Risk & Compliance Consultant

Job Description

We are looking for a proactive, young and dynamic InfoSec Risk and Compliance Consultant who can provide risk-based analysis, which requires coordinating with clients for their business, taking details and organizing the same to ensure that the services adhere to a defined set of Infosec criteria. You will ensure that our business processes and transactions follow all relevant legal and internal guidelines, support in various audit initiatives to further strengthen the risk framework.

  • Hands on Experience in Internal Controls Auditing Projects, Tracking & Reporting Audit project progress,  Keeping track of documentation – policies and evidences received
  • Perform Risk Assessment support and facilitate the implementation of internal controls that will provide the client organization with protection from compliance risk
  • Basic understanding of current laws pertaining to information / data security like Indian IT Act 2000/2008, PDPB/PDPA, GDPR, CCPA etc.
  • Understanding of frameworks like COSO-ERM, COSO Internal Controls, Sarbanes Oxley Act, Internal Financial Controls (IFC) and their overlap with AICPA SOC
  • Monitoring and reporting on the effectiveness of control measures as per frameworks like SOC / ISO  
  • Monitor compliance with laws, regulations, and policies
  • Proactively identify control deficiencies and emerging IT risks as candidates for risk assessments
  • Participating in planning and implementing tools and processes to enhance the risk management program
  • Regularly audit company procedures, practices, and documents to identify possible weaknesses or risk

Qualifications

  • Any of the two combinations below with in-depth, hands-on  exposure in IT Auditing  
    • B. Tech / M. Tech / Masters in Information Security OR
    • CA + DISA / CMA + DISSA / US-CPA + CISA
  • Preferred, but not compulsory additional certifications like CCAK / CCSK and/or – AWS / Google Cloud / Azure cloud security related trainings & certifications
  • Preferred, but not compulsory – CDPSE / CIPP (US) / CIPP (E)

Skills & Personal Attributes

  • Should have exposure to Auditing / Consulting environment
  • As a Risk and Compliance Consultant, you should possess client management and delivery skills
  • Highly technical with hands-on experience in the latest security trends and technologies
  • This position may require travel to clients’ sites
  • Working under pressure and delivering as per deadlines
  • Pro-active, Organized self-starters
  • Create and manage effective action plans in response to audit discoveries and compliance violations for global clients
  • Analytical with strong attention to detail, Good presentation & communication skills
  • MS Excel, MS Powerpoint
  • Performance and learning focused are the most important attributes
  • The ideal candidate will be professional, highly analytical, and possess excellent written and verbal communication skills in addition to IT fluency
  • Strong cross-functional interaction skills; Experience working in a team-oriented, collaborative environment
  • Ability to self-motivate and open to manage complex projects with multi-tasking
  • Excellent organizational skills; High Ethical quotient

Send in your CVs to subba@entpermasys.com;nagaraju@entpermasys.com;vijaytanikella@entpermasys.com

%d bloggers like this: