About the job
WHO ARE WE?
Afiniti is the world’s leading applied artificial intelligence and advanced analytics provider. Afiniti Enterprise Behavioral Pairing™ uses artificial intelligence to identify subtle and valuable patterns of human interaction in order to pair individuals on the basis of behavior, leading to more successful interactions and measurable increases in enterprise profitability. Afiniti operates throughout the world and has measurably driven billions of dollars in incremental value for our clients.
- Develop a good understanding of Afiniti business processes, Afiniti application and deployment process.
- Responsible for due care and due diligence audits for Afiniti.
- Responsible for end-to-end audits related to (Privileged) Identity and Access Management.
- Schedules and plans audits; initiates project planning, assess risk, and develops audit direction.
- Reporting on compliance findings (and associated remediation tasks)
- Tracking remediation items
- Participates in development, implementation, and maintenance of policies, objectives, short-and long-range planning; develops and implements projects and programs to assist in the accomplishment of established goals.
- Support in third-party IS assessment process for Afiniti. Conduct internal IS audit for customer deployment before the initiation of customer IS audit.
- Performing regular Access Reviews (audits)
- Highlighting contractual requirements for different business units of Afiniti. Understanding of ISO 27001, SOC2, ITGC, and PCI DSS standards.
- Supporting GRC team in policy modification, procedure development of ISO 27001, SOC2, ITGC, PCI DSS, and internal security baselines as per emerging business requirements.
- Participation in awareness session, developing awareness for different internal teams on security requirement for evidence gathering on audits.
Experience And Skill Set
- 5-8 years of IS experience and 3-4 of IT Auditing experience
- Ability to develop a good understanding of Afiniti business processes, Afiniti application and deployment process
- Clear, complete and thorough understanding of ISO 27001, NIST, PCI DSS standards and other applicable standards/ regulations
- Developing and documenting the policies, procedures, standards, guidelines, SOPs, checklists, plans, templates, etc.
- Proven experience in risk management and a strong knowledge of different risk management standards and different best practices
- Updating knowledge about emerging industry or technology trends
- Liaison with the external auditors and third-party InfoSec assessors
- Conduct and assist in internal IS audit for internal audits of different departments
- Recommend solutions to mitigate risks
- Coordinating and remediating audit findings along with other personnel or departments
Education & Qualifications
- Bachelor of Engineering (or higher) in Computer Sciences or related disciplines
- Professional security certifications (CISSP, CRISC, CIA, or CISA) (preferably)
SALARY AND PACKAGE
As well as a competitive base salary dependent on the number of years of experience, we also offer corporate benefits.
To apply for this job please visit www.linkedin.com.