Under the direction of the Manager, Systems Governance, the IT Risk Manager will assist in the completion of a risk-based systems governance and compliance program for all company systems and perform security and privacy and regulatory compliance audit and monitoring activities to support an overall effective governance and control environment. This position is located in Hyderabad, India and reports to a position in Richardson, TX.

PRIMARY RESPONSIBILITIES 

Effectively complete the assigned tasks and report the progress of assigned tasks accurately to the Manager, Systems Governance, and other supervisory level personnel. Work with control owners throughout the company on documentation that supports compliance with various laws and industry requirements and specifically information security related requirements. Perform tasks for completion of various compliance requirements that include PCI-DSS, EI3PA, FCRA, HIPAA, RealPage’s SSAE 18 controls and other compliance programs, including the testing of IT-related internal controls and the identification and communication of deficiencies. Develop recommendations to improve the IT and systems control environment. Properly document work papers, providing proper documentation of audit steps performed and evidence gathered. Ensure audit issues are well defined and root causes are identified. Develop and maintain relationships with personnel throughout the organization to ensure the understanding and acceptance of audit issues in connection with business risks and controls. Assist in the evaluations of governance practices, among others to include authorizations, management reviews, policies and procedures, code of conduct, segregation of duties, system access rights, and compliance with accounting standards. Assist in the development and rollout of IT-related internal controls and procedures, including secure coding practices, privacy policies and safeguards. Provide supporting information for audit reports, including action plans to achieve visible improvements to internal controls, risk management, and processes. Stay current with latest information security trends and the professional standards of internal auditing (e.g., legal and compliance requirements).

QUALIFICATIONS 

Required:

Bachelor’s degree in Computer Science, Management Information Systems, Computer Engineering, or related degree Professional or popular vendor certifications preferred; Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information System Security Professional (CISSP), SANS Security certifications and/or industry vendor certifications such as CCNA, MCP, etc. Minimum 5+ years of full-time security consulting or technical auditing experience. Experience or familiarity with security frameworks such as ISO 27001, CoBiT, HIPAA, EI3PA, PCI-DSS, etc. Experience or familiarity with the applications (e.g., Microsoft Active Directory) operating systems (e.g., Microsoft Windows Server, Linux), databases (e.g., Microsoft SQL Server, and Oracle), and network cloud computing technologies that the Company utilizes

KNOWLEDGE/SKILLS/ABILITIES 

Required:

Business acumen, cross-functional competence, interpersonal savvy, and strong analytical capabilities Excellent oral and written English skills Courage to take unpopular stands if needed in difficult audit situations Highly-developed planning, time management, and organizational skills Diversity skills to connect with people and management styles across different cultures Flexibility to work in a growth environment Ability to work overtime