Manager, Infrastructure and Cloud Security Audit - Ciudad de México - S&P Global

S&P Global

Empresa verificada

Ciudad de México

hace 3 semanas

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

The Role:
Manager - Infrastructure and Cloud Security Audit

The Location:
Mexico or Canada

The Team:

S&P Global is a leader in credit ratings, benchmarks and analytics for the global capital and commodity markets.

Reporting to the Global Head - Technology Audit & Data Analytics, you will be part of a global and diverse team with coverage for enterprise-wide Technology.

The S&P Global Internal Audit function is a global team with auditors located in the U.S., London, India, Tokyo, Malaysia & Taiwan.

The Technology Audit & Analytics team is a critical unit of the global Audit function and performs audits focusing on S&P Global Technologies (IT Infrastructure, Applications, Cyber Security).

The Impact:

This role will be part of technology audit team, focusing on audit plan management and execution of Technology audits globally.

Further, this role will provide senior executives a companywide perspective of the state of the internal technology environment and act in a trusted advisory capacity.

What's in it for you:

The role provides extraordinary learning opportunities and the ability to work with senior management across the Company.

If you're right for this role, you will meet and work with people across the Company in interesting and meaningful engagements.

You'll love this job because it provides new opportunities for professional growth daily. You will leverage cutting edge digital next generation capabilities and data analytics practices to improve the audit testing techniques. The role provides opportunities to be flexible by adopting Agile methodology to perform audits. This role will be primarily accountable for S&P Global internal audits execution (planning, fieldwork, and reporting phases).

You will be responsible for performing annual and on-going risk assessment activities focused on Infrastructure and Cloud Security and the associated risks for the SPGI Technologies across the globe.

The incumbent will be expected to oversee independent audit and work effectively with members of the Audit Leadership team.

Responsibilities:

Assist in execution of Infrastructure & Cloud Security Audit with responsibility of ensuring the efficient and timely delivery of the approved Audit Plan.

Execute end-to-end audits as per the annual audit plan in the timely manner.

Review the outcomes and audit results, interface with key auditees for the agreement of remedial action plans and help enable smooth audit execution.

Partnering with the S&P Global Divisions/Corporate Technology functions to deepen stakeholder engagement.

Assist the Global Head - Technology Audit in development of the Annual Audit Plan by ensuring appropriate risk assessment of Technology Infrastructure, Cloud Technologies, IT Process, Operating Systems, Databases, Network Devices, Platforms and supporting technology systems in the enterprise.

Utilize digital next generation auditor capabilities, adopt agile practices, data analytics and automation to improve efficiency and quality of Audit execution.

Participate in external as well as Internal forums for staying up to date on Information and Cyber Security strategy, Compliance, Forensics, Internal Auditing, emerging trends, and successful practices in audits related to Information Security reviews.

Assist others in identifying and solving complex problems using audit expertise, judgment, and precedents.

Works with senior management of the business, external auditors, regulators, and professional counterparts to complete audits.

What We're Looking For:

5+ years of experience handling large audit projects working with multi-function teams across diverse geographical regions.

Experience in financial services industry with deep industry knowledge and best practices in audit execution

Knowledge of risk management frameworks, regulatory requirements, Cloud Deployment Model (IaaS, PaaS, SaaS) and proficiently carrying out IT Cloud Architecture and Security Controls audit.

Experience of establishing an IT Process, Infrastructure, Cloud Architecture and Security Professionals function with responsibility of setting up audit practices, resources needed, team members required, etc.

Experience and deep understanding of vulnerability assessment / penetration testing tools such as Burpsuite, Metasploit, NMAP, Nessus, etc.

Use of data analytics tools such as Alteryx and Tableau is a plus.

Excellent report writing skills a must; good understanding of technology and proficient spreadsheet skills

Strong work ethic, initiative, teamwork, and flexibility to assist IA department in meeting organizational goals.

Excellent team collaboration skills and ability to work with people in a way that inspires, develops, and delivers results; demonstrated track record of integrity, innovation, and excellence.

Basic Qualifications:

A bachelor's/master's degree in Computer Science, Information Technology or related major

Preferred Qualifications:

Certified Infor