Job Description
Internal employees at level 5/6/7 can apply
Role IT Audit
Job Responsibilities
Audit execution
End to end manage/closure of IT security reviews assigned for a specified period
Create scope and coverage for the IT security audit assigned for the period
Execute the audit with or without the support of external consultants
Create comprehensive reports post the completion of audit
Work closely with IT teams, Cyber Security, Risk and compliance teams
Follow up on audit observations and closure
IT risk assessment
Conduct risk assessments to identify key IT risks
Review adherence to frameworks and regulations such as ISO 27001, COBIT, NIST, CIS, SOX, IRDAI and DPDP Act
Evaluate effectiveness of information and cyber security controls e.g. identity and access management, change management, business continuity, end user security, data privacy controls, SOC monitoring, cyber security tools etc.
Assess risks related to cloud, networks, and IT infrastructure
Conduct/oversee application security audits (vulnerability assessment) using tools such as Burp Suite
Review system logs, configurations, and access rights
Educational qualification Graduate (preferably BE/B-Tech/BCA) and CISA/CEH mandatory
Competencies
Minimum four to five years of experience in IT security audit or information security domain
Understanding of the key IT risks and controls
Good communication skill
