
Information Security Auditor
24 hours ago
INFORMATION SECURITY AUDITOR
ROLE SPECIFICATION
Role Title Information Security Auditor Employee Interviewed Reports To Head – Information Security Audit & Compliance Company Muthoot Fincorp Limited Function/Department MFL One Location Bengaluru Written By Sabarinath Menon (Lead – Center of Excellence | People & Culture) Approved By (Functional Head) Date (Written On) November 2024 ROLE SUMMARY (PURPOSE) The Information Security Auditor at Muthoot Fincorp Limited (MFL), assesses and evaluates our information systems, data protection protocols, and cybersecurity measures to ensure compliance with regulatory requirements, internal policies, and industry best practices. This role involves identifying vulnerabilities, providing recommendations for security improvements, and helping to safeguard company data and systems from potential security breaches. ORGANIZATIONAL CHART KEY RESPONSIBILITIES Perform regular internal and external audits to assess compliance with security policies, standards, and controls. Review IT infrastructure, applications, networks, and data protection practices. Identify vulnerabilities and assess risks associated with information systems and recommend corrective actions to reduce risk and improve security. Prepare detailed audit reports, outlining findings, non-compliance issues, and risk assessments, and present findings to senior management and provide actionable recommendations. Develop and execute comprehensive internal audit plans to assess the effectiveness of risk management, control, and governance processes within the organization Evaluate the adequacy of cloud security controls which includes but not limited to access management, data encryption, and incident response procedures. Conduct audits based on cloud security controls, specifically AWS and OCI.
Provide recommendations, suggestions to improve security posture of the cloud hosted infrastructure. Ensure ongoing compliance with relevant industry standards (e.g., ISO 27001, DPDPA). Additionally collaborate with teams to maintain compliance with regulatory requirements (e.g., GDPR, HIPAA). Offer insights and guidance on security policies, access controls, data protection, and risk management strategies. KEY INTERACTIONS Internal Stakeholders External Stakeholders IT and Cybersecurity Teams: Work closely on implementing recommendations and ensuring secure IT operations. Compliance Officers: Collaborate to maintain adherence to internal policies and external regulations. Senior Management: Provide audit findings and suggest improvements to executive leadership. HR and Legal Departments: Engage for policy alignment and regulatory compliance. Third-Party Vendors: Conduct security assessments of vendors and ensure they comply with data protection requirements. Regulatory Authorities: Maintain compliance with relevant industry and government standards. External Auditors: Coordinate joint assessments or external audits as necessary. KEY ROLE DIMENSIONS This is a Pan India Individual Contribution role, which requires continuous communication, mostly with senior leaders, compliance and technology team KEY SKILLS & BEHAVIOURAL ATTRIBUTES Proficiency in cybersecurity frameworks, network security, vulnerability management, and information systems auditing. Strong understanding of risk assessment methodologies and the ability to identify and prioritize vulnerabilities. Broad knowledge of cloud computing platforms like AWS, Azure and GCP, and various cloud security controls. Strong understanding of cloud security frameworks and standards, such as CIS Controls, NIST Cybersecurity Framework, and ISO Precision in auditing, documentation, and compliance monitoring. Behavioral Attributes- Driven and in alignment with our Purpose "Transforming the life of the common man by improving their financial well-being" and anchored by our core value of integrity, collaboration, and excellence. EDUCATION / EXPERIENCE Minimum Qualification: Bachelor's degree in information technology, Engineering, Computer Science, Cybersecurity, or a related field. However, a Master's degree in Cybersecurity, Information Assurance, or a similar discipline is desirable for this role. Nature of Experience: Minimum of 6 years of experience in internal auditing, with a strong focus on IT audit, security and third-party audits. Additional Certifications - Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) is mandatory Certified Information Security Manager (CISM), ISO 27001 Lead Auditor, Certified Ethical Hacker (CEH) are also preferred.
-
Information Security Auditor
1 week ago
Chennai, Tamil Nadu, India TVS Credit Services Ltd Full time ₹ 20,00,000 - ₹ 25,00,000 per yearInformation Security AuditorJob Description:Conduct regular risk assessment to identify key IT and Cybersecurity risk areas and ensure those are appropriately covered in the annual IT audit plan.Advanced Networking principles/ software engineering principles/ information security principles, Additional knowledge and domain expertise specific to the job...
-
Information Systems Auditor
2 weeks ago
Chennai, India Talworx Solutions Full timeJob Title: Information Systems Auditor (IT Audit & Compliance)Experience: 2 8 YearsLocation: ChennaiEducation: BE / BTech / CA (or equivalent qualification) Job Summary: We are looking for an experienced and detail-oriented Information Systems Auditor to join our team in Chennai. The ideal candidate will have a strong background in IT audit, general IT...
-
Head - Information Security
3 days ago
Chennai, India Saaki, Argus & Averil Consulting Full timeWill be responsible for developing and implementing the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected. Maintaining a current understanding of the cybersecurity landscape to effectively protect the organization. Key Responsibilities:Improve and implement a comprehensive information...
-
Head - Information Security
4 days ago
Chennai, India Saaki, Argus & Averil Consulting Full timeWill be responsible for developing and implementing the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected. Maintaining a current understanding of the cybersecurity landscape to effectively protect the organization. Key Responsibilities: Improve and implement a comprehensive...
-
Information Security Analyst
1 week ago
Chennai, Tamil Nadu, India Ddhr Solutions Full time ₹ 4,00,000 - ₹ 12,00,000 per yearUnderstanding of ITGC controls and SOX compliance frameworksExperience in Information Security operations (GRC)Certification as an ISO/IEC 27001:2022 Lead AuditorAbility to collaborate effectively with audit, compliance, and technical teamsHealth insuranceAnnual bonus
-
Head - Information Security
4 days ago
Chennai, India Saaki Argus & Averil Consulting Full timeWill be responsible for developing and implementing the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected. Maintaining a current understanding of the cybersecurity landscape to effectively protect the organization. Key Responsibilities: Improve and implement a comprehensive...
-
Information Security Compliance Analyst
2 weeks ago
Chennai, India Five-Star Business Finance Limited Full timeKey Responsibilities: Assist in updating and maintaining security policies, standards, and procedures to align with compliance requirements. Coordinate with external auditors and internal stakeholders during compliance assessments, audits. Monitor security controls, perform regular assessments, and report compliance status. Track and follow up on...
-
Information Security Compliance Analyst
7 days ago
Chennai, Tamil Nadu, India Five-Star Business Finance Limited Full time ₹ 1,04,000 - ₹ 1,30,878 per yearKey Responsibilities:Assist in updating and maintaining security policies, standards, and procedures to align with compliance requirements.Coordinate with external auditors and internal stakeholders during compliance assessments, audits.Monitor security controls, perform regular assessments, and report compliance status.Track and follow up on Vulnerability...
-
Information Security Analyst
2 weeks ago
Chennai, Tamil Nadu, India DDHr Solutions Full time ₹ 9,00,000 - ₹ 12,00,000 per yearExpertise in ITGC & SOX : - Strong knowledge of IT General Controls (ITGC) and practical experience in ensuring compliance with SOX frameworks. - Hands-on ability to assess, design, and monitor IT controls related to access management, change management, and IT operations.Information Security Operations (GRC) : - Proven track record in Governance,...
-
Information Security Auditor
7 days ago
Chennai, Tamil Nadu, India Six Sigma Soft Solutions Full time ₹ 9,00,000 - ₹ 12,00,000 per yearMust have experience with core cybersecurity operations and one or more cyber security tools/process areas (e.g. network security, end point security, email security, cloud security, attack simulation, cyber threat modelling etc.)