IT Auditor (APAC) at Northern Trust

Bengaluru, Karnataka, India

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Financial Services, BankingIndustries

Requirements

Certified Information System Audit (CISA) certification is preferred. Additional certifications such as Certified Information Systems Security Professional (CISSP), or other related certifications is a plus
Knowledge of audit procedures and technical security and control standards usually obtained through related work experience and a four-year degree program is required to perform system audits
Knowledge and awareness about the NIST 800-53 controls, NIST Cyber Security Framework, SANS and Center for Internet Security (CIS) is a plus
Knowledge of technology controls around Cloud Computing reviews - AWS, Azure and Google cloud is a plus
Solid understanding of ITGC and related processes (e.g., Configuration Management, Vendor Management, Access and Identity Management)
Understanding of Information Technology Service Management (ITSM) controls (e.g., Incident Management, Change Management, Problem Management)
Skills as needed to perform testing of application controls (e.g., BC/DR, Application Security Testing, Interface Controls)
Skills as needed to perform testing of information security and cybersecurity controls (e.g., Vulnerability Management, Incident Response, Network Security)
Analytical and organizational skills are necessary to conduct audits
Strong issue writing and workpaper documentation skills
Knowledge of systems and databases such as Windows, UNIX, MS SQL
Responsible for staying current on regulatory requirements and technological changes within the industry

Responsibilities

Functions in various roles on audit engagements, including leading audits, staffing audits and providing consulting or oversight functions based on the needs of the team
Manages and performs special projects as needed
Perform systems/applications, integrated audits and project management reviews
Follow up and perform validation of remediation activities to ensure audit issues are effectively resolved
Communicates with partners at all levels, across various business units
Utilizes understanding of various Corporate units and their functions to ensure operations, services, and systems have proper audit controls in place (i.e., design of the control environment)
Evaluate technology processes, technology controls for design and operating effectiveness
Applies analytical skills to review information and determine potential control weaknesses
Develops a thorough understanding of the Northern Trust Audit Methodology and adheres to all applicable Department Standards
Completes and compiles a high-quality summary of findings and recommendations for review in a concise and professional manner
Works closely with unit managers to devise specific technology related audit tests
Completing the audit within the stated budget, timeframes, and in accordance with the Audit Services Department Policies and Standards
Provides input to improve operational efficiency and/or to enhance the design or operating effectiveness of the internal control environment
Provides technical and auditing expertise, training, and coaching, to auditors during the audit engagement

Skills

Key technologies and capabilities for this role

IT AuditingInternal ControlsSystems AuditingApplications AuditingIntegrated AuditingProject Management ReviewsRisk AssessmentControl EvaluationAudit DocumentationRemediation ValidationTechnology Processes

Questions & Answers

Common questions about this position

What certifications are preferred for the IT Auditor role?

Certified Information System Audit (CISA) certification is preferred, with additional certifications such as Certified Information Systems Security Professional (CISSP) or other related certifications considered a plus.

What education and experience are required for this position?

Knowledge of audit procedures and technical security and control standards, usually obtained through related work experience and a four-year degree program, is required to perform system audits.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for the IT Auditor role?

This information is not specified in the job description.

What does the team structure look like for this role?

The role is a direct report to the Audit Manager, IT, and involves functioning in various roles on audit engagements, including leading audits, staffing audits, and providing consulting or oversight based on team needs.