Lead - Risk & Compliance
ConfidentialChennai, India2 days ago
Job descriptionExpand SOX / MAR control testing to non-KFS based systems and components. Educate platforms / systems owners on IT general Controls (Logical Security Administration, Change Management, Computer Ops, etc.) Work with owners on remediating any gaps identified and see it through completion. Ensure that controls are monitored and operating as appropriate Escalate un-remediated gaps to management Work with the Application Access Mgt team to ensure completeness of the entitlement reviews 10% Validate Completeness and accuracy of OS and database entitlement reports (e.g., directly from sample components and reconcile to the system generated reports to ensure groups, sub groups, user and Non-unique accounts, privileges, and all servers / DB are in the reports) [AD, wintel, DB2, UDB, SQL, AIX, LINUX, ORACLE] Monitor compliance with Guardian IT policies / GCSO – Password 10% Through periodic inquiry and inspection of different platforms / servers / database ensure password attributes are setup according to Guardian policies. Inspect any Fine Grain Password Policy Ensure any default password set up is changed to comply with policies Monitor compliance with Default / non-unique accounts controls 10% Ensure all Default accounts are disabled or renamed (e.g. Admin). Through inspection ensure access to all non-unique accounts that have interactive log-on capabilities are either restricted or monitored. On a Quarterly basis, ensure completeness of MAR in-scope accounts being monitored in Splunk / Sentrigo (AD, DB, Linux, etc.) Monitor compliance with Change management controls 10% Ensure all system and application production changes are following Guardian Change mgt methodology Ensure authorization, testing, and segregation of duties (access of administrator, developers and production implementors). Monitor compliance with Data backups and restore controls 10% Ensure all production data are backed up according to the specified schedule (daily, weekly, etc.) through inspection of scripts configuration Ensure all alerts are setup appropriately for missed / failed backups Skills and Knowledge : (Identify core competencies, key specialties, technical, human relations or managerial skills, and knowledge areas necessary to accomplish responsibilities and desired end results.) Minimum Bachelor's Degree in Business Administration, Computer Science, Information Systems Administration or an alternative technology related field Experience : Minimum of 6 years' experience, preferably with 2-3 years as an IT audit manager for a Big 4 or large regional / national accounting firm Demonstrated expertise with IT processes, controls and related standards and best practices Expertise with some US Internal Controls frameworks : e.g. COSO, COBIT, Sarbanes-Oxley / MAR, etc. Strong proficiency in identifying and evaluating complex business and technology risks, internal controls to mitigate risks and related opportunities for improving automated / IT controls Excellent knowledge and experience assessing and auditing IT systems and controls; networks and operating systems and / or application support, IT General Controls and IT Application controls. Independent, self-starter, with a strong work ethic, high degree of motivation and the ability to contribute to a positive team attitude; proven dedication to teamwork, and integrity within a professional environment Requirements : Familiar with ITGC domains (LSA, Change Mgt, Computer Ops, etc.) Available during US eastern time business hours (M-F 9-5) Strong Communication skills and command of English language. Strong MS Excel skills in formula (Vlookup, Concatenate, Trim, etc.) Familiar with Windows (Active Directory) and user access / groups / permissions. Ability to analyze, create matrices, and update data from reports.
Job Description :
- Provide management with expertise on IT general controls effectiveness and operational audit oversight.
- Provide guidance to Guardian's IT organization around IT general controls. Evaluate controls that are in place and ensure compliance with Guardian's corporate policies and regulatory requirements.
- Serve as lead to manage the IT Risk and Controls Book of Work including testing for SOC1, SOC2, MAR (similar to SOX), Control Assurance, etc.
- Be able to leverage work across different assurance groups, i.e. MAR, PwC, Internal Audit, State examiners, etc. to create efficiencies and eliminate redundancies.
- To achieve this objective, this position must effectively work with resources within the IT organization (infrastructure and development areas) as well as compliance resources across the entire firm, external auditors / examiners, and minimize work by leveraging audit findings and recommendations from one group to another.
- Major Opportunities and Decisions :
- Manage the IT Risk and Controls Book of Work including managing the resources and able to pivot based on resource availability and activities.
- Provide leadership to the analysts and ensure proper completion of activities and manage escalation to senior leadership.
- Provide solutions to IT areas to ensure proper controls are in place based on policies, regulations and best practices.
- Perform the terminated worker quality assurance process, source report validation (prep for audit), spot-test manual access and investigate root cause - to help ensure controls are continuously operating effectively.
- Manage remediated exceptions prior to formal retest by MAR, IA, and PwC auditors.
- Educate and influence IT employees and management on internal control issues and best practices.
- Leverage resources across IT and business areas as needed
- Principal Accountabilities : (List 6-8 major areas of responsibilities in order of importance, and purpose of these activities. In addition, identify percent of time normally spent and whether the activity is an essential or minor function.)Based on the focus areas highlighted above, the following matrix expands upon these activities. Please note that the % of time varies to where the Project is within its relative Project Life Cycle.
Accountability
Activity
SOX / MAR expanded testing support and Reporting – 50%
Education and Experience : (Identify types and length of education and experience needed to acquire the necessary skills and knowledge to accomplish the desired end results.)
