Job Description

A. Regulatory IT Audit Coordination
- Lead and coordinate all regulatory IT/system/cybersecurity audits mandated by SEBI, IRDAI, Exchanges (BSE, NSE, MCX, NCDEX), and depositories (CDSL, NSDL).
- Act as a single point of contact between internal stakeholders and third-party empaneled auditors (CERT-In, SEBI-approved, etc.).
- Prepare and maintain a comprehensive IT audit calendar with defined timelines, owners, and regulatory due dates.
- Review and validate vendor reports and ensure timely closure of audit observations.
- Liaise with IT, InfoSec, Compliance, Legal, and Business teams to facilitate audit readiness and remediation.
B. Internal IT Audits (ITGC, Application, Infrastructure)
- Plan, execute, and report on ITGC audits across group entities, including data center audits, user access reviews, and change management audits.
- Evaluate effectiveness of general IT controls over platforms supporting financial reporting (in line with IFC/SOX).
- Assist in audit automation and implementation of continuous control monitoring tools.
C. Governance, Risk & Compliance (GRC)
- Participate in risk assessments and audit universe creation for the IT/technology domain.
- Support the development of IT risk & control frameworks aligned with COBIT, NIST, and ISO 27001.
- Track and monitor remediation plans and control improvement initiatives.
Candidate Profile
Education & Certification
- B.E./B.Tech/MCA or equivalent in Information Technology/Computer Science.
- Preferred certifications:

• CISA (mandatory or pursuing)
• CISSP / CISM / CEH / ISO 27001 LA (preferred)
• DISA (ICAI) desirable for Chartered Accountants

Experience
- 812 years of experience in IT Audits, Information Security, or Risk & Compliance.
- Minimum 3 years in managing/coordinating regulatory IT audits (SEBI/IRDA/CDSL/NSE/BSE/MCX preferred).
- Experience in internal audit of ITGCs, application controls, cybersecurity audits, etc.
Skills & Competencies
- Excellent understanding of IT systems architecture, networks, databases, cloud environments, and data privacy.
- Strong knowledge of regulatory guidelines from SEBI, IRDAI, RBI, and data security regulations.
- Strong project management, communication, and stakeholder engagement skills.
- Ability to work across cross-functional teams and manage multiple audits in parallel.
Key Performance Indicators (KPIs)
- Timely and compliant closure of all regulatory IT audits.
- Quality and timeliness of internal ITGC audit reports.
- Number and severity of open audit observations.
- Effectiveness of audit coordination and stakeholder feedback.
- Automation of audit tracking and reporting processes.