CyberNX

Profile Summary: CyberNX is a young, born-in-cloud global cybersecurity consulting company headquartered in Mumbai, India. We offer a full spectrum of cybersecurity and cloud services, delivered by our skilled and experienced team. Job Summary: We are seeking a highly experienced Audit Lead with a background in banking and financial services. The ideal candidate will be responsible for leading client facing audit engagements, particularly those related to RBI cybersecurity guidelines, NPCI frameworks, and other regulatory audits. This role demands strong expertise in audit execution, regulatory compliance, and stakeholder management in high-security environments. Job Responsibilities: Lead and manage end-to-end IT and cybersecurity audits aligned with RBI, NPCI, and SEBI regulations for BFSI clients. Drive and coordinate regulatory inspections, including pre-audit readiness, audit walkthroughs, and closure of observations. Interpret and implement RBI Master Directions (e.g., Cybersecurity Framework, DPSC, IT Outsourcing), and align client controls accordingly. Manage client engagements related to Regulatory Compliance Assessments, Risk Assessments, and Internal Audits for banks and NBFCs. Develop and maintain audit documentation, control matrices, risk registers, and audit plans tailored to BFSI regulatory expectations. Monitor remediation of audit findings and track implementation of corrective actions.  Work closely with internal CyberNX teams to provide oversight on ISMS, GRC activities, and maintain alignment with ISO 27001 and NIST. Guide clients through RBI and NPCI audit response preparation, including document collation, response drafting, and evidence readiness. Lead third-party risk assessments, vendor due diligence, and cybersecurity posture reviews. Keep abreast of regulatory changes and upcoming RBI/NPCI mandates; provide actionable intelligence to clients. Prepare and present weekly audit dashboards, compliance trackers, and management reports to internal and external stakeholders. Familiarity UPI Information Security Compliance Framework is mandatory. Requirement: 5–10 years of experience in IT Audit, GRC, or Information Security, preferably in BFSI.  In-depth knowledge of RBI guidelines, NPCI circulars, and associated control requirements. Experience leading or participating in regulatory audits (RBI & NPCI) for banks or financial institutions. Strong understanding of IT general controls, cybersecurity controls, and risk management frameworks. Familiarity with industry standards like ISO/IEC 27001, NIST CSF, COBIT, PCI DSS. Excellent communication and reporting skills, with the ability to interface effectively with clients and regulators. Nice to Have: Experience supporting digital banking, UPI, CKYC, IMPS, AEPS, or card-based systems. Hands-on exposure to SIEM, VAPT, or cloud security audits. Experience with compliance automation tools or audit management systems. Relevant certifications: ISO 27001 LA, CISA, CRISC, CISSP, or similar.