PhonePe - Information Technology & System Auditor - Internal Assurance Team

Information Technology & System Auditor - Internal Assurance Team

Position Purpose :

- This role leads and executes audit / review of PhonePe application systems and technology, across the IT landscape.

- The primary role is to performs technology risk assessments across technology areas and processes, evaluating relevant inherent risks, validating controls, assessing the effectiveness of control design and operation. Further, role involves participating in a variety of types of risk assessments including deep dives on new system developments and processes that are being instituted.

Job Role / Responsibilities :

- Internal assurance reviews to assess the adequacy, effectiveness and efficiency of the established internal controls and procedures.

- Identify key areas of risks in the payment solution and propose appropriate controls with the objective of mitigating the risks and improving financial & operational performance.

- Carryout vulnerabilities and risk assessments for new system developments.

- Assess alignment with SOX / ICOFR, PCI-DSS and ISO-27001 controls for critical enterprise systems; develop effective and efficient processes to remediate compliance gaps.

- Work closely with the stakeholders to ensure appropriate action plans are provided to mitigate the risks highlighted.

- Carryout Infrastructure audits - Data Centre and review of access controls.

Experience/ Exposure

- A strong technical background with wide knowledge of technology and applications operation to investigate and assess impact of risks.

- Experience of Risk Assessments / Technology and Operations Audits / IT Operations focused Control functions is beneficial but not essential, however an appreciation of risk subject matter is required.

- Experience of IT Management, project/ program Management or IT Audit/ Governance to be able to deliver assessments to agreed timelines with high stakeholder engagement.

- Exposure to payments card industry standards

- Excellent analytical and investigatory skills to identify underlying technology issues and demonstrate viable solutions and problem solving

- Sound understanding of internal and external control, compliance and risk frameworks such as CoBIT; ISO standards, etc.

- Minimum 8+ years of experience, with 3 - 4 year minimum auditing experience

Education/ Qualification :

- Bachelor Degree from an accredited college or university (or equivalent)

- Relevant professional IT Audit/ Audit certification (CIA, CISA, CISM, CISSP or equivalent)