Conduct IT audits, including ITGC, Application Controls, SOX, Cybersecurity, IT Governance, IT Operations, BCP/DR, and Cloud audits.
Assess design and operating effectiveness of controls over domains such as Access Management, Change Management, Incident & Problem Management, Backup & Recovery, and Infrastructure Security.
Review system migrations, implementations, and integrations to ensure appropriate controls are in place.
Perform risk assessments of IT systems, applications, and processes.
Test IT-dependent business process controls (e.g., automated calculations, reconciliations, interfaces).
Evaluate the adequacy of cybersecurity frameworks, data privacy practices, and regulatory compliance requirements (e.g., SOX, PCI DSS, RBI, SEBI).
Document audit findings, prepare reports, and present observations to stakeholders.
Collaborate with cross-functional teams (IT, Business, Risk, Compliance, and External Auditors).
Recommend improvements to strengthen IT governance, policies, and control environment.
Skills & Competencies
Strong understanding of IT General Controls (ITGCs) and frameworks (COBIT, NIST, ISO 27001, ITIL).
Knowledge of SOX IT Controls and regulatory compliance standards.
Hands-on exposure to auditing databases, operating systems, networks, and cloud environments.
Familiarity with cybersecurity concepts, vulnerability management, and incident response.
Experience with tools such as Audit Management Systems, GRC tools (RSA Archer, ServiceNow GRC, MetricStream).
Strong analytical, problem-solving, and communication skills.
Ability to prepare structured audit documentation and deliver clear, concise reports.
