We at Pramati have been at the forefront of innovation since 1998 and have been World beaters in our own right. Pramati is an organization that builds independent companies focused on profitable, well-defined markets in social, mobile, and cloud computing technologies. We invest in cutting-edge technologies, and people, to create best-of-breed product companies. We have carved out a rare and unique path in India's impressive technological landscape as a technology and product innovator, having served around 250+ Global enterprises and 60+ ISV's. Do visit www.pramati.com and see why and how we have been acclaimed as the Poster Boys of Indian Software Product Industry. We have been going strength to strength over the last decade and have become a force to reckon with. With multiple distinct brands under the umbrella we are poised to make a huge impact on the Software product business landscape:
Imaginea helps companies drive innovation through disruptive technologies that capture new opportunities in the marketplace. We engage with our customers at every stage from consulting and ideation, through development and implementation. Unlike most engineering services organizations, we have a "product DNA" and we put our money where our mouth is by starting several independent product companies ourselves. Imaginea partners with large Enterprises to provide comprehensive services that cover Infrastructure Planning and Architecture, IT Strategy & Consulting, Software selection & solutioning, Engineering R&D, Enterprise Application Services, Application Development, Maintenance & Support, as well as Modernization and Digitization. Our gamut of services include Compliance & Audit, Security solutions, independent testing and test automation services. We are an ISO 27001 certified organization, with additional certifications on HIPPA compliance.
Job Requirements & Required Qualifications & Experience
- Perform IT SOX 404 risk assessments and audits and Compliance Security Assessments
- Ensure compliance to required procedures & governance practices
- Understanding the scope of the audit and understanding of client computer processing environment which effects the financial transaction
- Testing and documenting the design and operating effectiveness of organization's Internal Controls such as Physical Access, Logical access, Change management and Operational Controls
- Strong communication and team building skills with proficiency at grasping new technical concepts quickly
- Experience in conducting internal audits
Desired Skills & Expertise
- Candidates with minimum 3+ years relevant experience
Education and Certification:
- Any bachelor’s degree
- Should be CISA Certified. If not CISA certified, can complete the certification within one year of joining.
- CISSP and ISO27k Lead Auditor certifications are added advantage.
- Exposure to Privacy controls and COSO framework are added advantage.
- Possess good verbal and written communication skills.
- Attend meetings to gain understanding of IT environment and related processes
- Implement the learning from meetings/training into new areas like Privacy controls and Security controls
- Review of IT process narratives
- Assist the Lead/Manager in completing the assessment on time
- Conduct ITGC testing for SOX and identified non-SOX applications
- Interact with the on-shore team or client to gather the required evidences supporting the ITGC testing
- Prepare work papers and address review comments
- Escalate issues identified as result of control failures to the Lead/Manager
- Plan activities and conduct internal audits as per ISO27001:2013 security standards
- Ensuring that personal and team goals with regards to business profitability, growth and quality are achieved
- Conducting continuous knowledge enhancement / knowledge sharing sessions and preparing / reviewing / updating the knowledge documents
- Communicated audit findings to management and implement plans with appropriate management that will adequately remediate any identified control weaknesses or gap
- Perform walk through and interviews with the Business/Application owners to understand the process and identify risk areas.
- Worked on providing valid process improvement points to business owners were every required to mitigate the risk areas