Employment Type: Full-time

Job Summary:

- We are seeking a highly disciplined and analytical Audit and Compliance Officer with 3-8 years of experience to lead and execute internal auditing functions and manage the organization's regulatory compliance framework.

- The ideal candidate will possess deep technical knowledge of internal controls, risk assessment methodologies, and industry-specific regulations, ensuring operational integrity and adherence to both internal policies and external legal requirements.

Key Responsibilities and Technical Focus:

Internal Audit Planning and Execution:

- Develop and implement a risk-based annual internal audit plan, policies, and rigorous procedures utilizing contemporary auditing standards ( IIA standards, COSO framework).

- Execute scheduled and ad-hoc internal audits to technically assess the design and operating effectiveness of internal controls (financial, operational, and IT general controls), accuracy of financial records, and operational efficiency across all business units.

- Employ data analytics tools and techniques ( ACL, IDEA) to sample and test transactional data, identify anomalies, and quantify control weaknesses.

Compliance and Regulatory Oversight:

- Proactively identify, assess, and document potential areas of compliance risk stemming from operational changes, new regulatory mandates, or systemic control failures.

- Monitor and ensure comprehensive compliance with internal organizational policies ( Delegation of Authority, T&E) and all applicable external regulatory requirements (SEBI, RBI, PMLA, data privacy laws, industry-specific regulations).

- Maintain updated technical knowledge of evolving laws and regulations applicable to the organization's industry and geographic operations, advising management on necessary process adjustments.

Risk Management and Remediation:

- Investigate thoroughly all reported incidents of non-compliance, control override, or suspected fraud, documenting findings and recommending robust, sustainable corrective actions and disciplinary measures where appropriate.

- Collaborate strategically with process owners across various departments (Finance, Legal, HR, IT) to implement remedial measures, enhance control effectiveness, and embed risk mitigation strategies into daily operations.

- Support the broader enterprise risk management (ERM) activities, contributing to risk identification workshops and control self-assessment programs.

Reporting and Audit Facilitation:

- Prepare clear, concise, and technically sound audit reports detailing findings, assessed risks (inherent and residual), and pragmatic recommendations for process and control improvements.

- Present audit reports and compliance status updates to the Audit Committee and senior management, ensuring transparency and timely acknowledgement of significant issues.

- Coordinate and facilitate all aspects of external audits (Statutory, Tax, Concurrent) and regulatory inspections, ensuring prompt provision of necessary documentation and technical explanations.

- Maintain comprehensive, organized compliance documentation and records for all internal and external reviews and regulatory inquiries.

Training and Culture:

Develop and deliver targeted compliance training initiatives to staff across the organization to raise awareness and promote a strong culture of ethics, control consciousness, and regulatory adherence.

Preferred Skills:

- Professional certifications such as CIA (Certified Internal Auditor), CISA (Certified Information Systems Auditor), or CFE (Certified Fraud Examiner) are highly desirable.

- In-depth working knowledge of the COSO framework and global auditing standards, with practical experience in their implementation.

- Demonstrated technical proficiency in using GRC (Governance, Risk, and Compliance) software systems and data analytics tools for continuous auditing and monitoring.

- Specific experience navigating complex regulatory environments in India, particularly for the finance, technology, or manufacturing sectors.

- Strong technical report writing and presentation skills, with the ability to communicate control gaps and risks effectively to both technical and non-technical audiences