Key Responsibilities

• Develop and execute detailed audit plans and programs, ensuring alignment with audit scope and objectives.
• Conduct thorough Cyber Security Audits, IT Audits, and ITGC Audits adhering to stringent industry standards and regulatory mandates.
• Perform specialized regulatory audits for key bodies such as RBI, SEBI, and IRDAI, focusing on Cyber Security and IT compliance.
• Execute critical compliance assessments including SOX ITGC testing, PCI DSS evaluations, and SOC 1 / SOC 2 audits.
• Review and assess the effectiveness of IT security governance, IT policies, and overarching IT control frameworks.
• Evaluate essential IT controls encompassing access management, change management, IT operations, database, network, and data center environments.
• Identify and analyze IT-related risks, assessing the design and operational effectiveness of IT controls.
• Execute audit test procedures, meticulously analyze audit evidence, and document findings.
• Benchmark client processes against leading industry best practices and standards such as ISO 27001, COBIT, COSO, and NIST.
• Identify control deficiencies and provide actionable, risk-based recommendations for remediation.
• Prepare polished, high-quality audit reports and compelling client presentations.
• Maintain clear and timely communication with clients, providing status updates and delivering final project outcomes.
• Serve as a primary client-facing liaison, fostering strong relationships with client stakeholders and senior management.
• Effectively manage multiple audit assignments concurrently, ensuring punctual completion.
• For senior roles, lead and mentor junior audit professionals, overseeing their work and supporting their professional growth.
• Develop and maintain essential audit documentation, including checklists and procedures.
• Stay abreast of emerging technologies, evolving cyber risks, and new regulatory requirements.
• Collaborate closely with internal teams and leadership to ensure successful project execution.
• Be available for travel to client locations as necessitated by audit engagements.

Qualifications and Skills

Experience:

A minimum of 2 to a maximum of 10 years of dedicated experience in Cyber Audit, IT Audit, or ITGC Audit.

Education:

• Bachelor of Science in Information Technology (B.Sc IT), Master of Computer Applications (MCA), Bachelor of Technology (B.Tech), or Bachelor of Engineering (B.E.) with a specialization in Computer Science, Information Technology, or Cyber Security.
• Chartered Accountant (CA) or Diploma in Information Systems Audit (DISA) is considered an added advantage.

Required Knowledge and Skills:

• Proven expertise in Cyber Audit and ITGC Audit methodologies.
• Demonstrated experience with audits related to SEBI, RBI, and IRDAI regulations.
• Solid understanding of frameworks and standards including SOX, PCI DSS, SOC 1, and SOC 2.
• Familiarity with key audit frameworks such as:
  • ISO 27001
  • COBIT
  • COSO
  • NIST
• A strong grasp of fundamental IT security concepts including:
  • Access Controls
  • Change Management
  • IT Operations
  • Network Security
  • Databases and Applications
  • Data Center Controls
• Hands-on experience in risk assessment and IT control evaluation.
• Exceptional client handling and communication skills.
• Previous experience in team leadership and project management is highly valued, particularly for senior positions.

Preferred Certifications:

• Certified Information Systems Auditor (CISA)
• Diploma in Information Systems Audit (DISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• ISO 27001 Lead Auditor / Implementer

Tools Knowledge (Preferred):

• Proficiency in MS Excel.
• Experience with data analytics tools such as ACL, IDEA, or Tableau is a plus.

Key Competencies:

• Excellent client-facing and stakeholder management abilities.
• Strong analytical thinking and problem-solving capabilities.
• Proven ability to manage multiple projects and meet demanding deadlines.
• Demonstrated leadership and team mentoring skills.
• Exceptional report writing and presentation delivery skills.