IT Audit & Compliance Officer
IQ-EQ
- Hyderabad, Telangana
- Permanent
- Full-time
- Support internal and external customer needs and be the champion in establishing and sharing the IT governance details and framework.
- Support Client Requests by collecting evidence and providing responses to IT and Information Security questionnaire, based on IQEQ posture.
- Assist with implementation of ISMS across the organisation entities
- Ensure key information security risks and issues are identified, addressed, and resolved in a timely manner.
- Assess efficacy of IT and security controls, document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.
- Ensure third party security assessments - Assist with Third Party Risk Management framework including policy updates, procedures, due diligence questionnaires and the monitoring of third parties’ adherence to information security and data privacy obligations.
- Develop relevant metrics, analyse data, identify trends, and help drive improvements to the control environment.
- Remains current on best practices and technological advancements
- Applicable IT and Security audit management, governance, and compliance principles /regulations
- Well versed with well-known security frameworks such as ISO 27001 / NIST CSF / PCI DSS / SOC 1 and SOC 2.
- Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols
- Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, etc.
- Information systems auditing, monitoring, controlling, and assessment process
- Risk assessment and management methodology
- Strong IT and security mindset
- Questions status quo and navigates through roadblocks
- IT and Security project management and planning
- Defining problems, collecting and analysing data, establishing facts and drawing valid conclusions
- Using judgment and ingenuity in maintaining objectives and technical standards
- Must have minimum graduation in Degree B.Tech or B.Sc. Computers Science Education Background
- Must have IT Audit & Risk Management experience for at least 4+ years.
- Excellent interpersonal skills, comfortable working at all levels within an organisation and in a wide variety of situations.
- Relevant industry certification such as ISO 27001 Lead Auditor, CISSP / CISA / CISM / CCSP etc. (at least one) is highly desirable.
- Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively.
- Communicates Effectively
- Effective Team Player
- Demonstrates Resilient
- Plans and Aligns
- Organisation Savvy
- Embodies our ABC values: Authentic, Bold, and Collaborative.