Find Your Dream Audit Job in India

Explore the latest Audit job openings in India. Discover top companies hiring for Audit roles across major cities in India and take the next step in your career.

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

We are seeking an experienced Information Security Auditor to evaluate, assess, and strengthen organizational security controls across multiple compliance frameworks including NIST, ISO 27001:2022, SOC 2, CMMC, and PCI DSS. The candidate will lead risk assessments, audit engagements, security governance reviews, and continuous compliance initiatives, ensuring robust security posture and regulatory adherence.

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Information Security Auditor

Job Title: Information Security Auditor

Location: Onsite / Hybrid / Remote

Experience Required: 5 to 8 Years

Employment Type: Full-time

About the Role

Key Responsibilities

Plan, execute, and report information security audits across multiple standards and regulatory frameworks.
Perform gap assessments, risk analysis, control testing, and compliance readiness reviews against:
ISO/IEC 27001:2022
NIST CSF / NIST 800-series
SOC 2 Type I & II
CMMC Levels
PCI DSS
Evaluate effectiveness of security controls, governance processes, policies, and procedures.
Lead internal audits, vendor risk audits, and customer security assurance assessments.
Develop and maintain Information Security Management System (ISMS) compliance documentation.
Provide audit findings, remediation guidance, and improvement roadmaps to stakeholders.
Support certification audits with external assessors.
Drive continuous improvement initiatives aligned with risk management and compliance objectives.
Work closely with IT, Cybersecurity, Risk, Legal, and Leadership teams.
Maintain strong knowledge of evolving industry regulatory requirements and best practices.

Required Skills & Qualifications

Bachelor's degree in Information Security, Computer Science, Engineering, Risk Management, or related field.
Hands-on experience auditing and implementing:
ISO 27001:2022 controls & certification lifecycle
NIST cybersecurity frameworks
SOC 2 Trust Services Criteria
CMMC compliance
PCI DSS security controls and audits
Strong understanding of:
Risk Management Methodologies
IT General Controls (ITGC)
Governance, Risk & Compliance (GRC) tools
Cloud security controls (AWS/Azure/GCP preferred)
Excellent analytical, reporting, and communication skills.
Ability to conduct independent audits and present findings to senior leadership.

Certifications (Mandatory)

Must hold an active certification from ISACA (International Information Systems Audit and Control Association) such as:

CISA - Certified Information Systems Auditor (preferred)
Or CISM / CRISC / CGEIT with strong auditing exposure

Additional beneficial certifications:

ISO 27001 Lead Auditor / Implementer
PCI QSA (if applicable)
CISSP, CEH, or similar cybersecurity credentials

Key Attributes

Strong attention to detail
Ethical, confidential handling of sensitive information
Ability to work independently and collaboratively
Strong stakeholder management and leadership capability

Asteya Technologies

Today

Auditor

Job Summary:

The Studio Auditor will be responsible for conducting comprehensive audits of studios across multiple locations to ensure optimal functionality of equipment and infrastructure. The role requires a strong understanding of cameras, live streaming, desktop hardware, and troubleshooting techniques for hardware and sound systems. The ideal candidate should be willing to travel extensively across India and ensure all identified issues are addressed in coordination with relevant stakeholders.

Key Responsibilities:

Studio Audit

Conduct regular studio audits across multiple locations to assess the functionality of the equipment.

Identify technical and operational discrepancies and document findings.

Ensure that studios adhere to set technical and operational standards.

Technical Expertise & Troubleshooting:

Ensure the proper functioning of cameras, live streaming setups, and other recording equipment. Diagnose and troubleshoot issues related to desktop hardware and sound systems.

Provide quick resolutions to on-ground technical problems during audits.

Assist in maintaining and upgrading hardware/software as per studio requirements.

Stakeholder Coordination & Issue Resolution:

Collaborate with the technical, IT, and operations teams to resolve identified issues.

Ensure timely escalation of unresolved issues to the appropriate stakeholders.

Maintain records of issue resolutions and follow up for closure. Required Skills & Qualifications: Strong technical knowledge of cameras, live streaming setups, and recording equipment with an experience of at least 1 to 2 Years

Expertise in desktop hardware, system configuration, and troubleshooting.

Hands-on experience in sound system setup and troubleshooting.

Proficiency in technical issue identification, diagnosis, and resolution.

Willingness to travel extensively across India for studio audits

Preferred Qualifications & Experience:

Bachelor's degree/diploma in Broadcast Technology, IT, Computer Science, or a related field.

