Job Description

3 to 5 Years of experience: 2 Resources • The candidate must have experience in IT auditing, IT risk management, or related fields. • Plan, execute, and report on internal IT audits. • Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or other relevant standards. • Hands-on experience conducting on-site and remote assessments of third-party vendors to evaluate their security posture and related controls. • Must be CISA certified. • Proficiency in MS Office Suite with experience in creating and presenting dashboards and reports. • Comfortable to travel for on-site visits to the client side for audit purposes. • Evaluate the effectiveness of IT controls, identify risks, and provide recommendations for improvement. • Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or other relevant standards. • Conduct regular access reviews to ensure users have appropriate access levels based on their roles. • Evaluate the effectiveness of access controls in safeguarding sensitive information. • Recommend improvements for identity and access management (IAM) processes. • Perform internal risk assessments to identify vulnerabilities and ensure timely mitigation strategies. • Work closely with IT, legal, and business teams to address audit findings and track remediation efforts. • Must have the capability to represent the audit reports to Management. • Stay updated on the latest developments in IT audit and compliance practices.