Lead - IT Auditor (8-9 yrs)

LOCATION : Kurla, Mumbai


JOB OVERVIEW:

The ideal candidate will be responsible for performing risk-based audit on the key IT applications to test controls and ensure compliance pertaining to our IT security policy and RBI recommended regulatory guidelines.

KEY STAKEHOLDERS: INTERNAL

Internal Audit function

KEY STAKEHOLDERS: EXTERNAL

Regulators, Statutory Auditors

REPORTING STRUCTURE:

Group Head - Internal Audit

QUALIFICATION:

- CA/MBA/MCA with IT Audit experience of minimum 8 years

- CISA certification is mandatory

EXPERIENCE:

- 8 Years of Experience as an IT Auditor and should have handled IT audit from financial services perspective, knowledge of RBI Guidelines, exposure to data governance, IT governance, Ops risk management

- Clear understanding of IT audit methodologies.

- Ability to work under pressure in a fast-paced environment.

- Strong attention to detail with an analytical mind and outstanding problem-solving skills.

- Great awareness of cybersecurity trends and hacking techniques.

- Individual will be responsible for assessing our IT systems, identifying vulnerabilities, and recommending risk-mitigation strategies. IT auditor plays a crucial role in helping the organization manage IT risks, safeguard assets, and ensure compliance with relevant laws, regulations, and industry standards.

Responsible to conduct following audits:

- IT Application Audit - Access, Change, Incident management, Interface, Application Security controls, SLA and vendor agreement, capacity management

- IT Infra & Governance Audit - Asset inventory classification control, Review Policy and procedures, implementation of policy, compliance of RBI guidelines, review resource management

- IT Vendor Audit - Infrastructure and security control, human resource, performance, Billing, policy / guideline compliance, system access control

- Thematic Audit

- Cybersecurity Audits:Conduct comprehensive reviews of our network infrastructure and applications. Provide needful recommendations for upgrading the organization's data security measures

- Technology Risk Assessment : Evaluate effectiveness of controls related to IT governance, data integrity and disaster recovery

- Assessing requirements for information security & compliance and implement solutions in accordance with organizational security framework

- Work closely with the other INA leaders to integrate IT audit findings into our overall risk assessment.

- Work with co-sourced partners on RBI mandated annual audits of IT and information system

- Must keep pace with technological advancements and assess their impact on our business