Job Title: Deputy Manager / Manager / Senior Manager – IT Audit
Location: Bangalore / Mumbai
Experience: 4+ Years
Department: Risk Advisory / Information Security / IT Audit
Key Responsibilities:
ITGC & IT Audit
- Perform end-to-end audits of IT General Controls (ITGC), IT Application Controls, and automated business controls across various systems (SAP, Oracle, etc.).
- Evaluate IT policies, procedures, and processes against regulatory and compliance requirements (SOX, SSAE18/SOC1, SOC2).
- Execute risk-based IT audits and assess IT risk and controls in the areas of access controls, change management, backup & recovery, and incident management.
- Prepare detailed audit reports, highlighting key issues and action plans for remediation.
Network Security
- Assess network and infrastructure controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), routers, and VPNs.
- Conduct vulnerability assessments and review patch management processes.
- Collaborate with cybersecurity teams to identify threats and ensure compliance with security best practices and standards (ISO 27001, NIST, CIS, etc.).
Third Party Risk Management (TPRM)
- Conduct third-party/vendor risk assessments focused on cybersecurity, data privacy, regulatory compliance, and business continuity.
- Assess security posture and compliance of vendors through document review, questionnaires, and due diligence tools.
- Maintain vendor risk profiles and ensure ongoing monitoring and reassessment based on criticality.
- Coordinate with business units, procurement, and legal teams to review contracts and SLAs for security and compliance obligations.
Key Requirements:
- Education: Bachelor’s/Master’s degree in Information Technology, Computer Science, or a related field.
- Certifications (preferred): CISA, CISSP, ISO 27001 LA, CRISC, CEH, or similar.
- Strong understanding of IT controls, audit processes, and network security protocols.
- Familiarity with control frameworks such as COBIT, NIST, ISO 27001, and SOC.
- Excellent communication skills to interact with internal and external stakeholders.
- Ability to manage multiple audits/projects and lead teams depending on the role level.
Experience Level:
- Deputy Manager: 4–6 years, with hands-on audit/testing experience.
- Manager: 6–9 years, with project leadership, team handling, and reporting responsibilities.
- Senior Manager: 9+ years, with strategic oversight, client engagement, and practice development experience.