Skip to main content

IT Security Auditor

This position is closed as on 2020-02-07

 

Reporting Structure:

  • Reports to Sr. Manager Systems Audit

Education:

  • Graduate in Computer Science/IT or B. Tech or BCA

Experience (years):

  • 5+ years of experience in the field of information security operations, Information System Audits preferably in banking sector
  • Hands-on experience in the following areas:
  • Writing Information security policies, procedures and processes
  • Conducting risk assessment covering Cyber Security domains
  • Managing firewalls, internet proxy, web filtering, email filtering, data leak prevention, DDoS protection, data encryption and other security products.
  • Monitoring networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior
  • Incident response
  • Conducting periodic network scans to find any vulnerability
  • Investigating security breaches
  • Experience in conducting reviews based on ISO standards and regulatory guidelines in banking sector for a medium to large sized organization would be preferred
  • Experience in conducting Information System Audits
  • Must have experience in preparing quality deliverables such as audit reports, presentations etc.
  • Excellent written, oral communication and presentation skills
  • Excellent organizational and interpersonal skills
  • Ability to work independently or as part of a team

Industry:

Information technology / Financial services

Responsibilities

  • Conducting audits of information security architecture, firewalls, internet proxy, web filtering, email filtering, data leak prevention, DDoS protection, data encryption, and other security products
  • Conducting audit of Information security policies, procedures and processes to identify design gaps
  • Conducting audit of information security processes such as security event monitoring and resolution, incident response, vulnerability assessment etc.
  • Conduct audits of information security systems and infrastructure to verify systems are secure and support the related applications/business processes
  • Carry out vulnerability assessment and penetration testing for computing platforms as required
  • Audit change management, patch management, incident management, backup management
  • Identify and draft thought leadership articles pertaining to technology aligned operational and other categories of risk
  • Support in maintaining audit checklist and documents, trend analysis, preparing presentations etc.
  • Should be a self-learner and must keep updated with the latest security guidelines issued by regulators, international standards for information security, threats and vulnerabilities researched/discovered
  • Research public domain to keep up to date knowledge on latest Application Security threats and vulnerabilities
  • Candidate will have to travel extensively within Mumbai and across the country for performing audits

Certifications

  • CISA/CISSP/CEH
  • ISO 27001 Lead Auditor/Lead Implementer