16 Itgc Audit Jobs

Key Responsibilities: 1. IT Control Testing and Evaluation: Plan and execute control testing of ITGCs and automated application controls. Evaluate design and operating effectiveness of controls related to: User access management (IAM) Change management System development lifecycle (SDLC) Backup & recovery IT operations and infrastructure security Document testing procedures, results, and exceptions in line with ERM standards. 2. Risk and Control Self-Assessments (RCSA): Support IT RCSA activities across technology platforms and infrastructure. Identify and assess IT risks, including cybersecurity threats and third-party/vendor risks. Collaborate with IT stakeholders to remediate identified control gaps and improve IT control posture. 3. Regulatory and Framework Compliance: Ensure alignment with regulatory requirements and industry frameworks such as: SOX (Sarbanes-Oxley) FFIEC, OCC, NIST, COBIT, ISO 27001 Monitor compliance with internal IT policies, procedures, and enterprise risk tolerance. 4. Stakeholder Engagement & Collaboration: Work closely with IT, Information Security, Compliance, and Internal Audit teams. Serve as the subject matter expert (SME) on IT control testing and risk identification. Communicate findings, risks, and recommendations clearly to technical and non-technical stakeholders. 5. Reporting and Documentation: Develop testing scripts, risk-control matrices, and evidence documentation. Prepare executive-level reports highlighting key findings, trends, and remediation status. Track control testing progress and report deviations from expected timelines or outcomes. 6. Continuous Improvement: Stay current with technology risk trends, emerging threats, and evolving compliance standards. Recommend enhancements to IT control testing methodologies, tooling, and governance processes. Key Qualifications: Education: Bachelors degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related fields. Advanced certifications are a plus. Certifications (preferred): CISA (Certified Information Systems Auditor) CRISC (Certified in Risk and Information Systems Control) CISSP, CGEIT, or ITIL certifications Experience: 810 years in IT risk management, internal audit, or control testing within financial services or technology-driven environments. Technical Skills: Strong knowledge of ITGCs, application controls, and system security principles Hands-on experience with GRC platforms (e.g., Archer, MetricStream, ServiceNow GRC) Familiarity with scripting or automation tools for testing/reporting is a plus Proficient in Excel, Power BI, or Tableau for data analysis and reporting Please share your cv at surbhi.malhotra@nlbtech.com

Role detail 4 to 8 years of experience in assurance, information security, vendor/ supplier/ third party risk assessment Expertise in cyber security including standards such as ISO27001, PCI-DSS, ISO22301, privacy etc. Knowledge of technical domains such as network security, cloud security, application security, control testing Knowledge of concepts such as vendor risk profiling, country risk assessment, outsourcing/ technology regulations Experience in assessing emerging technologies such as robotics, IOT, DLT, Social, Mobile etc., Exposure to TPRM specific regulations (FED, MAS, OCC, etc.), Exposure in assessing different third parties e.g. Brokers, Exchanges, etc., Worked with TPRM tools, platforms & utilities such as KY3P, TruSight, ServiceNow, OneTrust, CyberGRX, Coupa etc, Strong Auditing skills is desired, experience in IT Compliance, ITGC testing, and Assurance is a plus Strong problem solving and logical approach skills Excellent written and verbal communication skills Consistent display of technical proficiency Ability to work well in teams Willingness to travel within India or abroad for project/assignments. Demonstrate integrity, values, principles, and work ethic and lead by example CISA/ CISSP/ CISM/ISO27001 LA / LI / Cloud security certificates Prior exp in IT Audit, SOC 1, SOC 2 Qualifications: Bachelors degree in computer science or related field Excellent communication and team collaboration skills

