Job Summary:
UKG is looking for a highly motivated, self-driven and detail-oriented Senior IT Internal Auditor for a hybrid-office based position out of our Noida, India office. The ideal candidate should be a self-starter and possess strong work ethics. This role will be responsible for planning and executing IT audits, assessing IT controls, and providing recommendations to enhance the effectiveness and security of the organization's IT environment. This role offers an opportunity to ensure the integrity of IT systems and compliance with regulatory and internal standards. The Senior IT Internal Auditor will join our Global Internal Audit Team and will be working closely Internal Audit leaders and team members across the world. Our Internal Audit team fosters a culture of collaboration and innovation and utilizes top of the line audit tools and systems.

Key Responsibilities:

a) IT Audit Planning and Execution:
− Lead and conduct IT audits across various technology areas such as IT infrastructure, security, application systems, change management, IT asset management, and data privacy.
− Assess the design and effectiveness of IT controls within the organization, including general controls, application controls, and network security.
− Evaluate cybersecurity frameworks, access management, and business continuity/disaster recovery processes.

b) IT Controls Testing:
− Prepare / Update Risk and Control Matrix ('RCM') for the assigned audit area(s)
− Perform detailed walkthrough and testing of controls as per the RCM. Assess appropriateness of design and operating effectiveness of controls
− Identify potential findings, draft audit issues and discuss with relevant stakeholders
− Provide practical recommendations for improvements.
− Test IT controls to ensure compliance with organizational policies, industry standards, and regulatory requirements such as GDPR, SOX, ISO 27001, etc.
− Identify weaknesses or gaps in the IT control environment and provide actionable recommendations.

c) Reporting and Communication:
− Prepare clear, concise, and well-documented audit reports summarizing audit findings, recommendations, and management's response.
− Communicate audit results to senior management and stakeholders in a professional and collaborative manner.

d) Risk Assessment:
− Participate in IT risk assessments and work closely with the IT department to identify key risk areas and prioritize audit focus.
− Develop an understanding of how IT risks impact business processes and overall enterprise risk.

e) Other:
− Participate and contribute to initiatives driven by Internal Audit at organisation level or department level
− Stay updated on emerging IT practices, industry standards, and regulatory changes to enhance audit approaches.
− Work collaboratively with management and other departments to understand business processes and control environments.
− Collaborate with IT teams and other business units to understand the organization's IT landscape and ensure audit recommendations are practical and effective.
− Assist in the development and improvement of the audit process and audit tools.

Qualifications:
- Bachelor's degree in information technology, Computer Science, Information Systems, or a related field. Relevant certifications such as CISA, CISSP, CISM, or CRISC are highly preferred.
- 3-6 years of experience in IT auditing, information security, or IT risk management, preferably in a multinational organization.
- Basic to advanced knowledge of Robotics Process Automation ('RPA'). Candidates with certifications would be preferred.
- Strong understanding of IT control frameworks (e.g., COBIT, NIST, ISO 27001) and experience in auditing IT systems, security, and infrastructure.
- Experience with IT general controls (ITGC), application controls, data privacy regulations (e.g., GDPR), and cybersecurity frameworks.
- Knowledge of audit management tools and familiarity with data analytics and IT governance tools.
- Excellent communication skills, both written and verbal, with the ability to convey complex technical issues to non-technical stakeholders.
- Strong analytical skills and attention to detail, with the ability to assess IT risks and control effectiveness.
- Ability to work independently or as part of a team in a fast-paced and dynamic environment.

Personal Attributes:
- High level of work ethic and professionalism.
- Strong organizational and time-management skills.
- Ability to manage multiple tasks and meet deadlines.