to**:
Manager - Control Resiliency Team
**Job Level**:
**Job Summary**:
Willis Towers Watson has building their Information & Cyber Security (ICS) capabilities to cater to growing Information Security, Risk and Assurance needs of their business, clients and regulatory requirements. These capabilities cater to different verticals such as Strategy Governance, Risk & Compliance, Cyber Defence and Operations, ICS Architecture, Security Assurance. Mumbai is being developed as Security - Center of Excellence and is responsible as well accountable for the delivery of the services provided by the ICS function globally.
Control Resilience team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls associated with different audit regimes such as SOx 404, SOC2, SSAE18, ISO 27001, CCPA, NYDFS etc. with proven extensive knowledge in IT Auditing & Audit analytics. Providing appropriate recommendations on improvement of IT controls and processes.
You will work closely with Business, IT and Internal stakeholders to support the delivery of Control Resiliency assignments. Most importantly, you must be an effective communicator (both verbally and in writing) and a supportive team player, taking a consultative rather than confrontational approach whilst maintaining the integrity and independence and ensuring effective management of security risk.
**Principal Accountabilities**:
Manager or manager of people (to include number of reports) or individual contributor:
- Individual contributor
Geographic scope of role:
- Global
Budgetary and risk management responsibilities:
- N/A
Revenue responsibilities:
- N/A
Others:
- N/A
**Principal Duties/Responsibilities**:
Business As Usual
- Perform controls (On-prem & Cloud) including assessment of,
- Control design Adequacy
- Control Operating effectiveness
- Appropriate Recommendations to Control Owners
- Demonstrable knowledge on different audit regimes such as SOx 404, SOC2, SSAE18, ISO 27001 etc
- Establishing and operating processes and procedures for control testing
- Reporting and tracking on prem and cloud control gaps as well as ineffective or inadequate controls
- Coordination and tracking remediation activities being performed by control owners
- Taking initiatives and contributing to improvement of the Global Control & Compliance team activities
- Identify opportunities and recommendation to improve the design and implementation of controls
- Support control owners in the design and maintenance of controls and documentation
- Undertaking such other tasks and responsibilities as assigned by Manager
- Keep yourself up-to date with latest IS related regulation and standards
**Communications and Relationships**:
Internal:
- Other members of GRC & ICS teams
- IT Control Owners and teams
- Service Owners and Service Managers
- Other IT teams
- Project managers and teams
External:
n/a
**Competencies**:
- Global Business Knowledge
- Cross-Cultural Resourcefulness
- Cross-Cultural Agility
- Assignment Hardiness
- Cross-Cultural Sensitivity
- Humility
- Conflict Management
- Organizational Agility
- Customer Focus
- Integrity and Trust
- Personal Learning
- Self-Starter
- Problem Solving
**Required Qualifications, Skills, Knowledge, Experience**:
Qualifications:
- Information security qualifications (e.g. CISA, CISM, CISSP) are preferable.
- Interested in developing skills and knowledge of IT Risk Management, and willing to work towards appropriate professional qualifications, such as CISA
- Formal training in security, risk management or compliance is beneficial.
- Whilst this is not a hands-on technical role, the role holder will be expected to demonstrate a strong awareness of technology and how IT is used to enable business processes.
**Skills**:
- Proven Auditing competency
- Strong IT and analytical skills
- Proactive rather than reactive
- Team player with good interpersonal skills
- Ability to work under pressure to tight timelines
- Organised and methodical
- Willing to challenge and desire to learn
- Good communication skills, both orally and in writing
Knowledge/Experience:
Essential
- Knowledge and understanding of IT Auditing and IT Risk concepts
- Knowledge and understanding of ERPs, Active Directory, SIEM, Identity Access Management, Privileged Access Management tools
- Experience of working in an analytical role, with an ability to interpret data, prepare reports and undertake business support activities.
- Experience working as part of a business support function such as Risk, Compliance or Information security in a large enterprise.
Beneficial
-
-
Control Resilience Assessor
6 days ago
Mumbai, India WTW Full time**About WTW**: Our distinct, connected perspective across talent, assets and ideas unlocks potential for our clients. While many just look at mitigating the downside, we see how a unified approach to people and risk is a path to growth. Powered by market analytics and behavioral insight, our integrated teams reveal hidden value within the critical...
-
Control Resilience Assessor
2 months ago
Mumbai, Maharashtra, India WTW Full time**Description**: Job Summary: Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud...
-
Control Resiliency Assessor
7 months ago
Mumbai, Maharashtra, India Willis Towers Watson Full time**Job Summary** Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls...
