14 It Auditing Jobs

Position: IT Auditor (SME BFSI Systems & Compliance) Location: India (Remote) Employment Type: Full-Time Schedule: Monday to Friday, Day Shift Experience: 3+ Years in IT Audit, BFSI or RegTech Sector Preferred Company Description Scry AI is a research-driven enterprise AI company delivering secure, intelligent automation platforms to Banking, Financial Services, and Insurance (BFSI) clients. Our solutions empower organizations to manage data, automate workflows, and ensure compliance across mission-critical financial operations. We maintain a strong commitment to security, regulatory alignment, and internal control integrity. We are looking for an IT Auditor with deep experience in IT controls, risk assessments, and security audits to help strengthen and align our platforms with client expectations and compliance frameworks. Role Overview As an IT Auditor at Scry AI, you will evaluate the integrity, confidentiality, and availability of systems powering our AI platforms and client engagements. Youll work closely with engineering, compliance, and operations teams to assess controls, identify gaps, and ensure we meet industry standards like ISO 27001, SOC 2, and regulatory frameworks including RBI and SEBI guidelines. Key Responsibilities 1. IT Risk & Control Assessments Conduct regular IT audits across infrastructure, applications, data workflows, and user access. Evaluate the effectiveness of internal controls, cybersecurity measures, and business continuity plans. Identify vulnerabilities and recommend actionable mitigation strategies. 2. Compliance & Standards Alignment Ensure ongoing compliance with industry frameworks (ISO 27001, NIST, SOC 2, RBI, SEBI, etc.). Work with engineering to embed audit-readiness and risk mitigation into system design. Support internal audits, external audits, and regulatory inspections. 3. Reporting & Documentation Prepare audit reports detailing findings, risks, and control effectiveness. Maintain logs of issues, resolutions, and audit evidence for internal records. Track and follow up on audit remediation plans and risk closures. 4. Collaboration & Advisory Partner with DevOps, security, and data teams to implement audit recommendations. Provide advisory support during product development and client onboarding. Contribute to IT policies, SOPs, and internal training on security and compliance. Required Qualifications & Skills 3+ years of experience in IT auditing, IT risk management, or information security. Strong understanding of audit frameworks (ISO, SOC, COBIT, NIST, RBI/SEBI norms). Familiarity with cloud infrastructure (AWS, Azure, GCP) and DevSecOps principles. Experience auditing SaaS platforms, databases, and user access control systems. Excellent documentation and analytical skills. CISA, CISM, or similar certifications preferred. Our Ideal Candidate Understands the unique risk and compliance landscape of BFSI and enterprise tech. Has hands-on experience conducting IT audits and collaborating across technical teams. Is detail-oriented, structured, and proactive in surfacing risks before they escalate. Thrives in an evolving, high-accountability environment where security is non-negotiable. Is eager to contribute to secure, compliant, and trusted AI adoption in financial services. Tip for candidates If this role interests you, then follow our page to stay updated on similar future job openings and insights. Show more Show less

The position in the Group Internal Audit Department at Intertek offers an exciting opportunity to be a part of a global team responsible for delivering finance and operational audits within the APAC and MENAP regions, and occasionally in other markets. Based in Delhi, India, you will be a key player in the assurance framework across all geographies and operations of the Group, covering Finance, HR, IT, and Operations. Your responsibilities will include contributing to audit assignment planning, leading finance and operational audits, testing core controls effectiveness, providing practical recommendations aligned with commercial priorities, preparing and issuing influential reports to management, ensuring implementation of recommendations, conducting special projects, and contributing to the development of a world-class audit function. To excel in this role, you must possess excellent communication and influencing skills, the ability to work independently, and a strong drive to create a positive impact at Intertek. The ideal candidate should be a high caliber graduate with a recognized Accountancy or Internal Auditing qualification, possess excellent project management skills, demonstrate credibility in building relationships, and have some exposure to IT auditing principles. Additionally, you should have 5-10 years of post-Chartered Accountancy experience in internal or external auditing, preferably from a Big 4 firm, with multinational exposure being advantageous. Fluency in spoken and written English is essential, and knowledge of other languages is a plus. Join us at Intertek and be a part of a dynamic team that values excellence, innovation, and continuous improvement in the field of internal auditing.,

