PwC India
Website:
pwc.in
Job details:
Line of Service
Internal Firm Services
Industry/Sector
Not Applicable
Specialism
Operations
Management Level
Manager
Job Description & Summary
At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives.
As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support.
*Why PWC
At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.
At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "
Job Description & Summary: The Technology Control Testing professional is responsible for evaluating the design and operating effectiveness of IT General Controls (ITGC) across critical business systems to ensure compliance with regulatory, audit, and internal governance requirements. The role involves executing structured control testing procedures, including test of design (ToD) and test of operating effectiveness (ToE), across key domains such as user access management, change management, and IT operations.
The individual will develop and maintain Risk and Control Matrices (RCMs), perform process walkthroughs with stakeholders, and assess control environments to identify gaps, control deficiencies, and associated risks. Responsibilities include validating audit evidence, analyzing system logs and reports, and ensuring completeness and accuracy of documentation in line with audit standards.
The role requires close collaboration with IT, business, and audit teams to communicate findings, support remediation planning, and enhance control frameworks. Additionally, the professional will contribute to continuous improvement initiatives, standardization of testing approaches, and adoption of automation in control testing processes.
Responsibilities:
1. ITGC Control Testing & Execution
- Perform test of design (ToD) and test of operating effectiveness (ToE) for IT General Controls across domains such as access management, change management, and IT operations
- Execute sample-based testing procedures, validate control execution, and assess control consistency over defined periods
- Evaluate automated and manual controls, including system-based configurations and business process controls
2. Risk & Control Documentation (RCM Ownership)
- Develop, review, and maintain Risk and Control Matrices (RCMs) aligned with audit frameworks and regulatory requirements
- Map identified risks to controls and ensure appropriate control coverage across IT environments
- Update control descriptions, testing attributes, and linkage with financial reporting or compliance objectives
3. Process Understanding & Walkthroughs
- Conduct process walkthroughs with stakeholders to understand system architecture, data flows, and control points
- Review IT policies, SOPs, and process documentation to support audit planning and control design validation
- Identify key systems, dependencies, and risks impacting control effectiveness
4. Control Evaluation & Gap Assessment
- Assess adequacy and effectiveness of ITGCs and identify control gaps, deficiencies, and non-compliance issues
- Perform root cause analysis for control failures and document associated risks and impacts
- Evaluate controls over user access, program changes, data integrity, and system operations
5. Evidence Collection & Validation
- Obtain and validate audit evidence including system reports, audit logs, approvals, and configuration settings
- Ensure completeness, accuracy, and reliability of evidence supporting control performance
- Maintain structured documentation aligned with audit standards and quality requirements
6. Reporting & Stakeholder Communication
- Prepare audit observations, findings, and recommendations in agreed reporting formate
- Communicate identified issues and control weaknesses to business and IT stakeholders
- Support management in defining remediation actions and timelines
7. Compliance & Regulatory Alignment
- Ensure control testing aligns with frameworks such as ITIL, SOC, NIST and internal audit requirements
- Support audit readiness by ensuring controls meet regulatory and organizational compliance standards
- Monitor adherence to defined policies, procedures, and governance frameworks
8. Continuous Improvement & Audit Support
- Contribute to enhancing testing methodologies, templates, and audit tools
- Support adoption of standardized testing approaches and automation initiatives
- Assist in internal/external audits, quality reviews, and peer validations
Mandatory skill sets:
- Strong understanding of Technology Controls, IT risk management, and compliance principles.
- Excellent coordination and project management skills.
- Ability to draft clear and concise management responses.
- Strong analytical and problem-solving skills.
- Proficient in ITSM tools, particularly ServiceNow.
- Excellent communication and interpersonal skills.
Ability to work collaboratively with cross-functional teams and global stakeholders.
Preferred skill sets:
1. ITGC & Audit Fundamentals
- Strong knowledge of IT General Controls (ITGC) across access, change management, and IT operations
- Understanding of automated controls, application controls, and IT-dependent manual controls
- Familiarity with ERP systems, databases, and enterprise applications
2. Control Testing & Risk Frameworks
- Experience in Test of Design (ToD) and Test of Operating Effectiveness (ToE)
- Expertise in RCM development, risk-control mapping, and compliance alignment (SOX, SOC, ISO)
- Ability to perform sample testing, identify exceptions, and conduct root cause analysi
3. Data Analysis, Evidence & Documentation
- Ability to analyse logs, audit trails, and system-generated reports
- Strong skills in evidence validation (completeness, accuracy, reliability)
- Proficiency in audit documentation, workpapers, MS Excel, and audit tools/templates
4. Stakeholder Management & Analytical Skills
- Effective communication with IT, audit, and business stakeholders
- Strong analytical thinking, attention to detail, and problem-solving skills
- Ability to articulate control gaps, risks, and remediation actions clearly
- Understanding of IT governance, compliance, and control environment principles
Years of experience required:
10 – 12 Years of Experience in IT Risk, Technology Control Testing, IT Audit Resilience and Coordination, Project Management and Stakeholder Management.
Education qualification:
At least bachelor’s degree in computer science, System Management, Business Management.
Preferred Certifications:
• ISO 20000: Certification in IT Service Management.
• ISO 27001: Certification in Information Security Management.
• CRISC: Certified in Risk and Information Systems Control
• PMP: Project Management Professional.
• ITIL Expert: Certification in IT Infrastructure Library (ITIL) practices.
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Analytical Thinking, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Coaching and Feedback, Communication, Creativity, Documentation Development, Embracing Change, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Learning Agility, Optimism, Performance Assessment {+ 21 more}
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date
June 12, 2026
Click on Apply to know more.