terça-feira, 1 de fevereiro de 2011

IT Controls Analyst

Information Technology Controls AnalystPURPOSE AND SCOPE OF POSITION:• The position is responsible for providing documented evidence support for internal and external audit IT testing teams.• The position will be the point of contact for all IT audits performed in all regions.• The position requires intensive knowledge of managing information general controls (ITGC) and security controls.• Knowledge of segregation of duties processing and matrix review.• Knowledge of ERP audits and monitors critical activities required to become compliance.SPECIFIC DUTIES AND RESPONSIBILITIES:• Performs ITGC self-assessment testing for the IT departments (Regions - presently Argentina, Brazil, Canada, Chile and Mexico) on quarterly basis• Performs reviews of the segregation of duties matrix and reports conflicts on a monthly basis• Provides basic project management fundamentals and helps the IT project managers to create project documentation, definitions, project plans, etc. on a daily basis• Interviews the ITGC control owners to obtain documented evidence to support the control for compliance on a quarterly basis• Plan and schedule internal and external testing periods to ensure process owners will be available on a quarterly basis• Generates deficiency ITGC and remediation reports to the internal and external auditors to ensure the control is remediated and signed off by the control owner on a quarterly basis• Interact with applications team and business side to ensure controls are met properly• Creates and maintains the ITGC documented evidence binder on a monthly basis• Assist the IT department in preparation for internal or external audits• Performs ERP audits - security access on a monthly basisQUALIFICATIONS, SKILLS AND KNOWLEDGE:Education & Professional Designations:• Certification in compliance - CISA• Certification on security controls processes - Security plus• High School or higher level education requiredWork Experience:• 2 to 5 years working knowledge using the Information systems audit and control association methodology (ISACA) compliance and security standards.• Intensive working knowledge of perform ITGC SOX 404 audits.• Working knowledge of end user accounts, permissions and access rights audit reviews.• Intensive working knowledge in planning, prioritizing and scheduling IT compliance and security audits. • Working knowledge of network infrastructure -local area networks (LAN), wide area networks (WAN), Wireless networks and ERP systems.• Working knowledge of implementing disaster recovery plan for operating systems, databases, networks, servers and software applications.Technical Skills• 2 to 5 years using COBIT and ISO 2700x frame works.• Working technical knowledge of current systems active directory, exchange, etc.• In-depth technical knowledge of network, PC and platform operating systems Windows servers 200x and Windows PC O/S suites.• Knowledge of regulatory practices and procedures enforcement relating to data privacy and protection.Personal Characteristics (Soft Skills)/Working Conditions• Ability to travel to the corporate offices and mine sites environments. (One mine site is very hostile) also bi-lingual in English, Spanish and/or Portuguese.• Build positive relationships with key users/business line teams to identify/resolve issues.• Must have great communications skills• Must have great organizational skills• Must have great written skills

To apply: ross@ivedha.com

Nenhum comentário:

Postar um comentário