Underpaidby HiringX
← All Jobs

IT Audit-Manager

Paytm

Noida, Uttar PradeshOfficeIT Audit10+ yrs

About the role

About Team : The Internal Audit team at Paytm comprises seasoned professionals with diverse skill sets and experience across different verticals like process audits, technology audits and forensics. The team focuses on implementing the approved audit plan, ensuring delivery of qualitative audits and conducting internal / special reviews while leveraging technology & data analytics and gauging key risks across business processes.

About the role: We are seeking an experienced and detail-oriented Information Security and Cloud Security Auditor to join our team. The ideal candidate will have 10+ years of expertise in data security and privacy control implementation, internal auditing, third-party risk management, cybersecurity governance, and cloud security (banking sector preferred). This role will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing our information security policies and procedures.

Key Responsibilities:

Conduct IT and cloud security audits across various domains, including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments.

Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments.

Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering.

Follow up on and ensure closure of non-compliance issues identified during audits.

Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers.

Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions.

Conduct risk-based security assessments on internal, vendor, and third-party hosted environments, focusing on both traditional IT and cloud infrastructure.

Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions.

Experience/ Skills Required:

Minimum 10 years of experience in information security and auditing, with a strong background in cloud security, and the banking and IT industries.

Proven experience in performing IT and cloud security audits, validating ITGC and cloud application controls, and maintaining audit documentation.

Hands-on experience with vulnerabi