IT Audit Professional

- As an IT Audit Professional, you will be responsible for assessing and evaluating an organization's information systems, IT infrastructure, and related processes to ensure compliance, security, and efficiency. You will work closely with internal teams to identify and mitigate IT-related risks, as well as contribute to the enhancement of IT controls and overall governance. The role involves conducting audits, providing recommendations, and helping the organization maintain a robust and secure IT environment.

- Responsibilities: 1. ITGC Testing: a. Log monitoring b. Network management c. Antivirus, Firewall, and other intrusion detection/prevention systems d. Access management for IT infrastructure (privileged user management) e. BCP and DRP, Back-Up Process A. Testing of controls at Application Level w.r.t. followings in (SAP, Navision, and other Oracle-based accounting software including which are used in NBFC and Banks): a. Accounts and Finance Module Audit Planning and Execution: Plan and execute IT audits based on industry standards, regulatory requirements, and organizational policies. Conduct risk assessments to identify areas of concern in information systems and IT processes. Compliance and

- Governance: Evaluate and ensure compliance with relevant laws, regulations, and industry standards pertaining to IT and data security. Contribute to the development and maintenance of IT governance frameworks. Risk Assessment: Assess IT-related risks, vulnerabilities, and threats to the organization's information systems. Collaborate with stakeholders to implement risk mitigation strategies. Internal Controls: Evaluate the effectiveness of IT internal controls and provide recommendations for improvements.

- Monitor and report on the status of IT control deficiencies and corrective actions. Cybersecurity Evaluation: Assess the organization's cybersecurity posture, including network security, access controls, and data protection measures. Stay updated on emerging cybersecurity threats and technologies. Audit

- Documentation: Prepare detailed and well-organized audit documentation, including findings, conclusions, and recommendations. Communicate audit results to management and relevant stakeholders. Collaboration: Work closely with IT and business units to understand processes, identify control gaps, and implement solutions. Collaborate with external auditors and regulatory bodies as needed. Continuous Improvement: Contribute to the continuous improvement of IT audit processes and methodologies. Stay informed about best practices and industry trends in IT auditing. Training and

- Awareness: Provide training and awareness sessions to staff on IT controls, security practices, and regulatory requirements. Foster a culture of IT security awareness within the organization.

- Qualifications: Education: Bachelor's degree in Information Technology, Computer Science, Accounting, or a related field. Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or equivalent are often preferred. Experience: Proven experience in IT auditing, information security, or related roles. Familiarity with auditing standards, frameworks, and best practices.

- Technical Skills: Strong understanding of IT systems, networks, databases, and cybersecurity principles. Proficiency in using audit tools and technologies.

- Analytical Skills: Excellent analytical and problem-solving skills, with attention to detail. Communication Skills: Effective written and verbal communication skills to convey complex technical information to non-technical stakeholders. Team Player: Ability to work collaboratively with cross-functional teams.

- Regulatory Knowledge: Knowledge of relevant IT regulations, standards, and frameworks. Continuous Learning: Commitment to staying updated on industry trends, emerging technologies, and changes in the regulatory landscape.