IT Audit Lead

Role Overview: As an Information Security and Cloud Security Auditor at Paytm, you will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing information security policies and procedures. You will play a key role in assessing compliance with relevant laws, regulations, and organizational policies, developing and enhancing security policies, and managing audit documentation for internal and external reporting. Additionally, you will lead security assessments on internal, vendor, and third-party hosted environments with a focus on both traditional IT and cloud infrastructure. Key Responsibilities: - Conduct IT and cloud security audits across various domains including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. - Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. - Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. - Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. - Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. - Follow up on and ensure closure of non-compliance issues identified during audits. - Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. - Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions. - Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions. Qualifications & Certification: - Bachelor's / Masters degree in Information Technology, Cyber Security, or a related field. - ISO 27001/CNSS/CCNA/CISA/CISM/CISSP Preferred - Detailed knowledge of security tools, PCI-DSS, general ITGC controls, compliance testing, cloud risk assessment, GRC, OWASP, MITRE ATT&CK, change management, and policies and procedures. - Proficiency in various security and cloud technologies including AWS, Azure, Google Cloud Platform, Palo Alto, Fortinet & Checkpoint Firewalls, SOAR (Cortex), Force scout Additional Company Details: Paytm offers a collaborative output-driven program that brings cohesiveness across businesses through technology. The company focuses on improving the average revenue per use by increasing cross-sell opportunities. Employees receive solid 360 feedback from their peer teams on their support of shared goals. Respect is earned and not demanded from peers and managers at Paytm. If you are the right fit, Paytm believes in creating wealth for you, offering a unique opportunity to be a part of India's largest digital lending story. Role Overview: As an Information Security and Cloud Security Auditor at Paytm, you will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing information security policies and procedures. You will play a key role in assessing compliance with relevant laws, regulations, and organizational policies, developing and enhancing security policies, and managing audit documentation for internal and external reporting. Additionally, you will lead security assessments on internal, vendor, and third-party hosted environments with a focus on both traditional IT and cloud infrastructure. Key Responsibilities: - Conduct IT and cloud security audits across various domains including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. - Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. - Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. - Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. - Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. - Follow up on and ensure closure of non-compliance issues identified during audits. - Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. - L