IT OPC Controls Analyst

Position Purpose:

The role is to provide both the Business Units and IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way. In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods.

Responsibilities

Direct Responsibilities

• Conduct periodic controls assessments across process areas in scope. Raise any non-compliance and follow up of the corrective actions until closure.
• Liaise with global and local IT control areas to ensure their certification is timely and appropriate.
• Perform periodic Root Cause Analysis of process issues and non-compliances at Project and Application Domain level. Ensure that the exercise is planned, executed effectively and reported to appropriate level.
• Participate in minimising production risks and issues, including but not exclusively, by helping to devise, and by implementing, sufficient regular controls.
• Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified.
• The enforcement of Permanent Controls, providing ongoing risk & controls self-assessment status of the control environment.
• Contribute all relevant management information(KPIs/KRIs) to the various scope reports/dashboards.
• Assist with Historical Incident management process, including liaising with various stakeholders involved, root cause analysis and impact evaluation.

Contributing Responsibilities

• Contribute to the upkeep and maintenance of the ISPL Permanent Control Framework
• Maintaining relevant Operational Permanent Control (OPC IT) processes and procedures

Technical & Behavioral Competencies

• Good knowledge of IT Risk & Audit domain with focus on Internal and/or External Audits.

• Good understanding of IT Controls Framework and experience executing controls.

• Understanding of IT Software, IT Infrastructure and IT Service Management domain is a value add.

• Strong analysis & problem-solving skills

• Structured and methodical mindset

• Proactive approach with a strong ability to work on own initiative

• Ownership of work and commitment to delivery

• Can do attitude

• Team oriented (both local and global)

• Good interpersonal and communication skills

• Big picture awareness – make relationships between tactical issues and strategic options

• Client focused

• Pragmatic and creative approach

Specific Qualifications:

IT Background

Skills Referential (Required knowledge, skills and abilities)

Technical Skills:

• Technology Risk & Controls
• IT Risk Framework and Standards
• ISO 27001 Certified
• Understanding of key regulations

Behavioral Skills:

• Attention to Detail/rigor
• Communication skills – Oral & Written
• Personal Impact / Ability to influence
• Critical thinking

Education Level: Bachelors / Masters

Location: Mumbai/Chennai