Skip to content

Sr. IT Internal Auditor

General Information

Ref #:

20240036780

Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time

Location:

Noida - India - India

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at www.ukg.com/careers  #WeAreUKG 

Description & Qualifications

Description

Audit Practice

• Take responsibility for the performance of audit projects in areas of assigned responsibility and ad-hoc engagements.
• Perform systematic audits of UKG's information security management systems (ISMS) to ensure compliance with ISO 27001 requirements.
• In collaboration with our Governance & Enterprise Risk teams, support the continuous improvement of ISO, SOC and financial IT controls environments.
• Testing and assess implemented controls to determine their adequacy and operating effectiveness.
• Engage with various internal stakeholders to gather information and evidence through inquiry and observation and to document reviews related to information security.
• Examine documents, and reports to assess their accuracy and compliance with ISO 27001 standards and/or with SOC standards. This includes reviewing information security policies, procedures, risk assessments and other relevant documentation. and reports to assess their accuracy and compliance with ISO 27001 standards and/or with SOC standards. This includes reviewing information security policies, procedures, risk assessments and other relevant documentation.
• Execute other complex audit assignments and prepare workpapers in accordance with auditing standards and enterprise practices.
• Assist in assessing information security risks and help UKG implement measures to effectively mitigate these risks.
• Analyze audit results, evaluate deficiencies and assess vulnerabilities to be remediated and develop proposals for solutions.
• Prepare comprehensive audit reports that detail findings, non-conformities, and recommendations. and recommendations.
• Communicate audit findings, recommendations and best practices to leadership, and other stakeholders. and other stakeholders.
• Collaborate with management to address identified non-conformities or control deficiencies and assist in the development of corrective and preventive action plans.
• Support and drive continuous improvement of the audit function. Assist UKG in maintaining and improving its information security management systems, ensuring ongoing compliance with ISO 27001 and SOC standards.
• Comply with audit policies and respective standards (independence, integrity, confidentiality, truth and fairness, security, economy, system conformity)
• Mentorship and Guidance: Provide expert guidance and mentorship to junior auditors, fostering their professional development and ensuring alignment with best practices in IT auditing. Facilitate knowledge transfer, share insights, and lead training sessions to enhance the skill set of the team.
• Quality Assurance and Capability Enhancement: Conduct thorough reviews of audit outputs, ensuring accuracy, completeness, and compliance with regulatory standards. Implement continuous improvement initiatives, identify areas for enhancement, and actively contribute to the development of tools, methodologies, and processes to elevate the overall IT audit capability of the organization

Relationship Management
• Maintain good relationships with global stakeholders and respond to their inquiries related to the audit process.
• Maintain the right level of independence and gentle persistence.
• Be able to deal with all types of stakeholders and ensure timely escalation when needed to meet the timelines.
• Manage appropriately communications with global stakeholders at all levels.
• Interact with external auditors and service providers (audit firms, consultancies) as needed.
• Be able to deal with all types of personalities and experienced in delivering inconvenient information.
• Excellent and effective communication skills are essential, as well as the ability to listen and a talent for seeing the auditees’ perspective.

Quality Management

• Conduct follow-up audits to verify the effectiveness of corrective actions taken by the organization to address previous non-conformities and improve its information security management systems.
• Be part of the center of excellence for regulatory compliance reviews, integrated audits, business application controls, system development methodologies, information security, IT infrastructure & network management, cloud computing, cyber security, business continuity management and IT best practices.
• Design and implement a personal/individual development plan including technical training and information sharing.

Qualifications

• 3 – 5 years professional experience in IT audit, IT risk consulting or equivalent
• A deep understanding of ISO 27001 and related standards is essential, along with a solid grasp of information security principles. ISO 27001 Lead Auditor certification is a plus but not required.
• Knowledge of ISO 27000 family of standards (e.g., 27017, 27018, 27031)
• Bachelor’s degree in accounting and information systems or related areas, such as accounting, cybersecurity, information systems audit, computer science, computer information systems, information technology, management information systems, finance, computer systems security, computer engineering or computer networking
• Strong and broad IT skills (operating system, database, networks, programming, software deployment, web technology, cloud computing, information security and related security tools, general IT controls, IT governance)
• Experience interpreting and applying SOC standards, including SOC 1, SOC 2 and SOC 3.
• Familiarity with auditing standards and frameworks, such as COSO, COBIT, and NIST.
• Knowledge of relevant regulatory compliance requirements (e.g. Companies Act, Sarbanes-Oxley Act).
• Team spirit, self-motivation and a proactive and committed working style, as well as the ability to interact in a global work environment with people from different countries and cultures.
• This role offers a great deal of flexibility; the ideal candidate will be in-person to hybrid. This role is not fully remote.
• Travel requirement is <5% per year.

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO Know Your Rights poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.


Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com.

Apply