IT Security Auditor

Job Summary:

We are seeking an experienced IT Security Auditor to ensure the organization’s IT systems, processes, and infrastructure meet regulatory, compliance, and cybersecurity standards. The role involves conducting in-depth security audits, identifying vulnerabilities, evaluating internal controls, and providing expert recommendations to strengthen the security posture.

Key Responsibilities:

1. Maintain IT security compliance as per Government guidelines and regulatory mandates. 2. Plan, execute, and document internal and external IT security audits aligned with industry standards.

3. Evaluate security controls across networks, servers, applications, databases, endpoints, and cloud environments.

4. Conduct risk assessments, identify vulnerabilities, and ensure compliance with frameworks like ISO 27001, NIST, GDPR, HIPAA, etc.

5. Review and assess access controls, incident response processes, data protection measures, and configuration standards.

6. Work closely with IT, security, compliance, and business teams to gather required audit evidence.

7. Provide clear recommendations and remediation plans based on audit findings.

8. Prepare detailed audit reports, gap assessments, executive summaries, and compliance documentation.

Required Qualification:

1. B.E/B.Tech / MCA / MBA / PG with (Minimum 60% aggregate / First Division).

2. CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager).

3. ISO 27001:2022 Lead Auditor / ISMS Lead Auditor.

4. Equivalent IT security certifications are a plus.

5. Knowledge of cloud security audits (AWS, Azure, GCP) is preferred.

Required Skills:

1. Strong understanding of information security principles, risk assessment methods, and audit standards.

2. Hands-on experience conducting cybersecurity, IT infrastructure, application, and cloud security audits.

3. Familiarity with NIST, ISO 27001, CERT-In, NCIIPC, and other regulatory guidelines.

4. Ability to analyze system logs, network device logs, server logs, and identify security gaps. 5. Experience with SIEM tools, vulnerability assessment tools, and audit automation platforms. 6. Excellent skills in audit documentation, report writing, stakeholder communication, and remediation planning.

7. Strong experience with regulatory compliance and cybersecurity standards.

Job Type: Full-time

Benefits:

• Provident Fund

Work Location: In person