Manager- IT Audit & Compliance

4 Weeks ago • 7-9 Years • Administrative

About the job

Job Description

The Manager- IT Audit & Compliance will oversee all aspects of IT audit and compliance at PhonePe. Responsibilities include policy review and maintenance, risk assessment, project management for security control implementation, certification renewal (ISO 27001, PCI DSS), vendor contract review, and exception management. The role requires managing internal and external audits (CISA, RBI, ISO 27k, etc.), liaising with auditors, and ensuring timely closure of audit findings. Guidance to stakeholders on IT policy, BCP strategy, and security drills is also a key responsibility.
Must have:
  • 7-9 years experience
  • BE/relevant experience
  • CISA/DISA/CIA preferred
  • High ethical standards
  • Analytical mind
  • Project planning & execution
Perks:
  • Medical Insurance
  • Critical Illness Insurance
  • Accidental Insurance
  • Life Insurance
  • Employee Assistance Program
  • Maternity Benefit
  • Paternity Benefit
  • Adoption Assistance
  • Day-care Support
  • Relocation benefits
  • Higher Education Assistance
  • Car Lease
Not hearing back from companies?
Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.

About PhonePe Group: 

PhonePe is India’s leading digital payments company with 50 crore (500 Million) registered users and 3.7 crore (37 Million) merchants covering over 99% of the postal codes across India. On the back of its leadership in digital payments, PhonePe has expanded into financial services (Insurance, Mutual Funds, Stock Broking, and Lending) as well as adjacent tech-enabled businesses such as Pincode for hyperlocal shopping and Indus App Store which is India's first localized App Store. The PhonePe Group is a portfolio of businesses aligned with the company's vision to offer every Indian an equal opportunity to accelerate their progress by unlocking the flow of money and access to services.

Culture

At PhonePe, we take extra care to make sure you give your best at work, Everyday! And creating the right  environment for you is just one of the things we do. We empower people and trust them to do the right  thing. Here, you own your work from start to finish, right from day one. Being enthusiastic about tech is a  big part of being at PhonePe. If you like building technology that impacts millions, ideating with some of  the best minds in the country and executing on your dreams with purpose and speed, join us!

Roles and Responsibilities: -

Maintenance:
- Ensure Review of policies and procedures on a periodic basis or whenever there is change and place it for Management approvals to board on a timely fashion
- Preparation of architectural diagrams and technical documentations for audit and regulatory purposes along with stakeholders and consultants 
- Ensure the Business Impact Assessment of new businesses, applications etc.
- Ensure Risk assessments for all IT assets and processes periodically and ensure RA/ RT is in place.
- Run project management for implementation of various security controls by liaising with different teams. 
- Renewal of certifications on time (ISO 27001 and PCI DSS)
- Review all merchant and IT vendor contracts for clauses w.r.t information security and regulatory requirements


Monitoring and Guidance:
- Exception management, review (periodic) controls, analyse and make appropriate recommendation
- Provide guidance to the stakeholders with respect to the contractual obligation on IT policy management and process implementations.
- Provide guidance to stakeholders on Periodic updates to BCP strategy, liaising with teams to perform drills etc. Guide team members on planning Phishing and other information security drills
- Evaluation of vendors, review of internal tool reviews for SRE /Engg. teams /PhonePe functions from Data security angle

Regulatory and Compliance audits:
- Interpret IT control requirements from regulatory guidelines and circulars and prepare a detailed framework for implementation and Advisory on implementation of information security controls 
- Ensure that IT regulatory requirements are tracked and continuously monitored. 
- Plan audit calendars and schedule the same.
- Manage all internal and external audits related to IT and Non IT .
- Plan and Overseeing all IT audits (including CISA (PPI) ,RBI/ ReBIT Audit, ISNP &; CIS (insurance), PCI DSS, System Audits, partner bank audits, ISO 27k ,Stat audits ,NPCI audits etc.
- Fore fronting all the audits and act as POC for all escalations for any audit related activities
- Liaise with auditors to explain infosec posture, org structure, provide technical architecture overview, process understanding on IT controls etc. 

- Support management to provide audit finding responses, implementation of controls as per audit recommendations etc and ensure all IT audit observations are taken to closure 

Must Haves -
-  7 to 9 years of work experience, BE / relevant experience in Group 4 consultancies, or likes of Group 4 . CISA / DISA / CIA preferred.
- Has high ethical standards and are able to work diligently to complete your duties.
- Has an analytical mind able to “see” the complexities of procedures and regulations.
- Demonstrate the ability to plan and execute projects with minimal management support.

PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles)

  • Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance
  • Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System
  • Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program
  • Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy
  • Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment 
  • Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy

Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog.

Life at PhonePe

PhonePe in the news

View Full Job Description

About The Company

PhonePe was founded in December 2015 and has emerged as India’s largest payments app, enabling digital inclusion for consumers and merchants alike. With 48 crore (480 Million) registered users, one in four Indians are now on PhonePe. The company has also successfully digitized 3.6 crore (36 Million) offline merchants spread across Tier 2,3,4 and beyond, covering 99% of the postal codes across India. PhonePe is also the leader in Bharat Bill Pay System (BBPS), processing over 45% of the transactions on the BBPS platform. PhonePe forayed into financial services in 2017, providing users with safe and convenient investing options on its platform. Since then, the company has introduced several Mutual Funds and Insurance products that offer every Indian an equal opportunity to unlock the flow of money and access to services. PhonePe was recently recognized as the Most Trusted Brand for Digital Payments as per the Brand Trust Report 2023 by Trust Research Advisory (TRA).



Maharashtra, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

Karnataka, India (On-Site)

View All Jobs

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug