Lead - IT Auditor - NBFC

Individual will be responsible for assessing our IT systems, identifying vulnerabilities, and recommending risk-mitigation strategies. IT auditor plays a crucial role in helping the organization manage IT risks, safeguard assets, and ensure compliance with relevant laws, regulations, and industry standards.

Responsible to conduct following audits:

- IT Application Audit - Access, Change, Incident management, Interface, Application Security controls, SLA and vendor agreement, capacity management

- IT Infra & Governance Audit - Asset inventory classification control, Review Policy and procedures, implementation of policy, compliance of RBI guidelines, review resource management

- IT Vendor Audit - Infrastructure and security control, human resource, performance, Billing, policy / guideline compliance, system access control Thematic Audit

- Cybersecurity Audits: Conduct comprehensive reviews of our network infrastructure and applications. Provide needful recommendations for upgrading the organization's data security measures

- Technology Risk Assessment: Evaluate effectiveness of controls related to IT governance, data integrity and disaster recovery

- Assessing requirements for information security & compliance and implement solutions in accordance with organizational security framework

- Work closely with the other INA leaders to integrate IT audit findings into our overall risk assessment.

- Work with co-sourced partners on RBI mandated annual audits of IT and information system

- Must keep pace with technological advancements and assess their impact on our business

Qualification:

- CA/MBA/MCA with IT Audit experience of minimum 8 years

- CISA certification is mandatory

Experience:

- 8-12 years of experience as an IT Auditor and should have handled IT audit from financial services perspective, knowledge of RBI Guidelines, exposure to data governance, IT governance, Ops risk management

- Clear understanding of IT audit methodologies.

- Ability to work under pressure in a fast-paced environment.

- Strong attention to detail with an analytical mind and outstanding problem-solving skills.

- Great awareness of cybersecurity trends and hacking techniques