Skip to main content

Cloud Security Auditor

 

Reporting Structure

Reports to Sr. Manager Systems Audit

Education:

  • Graduate in Computer Science/IT or B. Tech

Experience (years):

  • 5-8 years of experience in Information Security, out of which 3 years in Cloud.
  • In-depth understanding of different Cloud Service Models such as IAAS, PAAS and SAAS.
  • Hands-on implementation experience of different Cloud Deployment Models such as Public, Private and Hybrid.
  • Strong knowledge and expertise in information security risks and governance management across different Cloud Models.
  • Hands on experience with securing/auditing Cloud infrastructure and applications.
  • In-depth understanding of Vendor Risk Management.
  • Familiarity with risk assessment techniques, framework and concepts.
  • Familiarity with various security controls and certifications (ISO, CSA, PCI, SOC, etc.)
  • Must have experience in preparing quality deliverables such as audit reports, presentations etc.
  • Excellent written, oral communication and presentation skills
  • Excellent organizational and interpersonal skills
  • Ability to work independently or as part of a team

Industry:

Information technology / Financial services/Audit & consulting organizations

Responsibilities

  • Conducting detailed audits of Cloud setup by the regulated entities, as per the defined schedule.
  • Support in maintaining audit checklist and documents, trend analysis, preparing presentations etc.
  • Candidate will have to travel extensively within Mumbai and across the country for performing audits.
  • Identify the opportunities and contribute towards the continuous improvement of the audit process and service.
  • Identify and draft thought leadership articles pertaining to technology aligned operational and other categories of risk.
  • Undertake consulting engagements as per the requirements and submit whitepapers/presentation packs
  • Should be a self-learner and must keep updated with new regulations, developments and technologies related to cyber security.
  • Prepare audit reports and submit for review.
  • Contribute towards service and process improvements towards improving cyber security resilience in banking sector
  • Continuous learning in identified security competencies and new/emerging technologies

Certifications

  • CCSK/CCSP
  • CISA/CISSP/CISM
  • ISO 27001 Lead Auditor/Lead Implementer

Employment Type

  • All positions are on fixed term contract on a full-time basis exclusively for ReBIT, initially for a period of three years, extendable by mutual consent.