Role & responsibilities Job Title: Assistant Manager - Information Security/ IT GRC Base Location: Thane/ Mumbai Employment Type: Full-Time Reporting To: Partner Job Summary: KVAT & Co is seeking a highly skilled and experienced Information Security Lead for its Governance, Risk, and Compliance Technology (GRC-T) practice. The ideal candidate will be responsible for executing and leading Information Security, Cybersecurity, and Data Privacy projects, ensuring compliance with regulatory standards, and providing strategic guidance to clients. This is a client-facing role requiring strong executive presence, leadership abilities, and technical expertise in the domain. The candidate should be able to independently manage projects and lead client engagements. Key Responsibilities: 1. Cybersecurity & Information Security Assessments and IT Audits: Conduct comprehensive cybersecurity reviews and IT Audits for clients. Perform gap assessments against leading security frameworks (ISO 27001, NIST, CIS, etc.). Evaluate existing information security controls and recommend remediation measures. 2. Security Implementation & Monitoring: Act as an implementation partner for information security controls and frameworks. Oversee and monitor the implementation process to ensure adherence to industry best practices. Support organizations in achieving compliance with regulatory frameworks (RBI, IRDAI, SEBI, GDPR, DPDP, etc.). 3. Policy Drafting & IT Risk Management: Develop and draft information security policies for clients as per industry standards. Conduct IT risk assessments to identify vulnerabilities and threats. Develop risk mitigation strategies to enhance IT governance frameworks . 4. Security Testing & Third-Party Risk Assessments: Provide support in vulnerability assessments & penetration testing (VAPT). Conduct third-party IT risk assessments and vendor information security reviews. 5. Data Privacy & Regulatory Compliance: Assist in GDPR compliance assessments and implementation projects . In-depth understanding of DPDP (Digital Personal Data Protection) framework and Indian data privacy laws . Stay updated with IRDAI, RBI, SEBI master circulars, and cybersecurity regulations to ensure compliance. 6. Client & Team Management: Serve as a point of contact for clients on information security project execution. Conduct awareness sessions for clients Assist in presentations for clients. 7. Business Development & Stakeholder Engagement: Develop decks, case study-based proposals , and service presentations. Present service offerings and project-based case studies to prospective clients. Lead discussions with CXOs, CIOs, and other senior stakeholders on cybersecurity matters. Key Skills & Competencies: Technical Expertise: Strong knowledge of cybersecurity frameworks, risk management, and IT governance . Regulatory Understanding: Hands-on experience with GDPR, DPDP, RBI, IRDAI, SEBI cybersecurity guidelines . Communication & Presentation: Ability to clearly articulate cybersecurity strategies and deliver high-impact presentations to clients. Leadership & Client Handling: Prior experience in a client-facing role with the ability to manage projects independently . Report Writing & Documentation: Strong reporting, policy drafting, and technical documentation skills. Project Management: Ability to plan, execute, and ensure timely delivery of IT GRC projects. Business Acumen: Experience in service pitching, proposal drafting, and stakeholder engagement . Required Qualifications & Experience: Educational Background: Bachelors in related fields Any additional certifications will serve as an added advantage. Experience: 5+ years of experience in Information Security, Cybersecurity, and IT GRC domains . Proven track record of handling projects independently and client interactions . Prior experience in consulting firms or IT security advisory firms is an added advantage. Consulting experience preferred CTC: As per industry standards and experience Why Join KVAT & Co? Opportunity to lead the projects High visibility role with direct client exposure and impact. Work on diverse industry sectors , handling cutting-edge cybersecurity projects. Collaborative and growth-oriented work environment . Application Process: Interested candidates can share their resume at hr@kvatco.co.in with the subject line Application for Information Security Lead – IT GRC” .

