Lead - IT Regulatory Compliance & Audit II Gurgaon II 8-15 Years

Arora.rajat@sammaancapital.com.

Lead - IT Regulatory Compliance & Audit

Location

[Gurgaon]

Key Purpose of the Role

The Lead - IT Regulatory Compliance & Audit will be responsible for ensuring the organizations full compliance with applicable IT and Cybersecurity laws, regulations, and supervisory expectations, specifically those outlined by the Reserve Bank of India (RBI), including the Master Directions on Information Technology and Cyber Security Framework and IT Outsourcing guidelines. This role will also lead the IT Infra and cybersecurity audit management process, ensuring the timely closure of observations and proactive compliance monitoring.

Key Responsibilities

IT Regulatory Compliance (RBI & Other Regulatory Bodies)

• Ensure ongoing compliance with RBIs IT and Cybersecurity Master Directions, circulars, notifications, and guidelines.
• Track and analyze IT regulatory updates and assess their impact on IT operations, security, and governance.
• Implement a compliance monitoring framework specific to IT and cybersecurity, including regulatory checklists, gap assessments, and periodic testing.
• Ensure timely submission of IT-related regulatory returns, filings, and disclosures as required under various laws and RBI guidelines.
• Maintain a regulatory IT compliance register and evidence of adherence.
• Coordinate with IT, Information Security, Risk, and Legal teams to ensure regulatory alignment across technology and operations.

IT Policy Management

• Draft, review, and update IT policies, processes, and internal control frameworks in line with regulatory changes.
• Provide guidance to IT and business units on the interpretation and implementation of IT regulatory requirements.

IT Audit & Cybersecurity Review Management

• Lead and manage IT audits, assessments, statutory audits, and regulatory inspections.
• Liaise with IT auditors, statutory auditors, and regulatory examiners.
• Track and ensure timely closure of all IT audit observations and regulatory inspection findings.
• Prepare and present periodic reports to senior management and the Board on IT audit and compliance status.

Stakeholder Reporting

• Prepare IT Compliance Risk Management Reports, Quarterly IT Compliance Reviews, and other Board-level presentations.
• Report material IT regulatory breaches or significant non-compliance incidents.

Training & Awareness

• Conduct regular training sessions for employees on IT regulatory compliance requirements and updates.
• Promote a strong IT compliance culture across the organization.

Desired Candidate Profile

Education & Certifications

• Graduate/Post-Graduate in Information Technology, Computer Science, Cybersecurity, Law, or related fields.
• Certification in IT Compliance / Cybersecurity / Risk Management preferred (e.g., CISA, CISM, CISSP, ISO 27001 LA, IIBF Certified Compliance Professional).

Experience

• Minimum 8-12 years of relevant experience in IT regulatory compliance and audit functions within Banking, NBFCs, or Financial Services.
• Hands-on experience with RBI IT compliance management.
• Hands on IT infra services specially VAPT, AD, Messaging etc..

Key Skills & Competencies

• In-depth understanding of RBIs IT and Cybersecurity regulations, circulars, and guidelines.
• Strong knowledge of IT compliance and IT risk management practices.
• Excellent analytical, communication, and stakeholder management skills.
• Strong leadership and team management capabilities.
• Proficiency in preparing IT regulatory and Board-level reports.
• Proficiency in managing the VAPT related to IT infra services

Key Interfaces

Internal

• IT - Infra
• Information Security
• Risk Management
• Legal & Secretarial
• Internal Audit

External

• Reserve Bank of India (RBI)
• IT Auditors
• Cybersecurity Consultants
• Legal Counsel & Consultants

Employment Type

Full-Time / Permanent

Thanks

Rajat Arora

98735 66771