Company Overview

Treeline is a boutique provider of tailor-made services in BPO, KPO, ITO, RPO, and Consulting Practices serving clients in India, US, GCC, and Africa. Conceptualized as a captive back office supporting Jarir Investments Asset Management Program. Committed to high quality work, quick turnaround, and confidentiality. Vision to become a service provider of choice with exemplary services and solutions.

Job Overview

Senior IT Internal Auditor role with 7 to 10 years of experience in Chennai, Tamil Nadu, India. Full-Time employment type at Treeline Business Solutions Pvt. Ltd. A boutique provider of BPO, KPO, ITO, RPO, and Consulting Practices with 51-200 employees. Website: http://www.treeline.co

Role: IT Security-Internal Auditor

Job Description:

• Perform IT/OT Audits, Cybersecurity reviews, advisory engagements and other influencing activities in highly technical areas of current/emerging technologies.
• Adapt the audit approach to the ever-changing technology landscape and deliver critical and complex technology audits that impact the group-wide internal controls.
• Develop detailed Audit Program/Risk & Control Matrix (RCM) for the assigned audit, including potential risk, key controls, audit procedures and the use of audit techniques and tools to evaluate governance, risks, and controls processes.
• Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, sampling method, etc.
• Identify high-risk areas, key control points, root causes and implications in relation to IT/OT environments reviewed.
• Prepare audit report with the conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems, and recommend improvement options to rectify reported deficiencies.
• Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures.
• Appraise the adequacy of the corrective actions taken by management on audit recommendations through follow-up audits and periodically review and update the status of management action plans.
• Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit activities, performance, significant risk exposures, controls/governance issues, and other related matters.
• Provide relevant business and technology insights into the current, emerging & potential technology issues, trends & opportunities affecting the management.
• Participate in conducting special reviews and undertake administrative duties as directed by Management.
• Supplement integrated audits and support business and group auditors in reviewing the technology controls within an operational audit.

Professional Certifications:

• IT audit certification such as CISA
• OT or ICS-related certifications are highly desirable.
• Other related certifications (CISSP, CISM, GIAC, GICSP, IEC-62443 etc.) are preferred.

Minimum Experience, Knowledge & Skills:

• 5-7 years of varied experience in IT internal auditing and a minimum of 3+ years of work experience in Operational Technology or Industrial Control Systems.
• Expertise in developing or reviewing IT/OT security programs and conducting cybersecurity assessments for IT/OT environments including ICS, SCADA systems etc. and associated OT network architecture.
• Solid foundational knowledge of IT/OT security landscape including but not limited to, network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and OT integration with traditional IT systems (IT and OT Convergence).
• Solid understanding of OT security technologies such as Data diode, EDR, Antimalware, patch management, SIEM solution etc.
• Advance technical knowledge of different operating systems, databases, network infrastructure components (routers, switches, firewalls etc.).
• Advanced knowledge of OT/ICS-related standards like IEC 62443, NIST 800-82.
• Knowledge and experience with OEMs – Honeywell, Yokogawa, Siemens etc. systems will be added advantage.
• In-depth knowledge of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, ISO27000, NIST) and their interpretation/application to IS/IT auditing practice.
• Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.
• Expertise in collecting and analyzing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions.
• Extensive knowledge of planning and project management areas.

Interested candidates please read the Job description and then submit your resume to below email id rumesh@treeline.co or Jobs@treeline.co / whatsapp +91 91235 17346