Job Title: Assistant Manager – Audit, Corporate Governance, Risk, and Compliance Location: Mumbai/ Thane Job Type: Full-time Reports to: Project Lead/ Manager-in-charge Firm Overview: KVAT & Co, a business consulting and auditing firm with deep expertise in corporate governance, risk management, compliance, monitoring services, technology, and training. Established in 2021, our firm has rapidly evolved from a pioneering partnership between two visionary leaders to a robust team of seasoned professionals with a diverse industry presence. Our operational capacity has expanded significantly to accommodate the increasing demands of clientele which are some of the leading organizations in the diverse industry segments. We continue to scale our services to deliver unparalleled solutions tailored to meet and exceed the evolving needs of our clients. We have forged strategic alliances in India, the Kingdom of Saudi Arabia, and the United Arab Emirates enhancing our capability to serve a global clientele effectively. With a registered office in India, our international perspective ensures that we provide comprehensive solutions that meet global standards. Job Summary: We are seeking an experienced and dynamic Assistant Manager for Internal Audit, Risk Management & Compliance to join our team. The ideal candidate will lead and execute projects related to internal audit, ESG advisory and readiness, Business Continuity Disaster Recovery Plans (BCDRP), SOP documentation, business process re-engineering, concurrent audits, branch audits, enterprise risk management, technology audits, revenue audits, IFC Control and testing, outsourcing audit, SEBI, RBI, IRDAI Compliances, risk control matrix, etc. The Assistant Manager will be responsible for ensuring thoroughness in all deliverables and maintaining effective communication with both internal teams and clients. Key Responsibilities: · Execution of day-to-day project activities and get the necessary data/ information from the client · Conduct audits/ any other project(s) as per the client requirements · Carry out discussions with clients for any project/ audit related issues, audit queries/ findings. · Prepare Audit Program and report to Project Manager/ Senior Manager/ Associate Director/ Partner. · Monitor the progress of audit and own project performance and report to Senior Managers. · Execution of key audit areas/ focus audit areas. · Prepare the audit report / Deliverable (Qualitative). · Work on project deliverables as per required quality within the timeline and scope. · MIS preparation for plan v/s actual and catch-up plan (in case of any delayed projects). · Preparation of status update documentation for the client. · Co – ordinate with client SPOC for audit kick off, audit execution, audit discussions, progress monitoring, deliverable discussions. · Execute internal audits, process reviews, and compliance audits (e.g., SEBI, IRDAI, RBI) in line with client requirements, engagement scope, and audit methodology. · Collect relevant data/information and perform preliminary analysis to support audit objectives. · Develop and execute audit work programs, including process walkthroughs, risk identification, control evaluation, and testing. · Independently handle audit areas with medium-to-high risk exposure and document testing outcomes with adequate evidence. · Coordinate and conduct meetings with client SPOCs to understand processes, gather information, and discuss observations or clarifications. · Draft Risk & Control Matrices (RCMs), process narratives, and process flow diagrams aligned to COSO/ERM frameworks. · Prepare clear, concise, and insightful audit reports with executive summaries, observations, risk impact, and actionable recommendations. · Track audit project progress against plan; report deviations and develop catch-up plans in consultation with the Project Manager/Senior Manager. · Perform data analytics using Excel, ACL, Power BI, or other audit tools to identify anomalies, trends, and patterns relevant to audit scope. · Support preparation of client deliverables such as draft and final audit reports, dashboards, status updates, and executive presentations. · Engage in discussions with senior management for issue validation, root cause analysis, and agreement on corrective action plans. · Ensure compliance with applicable internal audit standards (IIA, ICAI SIA) and firm’s quality assurance procedures. · Maintain audit documentation, working papers, and evidence repositories in line with engagement documentation standards. · Assist in preparation of MIS dashboards for plan vs actual tracking, resource utilization, and project pipeline monitoring. · Co-ordinate with client teams for kick-off meetings, data requirements, audit walkthroughs, closure meetings, and feedback collection. · Lead and execute smaller audit assignments or segments of larger audits independently under guidance. · Contribute to internal knowledge sharing, audit templates, tools improvement, and industry-specific control libraries. · Implementing Power Query, SQL and Power BI in assignments pertaining to Audits/ Risk/ Governance or standalone Data Analytics projects or wherever applicable. Qualifications and Experience: · Bachelor’s degree in business administration, Finance, Accounting, or a related field; advanced degree and Qualified CA (1 to 2 years of post-qualification experience in Internal Audit) · Minimum of 3 to 5 years of experience in corporate governance, audit, risk, compliance, or related areas. · Excellent communication skills, both written and verbal. · Strong analytical and problem-solving abilities. · Ability to work independently and as part of a team. · Proficiency in relevant software and tools (e.g., audit management software, tools like Tally, ERM, SAP, Microsoft tools). · Experience in small to mid-sized consulting firms preferred. · Diverse industry experience preferred Benefits : - Competitive pay benefits and performance linked incentives. - Opportunities for learning, professional development, and career growth. - Collaborative and inclusive work environment. CTC: - As per industry standards and relevant experience Show more Show less