Job description You'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Technology Risk As part of our Technology Risk team you'll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. Youll also identify potential business opportunities for within existing engagements and escalate these as appropriate. Similarly, youll anticipate and identify risks within engagements and share any issues with senior members of the team. The Opportunity Were looking for Manager level to join the leadership group of our Assurance- Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities are to Manage and lead a team of SAP staff and seniors on SAP projects, ensuring adherence to project timelines and quality standards. Counselling the team members with the SAP related queries, latest updates on relevant applicable standards. Preparing and sharing the proposal & pursuits for SAP engagements. Performing budget vs actual analysis and ensure complete utilisation of the team members throughout the engagement. Regular connects with onshore counterparts to ensure the deliverables are meeting expectations & standards, creating opportunities basis skill sets. Managing schedules of the team members based on the project requirements, skills, scope of work. Participate in designing, developing, and implementing SAP solutions to meet business requirements effectively and effectively. Contribute to the SAP CoE team as a key member and assist with facilitating practice wide training (SAP ITGC/ SAP ITAC /SAP Pre & Post Implementation) curriculum. Work closely with onshore, cross-functional teams and develop strong relationships as project manager across the organisation. Stay updated with and promote awareness of updated ERP versions & its functionalities, industry best practices. Active team member executing project management/ stakeholders management (Client, Assurance, onshore) Provide quality deliverables with value addition on the engagements and is known as SMR across organization. Skills and attributes for success Excellent project management, time management, managerial and leadership skills. Experience in reviewing and testing of SAP S4 Hana / SAP ECC IT general controls (ITGC) for key domains such as access management, change management, computer operations, SDLC (System Development Life Cycle) Experience in reviewing and testing SAP S4 Hana / SAP ECC security & configurations such as debugging, client settings, etc. Experience in performing pre & post implementation reviews in SAP S4 Hana / SAP ECC environment and have been through S4 Hana/ ECC lifecycle & performing migration testing. Knowledge and understanding of the TCode, tables used to extract the data from SAP S4 Hana / SAP ECC with relation to ITGC and ITAC testing. Knowledge and understanding of SAP S4 Hana / SAP ECC user access security architecture (Roles, profiles, Authorisation objects) Experience in testing of firefighter controls in SAP S4 Hana / SAP ECC and GRC. Experience in reviewing and testing the Operating System (OS) and Hana Database (DB) controls in SAP S4 Hana / SAP ECC environment. Experience of working with other SAP applications such as GRC, Fiori, BW, BI, Ariba, Concur, Success Factor, VIM, Vistex. Experience in evaluation and testing of sensitive access and SOD (Segregation of Duties) across key business and IT process in SAP S4 Hana / SAP ECC and GRC environment. Experience in SAP GRC access control (AC) & process control (PC), financial compliance management (FCM). Experience in performing the walkthrough (Test of design) directly with the client, Operating Effectiveness and have knowledge of the financial statements assertions. Knowledge and understanding of the auditing methodology. Experience in reviewing and interpretation the ABAP codes with relation to the control testing for ITGCs and ITACs in SAP S4 Hana / SAP ECC environment. Experience in reviewing and testing the key reports ensuring the risks (completeness & accuracy) related to IPEs (Information Produced by Entity) are addressed. Knowledge and experience of industry specific SAP S4 Hana / SAP ECC modules. Knowledge of SAP S4 Hana / SAP ECC standard functionalities in relation to business and IT controls. Experience in reviewing and testing the key business process configurations (ITACs) in SAP S4 Hana / SAP ECC environment. Having strong knowledge of SAP S4 Hana / SAP ECC configurations (e.g., 3-way match, copy controls) is must. Experience in testing of interface controls between multiple systems and middleware controls. Experience in IT audit in the context of a financial audit & related regulations, auditing standards and guidelines. Knowledge and understanding of control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX. Knowledge and understanding of common IT governance, control, and assurance industry frameworks, including COBIT and ISACA best practices. Knowledge and understanding of third-party attestation standards (particularly SSAE16/18), other reporting and industry specific standards. To qualify for the role, you must have B.E/B.Tech (CS/ IT)/MBA, CA with at least 1+ years of experience. SAP S4 Hana / SAP ECC functional modules/ ABAP/ Security Certification (Preferred) CISA certified (Preferred) ISO 27001:2013 certified (Preferred) Any other relevant certification (Preferred) What we look for A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment. Opportunities to work with technology risk practices globally with leading businesses across a range of industries. What we offer Were dedicated to helping our clients, from startups to Fortune 500 companies. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way thats right for you.