You will be responsible for executing IT controls testing for the assigned portfolio of controls/stakeholders to deliver to agreed time and quality standards. Your main tasks will involve performing ITGC testing activities in areas such as Access Management, Change and Release Management, Incident Management, and SOC Report Reviews. Additionally, you will be testing IT Application Controls (ITACs), IT Dependent Manual Controls (ITDM), and Key Reports. It will be your duty to assess the impact of deficiencies in ITGC and automated control testing on financial reporting and support the ICFR Technology manager in determining appropriate actions to remediate control deficiencies identified from testing. Furthermore, you will be required to learn Tesco's business processes to be more effective in assessing the impact of ineffective controls and designing remediation activities. To excel in this role, you should have experience with SOX/IT Internal Controls audit, implementation, and design improvement. A strong knowledge of IT auditing concepts and principles is essential, alongside an understanding of IT General Controls, IT Automated Controls, and IT-Dependent Controls. It is crucial that you possess a good understanding of business drivers and how they impact technology, as well as hands-on understanding of information security domains and assurance frameworks. Excellent written and verbal communication and presentation skills are also required, along with experience in hands-on delivery of IT audit and/or assurance work. In conclusion, your role will be pivotal in ensuring the effectiveness of IT controls testing within the organization, thereby contributing to the overall success of Tesco Bengaluru's IT infrastructure and operations.,

Role & responsibilities Take care of IT compliance & also conduct Information Systems Audit for the Bank. Experience in conducting Information Systems and Security audits, application control reviews and application functionality reviews Need to perform IT audits as per the agreed annual audit plan. Practical experience of audit methodology Assisting the team members in conducting compliance reviews. Assist in preparation of monthly / quarterly / annual submission to the Board / Audit & Compliance Committee. Essential competencies In depth knowledge of the regulatory environment for the banks in India particularly RBI & FEMA requirements. Good Co-ordination skills. Good research capabilities and intelligent interpretation of regulatory guidelines. Good knowledge of all the elements (commercial, operational) of banking areas like Trade, Remittances, Treasury e.t.c. Relevant experience: 1-2 years post qualification experience in Financial Services environment, preferably in handling RBI Inspection Impeccable integrity and compliance consciousness.

URGENT HIRING !!! location's : Canada , Australia , New Zealand , UK, Germany , Singapore ( Not In India ) Benefits : Medical Insurances , Travel allowances , Flight Tickets , Meals , etc For more information call or whatsapp +91 9220850077 Key Responsibilities: Team Supervision & Leadership Manage and mentor a team of technical support specialists or helpdesk agents. Assign tasks, monitor performance, and conduct regular performance reviews. Provide training and development opportunities for team members. Technical Issue Resolution Oversee the diagnosis, troubleshooting, and resolution of hardware, software, and network issues. Handle escalated or complex IT support tickets and customer complaints. Ensure support cases are resolved within defined SLAs (Service Level Agreements). Process & Quality Management Develop and enforce IT support procedures and best practices. Monitor ticketing systems to ensure proper documentation and timely resolution. Analyze support metrics and trends to improve service delivery. System & Tool Oversight Ensure the effective use of ITSM (IT Service Management) tools like ServiceNow, Jira, Zendesk, etc. Collaborate with system admins and IT teams to maintain support tools and systems. Support patch management, device imaging, and inventory control processes. Customer Service Focus Maintain a high standard of user satisfaction and communication. Conduct follow-ups with users to ensure issue resolution and satisfaction. Encourage a customer-centric mindset within the support team. Compliance & Security Enforce IT security policies and escalate potential breaches. Ensure compliance with internal controls, data privacy laws, and corporate standards.

As an experienced professional looking for a rewarding career opportunity, you have the chance to join HSBC's Country Internal Audit team. In this role, you will primarily focus on IT audits related to business applications, software development, and technical infrastructure. It is crucial that all audits are conducted in accordance with internal requirements and timelines to ensure the integrity of the audit process. Your responsibilities will include actively participating in annual audit planning, risk assessment, and continuous monitoring exercises. You will be expected to deliver high-quality work within specified timeframes, standards, methodology, budget, and best practices. Furthermore, you will analyze key drivers of change within your area of coverage and evaluate their potential impact on audits. Drawing on your expertise, you will verify the accuracy of audit results and prepare comprehensive audit findings that highlight key issues, risks, root causes, and action plans. Your ability to produce well-crafted audit reports for senior management review is essential. Effective communication and the maintenance of positive relationships with stakeholders, team members, and audit management are integral aspects of this role. As a proactive team player, you will collaborate with colleagues to achieve common objectives and leverage industry insights, knowledge, and current developments to identify areas of concern. The ideal candidate will hold a University degree or equivalent qualification and possess 6-8 years of experience in IT Auditing, IT security, software development, business analysis, quality assurance, internal control/operational risk, or IT operations within the Banking or Financial Services sector. Candidates with professional certifications such as CISA, CISSP, CISM, CGEIT, ITIL, ACA, or PMP are preferred. Strong written and verbal communication skills, along with analytical, problem-solving, and interpersonal abilities, are essential for success in this role. HSBC is dedicated to fostering a culture where every employee is valued, respected, and encouraged to share their opinions. The company prides itself on offering a workplace that promotes continuous professional development, flexible working arrangements, and opportunities for growth within an inclusive and diverse environment. Please note that any personal data provided during the application process will be handled in accordance with HSBC's Privacy Statement, which can be accessed on the company's website. Issued by The Hongkong and Shanghai Banking Corporation Limited, India.,

