TransUnion's Job Applicant Privacy Notice

What We'll Bring:
This is an exciting time in TransUnion CIBIL. With investments in our people, technology and new business markets, we are redefining the role and purpose of a credit bureau.
The Internal Audit and Advisory team is an independent and objective assurance function, performing consulting activity to add value to improve the operations of TU. IAA assists the organization in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the organization's risk management, control, and governance processes.
IAA provides assurance services regarding internal control systems to TransUnion CIBIL management and the Audit and Risk Committee. Our team brings a systematic, disciplined approach to auditing financial reporting controls, operational processes, IT and IT security and compliance to laws and regulations. Committed to integrity and accountability, IAA provides value as an objective source of independent advice. The team often collaborates with Information Security, Legal and Compliance in matters of corporate governance. The Internal Audit & Advisory DVP - Information Technology Audit position is responsible for leading the preliminary planning, audit execution, reporting, and follow-up on all audit engagements.

• Assists in the development of the annual audit plan and preparation and execution of IT Internal Audit & Concurrent Audit Strategy and Framework of the corporation for the purpose of evaluating the design and operating effectiveness over established policies and procedures.
• Oversee the activities of the IT, IS, Business IT Integrated Audits, IT Concurrent Audit and IT Data Analytics function and monitor the activities on a day-to-day basis. To assist in developing scope, risk assessment, audit checklist, audit program for internal/concurrent audit of core processes.
• Identify new areas/process risks to be covered under IT Internal / Concurrent Audit from time to time.
• Identify critical areas for continuous monitoring, both from IT Internal / Concurrent Audit perspective, and develop the necessary reports for monitoring.
• Drive technology adoption within the team through automation of audit processes and planning for Data Analytics across audit areas.
• To supervise and review execution and coverage of audit plan, drafting audit reports, discussion, and closure of audit reports with the auditees / HOD's
• Preparing presentations held during each quarter etc. for management review and Audit Committee submissions. Ensuring that all critical issues are included therein.
• Assist in developing and implementing new initiatives amongst the Internal / Concurrent Audit team.
• Prior to and during each audit, becomes familiar with the business processes and corresponding laws and regulations. Based on established audit scope and objectives, identify and document the objectives, risks, and key internal controls asserted to by management and develop the necessary audit test plan and procedures
• Lead audit planning, fieldwork (testing and documentation), and reporting for domestic and international locations as needed
• Under the supervision of IAA management, communicate preliminary results to management and obtains validation
• Monitors open audit issues and conducts post-audit follow-up to evaluate the adequacy of remediation efforts
• Lead IT SOX and IT ICoFR audit planning, fieldwork (testing and documentation), and reporting
• Interact with the Company's external auditors and provide assistance as needed during the SOX control testing processes, including attending walkthrough meetings and performing testing on their behalf
• Aware about IT Controls and related compliances applicable to TransUnion CIBIL
• Prepares other ad-hoc reports and assists in special projects as required or requested by supervisor
• Establish strong working relationships with various teams across the organization and work cohesively with IAA teammates
• Build collaborative working relationships with internal stakeholders (appropriate levels of management)
• Execute special projects and process improvements on ad-hoc basis
• Prior to and during each audit, become familiar with the business processes and be able to articulate the audit objectives and purpose of work performed. Based on established audit scope and objectives, identify and document the key control objectives and develop the necessary audit test procedures at the direction of IAA management. Lead opening meetings with process owners over routine audits.
• Possess excellent time management skills; plan workload appropriately and demonstrate the ability to manage multiple assessments simultaneously
• Confidently lead meetings to discuss audit issues with finance management, ensuring their understanding of associated risks, root causes, and the actions needed to remediate
• Review written draft audit reports for routine audits on the adequacy and effectiveness of controls evaluated; clearly articulate and provide context on any issues identified during closing meetings with management
• Establish strong working relationships with various teams across the organization and work cohesively with IAA teammates
• Operate autonomously and manage tasks at hand without manager intervention
• Take ownership of the assigned tasks and interact with other IAA members in working towards Departmental goals

• 10 - 15 years of experience in an IT / IS Audit, Assessment, or Information Security role.
• Bachelor's degree in computer science, management information systems or related field. CISA certification is must.
• Certification of CA, CPA or CIA (or actively working towards) or other similar certifications would be an added advantage
• Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cybersecurity, physical security, security architecture and design, business continuity/disaster recovery, network security, application & operations security and compliance/incident management.
• Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks.
• Strong understanding of SOX legislation and IT frameworks including COSO and COBIT.
• Strong technical and/or IT audit background with practical knowledge of a wide variety of technologies including server infrastructure & operating systems, network & web infrastructures, database architecture, vulnerability assessment and intrusion detection/prevention systems.
• Self-starter with the ability to manage and prioritize responsibilities.
• Team player with proven skills in influencing people without having direct management authority.
• Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately.
• Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
• Strong risk analysis and problem solving skills.