Information System Auditor

Role Summary:

The Information System Auditor is responsible for evaluating the adequacy and effectiveness of IT controls, information security practices, and technology‑related risks across the organization. The role provides assurance on system reliability, data integrity, cybersecurity posture, regulatory compliance, and alignment of IT processes with business objectives, while also delivering value‑added advisory support.

Roles and Responsibilities:

• Plan and execute Information Security Audits covering policies and procedures, IT application access and security controls, infrastructure access and security, data security, cybersecurity controls, Business Continuity Planning (BCP), Disaster Recovery (DR), and third‑party risk management
• Conduct Application Audits focusing on user access management, IT change management, application security controls, and backup and recovery processes
• Perform audit planning, control testing, documentation, reporting, and follow‑up on audit observations to ensure timely remediation
• Collaborate with IT, Information Security, and business stakeholders to provide risk‑based, value‑added advisory recommendations

Skills Required

IT Audit, Information Security Audit, ITGC, Application Controls, User Access Management, IT Change Management, Cybersecurity, Data Security, BCP/DR, Third‑Party Risk Management, Audit Reporting

Education and Experience Required:

• B Tech, BE, M Tech, MCA
• CISA (Certified Information Systems Auditor) is mandatory
• ISO 27001 Lead Auditor (desirable)
• Minimum 10 - 15 years of experience in IT Audits