key responsibilities:
- conduct internal audits, soc 1 & soc 2, itgc, itac, and iso 27001:2022 compliance assessments.
- test and evaluate internal controls, identify workflow gaps, and recommend best-fit remediation.
- perform audits under frameworks like isms, sox, and trust services criteria (security, availability, confidentiality, integrity, privacy).
- evaluate it processes: identity & access management, change management, backup/recovery, qar, billing, procurement, and more.
- work with enterprise platforms: okta, workday, salesforce, netsuite, floqast, mulesoft, zendesk, adp, jira, github, etc.
- collaborate with qa, ops, and management to align controls with business risks.
- draft audit reports and assist in statutory audits and regulatory filings.
required qualifications:
qualification / certification and status
mandatory:
- disa / cisa (certified information systems auditor) must be completed
- bachelor's degree in commerce / accounting / it
preferred:
- fafd - forensic accounting & fraud detection (icai)
- iso 27001 lead auditor
- master of business administration (mba)
core skill areas:
- audit & controls: itgc, itac, sox, soc 1/2, internal audits, isms
- compliance & risk: iso 27001:2022, regulatory reporting, forensics
- process understanding: iam, privileged access, data security, qar
- tools: okta, salesforce, workday, netsuite, zendesk, jira, github
- documentation & reporting: sops, risk matrices, control narratives
- collaboration: qa, devops, infosec, client management
experience required: 1-3 years
to apply:
email your cv to and with the subject line "application - it auditor"
