Coditing®
Website:
coditing.com
Job details:
Position: Information Systems Auditor
Location: Andheri (Mumbai) or client site
Employment Type: Full-time
Role Overview
The Information Systems Auditor will be responsible for planning and executing IT, and information systems audits across the financial services domain. The role ensures technological and regulatory compliance through risk-based audits and in-depth evaluations of IT control environments.
Key Responsibilities
- Lead end-to-end audits of information systems, IT infrastructure, security controls, and digital platforms across banks, NBFCs, asset management companies, stockbrokers, depositories, and payment system operators.
- Conduct risk assessments, develop audit scopes, perform fieldwork, and produce conclusive audit reports.
- Evaluate the adequacy, design, and operating effectiveness of security controls and IT governance frameworks.
- Ensure audit coverage aligns with regulatory and industry standards such as ISO 27001, NIST, COBIT, PCI DSS, and relevant RBI/SEBI guidelines.
- Identify control weaknesses, process inefficiencies, and vulnerabilities, and provide clear, actionable recommendations for remediation.
- Present audit findings and risk assessments to senior management, tracking resolution and control improvements.
- Maintain up-to-date knowledge of evolving regulatory requirements, cybersecurity threats, and audit best practices.
Qualifications and Experience
- Bachelor’s or Master’s degree in Information Technology, Cybersecurity, Information Systems, or a related field.
- Professional certifications preferred: CISA, CISSP, CEH, or ISO 27001 Lead Auditor.
- Strong understanding of IT risk management, cybersecurity frameworks, and technology compliance standards (ISO 27001, NIST, COBIT, etc.).
- Proven experience in IT and cybersecurity audits, vulnerability assessments, and risk assessments.
- Prior exposure to regulatory audits or compliance in the financial services sector (RBI, SEBI, IRDAI) is required.
- Hands-on experience in:
- SEBI’s System Audit Framework and Cyber Security & Cyber Resilience Framework (CSCRF).
- RBI’s IT Framework for NBFCs and Cyber Security Framework for Banks.
- Other sectoral regulatory guidelines (e.g., IRDAI, PFRDA).
- Excellent analytical, reporting, and communication skills with the ability to present findings effectively to both technical and non-technical stakeholders.
- Ability to work independently and collaboratively within multi-disciplinary audit or compliance teams.
Click on Apply to know more.