Position Overview: We are seeking a proactive IT GRC professional to strengthen our governance, risk, and compliance framework. This role involves ensuring regulatory compliance, conducting IT risk assessments, managing audits, and driving policy implementation across technology functions. Ideal candidates will have a strong understanding of SEBI, RBI, and other regulatory guidelines relevant to the broking industry, along with hands-on experience in IT controls, cyber risk, and compliance reporting. Role & responsibilities: Implement, and maintain IT GRC frameworks, policies, procedures, and controls. Tracking compliance / regulatory requirements and ensure on timely reporting and closure. Maintain and Update Technology activity tracker. Drafting of documentations likes policy, procedure and SOPs, reports. Co-ordinating with various teams for receipt of timely data/ information to various regulatory authorities. Managing IT/ Technology audit like System Audit, IT General Controls audit, and other technology compliances etc. Facilitates audits, coordinate with various internal and external stakeholders for audit related data. Liaising with auditors for any follow-up actions etc. Managing ISO 27001:2022, ISO 22301: 2019 internal and external audits, along with preparedness and review of relevant documentation. Knowledge of Application Security, Vulnerability Assessment and Penetration Testing. Co-ordinate with various technology teams for closure of observations. Evaluating the best industry practice followed and identify the various process improvements and implementations. Preferred candidate profile: 1) 6 to 10 years of experiences in Information Technology infrastructure, IT audits. 2) Experience in managing information technology management, GRC, System, ISO 27001:2022, ISO 22301: 2019, ITGC audit. 3) Candidate should have Good knowledge of SEBI, RBI, CERT- IN, and other regulatory guidelines and framework. 4) Good interpersonal, communication, documentation, presentation skills and problem solving skills.

EYGDS is actively seeking seasoned ITGC SAP professionals to join our team. Experience required - 3 to7 years Locations - Gurgaon, Bangalore, Pune, Chennai, Noida, Pune, Kochi, Trivandrum & Kolkata Required Skills: Experience in reviewing and controls testing of SAP S4 Hana / SAP ECC including IT general controls (ITGC) and IT Application Controls (ITAC) pre & post implementation reviews migration testing. Security & configurations such as debugging, client settings, etc. Understanding of the TCode, tables used to extract the data from SAP S4 Hana / SAP ECC with relation to ITGC and ITAC testing. Understanding of SAP S4 Hana / SAP ECC user access security architecture (Roles, profiles, Authorization objects). Good to have certifications on SAP S4Hana/ SAP ECC security or business modules, CISA, CISSP

Corporate IT Security and Governance, exp. in Information Security, ISO 27001 Implementation , Documentation. risk assessment , 2nd Line of Defense , Control Review, Control Testing, ITGC controls. ,corporate policies and procedures, GAP Analysis,

Experience with IT internal audit or other risk assurance functions Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.) Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva) Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust) Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence Cloud platform security Application and API security OWASP principles, SAST, SCA, DAST, secret scanning Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea) Server and Directory service management Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build templat ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts Testing of SOX ITGC / IT general controls Testing of business applications controls – Automated application interface and integration, system/application

* Manage internal audits, risk assessments & control evaluations * Lead compliance control audits for SOX adherence * Ensure operational risks are mitigated through effective controls * Test of Control Effectiveness, Control Design , Risk assessments Required Candidate profile F&A Audit performed Internal, Operational and Financial Audits; Knowledge of Key F&A Compliances required – ISAE 3402, SSAE 16, SOx ,ERPs – SAP, Oracle and other Enterprise Applications. CISA helps

