|
Reporting Structure
|
|
Reports to Sr. Manager Systems Audit
|
|
Education
|
Graduate in Computer Science/IT or B. Tech or BCA
|
|
Experience (years)
|
- 5 years of experience in audits and assessment services of organizations based on ISO and PCI standards
- Must have experience in conducting audit based on payment security standards in banking sector for a medium to large sized organization
- Must have experience in conducting risk assessment covering Cyber Security domains
- Must have experience in preparing quality audit reports
- Excellent written, oral communication and presentation skills
- Excellent organizational, communication and interpersonal skills
- Ability to work independently or as part of a team
|
|
Industry
|
Information technology / Financial services
|
|
Responsibilities
|
- Developing project plans, work programs, evaluating IT System controls effectiveness, documenting observations and communicating information to stakeholders
- Audit cyber security program effectiveness - policy for completeness, effectiveness of periodic reviews, Governance of management, Security Awareness and Training
- IT process effectiveness – Information and Asset Management, Third party security risk management, threat/vulnerability management & change/configuration Management
- Conduct audit of risk assessment and its effectiveness in a regulated entity
- Effectiveness of data management including Information management lifecycle and data leak prevention controls
- Audit SoC management, incident management process, Cyber crisis management plan including BCP/DR preparedness
- Develop and maintain up to date audit checklist and documents
- Review draft audit reports for improving quality of the reports
- Keep updated with latest threats and vulnerabilities researched/discovered
|
|
Certifications
|
- CISA/CISSP
- ISO 27001 Lead Auditor
|
