Lead Auditor Graduate Jobs in Mumbai

JD for Information Security and Compliance Specialist:Responsibilities:1. Utilize 3-5 years of direct experience in information security, specializing in risk and compliance management. Proficiently conduct audits and manage audit responses and observations.2. Implement ISMS (Information Security Management System) standards, policies, and conduct access reviews to ensure regulatory compliance. Perform thorough risk assessments and remain updated on relevant regulatory requirements.3. Demonstrate a proficient understanding of identity management standards, Business Continuity Planning (BCP), Disaster Recovery (DR), and Cloud Security.4. Utilize GRC (Governance, Risk, and Compliance) tools and techniques to organize and execute risk and compliance projects. Conduct audits, compile evidence, and coordinate audit responses efficiently.5. Manage risk and vulnerability assessments, along with compliance reviews, to ensure adherence to security standards.6. Maintain and monitor a centralized repository for procedures and documents related to security and compliance.7. Demonstrate proficiency in incident response and change management practices.8. Collaborate with stakeholders to align IT General Controls (ITGC) objectives with organizational goals.9. Support functional teams in achieving ongoing operational compliance.10. Conduct Vulnerability Assessment and Penetration Testing (VAPT) assessments, drive remediation efforts, and ensure the closure of identified vulnerabilities.11. Stay updated on regulatory changes impacting information security and ensure organizational compliance.12. Conduct security awareness training sessions and effectively communicate security policies and best practices to all stakeholders.13. Possess effective written and verbal communication skills to interact with cross-functional teams.14. Demonstrate strong analytical and problem-solving abilities to effectively address security and compliance challenges.

The resources should have ITGC, IT Audit < IT Advisory experience within the financial services industry (or consulting experience working with financial services clients).Area of focus: Provide IT Audit, ITGC, analysis, and technical writing to support the development of timely, accurate, and comprehensive responses to client and regulatory requests related to the firms technology risk program.Key Responsibilities: Direct, client-facing engagement responsibilities. Serving as both role model and trainer, demonstrates the attributes of excellent client service and assists team members in developing technical and professional competency. Identifies areas of IT risk and opportunities to improve IT business processes.Desired Profile:1. Experience in Information technology risk , IT audits, ITGC and IT Risk Management2. Qualification BE, MBA (desirable) and Certifications (desirable) CISA, CISSP, PMP, ITIL, CEH , COBIT, ISO 270013. Experience in conducting Information technology assessment and Risk management in accordance with established standards such as ISO27001 etc.4. Hands-on experience in the multiple areas of IT audits, SOX / ICFR / IFC / SAS 70 / SSAE / SOC, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits.5. Experience in delivering result oriented solutions to Senior Management and Boards of Directors. Risk assessment and other risk management consulting experience.6. Experience with regulatory and compliance audits. Experience with creating Information Security Framework and its related policies and procedures.7. Strong knowledge of ERP's like SAP / OFIN / JDE / etc and their native application controls. Knowledge of IT Security aspects towards key areas like Cloud Computing, Cyber Risks, Network Security, database management systems, SDLC, IT general controls (ITGC), COBIT, COSO 2013.Application functionality.

skills will be required- Extensive experience with Information security and risk management- Experience with IT (security) Architecture, design and engineering- Practical understanding of, and experience with, Shells IT infrastructure, architecture and technology solutions.- Sound knowledge of IT Governance Risk & Control frameworks, specifically ISO27001, COBIT and risk methodologies (IRAM)- Proven capability in managing IT security infrastructure risks.Knowledge of external Legal, Regulatory and industry best industry requirements, particularly Export Controls, PCI DSS and Data Privacy regulations

. Conduct ISMS audit for clients Develop and maintain audit checklist and documents. Maintain active communication with clients to manage expectations, ensure satisfaction, make sure deadlines are met, and lead change efforts effectively. Maintain and enhance audit work paper templates. Conduct frequent testing of simulated cyber-attacks to look for vulnerabilities in the computer systems and take care of these before an outside cyber-attack. Performing both internal and external security audits. Making an audit Audit Report for ISO 27001, 27701, 22301, PCI DSS, SOC 2 and submission to senior manager. Providing the pre-audit committee with the audit findings. Monitoring the implementation of audit recommendations.

Retired IMS lead, auditor of ISO 9001:2015, ISO 14001:2015 ISO 18001:2007, ISO 45001:2018, ISO 50001;2011 Experience minimum 2 years working as or certification body. ISO implementation, training, auditing Qualification: Diploma in Engineering or Bachelor in Mechanical / Electrical / Electronic / Chemicals / Msc.. Person willing to travelInterested Candidate, Kindly send your latest CV, LA Certificates,Qualification Certificates,Audit log ect to fix appointment for interview