IT Auditor

We are seeking a highly skilled and experienced GRC/infosec professional to join our organization. The IT Auditor will play a critical role in assessing the security, compliance, and overall effectiveness of our IT systems and infrastructure. The ideal candidate will have a strong background in IT audit, risk management, and compliance, along with excellent analytical and communication skills.

Responsibilities:

Conduct IT Audits: Plan, execute, and report on IT audits to evaluate the effectiveness, security, and compliance of the organisation's IT systems, applications, and processes.

Risk Assessment: Identify and assess IT-related risks and vulnerabilities, and work with stakeholders to develop risk mitigation strategies.

Compliance: Ensure that the organization's IT practices adhere to industry standards, regulations, and internal policies.

Audit Documentation: Prepare detailed audit documentation, including audit programs, testing procedures, and findings reports.

Data Analysis: Analyze and interpret data to identify trends, anomalies, and areas for improvement.

Process Improvement: Provide recommendations for enhancing IT processes, controls, and security measures to mitigate risks and improve efficiency.

Communication: Effectively communicate audit findings, recommendations, and risk assessments to both technical and non-technical stakeholders, including senior management.

Stay Informed: Keep up-to-date with industry trends, emerging threats, and best practices in IT auditing and information security.

Team Collaboration: Collaborate with cross-functional teams to address IT audit findings and implement necessary changes.

Compliance Monitoring: Monitor the progress of remediation plans and ensure that audit recommendations are implemented in a timely manner.

Qualifications:

• A bachelor's degree in information technology, computer science, or a related field is required.
• Proven experience as an IT auditor with 1-3 years in a similar role.
• Strong knowledge of IT auditing standards, methodologies, and best practices..
• Strong analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Attention to detail and the ability to work independently or as part of a team.
• Knowledge of regulatory frameworks and compliance requirements, such as IS27001 and IS (RBI) ITGC, is essential.
• Knowledge of IT security concepts and technologies.
• Strong understanding of information systems and infrastructure.