Spectral Consultants logo

Audit & Compliance Specialist

Spectral Consultants
Full-time
On-site
Pune, Pune, India
  • Ensure compliance & audit activities are completed in a timely and appropriate manner
  • Act as SME supporting functional managers in understanding and applying responsibilities towards compliance & audit providing recommendations as appropriate
  • Lead new required industry framework / standard implementation from third line of defense per se.
  • Develop and update Policies, process maps, templates and supporting change management tools, as often as needed;
  • Assist in the development of training material in support of Policy adoption enterprise wide; participate in compliance training workshops, as needed;
  • Report control issues and follow up on non-compliances with Functional leadership to mitigate and close the issues 
  • Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.)
  • Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.)
  • Monitor compliance with existing Policies and supporting tools;
  • Generate regular reports for Senior Management 
  • Ensure that compliance & audit activities associated are regularly reviewed to drive continuous improvement: providing Subject advice, making recommendations and interventions as appropriate
  • Participate in client directed audit and compliance initiatives, including but not limited to, SOC 2 Type II, ISO 27001, etc.
  • Champion and lead a culture of customer service and continuous improvement ensuring that opportunities for process and service Improvements Monitor performance and identify areas for improvement Actively look for ways of smoothing peaks and troughs and reducing time scales.


Requirements

  • BS/BA with record of high academic achievement in CS/MIS
  • Professional certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CGEIT (Certified in the Governance of Enterprise IT) or CRISC (Certified in Risk and Information Systems Control) are desirable
  • Eagerness to contribute in a team-oriented environment
  • Ability to work methodically and analytically in a quantitative problem-solving environment
  • Excellent leadership, communication, and organizational skills
  • Strong customer service skills
  • Working knowledge of various control frameworks like:
    • ISO/IEC 27002:2005 –  Code of Practice  for Information Security Management
    • HIPAA HITECH – Health Insurance Portability and Accountability
    • SOC 2 Type II
    • NIST CSF – National Institute of Standards and Technology


Apply now
Share this job
Twitter Facebook Linkedin Email