AddressInformation Security Audit Role
Domain - A leading Bank
Location - Mumbai
Exp - 10+ Years
Function: Internal Audit
Job Purpose: The role bearer has the responsibility to actively lead IT Internal Audits for the Bank as assigned.
It comprises taking complete ownership of the process - updating the checklist with the help of Center of Excellence (COE) SPOC, conducting the audits as per defined timelines, publishing the audit reports and completing the relevant documentation.
The role bearer has to adhere to all the guidelines and quality parameters set by the Bank for audit reports - making the audit process more efficient and contribute to the larger objectives of the Bank.
Roles and Responsibilities:
- Assist in preparing the Bank's Annual Audit Plan and administer the same
- Lead primary planning and ensure execution of audit plan as per agreed
- Conduct the IS audits (ITGC controls, VA, PT, APPSEC, CA, BCP, DR, Cloud Security, Cyber Security, Security Operations and Surveillance, Information security and privacy controls, IT Processes - Data Centre Operations, Identity and Access Management, Change Management, Incident Management etc. ) across all technology segments
- Ensure execution of the audit plan as per agreed timelines, draft audit reports, discuss and finalize the same with auditee
- Review the working papers prepared by subordinates and take complete ownership of the same
- Ensure completion of assigned audits and documentation of work papers on time
- Provide improvement/ suggestions to existing process / systems to line management
- Assist in keeping Audit Procedure Manual and checklists current and updated
- Leverage in-house synergies through collaboration with internal stakeholders
- Stay abreast with global market trends, regulator's requirement and competitor strategies
- Attract and retain best-in-class talent for key roles in their reporting structure
Educational Qualifications:
Graduation: Bachelor's in Engineering / Technology / Computers / Management
Post-graduation: MBA, PGDM
Certifications: CISA - Mandatory and / or CISSP, CRISC, CEH, ISO 27001 LA