Role & responsibilities: Collaborate with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments, and other planning documents. Serve as a fieldwork in-charge by directing the daily progress of fieldwork, informing IT Audit Manager and Engagement Manager of engagement status, and executing IT audit plan based on identified scope and timelines Work with the engagement team to document the business processes dependent on information technology (automated controls testing) along with performing IT general controls testing. Exhibit sound technical skills and understanding of information systems security and controls across a wide range of systems including SAP, Dynamics, Oracle, PeopleSoft, etc. Demonstrate and apply thorough understanding of complex information systems and audit risks including fraud risks such as data tampering or leakage and measures to detect relevant control failures. Prepare high-quality work programs and reports on the adequacy and effectiveness of controls, by adhering to the BDO Audit Methodology. Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues and communicate this information to the engagement team and client management. Apply strong project management skills and ensure thorough documentation and maintain electronic filing / back up of all project related data in accordance with BDO guidelines and policies. Consistently seek feedback and demonstrate growth by working towards improvement points communicated by the Manager. Use current technology and tools such as BDO Portal, BDO Advantage and IDEA to enhance the effectiveness of deliverables and services. Establish and maintain strong relationships with the audit teams and clients. Cultivate a commercial mindset and contribute to business development through networking and establishing industry contacts. Key Attributes: Good communication skills Confident and comfortable in client interactions Experience of working in multi-disciplinary teams Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment is required. Strong attention to detail and an analytical mind. Flexible - able to adapt quickly to market and practice changes Key Experience Parameters: Minimum 2-5 years of relevant work experience (IT audit / IT general controls testing) A Bachelor's degree in an Information Technology-related field is required CISA, CISSP, or CISM license/certification is preferred. Candidates from Big4/Big10 audit firms are preferred.

About Company BDO India LLP is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor-made solutions ensuring quality excellence & time efficiencies. About BDO ITRA Leveraging our global expertise and experience, our team of subject matter experts and industry professionals work across sectors and industries to help our clients respond to the changing business environment. With deep analytic skills and state-of-the art technologies, our professionals deliver customised and innovative solutions to clients across geographies. We at BDO, engage in transforming data into insights, our professionals guide clients through a crisis, fraud, regulatory investigations, etc. and advise them on strategies to prevent and mitigate the disruption arising from these complex matters. Details: Position Title Assistant Manager & Manager Department BAS -IT Risk Assurance Experience At least 3+ years of relevant experience into IT Risk Audit, ITGC, etc Qualification CA / B.Tech / MBA (IT) / CISA / DISA Core ITRA Roles & Responsibilities: Responsible for managing audit engagements with a focus on IT risks Manages a team of IT audit professionals involved in evaluating and testing ITGCs, conduct business and IT process reviews, IT Application Controls tests, IPEs. third party assurance (SOC1&2) and related areas; Is seen as a subject matter expert either on specific technology platforms (SAP, Oracle etc.) or industry (FS, Manufacturing, Retail etc.) Supports leadership in developing the ITRA team by coaching, providing technical guidance during audit engagements, ensuring completion of work within tight deadlines and delivers high quality audit results consistent with the firm’s expectations. Is well versed with latest technology updates in the field and encourages team members to constantly learn and adapt. Engages with the client senior management in articulating IT audit findings and can convince them his point of view Engages with firm’s internal stakeholders on how the findings relating to IT audits have a bearing on the financial reporting and internal controls. Supports the firm’s quality agenda and ensures zero defect audits during internal/external quality reviews Is viewed as a trusted advisor by the team and the clients alike Actively establish & strengthen client and internal relationships. Assists leaders in developing new methodologies and internal initiatives. Identify & escalate potential business opportunities for the firm on existing client engagements. Should be a team player with a proactive and result oriented approach. Ability to prioritize, work on multiple assignments, and manage ambiguity. Should have excellent presentation & communication skills. High on personal integrity and work ethics and can be trusted without micro-level supervision from leaders Qualified CA, MBA, BTech/BE. / BSc IT (Preferred CISA or equivalent certifications) Competencies: Analytical Thinking Collaboration IT Skills (Excel, PPT, Word, Outlook) Communication Skills Interpersonal Relationship & Respect Innovation

