IT vendor audits is mandatory Designation – SC/DM Notice period – 30-45 days , 60 days maximum The brief JD is mentioned below: Conduct IT and vendor audits for third-party service providers (TPAs, outsourced vendors, cloud partners) supporting insurance operations Review IT General Controls (ITGC) including access management, change management, incident management, and backup/DR controls Assess information security and regulatory compliance (IRDAI guidelines, ISO 27001, NIST, data protection requirements) Perform process audits of insurance operations (underwriting, claims, policy servicing) with focus on system-driven controls and automation Evaluate integration between IT systems and business processes , identifying gaps, inefficiencies, and control weaknesses Review contracts, and SLAs from IT risk and operational control perspectives Prepare audit reports, risk assessments, and control matrices , with actionable recommendations and risk ratings Coordinate with stakeholders and vendors to track and ensure timely closure of audit findings