Meritto
Website:
meritto.com
Job details:
We are seeking an experienced Information Security & Privacy Audit Specialist to lead and execute audits covering incidents, access, logs and events across the organization. The role will focus on assessing controls related to Confidentiality, Integrity, and Availability (CIA), regulatory compliance, and privacy requirements.
The candidate will be responsible for designing audit programs, performing evidence-based audits, identifying gaps, and driving remediation across technical and governance domains.
Key Responsibilities
Audit and Assurance
● Plan and conduct risk-based audits on:
○ Incidents
○ User access management (IAM, PAM, RBAC)
○ System and application activity logs
○ Audit logging mechanisms & retention
○ Change management & privileged access
● Verify log integrity, retention, monitoring, and alerting mechanisms
● Review incident root cause analysis (RCA) and validate corrective actions
● Assess data access trails for PII, SPI, and sensitive business data
● Evaluate third-party security controls and audit evidence
● Perform control testing mapped to ISO 27001, SOC 2, DPDP, GDPR, NIST
Monitor and Logging
● Review:
○ SIEM configurations
○ Log sources coverage
○ Correlation rules
○ Alert effectiveness
● Validate tamper-proof logging
● Assess log review frequency & escalation
Reporting and Governance
● Draft formal audit reports with:
○ Findings
○ Risk ratings
○ Root causes
○ Remediation roadmap
● Present findings to:
○ Leadership
○ Compliance committees
● Track CAPA (Corrective & Preventive Actions)
● Maintain audit trails & evidence repositorywe’re looking for
What We're looking for:
● Security logging & SIEM (Splunk, Sentinel, ELK, QRadar)
● IAM & PAM systems
● Incident response frameworks
● Bachelor’s / Master’s in IT, Cybersecurity, or related field
● Certifications preferred: ISO 27001 Lead Auditor / Internal Auditor certification preferred
● Strong audit mindset
● Evidence-based analysis
● Risk assessment
● Stakeholder management
● Documentation excellence
● Regulatory interpretation
● High attention to detail
● Experience in EdTech / SaaS
● Experience working with regulators
● Automation of audit processes
Who we are
At Meritto we believe in building more than just solutions. We’re redefining the way education connects with technology. As one of India’Largest Vertical SaaS + Embedded Payments platform, we’re on a mission to build the “Digital Backbone of Education Institutions” by simplifying how educational organization runs — from enrollment to lifecycle, advancement to finance, and beyond. Having mastered the art of student acquisition, we’re now expanding our horizons to cover the entire spectrum of running an educational organization—from managing the student lifecycle to driving student success and outcomes.
What’s our work culture like? We work from the office in a dynamic, inclusive, and merit-driven space fueled by the energy of collaboration and creativity coming together.
Click on Apply to know more.