IT Audit & Assurance Lead

Job Objectives

Cyber Security Audit & Assurance Group drives Internal Audit engagements focused on enterprise-wide core technology and cyber security programs. This leader will perform/execute IT audit engagements across Adani business units to drive effective implementation and assurance of enterprise cyber, control, and risk management frameworks. Driving 3rd layer of defense cybersecurity initiatives related to cyber readiness, compliance, and risk management.

Working collaboratively with BU Executives and Digital Technology Leaders across the business in the evaluation of the Adani security posture.

Role & responsibilities:

• The incumbent is responsible for the formulation of appropriate audit programs, assigning and directing staffing resources to complete the audit plans as scheduled, generating final audit reports for internal and regulatory agency review, and conducting thorough follow-up audits on previously identified issues.
• Performs Audit - Enterprise Risk Management to continually track and monitor entity level cyber risk and assist in defining and tracking standard IA Cyber KPI's across entities.
• Supports in the enterprise Internal Audit cyber security risk exposure program based on the outcome of annual audits in partnership and in coordination with the Adani Cyber team and BU Digital Technology leaders.
• Enhances, aligns, maintains, and educates BUs on enterprise cyber program, cyber control, and risk management frameworks in partnership and coordination with the Adani Cyber team and BU Digital Technology leaders.
• Translates technical risks to cross-functional teams to assist the broader organization in understanding and addressing cyber risks.
• Perform portfolio of assigned audits and related activities, including staffing, scheduling, and coordination with stakeholders to ensure the timely completion of the plan.
• Develop audit programs and testing procedures relevant to risk and test objectives. Maintain an awareness of current and emerging internal and external organizational, procedural, and technological changes that may impact the audit entity under review.
• Manage and monitor the progress of the audit engagement, prioritize the workload of the audit team, and identify/escalate any necessary changes to the audit as the engagement progresses. Deliver audits in highly technical areas of current/emerging technologies including cloud, security, distributed computing, IoT, Zero Trust Networks, High Value Asset Protection.
• Stay abreast of new and emerging regulations & trends that impacts information technology controls and rapidly adjust audit plan or procedures accordingly.
• Drive continuous improvement mindset in the audit function, including identifying and integrating best practices; Identify specific actions to improve the efficiency and effectiveness of Internal Audits.
• Achieve annual goals and budget targets by effectively managing resources and stakeholder requirements.

Educational qualifications:

• Bachelor's degree in computer science or in "STEM" Majors (Science, Technology, Engineering and Math) or Business Administration with a minor in Computer Information Technology is preferred.
• Minimum of 10 years of professional experience in IT Governance, IT Risk, IT Audit, IT Operations or related fields, preferably with a Fortune 100 companies or Big 4 assurance organization.
• CISM, CISA, CISSP, CRISC designation or other relevant certification is must. Understanding of regulatory and external requirements as they relate to IT, privacy and cybersecurity for regulations such as DFARS, CMMC, FISMA, HIPPA, GDPR, NERC-CIP and SOX.
• Experience using some of the industry standards/framework, such as NIST 800-53, NIST 800-171, NIST Privacy Framework, CSA CCM, ISO 27001, ITIL v3, COBIT and FAIR is desirable.
• Knowledge of IT Operational Functions including IAM, Asset Management, Cybersecurity, Data Privacy.
• Proven ability to handle scale, change agenda, pace and overall complexity. Track record of building / transforming an audit function to drive business strategy.
• Track record of working alongside business leaders, positioning internal audit as a strategic partner, identifying and helping mitigate risk.
• Modern Audit/ Data-Driven Approach-- Track record of leveraging technology and using data to drive insights and actions.
• Strong technical internal audit skills, including IT audit skills and knowledge of SOX 404 requirements. Lean Process orientation; Passion to help improve operations continuously
• Strong quantitative and qualitative analysis skills; ability to take large volumes of complex information and present it in a clear and concise manner; uses data and a cogent problem-solving methodology in decision making and impact assessment. Capability to work with a team in a fast-paced environment to meet strict deadlines while managing multiple priorities.
• Steps forward to address difficult issues and guide others toward the accomplishment of identified, meaningful goals.
• Initiates, supports and manages change within the organization, taking steps to remove barriers or to accelerate its pace. Ability to quickly assimilate relevant information in unfamiliar situations.
• Ability to synthesize and communicate complex technology topics to all levels of the organization. Excellent listening, verbal, written and presentation communication skills.