-
Security Control Assessor
7 months ago
Mumbai, India IDFC FIRST Bank Full time**Role/Job Title**: Security Control Assessor **Business**: Risk **Function/ Department**: ISG **Place of work**: Mumbai **Experience**: - 5+ years in Information/cyber security **Education**: - BE. B.tech, M,tech, MCA, BCA **Job Purpose**: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects,...
-
Specialist-third party security assessor
2 months ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
Specialist-Third Party security Assessor
2 months ago
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
Specialist-Third Party security Assessor
2 months ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
Specialist-Third Party security Assessor
2 months ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
Itgc Control Testing
7 months ago
Mumbai, Maharashtra, India ANB Global Full time**Key Responsibilities: - ** - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness, and operating effectiveness of IT and Cyber controls. - Draft high-quality reports containing the assessor’s opinion on the ICT control gaps, and recommendations for improvement post completion of an assignment. -...
-
Cybersecurtiy Auditor/compliance Assessors
1 week ago
Mumbai, Maharashtra, India Tech Turmeric IT Services Full time**JD for Cybersecurity Auditor/ compliance assessors (Cyber Governance, Cyber Operations, SOC, ISO27001 controls, NIST controls)** Expectation - Conduct comprehensive audits and assessments of cybersecurity frameworks, ensuring alignment with industry standards and regulatory requirements. - Evaluate compliance with leading standards (e.g. ISO27001, NIST)...
-
Consumer & Community Banking - Business Resilience
4 months ago
Goregaon East, Mumbai, Maharashtra, India JPMorgan Chase & Co Full time**JOB DESCRIPTION** Are you looking for an exciting opportunity to join a dynamic and growing team in a fast paced and challenging area? This is a unique opportunity for you to work in the Business Resilience team to partner with the Business. CCB Business Resiliency’s mission is to continuously improve our businesses’ ability to provide outstanding...
-
Vulnerability Assessor Lead
3 weeks ago
Navi Mumbai, Maharashtra, India Logicloop Full timeJob Description:We are looking for a seasoned professional to fill the position of Vulnerability Assessor Lead - Information Security at Logicloop. As a key member of our team, you will be responsible for evaluating the control environment through ethical hacking, penetration testing, and red team assessments.The ideal candidate will have 8+ years of...
-
Recruitment Administrator, Asia Pacific
1 week ago
Mumbai, India Control Risks Full timeThis is a great opportunity for entry level talent acquisition professionals who wish to grow and develop their HR career locally and regionally. The role will focus on all aspects of recruitment administration and talent acquisition in the Asia Pacific region. Reporting into the Recruitment Manager, Asia Pacific, you will assist in driving best practice...
-
Controls Sme
7 months ago
Mumbai, India iXceed Solutions Full time**Job Title**: Controls SME **Department**: IT Operations **Position** Reporting to DC Automation Lead **Location**:Juinagar, Navi Mumbai footprints in SEA regions. **DUTIES AND RESPONSIBILITIES** - Review, Design Control and Monitoring systems at Concept Level. - Coordination with the Mechanical, Electrical, Structural, Architectural, Controls and...
-
Controls Sme
6 months ago
Mumbai, Maharashtra, India iXceed Solutions Full time**Job Title**: Controls SME **Department**: IT Operations **Position** Reporting to DC Automation Lead **Location**:Juinagar, Navi Mumbai footprints in SEA regions. **DUTIES AND RESPONSIBILITIES** - Review, Design Control and Monitoring systems at Concept Level. - Coordination with the Mechanical, Electrical, Structural, Architectural, Controls and...
-
Controls Sme
7 months ago
Mumbai, Maharashtra, India iXceed Solutions Full time**Job Title**: Controls SME **Department**: IT Operations **Position** Reporting to DC Automation Lead **Location**:Juinagar, Navi Mumbai footprints in SEA regions. **DUTIES AND RESPONSIBILITIES** - Review, Design Control and Monitoring systems at Concept Level. - Coordination with the Mechanical, Electrical, Structural, Architectural, Controls and...
-
Controls Sme
7 months ago
Mumbai, Maharashtra, India iXceed Solutions Full time**Job Title**: Controls SME **Department**: IT Operations **Position** Reporting to DC Automation Lead **Location**:Juinagar, Navi Mumbai footprints in SEA regions. **DUTIES AND RESPONSIBILITIES** - Review, Design Control and Monitoring systems at Concept Level. - Coordination with the Mechanical, Electrical, Structural, Architectural, Controls and...
