Job
Description
Conduct comprehensive IT audits to evaluate the effectiveness and efficiency of IT systems and processes. Assess and document IT Governance, Risks and Compliance's vulnerabilities and control deficiencies. Ensure compliance with RBI guidelines and industry standards (e.g., ISO 27001, NIST, COBIT, COSO). Develop and implement audit plans and methodologies. Review and analyze evidence, document audit findings, and propose practical solutions. Collaborate with IT and business teams to improve IT governance and control frameworks. Prepare detailed audit reports and present findings to senior management. Rigor in tracking and follow-up of IS audit open points on the implementation of audit recommendations. Evaluate and test IT General Controls (ITGCs), automated controls, and key reports. Participate in risk assessments and design audit programs. Review regulatory submissions and ensure timely and accurate documentation. Perform IT vendor audits and assist in IT Governance audits. Stay updated on industry trends, emerging threats, and regulatory changes. Required Qualifications, Capabilities, and Skills: A bachelor's or masters degree in computer science, Information Technology, or Engineering, with at least 5 years of experience in IT Technical and Process Audit, along with at least one industry-recognized certification such as CISA, CRISC, or CISM. Strong understanding of RBI guidelines for NBFCs. Knowledge of Governance, Risk & Compliance function, Software development processes, IT systems, Network architecture, Databases, and Cybersecurity measures. Extensive knowledge of industry security frameworks (e.g., NIST, CIS) and ISO 27001/2 standards. Proven experience in implementing or testing IT General Controls. Basic understanding of AI-ML models, their risks, and audit testing procedures. Excellent verbal and written communication skills to effectively present audit findings and recommendations. Ability to analyze complex data, identify risks, and provide actionable recommendations. Experience in identifying and evaluating IT risks and developing mitigation strategies. Ability to identify issues and develop practical solutions. Experience in planning and managing audit projects to ensure timely completion. Meticulous in documenting audit processes and findings. Ability to work effectively with cross-functional teams and stakeholders. Capable of managing multiple audits simultaneously and meeting deadlines in a dynamic, fast-paced environment. Highly motivated, enthusiastic, performs well under pressure, and takes personal responsibility and accountability. Upholds the highest standards of professionalism, integrity, and ethical conduct.
