Information Security Internal Audit Specialist

Specialist-Infosec

Area(s) of responsibility

About the Job :

The Internal Audit Specialist is responsible for planning, executing, and overseeing internal audits to provide independent assurance on the effectiveness of governance, risk management, and internal control frameworks. The role ensures compliance with applicable laws, regulations, internal policies, and industry standards while driving continuous improvement across business processes.

 

Role: Specialist- Information Security

 

Location: Noida / Pune

 

Educational Bachelor’s degree in science, Business, Risk Management, or a related field

 

Experience : 5-6 Years

 

Role & responsibilities:

Audit Planning & Execution

• Develop and execute a risk‑based internal audit plan aligned with organizational objectives and risk appetite
• Lead end‑to‑end internal audits covering operational, IT, compliance, and process audits
• Ensure audits are conducted in accordance with the ISO Standards.
• Review audit working papers, validate findings, and ensure quality and consistency in audit execution

Risk Management & Controls

• Assess the design and operating effectiveness of internal controls across functions
• Identify key risks, control gaps, and improvement opportunities
• Provide practical, valued recommendations to strengthen controls and mitigate risks

Stakeholder Management

• Partner with business and functional leaders to communicate audit scope, findings, and remediation plans
• Present audit results, risk assessments, and trends to senior management and governance forums
• Act as a trusted advisor while maintaining audit independence and objectivity

Compliance & Governance

• Support compliance with regulatory and contractual requirements (e.g., SOX, ISO, SOC, NIST, PCI industry regulations as applicable)
• Monitor implementation of audit recommendations and track closure of corrective actions
• Contribute to strengthening enterprise governance and assurance frameworks

Team Leadership & Capability Building

• Lead, mentor, and review the work of internal audit team members
• Build audit capabilities through training, coaching, and adoption of best practices
• Drive consistency, efficiency, and automation within the audit function

Continuous Improvement

• Identify opportunities to enhance audit methodologies, tools, and reporting
• Stay current with emerging risks, regulatory changes, and industry best practices
• Promote a culture of risk awareness, ethics, and compliance across the organization

 

Skills Required :

• Professional certifications preferred: CISA, CISM, ISO 27001:2022 LA/LI, ISO 27701:2019 LA/LI or equivalent.
• Strong knowledge of internal control frameworks, risk assessment methodologies, and audit standards
• Experience in auditing IT/ISMS/PIMS systems, business processes, and regulatory compliance is an advantage

Experience Level

Entry Level