Education :
Location :
This position can be based in any of the following locations :
Chennai
Current Guardian Colleagues : Please apply through the internal Jobs Hub in Workday
Skills Required
Ms Excel, Linux, Change Management, Active Directory, SOC2, Sql, Oracle, Aix, Db2, IT General Controls, Udb, Splunk
Create a job alert for this search
Lead Compliance • Chennai, India
Related jobs
- Promoted
Manager- SACCR / Counterparty Credit Risk
Evalueservechennai, tamil nadu, in Elevate Your Impact Through Innovation and Learning.Evalueserve is a global leader in delivering innovative and sustainable solutions to a diverse range of clients, including over 30% of Fortune 50...Show moreLast updated: 15 days ago
- Promoted
Lead, Operational Risk
Standard Chartered BankChennai, Tamil Nadu, India This job is with Standard Chartered Bank, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.
Please do not contact the recruiter directly....Show moreLast updated: 10 days ago
- Promoted
Compliance Manager
ConfidentialChennai Maintaining oversight of the developments in the MFD, RIA, NBFC, digital lending, and account aggregator, to proactively manage the potential regulatory risk exposure of affected divisions / departme...Show moreLast updated: 30+ days ago
- Promoted
Chief Risk Officer
ConfidentialChennai, Tamil Nadu, India The role works proactively in identifying internal and external risks, building robust internal controls, risk.Laws and Regulations to help build out the proper controls.
Also a guardian of the digi...Show moreLast updated: 30+ days ago
- Promoted
Straive - Team Lead - Risk Escalations
SPI TECHNOLOGIES INDIA PRIVATE LIMITEDChennai, India Job Description : We are hiring a Risk Escalations Analyst with expertise in identifying, investigating, and resolving risk-related escalations.The ...Show moreLast updated: 30+ days ago
- Promoted
Process Excellence Lead ( Risk / Change Management)
Innodata Inc.Chennai, IN Qualifications and Requirements.Bachelor’s degree in Business Administration, Engineering, Operations Management, or related field required.
Master’s degree or MBA preferred.Lean Six Sigma Black Bel...Show moreLast updated: 2 days ago
- Promoted
Business Risk Manager (Savings)
RevolutChennai, IN People deserve more from their money.More visibility, more control, and more freedom.Since 2015, Revolut has been on a mission to deliver just that.
Our powerhouse of products — including spending, ...Show moreLast updated: 22 days ago
- Promoted
Risk & Compliance Professional
ConfidentialChennai, India Your Work Shapes the World at Caterpillar Inc.When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other.
We are the makers, problem ...Show moreLast updated: 6 days ago
- Promoted
AVP. Credit and Country Risk Reporting
Standard Chartered BankChennai, Tamil Nadu, India This job is with Standard Chartered Bank, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.
Please do not contact the recruiter directly....Show moreLast updated: 10 days ago
- Promoted
Risk Regulatory Compliance Analytics E2
ConfidentialChennai Teamware Solutions is seeking a skilled Risk Regulatory Compliance Analytics Specialist to join our team.This role is crucial for leveraging data and analytical techniques to ensure compliance with...Show moreLast updated: 30+ days ago
- Promoted
Governance & Risk and Compliance Analyst
ConfidentialChennai Conduct thorough due diligence on potential third-party vendors to assess their cyber security, Data privacy, operational capabilities, and compliance with legal and regulatory requirements.Perform...Show moreLast updated: 30+ days ago
- Promoted
Senior Manager - Risk and Compliance
Good Business LabChennai, IN We use rigorous academic research to prove that worker well-being programs have business impacts.We develop market-ready, scalable interventions that benefit both workers and businesses.Our goal is...Show moreLast updated: 2 days ago
- Promoted
Business Risk Manager (Technology)
RevolutChennai, IN People deserve more from their money.More visibility, more control, and more freedom.Since 2015, Revolut has been on a mission to deliver just that.
Our powerhouse of products — including spending, ...Show moreLast updated: 30+ days ago
- Promoted
Compliance Manager
CorenzaChennai, Tamil Nadu, India This leading financial services company in India offers a wide range of retail financing products, including two-wheeler, used car, and consumer durable loans.
With a nationwide presence, the compan...Show moreLast updated: 2 days ago
- Promoted
Enterprise Risk Head
ConfidentialChennai, Tamil Nadu, India The role works proactively in identifying internal and external risks, building robust internal controls, risk.Laws and Regulations to help build out the proper controls.
Also a guardian of the digi...Show moreLast updated: 30+ days ago
- Promoted
- New!
Enterprise Risk-SVP
ConfidentialChennai, Tamil Nadu, India The role works proactively in identifying internal and external risks, building robust internal controls, risk.Laws and Regulations to help build out the proper controls.
Also a guardian of the digi...Show moreLast updated: 16 hours ago
- Promoted
Lead - Risk & Compliance - BFSI
B2NChennai, India Conduct compliance risk assessments across business lines and functions.Develop and execute a risk-oriented compliance activity plan in alignment with regulatory requirements.Identify compliance ri...Show moreLast updated: 30+ days ago
- Promoted
Lead, Operational Risk
ConfidentialChennai, India Lead in performing risk impact analysis on the new / enhanced process.Ensures that the changes introduced or impacts to other process(s) if any.
are aligned with the Enterprise Risk Management Framew...Show moreLast updated: 6 days ago