Senior IT Auditor

3 - 4 Years

Hyderabad

Posted 3 months ago

#IT Audit #Information Security #IT Controls #IT Compliance #IT Risk Management #CISA #CISM #SOX

Job Title: Senior IT Auditor

Domain: Accounting/Corporate Finance

Location: Hyderabad, India

Experience Required: 3 - 4 Years

Job Description:

We are seeking a Senior IT Auditor to join our team in Hyderabad, India. This position is ideal for a professional with a background in IT audits and a solid understanding of IT General Controls (ITGC), SOX, SOC-1, and SOC-2 audit processes. The role requires a proactive individual who can manage multiple projects while building strong client relationships.

Key Responsibilities:

- IT Audit Reviews: Perform comprehensive IT audit reviews, focusing on ITGC, SOX, SOC-1, and SOC-2 audits, ensuring compliance and risk mitigation.

- Risk Assessment & Control Evaluation: Conduct risk assessments, identify and evaluate controls, and capture the same in Risk & Control Matrices.

- Control Testing: Perform detailed testing of IT security application controls, interface controls, ITGC reviews, change management, access control, business continuity, and disaster recovery systems.

- Quality Reviews: Oversee and conduct quality reviews of the team's work on control testing, ensuring precision and compliance with set standards.

- Client Custom Control Catalogues: Review and enhance clients' custom control catalogues, aligning test procedures and control language to ensure efficiency in remote execution.

- SOC-1 Documentation: Supervise and review the team's SOC-1 testing and documentation efforts.

- Control Weakness Identification: Identify weaknesses in IT control processes by performing detailed risk assessments and documenting all findings clearly.

- Stakeholder Relationships: Build and maintain strong working relationships with engagement managers and onshore teams to ensure seamless project execution.

- Vulnerability Assessment & Penetration Testing: Perform vulnerability assessments and penetration testing as per client requirements, using industry-standard tools and techniques.

Required Qualifications And Experience:

- Chartered Accountant (CA) with at least 3 years of post-qualification experience in IT audit, ITGC, SOX, SOC-1, SOC-2, and application control reviews.

- Solid understanding of IT security protocols and control frameworks such as COBIT, ITIL, and Information Security standards.

Preferred/Desired Qualifications: Certification in one or more of the following:

- CISA (Certified Information Systems Auditor)

- CISM (Certified Information Security Manager)

- CISSP (Certified Information Systems Security Professional)

- ISO 27001 LA (Lead Auditor)

- ISO 22301 LA (Business Continuity Management Systems Lead Auditor)

- CBCP (Certified Business Continuity Professional)

- Experience in post-implementation reviews, strategy transformation, and information security is highly desirable.

- Prior experience in internal auditing, graduating to IT auditing, is highly preferred.

- Candidates must be available to join within 30 days or less and should be immediately available for interviews.