Cyber Security Auditor
Open
Reporting Structure
Reports to Sr. Manager Systems Audit
Education
Graduate in Computer Science/IT or B. Tech or BCA
Industry
-
Information technology / Financial services
Experience
-
5 + years of experience in audits and assessment services of organizations based on ISO and PCI standards Must have experience in conducting audit based on payment security standards in banking sector for a medium to large sized organization
-
Must have experience in conducting risk assessment covering Cyber Security domains
-
Must have experience in preparing quality audit reports Excellent written, oral communication and presentation skills
-
Excellent organizational, communication and interpersonal skills
-
Ability to work independently or as part of a team
Responsibility
-
Developing project plans, work programs, evaluating IT System controls effectiveness, documenting observations and communicating information to stakeholders
-
Audit cyber security program effectiveness - policy for completeness, effectiveness of periodic reviews, Governance of management, Security Awareness and Training
-
IT process effectiveness – Information and Asset Management, Third party security risk management, threat/vulnerability management & change/configuration Management
-
Conduct audit of risk assessment and its effectiveness in a regulated entity
-
Effectiveness of data management including Information management lifecycle and data leak prevention controls Audit SoC management, incident management process, Cyber crisis management plan including BCP/DR preparedness
-
Develop and maintain up to date audit checklist and documents
-
Review draft audit reports for improving quality of the reports
-
Keep updated with latest threats and vulnerabilities researched/discovered
Certifications
-
CISA/CISSP
-
ISO 27001 Lead Auditor
