Compliance Audit Specialist Job In Zs Associates In India, Pune

ZS is a place where passion changes lives As a management consulting and technology firm focused on transforming global healthcare and beyond, our most valuable asset is our people Here you'll work side-by-side with a powerful collective of thinkers and experts shaping solutions from start to finish At ZS, we believe that making an impact demands a different approach and that's why here your ideas elevate actions, and here you'll have the freedom to define your own path and pursue cutting-edge work We partner collaboratively with our clients to develop products that create value and deliver company results across critical areas of their business including portfolio strategy, customer insights, research and development, operational and technology transformation, marketing strategy and many more.

If you dare to think differently, join us, and find a path where your passion can change livesOur most valuable asset is our people At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are andmake us unique We believe your personal interests, identities, and desire to learn are part of your success here Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.

ZS IT Support teams are aligned with the company's business strategy and operating model and aims to provide its 10000 plus employees and their clients the right tools and information for high performance The IT organization focuses on providing products and services to ZS to ensure successful business outcomes This involves providing a scalable, sustainable and reliable IT infrastructure, customized applications, messaging and collaboration products, Business Intelligence and Database administration support along with a reliable 247 uninterrupted high-quality technology support servicesSpecialist -Compliance and AuditWe are currently seeking applicants for the position of Specialist - Risk Management and Audit to join our India IT Governance, Risk and Compliance team.

The position will support various management directed, IT risk governance initiatives which include following job requirements:

• Ensure risk and control activities are completed in a timely and appropriate manner
• Act as SME supporting functional managers in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate
• Lead any Security Framework Implementation (Like ISO 27001, NIST, etc)
• Provide first line of defense support in assessing risk and reviewing control issues
• Documentation of control procedures, standards and guidelines, etc
• Report control issues and follow up on non-compliances with Functional leadership to mitigate and close the issues
• Co-ordinate and Track the tickets / findings in areas below to closure
  • IT Operational Risks and Information Security Risks
  • Control Self assessments
  • Internal/External Audit findings with appropriate CAPA
  • BCP / Disaster recovery
  • Problem tickets with root cause analysis
• Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc)
• Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc)
• Control conformance monitoring
• Identification and application of required governance for risk and control issues using appropriate toolsets
• Generate regular reports for Senior Management
• Ensure that Risk and Compliance activities associated are regularly reviewed to drive continuous improvement: providing Subject advice, making recommendations and interventions as appropriate

Responsibilities:

• Asist in prioritizing and planning risk management activities
• Working with Risk Lead to review, prioritize and assign identified control gaps
• Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc.
  
  
• Audit / Regulator engagement & issue management (SOC 2 Type 2, ISO 27001, etc)
• Technology Infrastructure Specific Risk/Compliance Metrics reporting
• Control Execution / Control remediation oversight and escalation
• Risk acceptance / Deviation review
• Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route
• Act as SME supporting functional units in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate
• Retain oversight of all active governance activity across all relevant key risks under Technology Infrastructure Operations Create / review/ continuous update of the risk library
• Report and publish control issues and active non-compliances to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees
• Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures
• Champion and lead a culture of customer service and continuous improvement ensuring that opportunities for process and service Improvements Monitor performance and identify areas for improvement Actively look for ways of smoothing peaks and troughs and reducing time scales.
  
  

Qualifications:Atleast 8-10 Years of experience in Information Security Area

• Good Risk / Control / Compliance and Information Security skills
• Knowledge and Experience of Technology Infrastructure Understanding of Infrastructure Security
• Working knowledge of group risk frameworks, policies and standards
• Stakeholder management
• Advanced Communication skills (Speaking/ Writing/Listening)
• CISSP / CISM / CISA/ CRISC certification preferred
• Proficient in MS Office productivity suite (eg Word, Excel, PowerPoint, SharePoint) Advanced Excel skills strongly preferred
• Basic working knowledge of following (Majority of the points, if not all):
  • COBIT - Control Objectives for Information and Related Technology
  • ISO/IEC 27001:2013 - Code of Practice for Information Security Management
  • NIST SP 800-53
  • NIST CSF
  • SOC1/SOC2/SOC3
  • HIPAA/HITECH Security and Privacy Audit Protocol
  • Shared Assessments Standard Information Gathering (SIG) framework
  • US SOx - Sarbanes Oxley Act
  • US HIPAA/HITECH Act
  • EU GDPR - General Data Protection Regulation
  • US EU Privacy Shield
  • India Companies Act

Perks & Benefits:ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development.

Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team memberWe are committed to giving our employees a flexible and connected way of working A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connectionsConsidering applyingAt ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact in global healthcare and beyond.

We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed aboveZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable lawTo Complete Your Application:Candidates must possess or be able to obtain work authorization for their intended country of employmentZS is committed to providing and maintaining a safe workplace.

Must have received or be willing to receive the COVID-19 vaccination by date of hire to be considered Proof of vaccination will be required Religious/Medical Exemptions can be requested on a limited basis upon hireNO AGENCY CALLS, PLEASEFind Out More At:

Zs Associates is looking for .

Zs Associates is looking for Any Graduate / Post Graduate profile candidates.