Associate - IT Compliance & Audit Management
Karnataka, Bengaluru, India
Navi
Lightning fast UPI payments, instant Cash Loans & Home Loans, smart investments in Mutual Funds & Digital Gold, comprehensive Health Insurance - all in one app.About Navi
Navi is one of the fastest-growing financial services companies in India providing Personal & Home Loans, UPI, Insurance, Mutual Funds, and Gold. Navi's mission is to deliver digital-first financial products that are simple, accessible, and affordable. Drawing on our in-house AI/ML capabilities, technology, and product expertise, Navi is dedicated to building delightful customer experiences.
Founders: Sachin Bansal & Ankit Agarwal.
Know what makes you a “Navi_ite” :
1.Perseverance, Passion and Commitment
- Passionate about Navi’s mission and vision
- Demonstrates dedication, perseverance and high ownership
- Goes above and beyond by taking on additional responsibilities
2.Obsession with high quality results
- Consistently creates value for the customers and stakeholders through high-quality outcomes
- Ensuring excellence in all aspects of work
- Efficiently manages time, prioritizes tasks, and achieves higher standards
3.Resilience and Adaptability
- Adapts quickly to new roles, responsibilities, and changing circumstances, showing resilience and agility
Overview:
Provides independent assurance and collaborative advisory services applying a global perspective to support IT risk management and process improvements. Addresses the key risks faced by the company and supports the requirements of management. Perform comprehensive departmental audits that provide impartial objective analyses and recommendations. Reporting to the IT Head, the role will help ensure internal controls are appropriately designed and operationally effective. The role provides the opportunity to work with audit team members, and to engage with a variety of business units.
Job Description:
- Planning audits, including obtaining background information on the function being audited, researching the best practices, performing a risk and control assessment, defining the audit scope, objectives and developing work programs.
- Managing the audit fieldwork, including documenting work papers, advising management of gaps identified throughout the audit, and working with management to identify solutions to control gaps.
- Writing clear and concise audit reports to executive management to gain commitment to the action plans which mitigate control gaps or ineffective controls, maintaining effective relationships with process owners and second line of defense. Performing timely follow up work to ensure action plans are implemented minimizes the risks.
- Proactive in researching best practices and evolving technologies to apply as appropriate. Develop and maintain skills necessary to understand and respond to business needs. Able to grasp new concepts quickly.
General Skills:
- Self starter who excels working with little supervision.
- Work is performed independently requiring judgement and discretion, able to multi-task and prioritise workload.
- Strong verbal and written communication skills, including report development, management reporting to senior leadership, and reporting to the audit leadership team.
- Strong analytical and organisation skills. Positive attitude, proactive and resourceful.
- Knowledge of one or more IT governance and security standards such as NIST, ISO27001, COBIT, ITIL, GDPR, CMMC, and PCI.
- Evaluate the adequacy and effectiveness of IT General Controls and IT Application Controls in accordance with SOX 404 requirements.
- Ability to plan and execute risk-based audits in IT applications, infrastructure, cyber security (e.g vulnerability management, web security, end-point protection, security event monitoring), cloud infrastructure and applications.
The Successful Applicant:
- Bachelor's Degree in Computer Science, Computer Information Systems or equivalent from which comparable knowledge and job skills can be obtained.
- One or more professional certifications such as CISA, CISM, CRISC, CIA is mandatory.
- Cyber security or Cloud technology related certifications such as CISSP, CEH, CCSK, Azure Fundamentals is a plus.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Azure CCSK CEH CIA CISA CISM CISSP Cloud CMMC COBIT Compliance Computer Science CRISC GDPR Governance ISO 27001 ITIL Monitoring NIST Risk management SOX Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.