1-2 years of experience in Chroma operations, Studio Operations, technical audits, or IT support. Experience in working with live streaming software and audio-visual equipment.

Prior experience in a media production house, education technology, or broadcasting industry is a plus.

PW (PhysicsWallah)

Today

DGM - IFC & Internal Audit

About the Company

iBUS is a digital infrastructure company dedicated to connecting everyone, everywhere. We bridge the digital divide by providing scalable connectivity solutions. As a leader in 5G convergence, we specialize in building interoperable digital infrastructure.

In India, we're a leading neutral host for In-Building Solutions (IBS). We offer comprehensive solutions for commercial real estate, hospitals, hotels, educational institutions, government buildings etc.

Our Managed Wi-Fi solutions deliver reliable, high-speed connectivity. We're a leader in the hospitality segment and serve a diverse range of industries, including educational institutions, airports, malls, hospitals, retail outlets, co-working spaces, and co-living spaces. We're also focused on location-based services that enhance user experiences and improve business operations.

The company is headquartered in Bangalore, with offices in 10 cities and a total employee head count of 900+ employees. iBUS is backed by marquee institutional investors including NIIF.

iBUS is amongst the four telecommunications companies globally, recognized by Red Herring Global Awards.

About the Role

We are seeking a detail-oriented and qualified Chartered Accountant (CA) to lead our Enterprise Risk Management (ERM), Internal Financial Controls (IFC), and Internal Audit functions. The ideal candidate will be responsible for identifying and mitigating enterprise-wide risks, strengthening internal controls, ensuring compliance with regulatory and financial reporting standards, and delivering audit insights that improve operational effectiveness.

Responsibilities

Framework Development & Implementation:

Lead the design, rollout, and periodic review of the IFC framework across all business processes.
Ensure alignment with statutory requirements (e.g., Companies Act, SEBI, SOX if applicable).

Risk & Control Assessment:

Identify key financial and operational risks.
Establish control matrices, RCMs (Risk Control Matrices), and process documentation.
Conduct periodic risk and control assessments, highlighting gaps and recommending mitigation.

Testing & Monitoring:

Oversee IFC testing (design effectiveness and operating effectiveness).
Coordinate with auditors (internal and statutory) for IFC reviews and certifications.
Track remediation of control deficiencies and ensure timely closure.

Governance & Compliance:

Ensure proper documentation of processes, controls, and testing results.
Drive compliance culture across the organization through training and awareness sessions.
Liaise with global or group entities (if MNC) to align IFC standards.

Technology & Automation:

Partner with IT and process owners to automate controls wherever possible.
Implement monitoring dashboards / GRC (Governance, Risk & Compliance) tools.

Stakeholder Management:

Collaborate with cross-functional teams (finance, legal, HR, operations, IT, procurement).
Present control environment updates to senior leadership, Audit Committee, and Board.

Experience & Qualification

Chartered Accountant (CA) - Mandatory
5-7 years of post-qualification experience in Internal Audit, IFC,etc.,
Strong understanding of finance, audit methodologies, and control frameworks.
In-depth knowledge of risk frameworks (COSO, ERM), IFC testing, and internal audit methodologies.
Proficiency in MS Excel, PowerPoint, and ERP systems like SAP S4 HANA.
Prior experience with Big 4 firms is a plus.
Excellent communication and stakeholder management skills.
High degree of integrity, objectivity, and professionalism.
Strong analytical, investigative, and problem-solving skills.

Equal Opportunity Statement

At iBUS, we are committed to building careers, fostering inclusivity, and creating diverse opportunities for our people to grow, excel, and lead with purpose.

iBUS

Today

Ca Fresher - Internal Audit

Independently conduct HO or NOC audits. (Will involve travelling to Vendor, NOC locations).

- Participate in audits of various Businesses with particular emphasis on Product / Operations audits

- Core subject matter expertise in at-least two Product / Operations such as Liabilities Operations, Cash Management Services, Digital Banking etc.

- Assist in Planning, designing and implementation of risk based audit plans to ensure safety and soundness of the Bank.

- Ensure completion of assigned audits and documentation of work papers on time.

- Track status of corrective action plans agreed upon with the Business Unit.

- Assist in keeping relevant processes benchmarked to Best Practices and peer banks.

- Provide improvement/ suggestions to existing process / systems to line management

- Provide oversight to the Concurrent Audit process (including review of concurrent audit issues and submission of concurrent audit reports on time, follow-up & rectification of concurrent audit issues and Internal Audit open issues)

YES BANK

Today

Associate Internal Auditor