Key Responsibilities :

- Perform design and operating effectiveness testing of IT General Controls (Access Management, Change Management, IT Operations, and SDLC controls).

- Lead ITGC control framework design and assessment across business applications, databases, operating systems, and cloud environments.

- Conduct Test of Design (TOD) review control documentation, walkthroughs, and process flows to assess adequacy of control design.

- Conduct Test of Effectiveness (TOE) evaluate control operating effectiveness through evidence inspection, re-performance, and system testing.

- Ensure compliance with SOX, SOC, ITGC frameworks, and regulatory requirements.

- Identify gaps, deficiencies, and risks in IT processes; recommend improvements and remediation strategies.

- Work with cross-functional teams (internal audit, external auditors, IT security, and business owners) to ensure timely closure of identified issues.

- Contribute to automation of control testing and continuous monitoring initiatives.

- Mentor junior team members and contribute to knowledge sharing within the IT risk function.

Required Skills & Experience :

- Minimum 8+ years of experience in ITGC, IT Audit, SOX Compliance, or IT Risk & Controls.

- Strong knowledge of IT processes, ITIL, COBIT, SOX, SOC 1/2 frameworks.

- Hands-on experience in TOD & TOE execution for applications, databases, infrastructure, and cloud.

- Expertise in identity & access management, change management, IT operations controls, and cybersecurity.

- Proficiency in working with audit tools (e.g, Archer, ServiceNow GRC, SAP GRC, or similar platforms).

- Excellent communication, analytical, and stakeholder management skills.

- Preferred certifications: CISA, CISSP, CISM, CRISC, ITIL (nice to have)