domingo, 8 de maio de 2011

Information Technology Controls

· The position is responsible for providing documented evidence support for internal and external audit IT testing teams.
The position will be the point of contact for all IT audits performed in all regions.
The position requires intensive knowledge of managing information general controls (ITGC) and security controls.
Knowledge of segregation of duties processing and matrix review.
Knowledge of ERP audits and monitors critical activities required to become compliance.

· Lieates).
· Ensure to include supervisory roles, decision making
· Performs ITGC self-assessment testing for the IT departments (Regions - presently Argentina, Brazil, Canada, Chile and Mexico) on quarterly basis
Performs reviews of the segregation of duties matrix and reports conflicts on a monthly basis
Provides basic project management fundamentals and helps the IT project managers to create project documentation, definitions, project plans, etc. on a daily basis
Interviews the ITGC control owners to obtain documented evidence to support the control for compliance on a quarterly basis
Plan and schedule internal and external testing periods to ensure process owners will be available on a quarterly basis
Generates deficiency ITGC and remediation reports to the internal and external auditors to ensure the control is remediated and signed off by the control owner on a quarterly basis
Interact with applications team and business side to ensure controls are met properly
Creates and maintains the ITGC documented evidence binder on a monthly basis
Assist the IT department in preparation for internal or external audits
Performs ERP audits - security access on a monthly basisQUALIFICATIONS, SKILLS AND KNOWLEDGE:
Education & Professional Designations:
· Level of education required, specific disciplines
· Any certification or designation requirements
· Certification in compliance - CISA
Certification on security controls processes - Security plus
High School or higher level education requiredWork Experience:
· List specific skills desired
· Number of years experience, etc.
· 2 to 5 years working knowledge using the Information systems audit and control association methodology (ISACA) compliance and security standards.
Intensive working knowledge of perform ITGC SOX 404 audits.
Working knowledge of end user accounts, permissions and access rights audit reviews.
Intensive working knowledge in planning, prioritizing and scheduling IT compliance and security audits.
Working knowledge of network infrastructure -local area networks (LAN), wide area networks (WAN), Wireless networks and ERP systems.
Working knowledge of implementing disaster recovery plan for operating systems, databases, networks, servers and software applications.Technical Skills:
· List specific skills desired
· Number of years experience, etc.
· 2 to 5 years using COBIT and ISO 2700x frame works.
Working technical knowledge of current systems active directory, exchange, etc.
In-depth technical knowledge of network, PC and platform operating systems Windows servers 200x and Windows PC O/S suites.
Knowledge of regulatory practices and procedures enforcement relating to data privacy and protection.
Personal Characteristics (Soft Skills)/Working Conditions
· Briefly describe the atmosphere of working environment
· Any harmful or dangerous materials/activities/machines
· Ability to travel to the corporate offices and mine sites environments. (One mine site is very hostile) also bi-lingual in English, Spanish and/or Portuguese.
Build positive relationships with key users/business line teams to identify/resolve issues.
Must have great communications skills
Must have great organizational skills
Must have great written skillsTechnical Equipment
· Laptop, blackberry, home internet connection
· Laptop computer
Home internet connection - DSL or cable modem
Cell phonePlease forward your resume in word to Max Brazao, Director of Technical Recruiting, at
Tel: 416 943 1708

Nenhum comentário:

Postar um comentário