Job
Description
Company name : Justdial Ltd Location : Bangalore Level : Internal Auditor, Lead auditor Experience : 1- 4 years Must have ISO 27001:2013 or ISO 27001:2022 certificate : Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, ITGC reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibility Coordinate and manage statutory external audit for SOX (ITGC). Responsible for facilitating the data to external auditors Provides management reports by collecting, analysing, and summarizing audit information Conduct ISMS security awareness training program within organization Support Information Security Manager to manage & mitigate risk assessment and implement ISO 27001 control across organization Conduct risk assessment on the framework of ISO 27001/IT General Control and also conduct gap analysis for ISO 27001/ITGC Conduct internal audits for various business functions within the organization at defined frequency. Communicates audit progress and findings to respective business head Conduct data center audit as per ISO 27001 standard Develop and review all information security polices/procedure as per the business requirement, any change in emerging IT law or legal requirement Handling end to end ITGC statutory audit requirement (program change control, access control OS&DB, backup process, interview with key personal to understand process, risk assessment) Assist and consult organization with the implementation of ISO 27001:2013 and managing the ISMS Assist organization in implementing the business continuity for critical function Implemented and consulted organization for PCI DSS SAQ A-EP certification The Candidate A bachelor's degree in engineering OR Bsc -IT Experience in performing IT audits of banking/financial sector applications Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST,PCI-DSS, ISO27001) Technical Knowledge of IT Audit Tools Experience in carrying out OS/DB/Network reviews Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Strong project management, communication (written and verbal) and presentation skills A team player Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self- assurance, and professionalism Preferred Certifications CISA,/ CISSP/, ISO27001 Lead Auditor/Implementer and /CISM Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools (ref:hirist.tech) Show more Show less
