Why should you join Zomato?
Zomato is a restaurant search and discovery platform, providing in-depth information for over 1.4 million restaurants across 24 countries.
Zomato is used by consumers globally to discover, rate and review restaurants, as well as create their own personal network of foodies for trusted recommendations.
Restaurants improve their discoverability through Zomato’s hyperlocal advertising platform - currently this forms a large part of Zomato’s revenue.
Over the last 2 years Zomato’s Online Ordering business has matured and become fast-paced. At the very core of this business is great user experience, creating cutting-
edge technology to connect restaurant businesses and customers in ways that will revolutionise the restaurant industry.
About the role :
Assistant Manager / Manager IT audits, GRC is responsible for planning, executing and reporting on Information Technology Audits, Tech Infrastructure Audits, IT Security / Vulnerability / Risk Assessments reviews.
Maintenance and periodic testing of automated controls in SAP and other applications. Will also be responsible to maintain and review IT governance and Technology risks and corresponding.
Here's what you will do day to day :
Executing IT, compliance and regulatory reviews / audits
Conduct Infrastructure Audit, IT Security, Risk Assessment, Network Design, Web Applications Security and Source Code review
Conduct vulnerability assessment of System and cloud / physical infrastructure including penetration testing of networks and web applications using third party / open source tools
Perform manual penetration testing of systems, web sites and networks to discover vulnerabilities
Establish policies and procedures for the design, installation and commissioning of the systems infrastructure
Communicating to appropriate audience the audit scope, protocol, status, issues, risks and recommendations via written reports and presentations
Perform data analytics to review processes, transactions and financial data
Tracking, compiling and reporting KPIs
Performing special projects, investigations, and other duties as assigned
Here's what we're looking for :
BE, CA, B Tech, ACCA (Required), MBA (desirable). Certifications (desirable) CISA, CISSP, CSX, PMP, ITIL, CEH, COBIT, ISO 27001 LA
4-6 years experience in cyber security, information security, information technology domain and related activities such as cyber security assessments, IT audits / IT risk management, cyber governance, business system controls review
Experience in the areas of infrastructure security audit, IT security, vulnerability assessment, risk assessment, network security review, network architecture review, configuration review, penetration testing, process review and IT General Controls review.
Proficient in Microsoft Office suite applications, SAP and data analytics tools
Knowledge and experience in the areas of operating systems review, databases review, configuration testing and security reviews.
Knowledge of information security technologies and methodologies including for example web server security / firewalls / networks / encryption / TCP / IP / windows etc.
Experience of implementation / review of information security / cyber security standards such as : ISO 27001, NIST framework, ISO 22301, PCI DSS, ITIL, COBIT would be an added advantage
Experience on Data privacy and Business Continuity would be an added advantage
Ability to communicate technical risk issues effectively, to stakeholders who may, at times, have a non- technical background
Demonstrate ability to evaluate, synthesize, organize and interpret data and information
Strong interpersonal, project management, analytical and supervisory
Excellent written and oral communication skills
Ability to work in a dynamic work environment
Ability to manage multiple projects & priorities simultaneously and be comfortable with ambiguity / chaos