Lead Auditor

Location India Job type Full Time

Role Summary:

We are seeking a highly skilled Lead Auditor with extensive experience in ISO standards, SOC 2, internal audits, GDPR, NIST framework and ITIL frameworks. The ideal candidate will be responsible for planning, executing, and leading audit engagements, ensuring compliance with industry standards and best practices. This role requires strong analytical skills, attention to detail, and the ability to collaborate with cross-functional teams to improve governance, risk management, and compliance frameworks.

Position: Lead Auditor
Experience: 8 to 10 years
Location: Chennai, India
Job Type: Full-time

Key Responsibilities:

Audit Planning & Execution:

  • Develop and implement audit plans aligned with ISO (ISO 27001, etc.), SOC 2, GDPR, NIST Framework, ITIL, and internal audit standards.
  • Conduct risk-based assessments and gap analyses to identify potential compliance issues.
  • Lead and execute internal audits, external audits, and third-party audits, ensuring adherence to industry regulations.
  • Evaluate IT controls, security frameworks, and risk management practices in alignment with ISO 27001, SOC 2, GDPR, NIST and ITIL best practices.
  • Perform evidence gathering, documentation review, process assessments, and audit reporting.

Compliance & Risk Management:

  • Ensure organizational compliance with ISO standards, SOC 2, ITIL, GDPR, NIST and other regulatory requirements.
  • Identify and mitigate risks by implementing control measures and recommending corrective actions.
  • Maintain audit trails, documentation, and risk registers to ensure transparency and regulatory adherence.
  • Monitor and evaluate information security, data privacy, and IT governance controls.

Reporting & Stakeholder Management:

  • Prepare detailed audit reports with findings, recommendations, and remediation plans.
  • Present audit outcomes to senior management, risk committees, and external regulators.
  • Work closely with IT, security, compliance, and operations teams to implement audit recommendations.
  • Provide guidance on policy development, compliance improvements, and best practices.

Continuous Improvement & Training:

  • Stay updated with industry trends, regulatory changes, and emerging risks in ISO, SOC 2, ITIL, GDPR, NIST and internal audit domains.
  • Conduct training and awareness sessions on compliance, risk management, and best practices.
  • Contribute to process improvements and automation of audit and compliance processes.

Required Qualifications & Skills:

Technical & Professional Skills:

  • ISO 27001, GDPR, NIST, SOC 2, ITIL, and internal audit expertise.
  • Strong understanding of risk management, IT governance, security frameworks, and compliance programs.
  • Experience with audit tools, GRC (Governance, Risk, and Compliance) platforms, and ITSM frameworks.
  • Knowledge of cloud security, IT operations, data privacy laws, and cybersecurity best practices.

Certifications (Preferred):

  • Certified Information Systems Auditor (CISA)
  • ISO 27001 Lead Auditor Certification
  • SOC 2 Implementation Certification
  • ITIL Foundation Certification

Soft Skills:

  • Excellent analytical, problem-solving, and decision-making skills.
  • Strong communication, reporting, and stakeholder management abilities.
  • Ability to work independently and lead audit teams/projects.
  • Detail-oriented with a proactive approach to compliance and risk mitigation.

Education:

  • Bachelor’s/Master’s degree in Information Technology, Computer Science, Accounting, or a related field.
  • Additional certifications in audit, compliance, or security frameworks are a plus.

Compensation & Benefits:

  • Competitive salary based on experience
  • Performance-based incentives
  • Health and wellness benefits
  • Professional development and certification sponsorship