Experience
3+ Years in IT Audit, Information Security Audit, IT-GRC, Risk Management, Compliance, or Cybersecurity Consulting
Employment Type
Full-Time
Role Overview
We are looking for an experienced IT Auditor / Information Security Auditor to join our Cybersecurity Services team. The role involves conducting information security audits, risk assessments, compliance reviews, third-party risk assessments, and cybersecurity maturity assessments for leading organisations, particularly in the BFSI and regulated industries.
The candidate will work with clients across various domains to evaluate security controls, identify risks, assess compliance against regulatory requirements, and provide actionable recommendations.
Key Responsibilities
Conduct Information Security, IT-GRC, Risk, Compliance, Regulatory, and Third-Party Risk Management (TPRM) audits.
Perform cybersecurity assessments based on industry frameworks and standards including:
oISO 27001
oPCI-DSS
oSOC 2
oISMS
oGDPR
oDPDP Act
oCybersecurity Maturity Assessments
Conduct vendor security assessments and third-party risk reviews.
Evaluate security controls, identify control gaps, and recommend remediation measures.
Assess compliance requirements issued by regulators and industry bodies such as:
oRBI
oIRDAI
oSEBI
oPFRDA
oCERT-In
Review information security policies, procedures, standards, and governance frameworks.
Conduct stakeholder interviews, process walkthroughs, and evidence validation.
Prepare audit reports, risk registers, executive summaries, and management presentations.
Track audit observations and support closure of identified gaps.
Support client discussions, pre-sales activities, proposal preparation, and cybersecurity consulting engagements.
Collaborate with internal and client teams to deliver audit assignments within defined timelines.
Travel to client locations as required.
Required Qualifications
Bachelors degree in IT, Computer Science, Cybersecurity, Engineering, or related discipline.
Experience working with BFSI, Insurance, NBFC, FinTech, or other regulated industries.
Preferred Certifications
Candidates with one or more of the following certifications will be preferred:
ISO 27001 Lead Auditor / Lead Implementer
ISO 27701 Lead Auditor
CRISC
CEH
PCI Professional (PCIP)
GDPR / Privacy Certifications
Certified Third-Party Risk Professional (CTPRP) or equivalent
Other IT-GRC, Risk Management, Privacy, or Cybersecurity certifications
Technical & Professional Skills
Strong knowledge of cybersecurity frameworks and control assessment methodologies.
Good understanding of security policies, standards, and procedures.
Ability to analyze risks and provide practical remediation recommendations.
Strong documentation and report-writing skills.
Good communication and stakeholder management abilities.
Ability to independently manage audit assignments.
Strong analytical and problem-solving skills.
Industry Exposure
Preferred experience in auditing or consulting for:
Banking
Insurance
NBFC
Financial Services
FinTech
Large enterprises with regulatory compliance requirements
Kindly reply to this email without changing the subject line with an updated copy of your resume along with the following details.
Current CTC:
Expected CTC:
Notice Period:
AI Screening
As part of our evaluation process, an initial AI screening round invite will be shared with you shortly. We request you to complete this assessment at the earliest, as it plays a crucial role in strengthening your profile and helps us process your candidature more effectively with the client.
Thanks & regards,
Team Finjo
Disclaimer : Finjo and its associates adhere to a strict no-charge policy for jobseekers. If anyone requests payment for any reason related to job opportunities through Finjo, we strongly advise against complying. Instead, you should report the incident by contacting Finjo's support team at , providing all necessary details for further investigation.
By continuing you agree to our Terms & Privacy Policy.