Associate Director - IT Audit Qualifications Required: CA Qualified Preferred: - CISA/ DISA certified SAP certification, Oracle certification, reviews of OS (Linux,etc) or database (Oracle,SQL, etc) - Experience with using data techniques such as IDEA or ACL, Tableau, Qlik, Power BI, SAS or similar. - Good communication skills (Verbal & Written). Experience Level: 7-10 years Job Summary: The IT Auditor plays a critical role in evaluating and assessing the effectiveness of an organization's information technology controls and processes as part of Assurance engagement. They are responsible for identifying risks, vulnerabilities, and compliance issues within IT Systems and infrastructure. This role involves conducting IT reviews and data analysis, as a part of Assurance engagements in accordance with the prescribed auditing standards. Key Responsibilities: - Conduct comprehensive audits of IT systems, networks, and applications to assess their security, integrity, and compliance with regulatory requirements. - Candidate should have experience in IT audits of ERP applications, interfaces, Access controls, Segregation of Duties analysis, ITGC, ITAC and audit trail review of various applications as part of IT audit support for statutory audits / external clients. - Candidate should have good understanding of audit methodology and legal / regulatory requirements from statutory perspective. - Evaluate IT policies, procedures, and controls to identify weaknesses, gaps, and areas for improvement. - Perform risk assessments and vulnerability scans to identify potential security threats and vulnerabilities. - Analyze audit findings and data to develop recommendations for mitigating risks and improving IT processes and controls. - Prepare detailed audit reports documenting findings, recommendations, and corrective actions. - Communicate audit results and recommendations to management and stakeholders, including technical and non-technical audiences. - Collaborate with IT and business stakeholders to implement corrective actions and remediation plans. - Stay current with industry best practices, emerging technologies, and regulatory requirements related to IT security and compliance Skills and Competencies: - Financial Services or Non Financial services IT Audit experience - preferably in a "hands-on" role where they lead the delivery of IT audits from the planning phase to the reporting stage. - Must have good understanding of related ISAs, financial statement assertions, control Objectives. risk and its application as IT External Audit Practice. - Must have experience in evaluating Financial Business Processes and identification of process risks and controls. - Must have expertise in ITGC and ITAC control testing and in standard and non-standard systems.(SAP, Oracle, etc) - Must have experience and technical knowledge in auditing in at least one standard ERP (SAP ERP or Oracle ERP). - Experience of managing IT audits in addition to dealing with complex technical matters and ISAs requirement on controls. - Team handling experience is a must. - Should be familiar with ERP accounting systems such as SAP, Oracle, etc. Hightlights key points: 1. If candidates has done the above for SOX work, they may not be fit for us. 2. We are not looking for persons with IT security audit background. For AD Level: 3. The above should be performed by manager level persons at least 4-5 years in a consulting/audit firm for Stat audit.

Hiring for expeirenced folks with 6months to 1 years of IT Audit (ITGC) domain experience. Roles & responsibilities Assist in planning activities, development of audit program, and execution of internal audits and IT control assessments in the following areas: IT strategy and governance, IT operations, network and infrastructure security, cloud and third-party risk, programs and projects, automation, GITCs and application controls, and regulatory/compliance requirements •Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management •Work with client management team to assist in implementation of new processes and controls to address key risks, as necessary Educational qualifications BE/B-Tech/MCA/BSC-IT/MBA Candidates should have minimum 6 onths of experience. 5 days working from office Location- Bangalore Intrested canddiates can share their resume with mansiasija@kpmg.com

JOB DESCRIPTION Department : ITGC Audit Location : Gurgaon Roles and Responsibilities 1-Assist client in identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement. 2-Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. 3-Facilitate use of technology-based tools or methodologies to review, design, and/or implement products and services. 4- Understand clients' business environment and basic risk management approaches. Skills Required 1-Must have 1 - 8 years of experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits. 2- Knowledge of ERPs like SAP / OFIN / JDE / and their native application controls will be preferred. 3-Must have hands on experience on regulatory requirements / international standards (SSAE / ISAE / SOX, PCI, ISO 27001) and good practices (COSO, COBIT) relating to information security. 4-Must have Excellent English skills, excellent presentation skills, excellent soft skills. 5-Team Management skill is mandatory Education Requirement Chartered Accountant and/or MBA with Finance/IT. B.E/ B. Tech in Computer Science, Information Technology, or related fields.