Company: Leading Health Insurance. Role: Internal Audit - Process & IT. Location: Jogeshwari, Mumbai. Experience - Minimum 8-10 years of relevant insurance / financial services experience including IT operations/ audit. Recognized accounting/auditing/information system certifications (e.g. CA, CISA, CIA, CISSP) Job Overview Concerned individuals will be responsible for Planning and execution of internal audits in accordance with the laid down process. Providing support to the Head-internal audit for other internal audit related activities including Board presentations and liaising with senior management. Responsibility- Executing internal audits (process-based as well as IT) in accordance with the approved audit plan. Compliance with the internal audit methodology. Using data analytics for a stratified sample. Working closely with management and recommending appropriate risk and control initiatives including best practice. Display independence in execution of audit and management of various stakeholders. Ensure upkeep with applicable rules and regulations. Ensure upkeep with Companys policies and procedures. Liaise/manage external firms deployed which provide support to the Internal Audit department. Follow up with process owners/ stakeholders on the progress for remediation initiatives, and validate adequacy of the remediation actions. Liaise with Regional Office including group auditors on audit progress, remediation status and other audit initiative. Provide support to additional projects and to identify and pursue on-going process improvements. Support continuous improvement of internal audit practices and tools. Interested candidates can share their resumes at bhumika@rightmatch.co.in / +918788674591

At PwC, the focus in audit and assurance is on providing independent and objective assessments of financial statements, internal controls, and other assurable information to enhance credibility and reliability with various stakeholders. The evaluation includes compliance with regulations, such as governance and risk management processes, and related controls. In the digital assurance domain at PwC, your role will involve delivering assurance services over clients" digital environment, encompassing processes, controls, cyber security measures, data and AI systems, and associated governance. The objective is to aid organizations and stakeholders in building trust in their technology while adhering to relevant regulations. Your role emphasizes building meaningful client relationships, as well as learning to effectively manage and motivate others. As you navigate through increasingly complex situations, you are expected to establish your personal brand, enhance your technical expertise, and identify your strengths. Anticipating the needs of both your teams and clients, quality delivery is key. Embracing ambiguity, you thrive in situations where the path forward may not be clear, asking questions and leveraging such opportunities for personal growth. To excel in this role, you should possess a diverse skill set, including: - Responding effectively to diverse perspectives, needs, and emotions of others. - Utilizing a wide array of tools, methodologies, and techniques to generate innovative ideas and solve problems. - Employing critical thinking to dissect complex concepts. - Understanding the broader objectives of projects or roles, and how your work contributes to the overall strategy. - Developing a deeper comprehension of the evolving business context. - Using self-reflection to enhance self-awareness, strengthen your strengths, and address areas for improvement. - Analyzing data to derive insights and formulate recommendations. - Upholding professional and technical standards, including adherence to specific PwC tax and audit guidance, the firm's code of conduct, and independence requirements. Minimum qualifications for this role include being a Chartered Accountant/CPA, Certified Information Systems Auditor (CISA), or holding a Bachelor's degree in various fields such as accounting, finance, management information systems, economics, business administration, engineering, mathematics, statistics, or other relevant disciplines. A minimum of 4+ years of relevant experience is required. Preferred candidates will possess: - Knowledge and understanding of auditing methodology. - Experience in conducting IT Audits on SAP ERP, including familiarity with T-Code, tables used for data extraction, and ITGC and ITAC testing. - Proficiency in testing ITGCs related to systems development, change management, computer operations, and program/data access. - Experience in performing walkthroughs (Test of design and Operating Effectiveness) and testing key reports to address risks related to Information Produced by Entity (IPE's). - Understanding of SAP S4 Hana/SAP ECC user access security architecture (Roles, profiles, Authorization objects). - Strong communication skills. - Ability to operate independently based on the level, including managing both upwards and downwards, with project management skills. - Preference will be given to candidates with experience in Big 4 or equivalent firms.,

Position Purpose A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical & Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications(if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certificationin IT Audit - CISA (Certified Information System Audit) required other IT certificationCybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential BehaviouralSkills: Communication skills - oral & written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical AbilityAbility to manage a projectAbility to manage / facilitate a meeting, seminar, committee, trainingAbility to understand, explain and support changeAbility to anticipate business / strategic evolutionEducation Level:Master Degree or equivalentExperience LevelAt least 10 years

Position Purpose The role of the Third-Party Technology Risk Management Analyst / Consultant is to implement the set of operational activities to be carried out within BNP Paribas (Group entities) to manage ICT Cyber risks for the beneficiaries of sourcing (Outsourcing, purchasing shoring) initiatives supported by ICT service providers and third parties involved in ICT projects or business projects with ICT components. She/he can operate within TPTRM scope governance, providers, beneficiaries SMEs spread throughout global region. As part of his role, she/ he will have to work closely with German stakeholders. Especially, she / he will help clients assess the risks associated to their arrangement and provide recommendations for managing those risks.. Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Instruct the 5 European Bank Authority ICT risks categories and follow them throughout TPTRM assessments Participate in Initialization Committee/ Validation Committee Go-Live committee for Supporting specific arrangements and results Provide support to beneficiary / contract owner to implement residual actions Facilitate the business/sponsor/beneficiary/SME decision-making with deep analysis based on relevant flagged risk families Provide support to contract owners and coordinate/ assist to ensure proper assessments are done Manage TPTRM inventory with follow-up tracker management Contribute to process improvement, upkeep with new policies, regulations, standards guidelines Technical Behavioral Competencies Functional Skills Experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation. Experience in the Finance IT industry with a strong exposure to IT Operations, Application Security, and/or network administration, IPS Demonstrate knowledge of Risk Compliance, cybersecurity, cyber risk, cyber threats, Third Party Technology Risk Management/ Vendor assessments Working knowledge of global regulations, frameworks and standards (ISO, NIST, COBIT, PCI-DSS, HIPAA) and conversant in the tactics, techniques and procedures used by Risk adversaries. Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Good IT knowledge Technical : - Good understanding of organizations and IT Businesses - Good technical understanding of infrastructures and IT Security Productions and Systems - IT risk /Third Party risk analysis and management methods and should have worked on Risk Management Tools like, ServiceNow etc. - Knowledge of Cyber Resilience, IT continuity and business continuity - GRC - Governance, Risk Management and Compliance Management. - Firewall and Internet technologies; Cloud Security, Banking Tools Technologies. - Secure access control mechanisms; Encryption and Key management technics Behavioral : - Strong Communication, Analytical and problem-solving skills. - Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills - Good documentation and reporting skills - Ability to work independently - Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back-office users - Good communication, technical writing/diagramming skills - Attention to detail and accuracy Specific Qualifications (if required) - One or more Industry-recognized information Security certifications such as CISSP, CISA, GCCC, CISM, CEH, CRISC, OSCP or Security+. - IT Security tools like Firewalls, IPS, WAF, Endpoint protection, Network security, etc. - IT Auditing (ISO27001/2, NIST 800 Series, ISO27005, ISO42001) - Regulatory Compliance MBA in Finance/Systems/IT, Masters in Technology, Bachelor of Commerce, Masters in Commerce, Bachelor in Science, Bachelor in Technology Skills Referential Behavioural Skills : (Please select up to 4 skills) Communication skills - oral written Attention to detail / rigor Ability to deliver / Results driven Creativity Innovation / Problem solving Choose an item. Choose an item. Choose an item. Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to manage a project Ability to understand, explain and support change Ability to develop and adapt a process Ability to anticipate business / strategic evolution Other/Specific Qualifications (if required) CISA/CISSP/CISM/CRISC

Position Purpose The role of the Third-Party Technology Risk Management Analyst / Consultant is to implement the set of operational activities to be carried out within BNP Paribas (Group & entities) to manage ICT & Cyber risks for the beneficiaries of sourcing (Outsourcing, purchasing & shoring) initiatives supported by ICT service providers and third parties involved in ICT projects or business projects with ICT components. She/he can operate within TPTRM scope governance, providers, beneficiaries & SMEs spread throughout global region. As part of his role, she/ he will have to work closely with German stakeholders. Especially, she / he will help clients assess the risks associated to their arrangement and provide recommendations for managing those risks.. Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks & control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks & control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Instruct the 5 European Bank Authority ICT risks categories and follow them throughout TPTRM assessments Participate in Initialization Committee/ Validation Committee & Go-Live committee for Supporting specific arrangements and results Provide support to beneficiary / contract owner to implement residual actions Facilitate the business/sponsor/beneficiary/SME decision-making with deep analysis based on relevant flagged risk families Provide support to contract owners and coordinate/ assist to ensure proper assessments are done Manage TPTRM inventory with follow-up tracker management Contribute to process improvement, upkeep with new policies, regulations, standards & guidelines Technical & Behavioral Competencies Functional Skills Experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation. Experience in the Finance & IT industry with a strong exposure to IT Operations, Application Security, and/or network administration, IPS Demonstrate knowledge of Risk & Compliance, cybersecurity, cyber risk, cyber threats, Third Party Technology Risk Management/ Vendor assessments Working knowledge of global regulations, frameworks and standards (ISO, NIST, COBIT, PCI-DSS, HIPAA) and conversant in the tactics, techniques and procedures used by Risk adversaries. Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Good IT knowledge Technical : - Good understanding of organizations and IT Businesses - Good technical understanding of infrastructures and IT Security Productions and Systems - IT risk /Third Party risk analysis and management methods and should have worked on Risk Management Tools like, ServiceNow etc. - Knowledge of Cyber Resilience, IT continuity and business continuity - GRC - Governance, Risk Management and Compliance Management. - Firewall and Internet technologies; Cloud Security, Banking Tools & Technologies. - Secure access control mechanisms; Encryption and Key management technics Behavioral : - Strong Communication, Analytical and problem-solving skills. - Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills - Good documentation and reporting skills - Ability to work independently - Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back-office users - Good communication, technical writing/diagramming skills - Attention to detail and accuracy Specific Qualifications (if required) - One or more Industry-recognized information Security certifications such as CISSP, CISA, GCCC, CISM, CEH, CRISC, OSCP or Security+. - IT Security tools like Firewalls, IPS, WAF, Endpoint protection, Network security, etc. - IT Auditing (ISO27001/2, NIST 800 Series, ISO27005, ISO42001) - Regulatory Compliance MBA in Finance/Systems/IT, Masters in Technology, Bachelor of Commerce, Masters in Commerce, Bachelor in Science, Bachelor in Technology Skills Referential Behavioural Skills : (Please select up to 4 skills) Communication skills - oral & written Attention to detail / rigor Ability to deliver / Results driven Creativity & Innovation / Problem solving Choose an item. Choose an item. Choose an item. Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to manage a project Ability to understand, explain and support change Ability to develop and adapt a process Ability to anticipate business / strategic evolution Education Level: Bachelor Degree/ Master Degree or Equivalent Choose an item. Experience Level 5-7 years and 3-5 years Choose an item. Other/Specific Qualifications (if required) CISA/CISSP/CISM/CRISC

Role & Responsibilities: Key highlights of the role are listed below (purely indicative and not limiting): This position would include the mentioned set of responsibilities but not limited to: 1. Audit Planning & Execution: Conduct risk assessments to identify key areas of risk exposure and develop annual audit plans based on identified risks and priorities. Plan and Co-ordinate for execution of internal audits across various functions and business units at different locations. Ensure completion of audit as per the Audit Plan and Schedule Conduct walkthroughs, process reviews, and control testing to assess design and operating effectiveness. Ensure adherence to RBI guidelines, PCI-DSS compliance, and other applicable regulations. 2. Risk Management & Control Evaluation: Assess the adequacy and effectiveness of internal controls, policies, and procedures. Recommend improvements to strengthen risk management, fraud detection, and loss prevention mechanisms. Evaluate credit risk models, underwriting policies, fraud management frameworks etc. Perform data analytics-driven risk assessments to identify anomalies and control gaps. 3. Reporting & Compliance: Prepare audit reports based on audit findings, and risk assessments Ensure timely follow-ups on audit recommendations and track corrective actions. Monitor compliance with regulatory frameworks (RBI, SEBI, PCI-DSS, AML/KYC, etc.). Collaborate with external auditors and regulatory bodies during inspections. 4. Stakeholder Engagement & Advisory: Act as a trusted advisor to business units on risk mitigation and process optimization. Partner with risk and compliance teams to enhance governance, risk, and compliance (GRC) frameworks. Work with IT / Information security and fraud management teams to enhance cyber risk resilience and digital payment security. Conduct stakeholder feedback surveys. 5. Continuous Improvement & Technology Integration: Leverage AI, machine learning, data analytics and automation tools for predictive risk analytics. Promote the use of data-driven audit techniques Keep up with industry trends, regulatory changes, and best practices in credit card risk management. Applicants should possess the following attributes: Strong understanding of credit card lifecycle operations, underwriting, collections, chargebacks, fraud controls, finance, risk management etc. Strong understanding of audit principles, methodology, tools, processes and standards Experience of conducting Risk Based Internal Audit Strong understanding of audit principles, methodology, tools, processes and standards (e.g., risk assessments, planning, testing, reporting and continuous monitoring; COSO, IIA standards) Knowledge of RBI regulations, AML/KYC guidelines, PCI-DSS compliance. Strong understanding of regulatory landscape in India along with hands on experience of working on regulatory matters as outlined by key regulators like RBI and SEBI Excellent analytical, problem-solving, and stakeholder management skills. Ability to present audit findings effectively to related stakeholders Ability to coach and mentor others and create an inclusive work environment for team In-depth understanding of financial instruments including equity, fixed income, derivatives, structure products and other financial products and services

