IT Internal Auditor II

d position out of our Noida, India office. The ideal candidate should be a self-starter and possess strong work ethics. This role will be responsible for planning and executing IT audits, assessing IT controls, and providing recommendations to enhance the effectiveness and security of the organization's IT environment. This role offers an opportunity to ensure the integrity of IT systems and compliance with regulatory and internal standards. The Senior IT Internal Auditor will join our Global Internal Audit Team and will be working closely with Internal Audit leaders and team members across the world. Our Internal Audit team fosters a culture of collaboration and innovation and utilizes top of the line audit tools and systems.

Key Responsibilities:

a) IT Audit Planning and Execution:
− Assess the design and effectiveness of IT controls within the organization, including general controls, application controls, and network security.
− Evaluate IT frameworks and conduct IT operational audits such as IAM, PAM, Vulnerability Assessment, BCMS, etc.

b) Risk Assessment:
− Participate in IT risk assessments and work closely with the IT department to identify key risk areas and prioritize audit focus.
− Develop an understanding of how IT risks impact business processes and overall enterprise risk.

c) IT Controls Testing:
− Prepare / Update Risk and Control Matrix ('RCM') for the assigned audit area(s)
− Perform detailed walkthrough, design and operating effectiveness testing of IT general controls, IT applications controls, IPEs or Key Reports, SOC 1 report reviews as per RCM.
− Identify potential findings, draft audit issues, provide practical recommendations and discuss with relevant stakeholders
− Perform IT controls testing aligning with industry leading frameworks such as ISO 27001, ISO 42001 or regulatory compliance such as DPDP or GDPR

d) Reporting and Communication:
− Prepare clear, concise, and well-documented audit reports summarizing audit findings, recommendations, and management's response.
− Communicate audit results to senior management and stakeholders in a professional and collaborative manner.

e) AI & RPA Automation:

• Develop low code-no code RPA and AI solutions to improve audit planning, fieldwork efficiency, and reporting quality.
• Develop automation to streamline repeatable, rules-based audit and compliance processes.

e) Other:
− Participate and contribute to initiatives driven by Internal Audit at organisation level or department level
− Stay updated on emerging IT practices, industry standards, and regulatory changes to enhance audit approaches.
− Work collaboratively with management and other departments to understand business processes and control environments.
− Collaborate with IT teams and other business units to understand the organization's IT landscape and ensure audit recommendations are practical and effective.
− Assist in the development and improvement of the audit process and audit tools.

Qualifications:

• Bachelor's degree in information technology, Computer Science, Information Systems, or a related field.
• Good to have relevant industry certifications such as CISA, CISSP, CISM, CRISC, ISO 27001, and others (as relevant).
• Minimum 3-6 years of a Big 4 or professional services firm or professional industry experience in risk & controls, with experience in IT auditing, Information Security, IT risk management, or IT Regulatory compliance.
• Strong understanding of IT general controls (ITGC), IT application controls, IPEs / Key Reports, review of SOC 1 or SOC 2 reports, data privacy regulations (e.g., DPDP, GDPR), and cybersecurity frameworks.
• Candidates with knowledge and experience of applying Cybersecurity framework & best practices such as NIST CSF, CIS will be preferred.
• Candidates with basic to advanced knowledge & development experience of Robotics Process Automation ('RPA') & AI Automations will be preferred.
• Strong understanding of IT control frameworks (e.g., COBIT, NIST, ISO 27001) and experience in auditing IT systems, security, and infrastructure.
• Knowledge of audit management tools and familiarity with data analytics and IT governance tools.

Personal Attributes:

• Excellent communication skills, both written and verbal
• High level of work ethic and professionalism.
• Strong organizational and time-management skills.
• Ability to manage multiple tasks and meet deadlines.

Company Overview:

UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry - because great organizations know their workforce is their competitive edge. Learn more at ukg.com.

UKG is proud to be an equal opportunity employer and is committed to promoting diversity and inclusion in the workplace, including the recruitment process.

Disability Accommodation in the Application and Interview Process

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email [email protected]