IT auditor evaluates and assesses an organization's IT systems, processes, and controls to ensure compliance with regulations and industry standards, identify vulnerabilities, and recommend improvements for security and efficiency Conduct IT Audits

IT auditor evaluates and assesses an organization's IT systems, processes, and controls to ensure compliance with regulations and industry standards, identify vulnerabilities, and recommend improvements for security and efficiency Conduct IT Audits

Role & responsibilities Job Title: Assistant Manager - Information Security/ IT GRC Base Location: Thane/ Mumbai Employment Type: Full-Time Reporting To: Partner Job Summary: KVAT & Co is seeking a highly skilled and experienced Information Security Lead for its Governance, Risk, and Compliance Technology (GRC-T) practice. The ideal candidate will be responsible for executing and leading Information Security, Cybersecurity, and Data Privacy projects, ensuring compliance with regulatory standards, and providing strategic guidance to clients. This is a client-facing role requiring strong executive presence, leadership abilities, and technical expertise in the domain. The candidate should be able to independently manage projects and lead client engagements. Key Responsibilities: 1. Cybersecurity & Information Security Assessments and IT Audits: Conduct comprehensive cybersecurity reviews and IT Audits for clients. Perform gap assessments against leading security frameworks (ISO 27001, NIST, CIS, etc.). Evaluate existing information security controls and recommend remediation measures. 2. Security Implementation & Monitoring: Act as an implementation partner for information security controls and frameworks. Oversee and monitor the implementation process to ensure adherence to industry best practices. Support organizations in achieving compliance with regulatory frameworks (RBI, IRDAI, SEBI, GDPR, DPDP, etc.). 3. Policy Drafting & IT Risk Management: Develop and draft information security policies for clients as per industry standards. Conduct IT risk assessments to identify vulnerabilities and threats. Develop risk mitigation strategies to enhance IT governance frameworks . 4. Security Testing & Third-Party Risk Assessments: Provide support in vulnerability assessments & penetration testing (VAPT). Conduct third-party IT risk assessments and vendor information security reviews. 5. Data Privacy & Regulatory Compliance: Assist in GDPR compliance assessments and implementation projects . In-depth understanding of DPDP (Digital Personal Data Protection) framework and Indian data privacy laws . Stay updated with IRDAI, RBI, SEBI master circulars, and cybersecurity regulations to ensure compliance. 6. Client & Team Management: Serve as a point of contact for clients on information security project execution. Conduct awareness sessions for clients Assist in presentations for clients. 7. Business Development & Stakeholder Engagement: Develop decks, case study-based proposals , and service presentations. Present service offerings and project-based case studies to prospective clients. Lead discussions with CXOs, CIOs, and other senior stakeholders on cybersecurity matters. Key Skills & Competencies: Technical Expertise: Strong knowledge of cybersecurity frameworks, risk management, and IT governance . Regulatory Understanding: Hands-on experience with GDPR, DPDP, RBI, IRDAI, SEBI cybersecurity guidelines . Communication & Presentation: Ability to clearly articulate cybersecurity strategies and deliver high-impact presentations to clients. Leadership & Client Handling: Prior experience in a client-facing role with the ability to manage projects independently . Report Writing & Documentation: Strong reporting, policy drafting, and technical documentation skills. Project Management: Ability to plan, execute, and ensure timely delivery of IT GRC projects. Business Acumen: Experience in service pitching, proposal drafting, and stakeholder engagement . Required Qualifications & Experience: Educational Background: Bachelors in related fields Any additional certifications will serve as an added advantage. Experience: 5+ years of experience in Information Security, Cybersecurity, and IT GRC domains . Proven track record of handling projects independently and client interactions . Prior experience in consulting firms or IT security advisory firms is an added advantage. Consulting experience preferred CTC: As per industry standards and experience Why Join KVAT & Co? Opportunity to lead the projects High visibility role with direct client exposure and impact. Work on diverse industry sectors , handling cutting-edge cybersecurity projects. Collaborative and growth-oriented work environment . Application Process: Interested candidates can share their resume at hr@kvatco.co.in with the subject line Application for Information Security Lead – IT GRC” .