Assistant Manager - IT Audit & Governance

The responsibility of IT Governance is to ensure effective governance frameworks, risk management, Audit and compliance with regulatory requirements. This role involves collaborating with multiple stakeholders, managing IT policies and procedures, enabling Internal and External Audits, Vendor Risk Assessment and promoting best practices in IT governance across the organization.

Responsibilities:

- Vendor risk Management

- Tracking actionable from vendor Audits , Highlighting vendor specific risk

- Enabling Internal and External Audits and tracking timely closure of Audit findings

- Application Access Management & review

- Perform IT Risk Assessment based on CIA.

- Tracking IT governance KPIs and publishing monthly reports

- Review DR/ BCP arrangements periodically in line with BIA

- Conduct DR Drill and BCP maintenance & documentation

- Achieve and maintain ISO 27001 and ISO 27701 certification

- Updating IT policies and procedures and ensure adherence to it.

- Collaborating and working with other departments (Software Development, Network & Technology Infrastructure, etc.) to ensure policies adherence.

Qualifications:

• Bachelors degree in Information Technology, Computer Science, Business Administration, or a related field(Masters degree preferred).
• Minimum of 3 years of experience in IT governance, Information security, Risk management, and Compliance roles.
• Strong knowledge of IT governance frameworks (e.g., ISMS, PIMS, ITIL) and regulatory requirements (e.g., SEBI, RBI).
• Experience in risk assessment, management, and mitigation.
• Experience in implementing security policies / best practices within a multi-platform environment
• Excellent communication and interpersonal skills.
• Relevant certifications such as CISM, CISA, ISO27001 LA or similar are highly desirable.
• Strategic thinking and problem-solving abilities.
• Strong analytical and decision-making skills.
• Ability to manage multiple priorities and projects simultaneously.
• Proficiency in using IT governance and risk management tools.
• Ability to work collaboratively with cross-functional teams.