ESK Technologies is seeking an experienced IT Audit & Compliance to join our team in Bangalore.
o Ensuing SEBI Guidelines are followed going through new sebi rules which keep coming
o Creating reports for multiple Audits and Submitting to exchange
o Operational Audit (Evaluation of Company operations on IT/Security and Trading)
o IT Risk Audit
o Policy Enforcement
o Documentation
o Data protection Audits
o Application Audits.
o Performing Internal Audits
o Being updated with latest Audit Frameworks
Core Technical & Compliance Skills for IT Audit:
Audit Frameworks & Standards
Familiarity with SEBI Cyber Security Guidelines
Understanding of ISO 27001, COBIT, NIST, SOC 2 frameworks
Awareness of SEBI circulars (e.g., System audit, VAPT frequency, cyber incident
reporting timelines)
IT Risk Management
Conducting and documenting IT Risk Assessments
Understanding of risk rating (like x impact, residual risk, control mapping)
Hands-on with risk registers, risk treatment plans
Application & Infrastructure Audit
Review of access Management, change management, backup,logging, resilience.
Ensure event log generation, session handling, security controls are in place.
Experience in tools like Nessus
Policy and Process Review
Drafting & validating IT policies: password, backup, access, data retention,
encryption
Ensuring enforcement across systems (check if logs, permissions, and configurations
reflect policy)
Data Protection & Privacy Audits:
Understanding of data classification, masking, retention
Checking secure storage, encryption in transit/at rest, user access logs
Checking secure storage, encryption in transit/at rest, user access logs
Security Control Validation:
Hands-on or coordination of VAPT, patch audits, firewall rule reviews
Check for 2FA, antivirus, endpoint control agents
Check SFTP access, SSH key usage, or public cloud IAM policies