IT Audit & Compliance

As the Audit and Compliance Manager - IT at our company, you will play a crucial role in planning, executing, and overseeing audits, risk assessments, and compliance activities related to IT systems and infrastructure. Your responsibilities will encompass various aspects of IT governance, risk management, cybersecurity, and regulatory compliance, with a specific focus on operational dynamics within the renewable power industry. Your key responsibilities will include developing and implementing a comprehensive risk-based IT audit plan aligned with business objectives, conducting internal IT audits across different areas such as infrastructure, applications, cybersecurity, and business continuity, evaluating the effectiveness of internal controls and data privacy practices, and preparing detailed audit reports with findings and recommendations. You will also be involved in compliance management activities, ensuring adherence to industry regulations and internal IT policies like ISO/IEC 27001, GDPR, and NERC CIP, among others. Additionally, you will be responsible for identifying and mitigating IT risks, developing risk mitigation strategies, and enhancing IT security and compliance policies in alignment with business goals. Furthermore, you will be actively involved in incident management and reporting, conducting IT compliance training sessions, collaborating with external auditors and regulatory bodies, and tracking changes in regulations and standards to ensure compliance. Your qualifications should include a Bachelor's or Master's degree in Information Technology, Computer Science, Cybersecurity, or a related field, along with relevant certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Auditor. A minimum of 7-10 years of experience in IT audit, risk management, and compliance functions is preferred, with a strong understanding of IT operations, cybersecurity frameworks, and risk management principles. Key skills and competencies required for this role include expertise in IT audit methodologies and frameworks, knowledge of cybersecurity frameworks, IT risk management principles, and industry-specific compliance requirements. Excellent written and verbal communication skills, critical thinking abilities, attention to detail, and the ability to work collaboratively with cross-functional teams are essential. Preferred certifications include CISA, CISM, ISO 27001 Lead Auditor/Lead Implementer, and NERC CIP Certification. This position may involve occasional travel to renewable energy project sites, regional offices, and data centers, and will require close collaboration with IT infrastructure, cybersecurity, energy operations, legal, and corporate compliance teams. If you have a proactive mindset, high integrity, and a strong commitment to continuous improvement, we encourage you to apply for this permanent position based in Noida.,