IT Auditor

**Responsibilities**:
**Finastra: Who are we?**

The Future of work is OPEN. Finastra is the 3rd largest fintech company in the world, with 10,000 superstars serving 8,500 financial institutions in 130 countries. We are building the #1 open platform for the financial universe, partnering with global players like Microsoft, Accenture, Salesforce and many more.

We believe the future is OPEN and that means we have an OPEN platform, OPEN ecosystem, OPEN & inclusive culture, and we are OPEN for Good, particularly focusing on financial inclusion, open innovation and helping save the planet.

**Internal Auditor - Information Technology**

**Job Summary**

This role is responsible for executing audits as prescribed in Internal Audit's audit plan and works extensively the business to learn, document, and/or test processes to identify opportunities for improvement or gaps in controls and/or company policies.

**Responsibilities**
- ** Must** have experience working with NIST, CMMC, FFIEC or similar frameworks
- Maintain knowledge of current information technology, InfoSec, auditing practices, industry trends, etc.
- Conduct audits for compliance with policies, standards, key controls, regulatory requirements etc., including testing, analyzing evidence, and identifying issues
- Evaluate the design and operating effectiveness of controls to manage risk within risk appetite and tolerance
- Validate exceptions including quantifying risks, investigating root causes, and working with owners to establish action plans
- Prepare work papers to adequately document audit work performed and to support conclusions reached
- Prepare formal written reports expressing opinions, review results with management and perform ongoing tracking and monitoring of remediation efforts

**Experience**:

- B.S. in information technology or related field (e.g., information systems, business intelligence, computer science, etc.)
- ** Must** have 3-5 years of IT Audit in Information Security and Cyber security space**:

- ** Must **have experience testing controls related to threat and vulnerability management such as penetration testing, vulnerability scans, network security including firewall rules, intrusion prevention and detection systems and other security monitoring tools.**:

- **Must **have experience auditing enterprise asset management, ITIL and DR systems and processes**.

**Hybrid : Model**

**Job Location: Bangalore or Pune