Xerox Jobs

Job Information

Xerox Compliance Auditor Analyst II, IM Security in India

Compliance Auditor Analyst II, IM Security

General Information

Press space or enter keys to toggle section visibility

Country

India

Department

IM SECURITY

Date

Monday, November 4, 2024

Working time

Full-time

Ref#

20034387

Job Level

Individual Contributor

Job Type

Experienced

Job Field

IM SECURITY

Seniority Level

Associate

Description & Requirements

Press space or enter keys to toggle section visibility

About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion. (https://www.xerox.com/en-us/jobs/diversity)

Purpose:

• Responsible for planning and implementing risk management strategies, processes and programs. Manages resolution of incidents / problems throughout the information system lifecycle, including classification, prioritization and initiation of action, documentation of root causes and implementation of remedies. Development and execution of information risk controls and management strategies. Procures and governs information risk management services and consultants.

• The implementation and Performance of IT audit work and management testing.

• The independent, third-party assessment of the conformity of any activities, processes, deliverables, and product or service with the criteria of specified standards, such as BS7799/ISO 27001, COBIT, COSO, local standards, best practice or other documented requirements.

• Assessment may relate to, for example, information security, general computer controls, asset management, network security tools, firewalls and Internet security, real-time systems and application design and development.

• This role will specialize on specific IT audit conformity such as IT General Computer Control audit for Sarbanes Oxley 404 compliance or information security inspection and Audit

Scope:

Specific:

• Autonomy:

• Works under general supervision.

• Uses discretion in identifying and resolving complex problems and assignments.

• Receives specific assignments in the form of scope and work is reviewed at frequent milestones.

• Determines when problems should be escalated to a higher level.

• Influence:

• Interacts with and influences department/project team members.

• Frequent external contact with customers and suppliers.

• In predictable and structured areas, may supervise others.

• Decisions may impact work assigned to individual/phases of project.

• Develops high-level relationships with customers, suppliers and value chain partners.

• Complexity:

• Specialized range of work, of relatively less complexity and standard, in variety of environments.

General:

• Uses best practices and knowledge of internal or external business issues to improve products or services

• Acts as a resource for colleagues with less experience

• Requires in-depth knowledge and experience

• Decisions guided by policies, procedures and business plan

• Generally domestic scope/accountability

Primary Responsibilities:

• Evaluates and independently appraises the IT general computer and information security control of automated business and IT processes, based on investigation of evidence and assessments undertaken by self. Ensures that independent appraisals follow agreed procedure. Evaluate and recommend on ways of improving the effectiveness and efficiency of their control mechanisms.

• Specifically:

• Evaluates and independently appraises the general computer, information security and internal controls and operation of automated business processes, preparing programs of tests to determine the conformity with applicable standards.

• Evaluates the results against specified objectives.

• Reviews codes, documents and tests of IT programs to meet given specifications.

• By analysis of collected information, identifies control weaknesses in processes or areas, and prepares formal reports commenting on the conformity found to exist in the audited part of an IT environment.

• Reports audit findings and recommendations for improvement in the effectiveness and efficiency of control of aspects of the total IT environment, and reviews with line management.

• Applies statistically valid sampling techniques against relevant populations to meet audit objectives

• Compliance activity can include regulatory (i.e. Sarbanes-Oxley 404), industry standards for IT risk and security management (COBIT, ISO 27001), and company wide information security policies.

Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com and explore our commitment to diversity and inclusion: https://www.xerox.com/en-us/jobs/diversity People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.

DirectEmployers