Cyber Risk & Reg - Senior Manager - Internal Audit (ITGC)- KOL/HYD/BLR

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In IT audit at PwC, you will focus on helping to assess and evaluate the design and effectiveness of an organisation's IT systems and controls to provide compliance with regulations and mitigate risks.

Growing as a strategic advisor, you leverage your influence, expertise, and network to deliver quality results. You motivate and coach others, coming together to solve complex problems. As you increase in autonomy, you apply sound judgment, recognising when to take action and when to escalate. You are expected to solve through complexity, ask thoughtful questions, and clearly communicate how things fit together. Your ability to develop and sustain high performing, diverse, and inclusive teams, and your commitment to excellence, contributes to the success of our Firm.

Skills

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Craft and convey clear, impactful and engaging messages that tell a holistic story.
• Apply systems thinking to identify underlying problems and/or opportunities.
• Validate outcomes with clients, share alternative perspectives, and act on client feedback.
• Direct the team through complexity, demonstrating composure through ambiguous, challenging and uncertain situations.
• Deepen and evolve your expertise with a focus on staying relevant.
• Initiate open and honest coaching conversations at all levels.
• Make difficult decisions and take action to resolve issues hindering team effectiveness.
• Model and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
  
  

Reporting

• Position reports to the Group and GTM leads within the Cyber, Risk & Regulatory practice
  
  

Essential Duties And Responsibilities

• Manage and lead multiple teams directly involved in the work streams related to IT SOX Compliance covering ITGC and IT Dependencies (ITAC, Interfaces, IPE’s).
• Individual would be expected to cultivate a strong team environment
• Managing predominantly offshore engagements and relevant PwC Territory teams. Communication, written and verbal, with these teams would be expected. This communication would include emphasizing the capabilities within the SDC to provide high-quality deliverables to support the PwC Global Offices.
• Be actively involved in proposal as part of client pursuit and assisting Partners and Directors with relevant and valuable inputs.
• Manage the overall operations as per the framework/standard laid down by the management for the smooth functioning of business as usual.
• Ensure diversity within the team and equal opportunities for the team members involved for their progression.
• Responsible for the overall performance management of the team assigned.
• Oversee the team members performance of testing in these area, monitoring workload, timelines and budgets for the work being performed.
• Provide technical support in the assessment, design, and implementation of ITGC requirements.
• Thorough understanding around ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations.
• Exposure of testing IT Application Controls (Configurable, Non-configurable), Interfaces, IPE’s, Data Migration and Platform Reviews.
• Review control evidence for adherence to accuracy, completeness, and precision of control execution for all ITGC.
• Develop, implement, and test controls for new acquisitions and in-scope entities.
• Work with control owners and operators to ensure quality, consistency, and operability of new and existing controls as needed.
• Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment.
• Review test findings and facilitate the remediation of ITGC control gaps and escalate possible critical issues to senior management of client/Onshore teams.
• Plan and direct the work to team members, monitor their work, and take corrective action when necessary.
• Coaches, mentors, and develops direct reports, including overseeing new hire onboarding process and providing career development planning and opportunities; maintains a safe, secure, and legal work environment.
• Builds and maintains strong peer relationships within the team and across the organization.
• Coordinates work with External Auditors of the client if needed.
• Manage the Cyber, Risk & Regulatory (Advisory) team and client portfolio to deliver 30,000 to 40,000 of client hours.
  
  

Interpersonal Skills

• Ability to work independently under general supervision with latitude for initiative and independent judgment.
• Effective verbal and written communications, including active listening skills and skill in presenting findings and recommendations.
• Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors.
• Detail-oriented & comfortable working on multiple projects simultaneously.
• Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team.
• Excellent communication skills, written and verbal would be expected.
• Ensure client service delivery in accordance with the quality guidelines & methodologies.
• Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables.
• Contribute to people and knowledge development initiatives by developing training material and conducting training.
• Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties.
• Demonstrate superior relationship building and relationship management skills.
  
  

Client Management

• Develop strong working relationships with the client and onshore teams.
• Maintain excellent rapport and proactive communication with the stakeholders and clients.
  
  

Operational excellence

• Strive to take the business to the next level by identifying and implementing changes for the betterment of business.
• Suggest ideas on improving engagement productivity and identify opportunities for improving client service.
• Manage engagement budgets and ensure compliance with engagement plans and internal quality & risk management procedures.
  
  

People related

• Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements.
• Foster teamwork and innovation.
• Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery.
• Conduct workshops and technical training sessions for team members.
• Contribute to the learning & development agenda and knowledge harnessing initiatives
• Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers.
  
  

Minimum Qualifications

• Bachelor’s degree in Information Systems, Computer Science Engineering
• B.E., B. TECH, M. TECH, MCA, BCA, CA, MBA
• Experience of business experience in technology audit, risk management, compliance, consulting, or information security including acting in the capacity of a supervisor
• Excellent knowledge of IT General Controls, automated and security controls
• Knowledge of security measures and auditing practices within various operating systems, databases, and applications
• Experience in auditing financial applications, cyber security practices, privacy, and various infrastructure platforms such as Unix, Linus, Windows, SQL Server, Oracle Databases
• Knowledge and concepts of auditing of cloud platforms (AWS, Azure and Google Cloud)
• Experience designing continuous auditing and monitoring tools and techniques is a plus.
• Good understanding of CoBIT 5 Domains of Access Management, SLDC & Change and Computer Operations and Control Design and Testing of SOX IT General Controls (ITGC) and/or IT Application Controls (ITAC)
• Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Management/Clients
• Knowledge of regulations impacting privacy, integrity, and availability of clients PII.
• Functional knowledge of major ERP suites (like SAP, Dynamics, Oracle EBS, Peoplesoft)
• Understanding of audit concepts and regulations
• Required overall experience in testing/reviewing and implementation of ITGC controls, CoBit 5 and developing COSO framework
• Candidates with 11+ years of relevant experience in similar role, preferably with a “Big 4” or equivalent
• Chartered Accountant (would be added advantage)
  
  

Certification(s) Preferred

• CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications