Join our Talent Network

Skip to main content

Corporate Information  |  Careers

Careers Home > Job Search Results > Information Security Lead Auditor - Compliance Controls

Information Security Lead Auditor - Compliance Controls

This job posting is no longer active.

Location: Hyderabad India
Job ID: 1023090HV
Date Posted: Jan 27, 2023
Segment: IT
Business Unit: Hitachi Vantara
Company Name: Hitachi Vantara Corporation
Profession (Job Category): IT, Telecom & Internet

Share: mail
Save Job Saved

Meet our Team

SHORT INTRO TO THE TEAM - SAMPLE BELOW

We represent Hitachi Vantara to enterprise clients across industries, establishing business relationships to understand customer challenges so that we can deliver profitable business for Hitachi products, services and solutions. We collaborate as a team and cross-functionally to ensure the success of our customers; success that is celebrated and shared. Our solutions bring value to every line of business and we need people like you to build those deep relationships and to passionately articulate our value proposition.

What you'll be doing

COUPLE OF SENTENCES SELLING THE MAIN FOCUS POINTS OF THE ROLE

What you bring to the team

Information Security Lead Auditor - Compliance Controls

Scope, purpose and nature of role

As an Information Security Controls Auditor, you'll work as part of the Global Delivery team of compliance assurance and management in the delivery of Hitachi Vantara Managed Services.

Your primary function as an internal auditor is to coordinate the wide variety of activities associated with the role stretching beyond the remit of IT, taking in aspects such as:
  • Logical and physical access controls
  • System and operations controls
  • Change management controls
  • Risk mitigation controls

This is primarily a 'hands-off' position, not a deep technical role. However, since network and application security controls are important in this domain, you will need to work closely with technical specialists, implying a familiarity with technologies, tools, systems etc.

Information Security Auditors are specialists in auditing systems controls and networks plus a diverse range of IT-related activities and concerns such as:
  • Internal audit of ISMS clauses and controls,
    • Maintaining concise, up-to-date records of audit plans, findings, work papers, reports and other supporting documentation for all related reviews performed;
    • Update control documentation (matrices, narratives, flowcharts, etc.) with operating management processes;
  • Perform review/testing of the internal controls established in all entities covered by the scope and context of the organisation.
  • Facilitating risk assessments and creation of risk control matrices mapped to ISMS controls;
  • Reporting & Analysis of findings, identifying and recommending solutions for strengthening or compensating internal controls;
  • Support External Auditors with requests;
  • Ensuring all previous and current audit findings are monitored and closed on time.

An important secondary aspect to the role is to gather and pass on relevant information to senior management concerning the organisation's risk profile, for example by reviewing regular of assessment results, penetration tests and network security audits, and providing appropriate risk and security metrics.
  • Make recommendations for remediation of identified issues in a timely manner and ensure follow-up of those remediation (progress, follow-up results assessments...).
  • Analyse complex ideas or proposals and build a range of meaningful recommendations which align with strategic goals.
  • Act to identify and resolve issues which prevent the team working effectively.

Qualifications, skills and experience

The following are relevant and desirable for this role:

Information security, risk and audit management, with hands-on experience as a team member, leader or manager responsible for dealing with risks, controls, projects, initiatives etc.
  • At least 5 years work experience in information security, risk, IT, governance and/or business analysis background;
  • Desired certification: ISACA Certified Information Systems Auditor,
  • Ideally working towards CISSP, CISM or similar
  • Knowledge of IT and IS practices standards and frameworks (eg. COBIT, ITIL, ISO 27000, ISO 22301), including experience in the field of audits in accordance with those standards;
  • Exposure to relevant ISO/IEC, NIST and other Information Security standards with knowledge in GDPR requirements and experience in related projects;
  • Exposure to IT general controls reviews and baselining system generated reports;
  • Proven ability to perform multiple tasks in a dynamic and changing environment;
  • Simplify complex messages, highlighting and summarising key points.
  • Ability to prioritize, supervise projects and solve problems;

The following personal traits are high on the wish-list:
  • Independent-minded, objective and rational: an auditor's 'fresh pair of eyes' will often identify concerns or issues that those more closely involved with a situation either fail to appreciate or choose to ignore. However, the ability to work effectively in teams is also important.
  • Fastidious, diligent and professional: the process of auditing is formalised and structured, such that auditors gather and base their assessments on factual evidence rather than conjecture. Attention to detail, along with being organized and having the dogged determination to identify and evaluate even small discrepancies or anomalies, are characteristics of effective auditors.
  • Strong communication skills: although IT auditing generally involves examining IT systems, the greater part of the job involves interacting with people, interviewing them and discussing things, reporting (writing and presenting formal reports) and persuading/influencing.
  • High standards of personal integrity, trustworthiness and discretion. Auditing involves privileged access to sensitive and valuable information.
  • Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.

Our Company

Hitachi Vantara is part of the Global Hitachi family. We balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what's now to what's next by unlocking the value of their data and applications to solve their digital challenges, achieving outcomes that benefit both business and society.

Our people are our biggest asset, they drive our innovation advantage and we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you.

Our Values

We strive to create an inclusive environment for all and are open to considering home working, compressed/flexible hours and flexible arrangements. Get in touch with us to explore how we might be able to accommodate your specific needs.

We are proud to say we are an equal opportunity employer and welcome all applicants for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. With Japanese roots going back over 100 years, our culture is founded on the values of our parent company expressed as the Hitachi Spirit:

Wa - Harmony, Trust, Respect

Makoto - Sincerity, Fairness, Honesty, Integrity

Kaitakusha-Seishin - Pioneering Spirit, Challenge
Share: mail