Senior IT Risk Management Professional

We're seeking a seasoned professional to drive our IT audit strategy, ensuring seamless alignment with organizational risks and regulatory expectations. This critical role plays a pivotal part in strengthening internal controls, enhancing IT governance, and providing independent assurance through proactive risk identification and audit oversight in a dynamic tech-driven environment.

• Develop and implement risk-based annual IT audit plans for various entities, ensuring responsiveness to and alignment with the organization's risk profile.
• Lead annual and ongoing evaluations of IT infrastructure, establishing controls and audit procedures to identify areas of risk or non-compliance across entities and map them to auditable functions.
• Ensure proper resourcing for plan implementation, adjusting as needed in response to changes in business risks, operations, programs, systems, and controls.

• Design and update audit tools, considering IIA guidelines and audit manuals, as well as operational, legal, and environmental changes affecting entities.
• Proactively inform senior management of significant risks or exposures related to internal controls, compliance, and governance requiring prompt attention.
• Provide feedback and recommendations on IT and data risks, improving operational efficiencies and processes where necessary.

• Maintain collaborative relationships with key stakeholders across entities.
• Oversee Internal Audit's participation in critical business and technology initiatives, ensuring that audit perspectives are effectively voiced and appropriate controls are designed and implemented proactively.
• Serve as a thought leader on IT risk management and internal control best practices.

• Continuously inspect and assess elements of the company's information systems, implementing audit test plans.
• Identify and evaluate IT risk exposure, recommending remediation strategies.
• Review security and digital measures taken by line functions and new business initiatives.
• Coordinate with external auditors and regulators, providing independent assurance on the IT framework and associated controls.
• Track issues and actions management process, ensuring timely closure.
• Identify early warning signals in IT areas, investigating potential fraud scenarios.
• Benchmark company systems against other available technologies, enhancing the organization through technology adoption.

• Deliver IT audit reports in a timely manner, ensuring clarity, conciseness, root cause identification, practical solutions, and value addition for management.
• Provide timely delivery of MIS, reports, and data to support Function Heads.
• Prepare materials and make presentations to the audit committee and management independently.

• Certifications such as CISSP, CISA, CISM, GIAC, PPM, PMP, DISA, or equivalent IT audits-related qualifications are preferred.
• Minimum 7 years of experience in IT audits, preferably with at least 2-3 years in a team management role.
• Strong knowledge of IT security and infrastructure, with experience working/auditing in agile product management environments.
• Fintech or NBFC industry experience with expertise in RBI and/or IRDAI guidelines on IT frameworks and sensitive data protection is desirable but not mandatory.

The Navi DNA - Ambition. Perseverance. Self-awareness. Ownership. Integrity.

We foster an environment where innovation thrives. At Navi, you'll be empowered to work in a dynamic team that builds and improves innovative solutions. If you're driven to deliver real value to customers, this is the place for you.

We strive for excellence by uplifting each other—and that starts with every one of us.

Why You'll Thrive at Navi

• You're impact-driven : You take ownership, build boldly, and care about making a real difference.
• You strive for excellence : Good isn't good enough. You bring focus, precision, and a passion for quality.
• You embrace change : You adapt quickly, move fast, and always put the customer first.