Summary:

Controls Resiliency Manager is responsible to lead and deliver IT controls assurance activities with proven extensive knowledge in IT Audit, IT General Controls Assurance, SOX 404, IT Attestation (SSAE18 / SOC), audit analytics, Cloud Security, CCPA, ISO 27001, etc. to support the Global Head of Technology and Cyber Risk Management & Regulatory Engagements

Responsibilities:

Line Management (50%)

Line management of the Control Resiliency team in Mumbai and providing effective support to the Global ICS team. Supporting recruitment, management and development of people through supervising, mentoring and coaching  team members. Continuous learning and development of team members through different trainings.

Business As Usual (50%)

Developing and managing a Control Resiliency service to include Driving Assurance activities & projects Review of control design Testing of control effectiveness Advice and guidance to control owners and project teams Guidance in developing RCM (Risk & Control Matrix) Establishing and operating processes and procedures to manage workload Planning, communicating, coordinating and delivering assurance services Reporting and tracking control gaps as well as ineffective or inadequate controls Coordination and tracking remediation activities being performed by technology control owners Producing regular MI reports to the Senior Management  Taking initiatives and contributing to improvement of the Global Compliance & Controls activities Identify opportunities and recommendation to improve the design and implementation of technology controls Support control owners in the design and maintenance of controls and documentation Undertaking such other tasks and responsibilities as assigned by the Global Functional Director Keep yourself up-to date with latest IS related regulation and standards
 

Requirements:

Qualified to degree level, preferably in a business, IT or security related subject. 8+ years of experience in Technology Risk & ControlsMust be interested in developing skills and knowledge of IT Risk Management, and willing to work towards appropriate professional qualifications, such as CISA, CISM, CISSP, CCSPWhilst this is not a hands-on technical role, the role holder will be expected to demonstrate a strong awareness of technology and how IT is used to enable business processesShould have undergone formal training in security, risk management or compliance (good to have)