Company Overview:
ANB is a fully integrated and one of the fastest-growing assurance and business advisory firms, with 450 plus employees and a presence in 6 countries. ANB leverages practical experience of many years in multi-disciplinary areas like business risk management, tax advisory, information risk management, assurance, consulting, compliance, regulatory risk, technology, GRC tools, and transaction services. Our clients include top 500 companies, touching every major industry. At ANB, we are a motley crew of inspired innovators, technologists, business designers and project managers, but we are also entrepreneurs who partner in creating new opportunities.
Job Overview:
We are seeking a highly skilled IT & Cyber Security Auditor to join our team with 3 to 6 years of experience. The ideal candidate will be responsible for conducting comprehensive audits of IT systems, applications, infrastructure, and cyber security protocols. This role involves assessing risks, evaluating security controls, and ensuring compliance with industry standards and regulatory requirements. The auditor will provide valuable insights and recommendations to enhance the organization's security posture.
Key Responsibilities
Information Systems (IS), IT, and Cybersecurity Audits
- Lead and conduct comprehensive audits across IT systems, cybersecurity protocols, and information systems for financial institutions including banks, NBFCs, asset management companies, stockbrokers, depositories, and payment system operators.
- Plan, execute, and manage end-to-end audit engagementscovering risk assessments, scoping, fieldwork, and final reporting.
- Evaluate the design and operational effectiveness of information security controls and risk management frameworks.
- Ensure audit activities align with applicable regulations, industry standards, and frameworks (e.g., ISO 27001, NIST, PCI DSS, RBI/SEBI guidelines).
- Identify control gaps, vulnerabilities, and process inefficiencies, providing actionable recommendations for improvement.
- Draft and deliver clear, concise audit reports outlining key findings, risks, and proposed corrective actions.
- Present audit results and risk assessments to senior management and executive stakeholders, supporting follow-up and remediation initiatives.
Qualification and Experience
- Bachelor's or Master's degree in Information Technology, Cyber Security, or a related discipline.
- Professional certifications such as CISA, CISSP, CEH, or ISO 27001 Lead Auditor are highly preferred.
- Strong understanding of IT security frameworks, risk management principles, and compliance standards (e.g., ISO 27001, NIST, COBIT).
- Proven experience in conducting IT audits, vulnerability assessments, and cybersecurity risk assessments.
- Prior experience with regulatory compliance in the financial services sector (RBI, SEBI, IRDAI) is strongly preferred.
- Hands-on exposure to compliance audits, including but not limited to:
- SEBI's System Audit Framework and Cyber Security and Cyber Resilience Framework (CSCRF).
- RBI's circulars, Master Directions, and guidelines such as the IT Framework for NBFCs and Cyber Security Framework for Banks.
- Other relevant regulatory requirements (e.g., IRDAI, PFRDA, etc.).
- Excellent analytical, problem-solving, and communication skills, with the ability to articulate complex technical issues clearly.
Demonstrated ability to work both independently and as part of a cross-functional team in a dynamic environment.
