Job Description
Icertis is looking for a senior Audit and Compliance Analyst to join the Compliance team and work closely with the Compliance manager on various Audit and Compliance initiatives.
Responsibilities
Your main responsibilities will include:
- Planning, organizing, and handling ISO27001, SOC1, and SOC2 audits and following the Audit life cycle end to end, independently.
- Front-end customer audits and follow the end-to-end life cycle of customer's audit engagements.
- Exposure to regulatory audits by financial audit is required.
- Exposure to performing Information security risk management and following the complete risk management lifecycle.
- Ability to talk to various stakeholders, including at C-suite and executive levels when needed to follow escalation levels.
- Experienced in performing access reconciliation, firewall access review for cloud operations, IT, and other regular compliance activities monthly, quarterly.
- Quick thinker, understanding all technical evidence and the ability to correlate the evidence in various audits, hence cloud knowledge is essential.
- Ability to create policy and procedure documentation quickly and make amendments and keep the documentation up to the mark.
- Experience running the BCP DR exercise, assisting in the testing of BCP for Icertis and tracking actions and creating BCP DR test report.
- Scale up and engage in other audits such as TISAX, SSPA, GDPR, SOC, HIPAA, and various other compliances.
- Keeping Information Security training records up to date by regular follow-up and publishing the dashboards. Take complete ownership.
Additional Responsibilities
- For all audits at Icertis- artifacts maintenance by coordination and follow up with various departments
- Handing customer audits and third-party risk assessment questionnaire
- Performing Vendor risk assessment for Icertis, and follow complete life cycle.
- Publishing monthly dashboard of Compliance certification, training records, Pending Audit action points, Risk and Issues
- Act as compliance point of contact and be available during RFP discussions for any compliance related queries.
Experience
QUALIFICATIONS
- Min 10-12 years in Security, Audits and Compliance only
Qualifications
- BE/BCS or MCS from good college MBA Information Security and having worked with large organizations such as EY, KPMG, Deloitte. This is a mandatory requirement.
- Proven experience in Cloud-based compliance engagements.
- Hands on experience and exposure to Cloud environment. Knowledge on Cloud computing technology is mandatory.
- Experience of working on Azure administration, O365 set up, exposure Azure Security governance.
- Worked on a SAAS organization audit and must have a good understanding of Cloud infrastructure management.
- Understands Application and infrastructure security at a high level.
- Proven experience in IT Audit and handing various audits.
- Should have worked on ISO27001, ISO 27017 and 27018, SOC Audits certification audit requirements extensively.
- Exposure to GDPR is added advantage,
- Proven experience of handling customer audit.
- Proven experience of third-party assessments.
- Very good knowledge and experience using Microsoft office tools such as Excel and SharePoint
- BE/BCS or MCS from good college MBA Information Security and having worked with large organizations such as EY, KPMG, Deloitte. This is a mandatory requirement.
- Excellent communication skills are a MUST requirement.
Certifications
- ISO 27001 LA or CISA /CISSP/CISM (MUST)
- Cloud security-related certifications such as CCSK
- Other Cloud administration-related certification
- This job is also available on LinkedIn.
About Us
With unmatched technology and category-defining innovation, Icertis pushes the boundaries of what's possible with contract lifecycle management (CLM). The AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform turns contracts from static documents into strategic advantage by structuring and connecting the critical contract information that defines how an organization runs. Today, the world's most iconic brands and disruptive innovators trust Icertis to fully realize the intent of their combined 10 million contracts worth more than $1 trillion, in 40+ languages and 93 countries.
