GRC Auditor

Client Introduction:

Our client is a financial wellness platform aiming to revolutionize how salaries are received and spent.

Job Description:

Purpose:

The GRC Auditor will plan, conduct, and report on audits of IT systems and business processes to ensure compliance with internal policies, industry standards, and regulations. This role is vital in identifying risks, enforcing governance, and ensuring adherence to information security frameworks and data protection laws within a regulated financial services environment.

Knowledge & Skills:

• 3-5 years of experience in IT audit, information security, or similar roles in regulated financial services.
• Certifications such as CISA, CISSP, or CISM are highly desirable.
• Strong understanding of IT and security frameworks like COBIT, ISO27001.
• Familiarity with financial regulations and standards such as PCI-DSS, GDPR.

Key Responsibilities:

• Conduct IT risk assessments to identify vulnerabilities and compliance gaps.
• Evaluate threat landscape and assess risk exposure.
• Collaborate with IT Security, Infrastructure, DevOps teams to enforce security controls across all environments.
• Design and execute audit plans to assess IT and cybersecurity controls.
• Perform control testing for access management, data protection, change management, incident response, and disaster recovery.
• Adjust audit methodologies based on risk and control maturity.
• Assess compliance with standards like ISO/IEC 27001, COBIT, PCI-DSS, GDPR.
• Coordinate with compliance and legal teams on regulatory expectations.
• Prepare clear audit reports with findings and recommendations.
• Communicate results to technical and non-technical stakeholders.
• Maintain audit documentation per standards.
• Follow up on remediation actions and monitor audit issues.
• Guide control owners on best practices for improvements.

Behavioral Competencies:

• Analytical and Critical Thinking
• Integrity and Accountability
• Effective Communication
• Collaboration
• Time Management
• Ownership and Initiative

Other Details:

Work Mode: Onsite

Location: Karachi

Employment Type: Full-Time

Working Hours: 9am - 6pm, Monday - Friday

Experience Required: 5+ Years

About HR Ways:

HR Ways is an award-winning technical recruitment firm supporting software houses and IT product companies globally. We work with over 300 employers worldwide, including leading SaaS companies and startups. Visit our WhatsApp Channel or our website for more information.