Technology Consulting-DT IT Audit Assistant Manager

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara.
KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment

KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term.

Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature.

A Bachelors degree in engineering and approximately 2 -6 years of related work experience; or a master s or MBA degree in business, computer science, information systems, engineering
Expertise in coding skills (e.g., Java, C++, C, SQL, Oracle)
Experience in performing IT audits of banking/financial sector applications
Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)
Technical Knowledge of IT Audit Tools
Experience in carrying out OS/DB/Network reviews
Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage
Exposure to ERP systems will be added advantage
Experience in performing technical code reviews (understanding code logic based on business requirement) Strong project management, communication (written and verbal) and presentation skills
A team player
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism
Preferred Certifications - CISA/CISSP//CISM
Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage
Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools

Equal employment opportunity information

KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their colour, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability, or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavour for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Job Title: Associate Consultant/ Consultant /Assistant Manager
Skills: IT Audit + Code Review
Location: Bengaluru

Skills Required:

Risk Based IT Internal Audit for Financial Services Entities
IT SOX 404 Controls Testing, Quality Assurance
Internal Financial Controls related to IT General Controls as part of Financial Statements Audits
IT Risk & Control Self-Assessment
Business Systems Controls / IT Application Controls
Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc.
Working knowledge of programming languages(C/C++/Java/SQL)

Role:

Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables.
Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.
Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery
Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix.
Perform business process walkthrough and controls testing for IT Audits.
Performing planning and executing audits, including:
Information Security reviews
Information Technology Infrastructure reviews
Application reviews
Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues and communicate this information to the project manager.
Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.
Demonstrate a thorough understanding of complex information systems and apply it to client situations.
Use extensive knowledge of the clients business/industry to identify technological developments and evaluate impacts on the work to be performed
Risk Based IT Internal Audit for Financial Services Entities
IT SOX 404 Controls Testing, Quality Assurance
Internal Financial Controls related to IT General Controls as part of Financial Statements Audits
IT Risk & Control Self-Assessment
Business Systems Controls / IT Application Controls
Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc.
Working knowledge of programming languages(C/C++/Java/SQL)
Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project s progress.
Monitoring and Tracking for Budget and Time Estimates on engagements.
Conducting IT audits, IT Internal Audit, Robotics Process Automation (RPA) Audits
Conducting SOX audits, Third Party Security audits
Conducting controls assessment in manual/ automated environment
Information Security Assessments
Conducting OS/DB/Network reviews
Prepare/Review of Policies, Procedures, SOPs