Manager (ITGC Testing) IT SOX Compliance

PricewaterhouseCoopers Service Delivery Centre (Kolkata) Private Limited is a joint venture in India among members of the PricewaterhouseCoopers Network that will leverage the scale and capabilities of its network. It is a member firm of PricewaterhouseCoopers International Limited and has its registered office in Kolkata, India. The Service Delivery Centre will provide a professional an opportunity to work in a dynamic environment where you will have the ability to develop process and quality-based skills. Reporting:

• Position reports to the Group and GTM leads within the Cyber, Risk & Regulatory practice

• Manage and direct the work streams related to IT SOX Compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s).
• Provide technical support in the assessment, design and implementation of ITGC requirements.
• Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations.
• Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews.
• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC.
• Develop, implement and test controls for new acquisitions and in-scope entities.
• Work with control owners and operators to ensure quality, consistency and operability of new and existing controls.
• Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment.
• Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management of client/Onshore teams.
• Plan and direct the work to team members, monitor their work, and take corrective action when necessary.
• Coaches, mentors, and develops direct reports, including overseeing new hire onboarding process and providing career development planning and opportunities; maintains a safe, secure, and legal work environment.
• Builds and maintains strong peer relationships within the team and across the organization.
• Coordinates work with External Auditors of the client if needed.
• Manage the Cyber, Risk & Regulatory (Advisory) team and client portfolio to deliver 8,000 to 12,000 of client hours.

• Ability to work independently under general supervision with latitude for initiative and independent judgment.
• Effective verbal and written communications, including active listening skills and skill in presenting findings and recommendations.
• Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors.
• Detail-oriented & comfortable working on multiple projects simultaneously.
• Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team.
• Excellent communication skills, written and verbal would be expected.
• Ensure client service delivery in accordance with the quality guidelines & methodologies.
• Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables.
• Contribute to people and knowledge development initiatives by developing training material and conducting training.
• Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties.
• Demonstrate superior relationship building and relationship management skills.

• Develop strong working relationships with the client and onshore teams.
• Maintain excellent rapport and proactive communication with the stakeholders and clients.

• Suggest ideas on improving engagement productivity and identify opportunities for improving client service.
• Manage engagement budgets and ensure compliance with engagement plans and internal quality & risk management procedures.

• Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements.
• Foster teamwork and innovation.
• Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery.
• Conduct workshops and technical training sessions for team members.
• Contribute to the learning & development agenda and knowledge harnessing initiatives
• Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers.

• Bachelor’s degree in Information Systems, Computer Science Engineering
• B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA
• Experience of business experience in technology audit, risk management, compliance, consulting, or information security including acting in the capacity of a supervisor
• Excellent knowledge of IT General Controls, automated and security controls
• Knowledge of security measures and auditing practices within various operating systems, databases and applications
• Experience in auditing financial applications, cyber security practices, privacy and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases
• Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud)
• Experience designing continuous auditing and monitoring tools and techniques is a plus.
• Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC)
• Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients
• Knowledge of regulations impacting privacy, integrity and availability of clients PII.
• Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS, Peoplesoft)
• Understanding of audit concepts and regulations
• Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework
• Candidates with 6-8 years of relevant experience in similar role, preferably with a “Big 4” or equivalent
• Chartered Accountant (would be added advantage)

• CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications