IT Governance and Audit Specialist- NBFC, Turbhe Mumbai

Job Description

Assist in the management of regulatory exams and third-party audits (e.g., by external auditors or government agencies). Coordinate with Information Security and Data Privacy teams to ensure cohesive risk management practices. Qualifications: Bachelors degree in Information Systems, Computer Science, IT Security, or a related field. 3–5 years of experience in IT governance, audit, or IT risk management within the financial industry. Strong knowledge of financial regulations affecting IT. Excellent documentation, communication, and stakeholder management skills. Certifications (Preferred): CISA (Certified Information Systems Auditor) – strongly preferred CRISC, CGEIT, or COBIT Foundation ISO 27001 Lead Auditor or similar certification Preferred Experience: Experience working in a banking, fintech, or insurance environment. Exposure to IT audits of cloud environments, APIs, and digital banking platforms. Understanding of third-party risk management and vendor assessments.We are seeking a detail-oriented and analytical IT Governance and Audit Specialist with a solid understanding of financial services regulations and IT risk management. This mid-level role is crucial in maintaining IT control effectiveness, regulatory compliance, and risk mitigation across the organizations technology environment. The specialist will help ensure that IT operations support the organization's strategic objectives while aligning with industry standards and frameworks. Key Responsibilities: IT Governance: Support the development and implementation of IT governance frameworks and industry best practices. Contribute to the review and enforcement of IT policies, standards, and procedures that support regulatory compliance. Collaborate with business and IT leaders to align IT initiatives with enterprise risk appetite and business goals. Monitor IT performance metrics and prepare dashboards for management oversight. IT Audit: Conduct internal IT audits covering cybersecurity, application controls, data integrity, third-party risk, and general IT controls (GITCs). Perform risk-based audits and control testing in areas such as core banking systems, digital platforms, and cloud services. Document audit findings, assess risk impact, and propose remediation plans. Track and validate the implementation of corrective actions. Coordinate with stakeholders to collect evidence, document and publish progress report for audits. Risk & Compliance: Participate in enterprise IT risk assessments and contribute to the IT risk register. Ensure ongoing compliance with regulatory and industry requirements Pls email updated copy of resume to tanumita.roy@3pointhrm.in