• Assist with the development of IT Internal Audit program at Infor. This includes performing IT control risk assessments, executing the annual IT audit program, and collaborating with consulting resources on special projects.
• Stay current with IT risk trends, regulatory changes, and recommend changes in audit approach as appropriate.
• Ensure all phases of audit work conform to ISACA’s ITAF Professional Practices Framework for IT Assurance.
• Perform different projects on Data Mining and Data Analysis for different applications and data in different technologies.
• Contribute to identifying and evaluating IT enterprise-wide risk areas while developing and promoting best practice methods for IT Internal Audit. Participate and assist different teams in performing Risk Assessment.
• Assist with the development of a flexible annual IT audit plan using an appropriate risk-based methodology.
• Advisory offerings on Business continuity and Disaster recovery. Perform assessments on security administration, operating system security, business continuity management, data centers, and pre and post application implementations.
• Participate and coordinate business process and systems knowledge walkthroughs with financial and operational auditors.
• Writing and/or reviewing audit reports, including executive summaries, overviews, and detailed observations.
• Interact with various levels of internal and external personnel and management in obtaining information; presenting findings, reviewing recommendations, and discussing audit reports.
EDUCATION & EXPERIENCE:
• A bachelor’s degree in, computer science (B. Sc or B. Tech), programming, or MBA in management information systems; and at least 4 to 6 years of progressively increasing responsibility in internal or external audit.
REQUIRED SKILLS:
• CISA certification.
• Proficiency in different ERP platforms.
• Experience in ISMS ISO 27001 implementation and audits.
• Candidate must have foundational experience with, and understanding of, IT general controls. Exposure to Service Organization Controls audits (SSAE 16/ ISAE 3402).
• Proficiency with specialized audit software such as Audit Command Language (ACL) and / or Approva is required.
• Knowledge and experience in the review of systems business processes and related controls, and continuous monitoring techniques.
• Experience in IS security compliance audits.
• Working experience and good knowledge in Data Mining and Data Analysis.
• Knowledge of industry standards and industry frameworks (e.g., COBIT, COSO, CMMi, PCI/DSS, NIST)
• Ability to handle multiple projects effectively and maintain the confidentiality of sensitive information.
• Experience in information security risk assessments and gap analysis.
• Able to assess, develop, and implement information security programs, including organizational design and key processes.
• Knowledge of industry standards and industry frameworks.
• Strong interpersonal and communication skills.
• Strong PC skills for MS Word, Excel (MS Access and SharePoint are pluses).
• Participation in the local Chapter of ISACA and other memberships are also encouraged.
• Willingness and ability to travel (both domestic and global) 20 - 30%
