63 moons technologies limited
Location
Mumbai | India
Job description
Cyber Security / IT / IS Auditor
Job summary:
We are seeking an IT Auditor to act as a liaison for our client's internal audit (IA) and information
technology (IT) related to compliance. An IT Auditor, or Information Systems Auditor, is responsible for
ensuring the quality of our client's IT systems. Responsible for overseeing, managing, and reviewing the
testing and controls that have been performed, specifically as relates to the general IT control
environment.
The IT Auditor will act as an advisor to the client's IA and IT teams and focus on adapting to emerging and
evolving cyber environments - from PII to unforeseeable future risks.
Duties and responsibilities:
IT Auditor is responsible for inspecting and assessing the various elements of their client's
information system to develop and implement audit test plans.
Develop and evaluate audit processes and reporting on their results.
Apply established audit standards throughout the IT infrastructure.
Audit and assess all aspects of the client's network applications, including software, programs,
security, and communications.
Monitor the integrity of all processes, and formulating a cohesive audit strategy for now and into
the future.
Oversee audit processes on various user interfaces and applications, including client-based
applications, intranets, extranets and all connected servers and networks.
Set audit objectives, gathering data by interviewing department employees or comparing current
procedures to IT department standards and creating actionable plans to improve IT systems.
Play significant role in executing the client's audit and assessment programs (SOC 2, PCI, ISO
27001, ISO 22301, HIPAA, GDPR etc.) which includes the following activities: Performance of
control testing, review of control testing performed by others, coordination with external
auditors, providing guidance to control and process owners, and monitoring and reporting on
remediation efforts.
Assist with documentation of standard processes, data flows, and enterprise-wide control
requirements for IT/Security.
Gain understanding of the client's products and relevant processes in order to assist with
identification of risk or compliance concerns and/or to evaluate controls.
Complete tests around financial system controls compliance, IT General Computer Controls
(ITGC), and Application Controls
Utilize audit procedures to determine the design and operating effectiveness of the controls.
Develop and write reports and corrective action plans identifying findings and providing
recommendations.
Prepare presentations, briefings and be actively involved in leading client meetings and day-to-
day interactions.
Assist with reviewing the work of junior level staff and provide guidance and on-the-job training.
Find the best practices to complete audit requirements quickly and efficiently.
Collaborate with audit managers to determine the best solution for each part of the system.
Ensure that all pre-existing audit requests are addressed and resolved in a timely manner.
Qualifications and technical skills:
Bachelor's degree in one of a range of subjects, such as computer information systems,
cybersecurity, computer science and information technology.
Professional certification or willingness to obtain (e.g. CISA, CISSP, GSNA, CIA or similar)
Minimum 6 years of IT Audit experience, 10 years preferred.
A proven track record in security testing and risk assessment will help.
Knowledge of and hands-on experience with audits on SOC2, Cloud Security, ISO 27001, ISO
22301, HIPAA, GDPR, PCI-DSS certification or similar IT audits.
Possesses a strong understanding of standards and frameworks like ISO 27001, ISO 22301, PCI
DSS, NIST CSF, COBIT and CIS Controls.
A high degree of technical knowledge and an ability to understand the organisation's IT
infrastructure.
Strong knowledge of IT risks and controls and experience evaluating and testing internal controls
are strongly preferred.
Proficient in Microsoft Office suite.
Qualities:
A natural curiosity and an affinity with the way networks and systems operate within an
enterprise.
Will be required to make strong independent decisions, when liaising with colleagues and others.
Working well in a team environment and when alone are both necessary.
Excellent written and oral communications skills are a must-have, and that includes being able to
explain highly technical issues to non-technical individuals.
Candidate will also have to display a good understanding of cybersecurity issues, including
knowledge of how a security threat can impact on the specific business of the relevant
corporation.
Problem solving will be second nature to the candidate.
Demonstrated ability to define issues, collect data, establish facts and draw valid conclusions.
Demonstrated ability to prioritize multiple tasks and meet deadlines with supervision.
Strong sense of urgency and solution-oriented mindset.
Excellent analytical, organizational, and project management skills.
Strong commitment to quality and integrity.
High level of enthusiasm and a capacity for overcoming obstacles.
Requirements:
Travel required: Moderate to client locations
Location : Mumbai ( Andheri)
Job tags
Salary
