Job Description Position Title: Auditor – IT Security (Staff Accountant / Staff Consultant) Location: Category: Staff Level (including Analysts and Trainees) Industry: Chartered Professional Accountants / IT Security & Audit About the Opportunity We are a Canada-based Chartered Professional Accounting and Advisory firm, expanding our operations globally. We are seeking talented professionals in India to join our remote team . This is an exciting opportunity to work with a fast-growing firm, gain exposure to international clients, and develop expertise across multiple areas of IT security, audit, and advisory. Key Responsibilities IT Security Assessment Analyze and assess client IT infrastructure to evaluate the design and operational effectiveness of controls. Conduct or support risk assessments to identify information security vulnerabilities. Perform vulnerability assessments and penetration testing using tools such as Kali, Nessus, Parrot, etc. Evaluate antivirus programs, firewalls, password protection, and network security controls. Inspect networks and hardware for security gaps and recommend remediation measures. Provide expert input on security architecture concepts and requirements. Draft IT security policies, procedures, and guidelines for clients. Deliver security awareness training sessions as required. IT Audit Execute IT audits in the areas of infrastructure, processes, applications, operations, security, and emerging technologies. Apply IT audit and control frameworks (COBIT, NIST, ISO 27001, PCI, SOC1, SOC2, CSAE 3416, etc.). Prepare risk and control matrices, perform walkthroughs, and document processes and controls. Identify compliance gaps, process inefficiencies, and operational issues. Develop clear and comprehensive audit work papers, memos, and reports. Conduct assurance engagements including planning, scoping, risk assessments, and audit program execution. Finalize audit files and reports independently with minimal supervision. Provide advisory services to clients on IT risk, controls, and governance. Internal Control Testing Design and perform tests of controls (manual and automated) to evaluate adequacy and effectiveness. Conduct walkthroughs of business and IT processes to identify control gaps. Prepare and maintain risk & control matrices (RCM). Identify non-compliance with internal control requirements and highlight weaknesses. Document internal control frameworks, policies, and processes for clients. Test the design and operating effectiveness of entity-level, application, and IT general controls (ITGC). Prepare working papers clearly linking test results to audit findings. Recommend remediation plans to strengthen internal controls and ensure compliance with regulatory Advisory Work Assist clients in developing and managing IT security strategies, policies, and controls. Support design and implementation of Identity & Access Management tools. Assist in PCI compliance and ISO 27000 series assessments. Advise on risk mitigation strategies and incident response planning. Other Responsibilities Support other advisory or consulting engagements as per client needs. Perform day-to-day administrative functions as required in a remote setting. Qualifications and Skills Educational Qualification Bachelor’s / Master’s degree in Computer Science, Information Technology, Cyber Security, or related discipline. Preferred Certifications (one or more): CISA, CIA, CISSP, or CISM ISO 27001 Lead Auditor PCI QSA, PCIP CEH, OSCP, OSCE, CREST, SANS GIAC Required Skills & Experience Minimum 3 years of experience in IT audit and cybersecurity. Hands-on expertise in vulnerability scanning, penetration testing, and security assessment. Strong knowledge of cyber security standards, frameworks, and best practices. Experience in scripting languages (Perl, VBScript, *nix shell scripting). Familiarity with IDS, SIEM tools, and vulnerability management platforms (Qualys, ServiceNow, etc.). Knowledge of OWASP, SANS, NIST, and penetration testing standards. Experience with cloud security vulnerability management. Proficiency in Microsoft Office applications (Word, Excel, PowerPoint, Visio). Knowledge of CaseWare and CaseView is an advantage. Strong communication skills with proficiency in English writing and reporting . Ability to work independently, manage deadlines, and deliver under pressure. Willingness to work extended hours/weekends as per client needs (Canadian time zones may apply). Good to Have Exposure to SOX / SOC compliance audits. Demonstrated interest in pursuing professional certifications. Project management and multitasking ability. Employment Details Mode of Work: Remote (India) Work Hours: May require flexibility to align with Canadian client schedules. Compensation: Competitive, based on experience and qualifications. Growth: Opportunity to work on international assignments and upskill with global best practices. Additional Notes The company reserves the right to amend the job description as per business and client requirements. Selected candidates are expected to commit to continuous professional development and maintain high-quality deliverables. Poor quality of work poses significant risks to the organization and may result in corrective job actions. Job Types: Full-time, Permanent Pay: ₹70,000.00 - ₹100,000.00 per month Benefits: Paid time off Ability to commute/relocate: Satellite, Ahmedabad, Gujarat: Reliably commute or planning to relocate before starting work (Required) Education: Bachelor's (Preferred) Experience: IT auditing: 3 years (Preferred) Cybersecurity: 3 years (Preferred) License/Certification: Bachelor’s / Master’s degree in Computer Science (Required) Work Location: In person
Wait!
Before You Leave... Find Your Perfect Job!
Are you sure you don't want to discover the perfect job opportunity? At JobPe, we help you find the best career matches, tailored to your skills and preferences. Don’t miss out on your dream job!