Aditya Birla Group
Website:
adityabirla.com
Job details:
Job Context
ABG is a large & diversified Conglomerate with multiple businesses and varied risk profiles. The Lead Cyber & IT role will provide centralized technology, cybersecurity, and digital risk assurance expertise to Business Internal Audit (IA) teams, enabling consistent, risk-based coverage across the Group and supporting high-quality audits over key technology and cyber risk areas.
Principal Accountabilities
Benchmarking with best practices
- Aligning cyber and tech assurance approaches with leading frameworks, global standards and evolving industry practices.
- Translate framework requirements into practical audit/assurance test procedures and control expectations.
- Maintain a watch and continuous incorporating / updating the same into playbooks, control maturity models etc.
Enterprise risk coverage
- Assist business teams in scoping and testing IT processes and controls.
- Use risk-based sampling and evidence-based testing to validate design and operating effectiveness of controls.
Cyber & IT risk governance / Assurance
- Define assurance priorities and audit focus areas basis emerging cyber threats, regulatory developments and new technologies.
- Build and periodically refresh a risk-based assurance plan, factoring: threat intelligence, business criticality, control maturity, recent incidents, and audit history.
- Align with governance forums to ensure audit observations translate into clear ownership, timelines, and risk acceptance decisions.
Capability building
- Capability building through monitoring/ analytical tools, templates and training for auditors and stakeholders
Regulatory & compliance alignment
- Alignment with internal audit standards, regulatory, and Board/Audit Committee requirements
- Map and test controls against relevant regulatory and contractual requirements
- Produce clear, governance-ready reporting for Board/Audit Committee consumption, including risk impact, root cause, and remediation tracking.
High-risk coverage
- Ensure assurance & targeted coverage of the most critical domains / Technology risk areas across businesses.
- Identify high-risk domains using factors like business criticality, exposure, control maturity, incident history, and external threat levels.
- Validate remediation effectiveness through closure verification and re-testing.
Qualification
- BTech (IT / CS) + MBA / Masters in Information security or similar
- ~17 yrs of related experience in IT audit, cybersecurity, technology risk, or risk assurance.
- Good exposure to Enterprise technology environments.
- Experience in Large Multi-business setups / Consultant to Large multi-entity organizations (preferred).
Desired traits of the candidate
- Ability to design and execute risk-based cyber/IT audit plans, scoping and testing key controls.
- Strong risk judgement to identify critical and systemic issues.
- Problem Solving: Break down and solve complex business problems using frameworks, structured thinking, and creative approaches to develop actionable insights
- Business analysis and research: Analyse data from various sources
- Collaborate with key stakeholders to drive the necessary problem solving and decision making
- Thought Leadership: Can connect, speak to and present to key stakeholders in a clear, concise, and compelling manner
- People leadership, coaching, and capability-building mindset; strong program/project management.
Click on Apply to know more.