Consultant-Finance Accounting & Auditing -Finance & ITGC SOX

Job Description: 1. Technical:

4+ years of working experience and strong understanding of IT risks, processes and controls, User Access Management process, Backup and restore process, Change Management, Logical Security and Application Security cycle areas for technologies: Mainframe, AWS, Azure, Google Cloud, Database (Oracle, MSSQL), UNIX, Windows, Teradata OS, Web Methods, Active Directory and Tableau

Evaluate IT risks from SOX perspective.

Perform Design and operating effectiveness test of ITGCs as well as application controls.

Evaluate Design and performance of automated/configuration controls.

Liaise with client as well as external auditors for requirements and questions.

Finalize Issues noted and discuss it with the required stakeholders to bring it to closure.

Document Test work papers with precision and detail.

Understanding of IT risks, processes, and controls

Working experience as Internal Auditor in ITGC area is a plus.

Understanding of Cloud architecture and models

Knowledge of Information Asset management, Third-Party risk management, HR processes, SELM tools & SOC process etc.

Excel skills required - VLOOKUP, Duplicates, Conditional formatting etc.

Visio for flowcharting

2. Soft skills:

Must have good communication skills (written and spoken)

Multi-tasking and takes initiative - Needs to manage scope changes/management requests/project requirements independently.

Quick-learner – Needs to understand new tools, technologies and changing environment.

Needs overall good organization & ability to track and prioritize.

Educational Qualification should be a Master/CISA.

3. Work Type:

Hybrid – Working Partly From Home And Partly From Office

Responsibilities: Conduct risk assessments to identify areas of potential IT weaknesses and recommend corrective action

Develop and maintain role matrices, including segregation of duties (SoD) and critical access reviews.

Perform risk assessments to identify potential security issues and develop mitigation plans.

Manage user provisioning and deprovisioning processes, ensuring accurate role assignments.

Conduct role testing and validation to ensure proper functionality and compliance.

Lead in S/4 Hana SAP projects, including upgrades, migrations, and implementations.

Provide training and support to end-users and other stakeholders on role and authorization management.

Fair knowledge of design, implementation, assessment and testing of ITGC (IT general controls) and automated application controls related to SOX compliance.

Document all role design and implementation activities, ensuring thorough and accurate records.

Provide training and support to end-users and other stakeholders on SAP security policies and procedures.

Support the audit process by providing necessary documentation and responding to audit inquiries.

Assist to Design, implement, and manage S4 Hana SAP security solutions, including role based access controls, user provisioning, and authorization concepts.

Develop and enforce security policies, procedures, and best practices for S4 SAP systems.

Ensure compliance with industry regulations and standards, such as SOX.

Stay updated with the latest security threats, vulnerabilities, and mitigation techniques.

Support assessment of risk management and risk mitigation adequacy

Qualifications: Graduate in Information Technology, Computer Science, Business Administration, or a related field. SAP certification in S/4 Hana. 4-6 years of audit / consulting experience.