Purpose of the position To conduct on-site assessments against the requirements of relevant standards or specifications To provide expertise, produce surveillance and initial assessment reports and make recommendations for certification decisions. To promote the BSI product offering and solutions to our clients with the view of improving their business performance, managing risk and Making excellence a habit Key responsibilities & accountabilities Undertake management system assessments in accordance with BSI requirements. Prepare assessment reports and deliver findings to clients to ensure client understanding of the assessment decision and clear direction to particular items of corrective action where appropriate. Recommend the issue, re-issue or withdrawal of certificates, and report recommendations in accordance with BSI policy, procedures and prescribed time frame. Lead assessment teams as required ensuring that team members are adequately briefed so that quality of service is maintained and that effective working relationships are sustained both with Clients and within the team Establish and develop an effective partnership, which secures the commercial relationship and encourages opportunities for business development and increased client satisfaction with clients in your portfolio. Provide accurate and prompt information to support services, working closely with them to ensure that client records are up to date and complete and that all other internal information requirements are met. Plan/schedule workloads to make best use of own time and maximise revenue-earning activity. Coach colleagues as appropriate especially where those members are inexperienced assessors or unfamiliar with clients' business/technology and assist in the induction and coaching of new colleagues as requested. Maintain and develop assessment skills and technical and management system standards knowledge. Provide technical support to clients through business development, sales and customer service staff Act as a brand Ambassador for BSI. This means acting ethically, following company rules and promoting BSI services to clients so they are able to optimize business performance and Make Excellence a Habit. Candidate specifications Bachelor degree or above in Engeneering . Must be a Lead Auditor certified in 27001 Added advantage to have experince and certified for BCMS, SOC, PCI-DSS Minimum 4 years working experience in IT, with 2 years work experience in IT. Commercial understanding of compliance industry, minimum 2 years quality system management Knowledge of business processes and application of quality management standards Good verbal and written communication skills and an eye for detail Be self-motivated, flexible, and have excellent time management/planning skills Can work under pressure Willing to travel on business intensively An enthusiastic and committed team player Good public speaking and business development skill will be considered advantageous

Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities Technical Excellence Experience of working on FS clients is preferred IT audits including statutory and internal audits IT General Controls (ITGC) testing IT Application Controls (ITAC) testing / IT Automated Business Controls testing IT Infrastructure risks and control assessments IT SOX 404 SOC1, SOC2 audits and reporting IT Compliance and regulatory reporting Risk and control assessments considering emerging technologies such as cloud, RPA, AI/ML, Blockchain etc Certifications preferred: CISA, CISSP, CISM, CRISC, CCSK and others (if relevant). Skills and attributes To qualify for the role you must have Qualification BE/ B.Tech,or MSC in Computer Science/Statistics or M.C.A or MBA in Finance or IT Experience 5+ years of relevant experience in field of IT Audits Should have played client facing role in managing audits Experience of working on FS clients is preferred IT audits including statutory and internal audits IT General Controls (ITGC) testing IT Application Controls (ITAC) testing / IT Automated Business Controls testing IT Infrastructure risks and control assessments IT SOX 404 SOC1, SOC2 audits and reporting IT Compliance and regulatory reporting Risk and control assessments considering emerging technologies such as cloud, RPA, AI/ML, Blockchain etc What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach.