Empliance - Senior Associate - Compliance & IT Audit

Company Description:.

- Empliance Technologies Private Limited (ETPL) is a leading provider of Enterprise Governance, Risk & Compliance (E-GRC) solutions, empowering businesses to make insightful decisions with confidence.

- Our mission is to protect client brands by enabling them to become self-reliant, sustainable, and ethically driven, while fostering trust and business growth.

- With a strong track record of working with 30+ clients, including 65% of globally listed businesses, we support finance, procurement, risk, sales, marketing, legal, and compliance teams through centralized, plug-and-play SaaS solutions.

- Our experienced team helps organizations strengthen their in-house GRC programs and gain a competitive advantage through seamless, technology-driven risk and compliance management.

About The Role:

- We are seeking an experienced Certified IT Audit & Cyber Risk Associate with strong expertise in ISO/IEC 27001 audits/SOC2 audits, TPRM and ITGC reviews.

- This is a Mumbai-based role ideal for professionals who thrive in a consulting environment and are passionate about driving high-impact IT risk assessments and compliance engagements.

Responsibilities:

- Lead and execute IT audits (including ITGC, application controls, and access reviews).

- Plan and implement ISO/IEC 27001 readiness assessments, gap analysis, and control audits.

- Support clients through certification preparedness for ISO, SOC 2, DPDP, RBI/IRDAI, etc.

- Document audit findings, risk reports, and remediation plans aligned with CISA standards.

- Conduct third-party risk assessments, VAPT coordination, and information security reviews.

- Advise clients on ISMS best practices, secure architecture, data handling, and regulatory compliance.

- Engage with stakeholders to design, communicate, and implement security and compliance controls.

Qualifications:.

- CISA/CISM/27KLA/ISO certification (preferable).

- Minimum 2-4 years of experience in IT audits, ISO implementation, and cybersecurity compliances.

- Strong understanding of ISO/IEC 27001, ISO 27701, and GRC frameworks.

- Exposure to Indian regulatory environments (e. , DPDP Act, RBI, IRDAI guidelines).

- Excellent analytical, reporting, and stakeholder management skills.