Axis Bank - Lead - Information Systems Audit & Cyber Audit

Role Overview:

- The Team Lead Information Systems & Cyber Audit will be responsible for planning, executing, and overseeing audits across Information Systems, Cyber Security, IT Infrastructure, Digital Banking, and Technology Governance domains. The role requires strong leadership, technical competency, and the ability to guide a team of IS auditors to ensure robust assurance, regulatory compliance, and risk mitigation across the organizations technology landscape.

- The Team Lead plays a vital role in strengthening the organization's technology risk assurance framework, ensuring resilience against cyber threats, and safeguarding critical systems through high-quality audits and proactive risk identification.

Key Responsibilities

1. Audit Planning & Execution:

- Lead and manage end-to-end IS and Cyber Security audits, including scoping, risk assessment, planning, execution, reporting, and follow-up. Ensure audit coverage aligns with regulatory expectations (RBI, SEBI, NPCI, CERT-In), internal policies, and industry best practices.

- Review audit workpapers, test results, and evidence to ensure quality, completeness, and compliance with internal audit methodology.

2. Team Leadership & Oversight:

- Supervise, mentor, and guide a team of IS & Cyber auditors, ensuring productivity, quality, and skills upliftment.

- Allocate resources effectively and ensure timely completion of the annual audit plan.

- Conduct periodic performance evaluations and provide coaching for capability building.

3. Technology & Cyber Risk Assurance:

Assess design and operating effectiveness of controls across ITGC, Application Controls, Cloud Security, Network Security, Data Security, DevSecOps, Access Management, DR/BCP, and emerging technologies. - Evaluate cybersecurity posture, threat landscape, and adherence to frameworks such as NIST, ISO 27001, COBIT, and CIS benchmarks. Review third-party security risks, vendor assessments, and technology-driven processes.

4. Stakeholder Management

- Work closely with CIO, CISO, Technology, Digital Banking, Risk, and Compliance teams to discuss observations, agree on remediation, and track closure.

- Present key findings, risk insights, and thematic issues to senior management and audit committees.

- Build strong relationships while maintaining independence and objectivity.

5. Regulatory & Compliance Alignment

- Ensure audits are aligned with RBI IT Framework, Cyber Security Guidelines, DPDP Act, IT Act, and other applicable laws and advisories.

- Support responses to regulatory queries, inspections, and external audits.

6. Continuous Improvement & Automation

- Promote audit automation, use of analytics, and continuous monitoring tools to enhance coverage and effectiveness.

- Contribute to development of audit methodologies, checklists, risk libraries, and knowledge repositories.

- Identify emerging risks in AI/ML systems, cloud, API ecosystems, and digital transformation initiatives.

Key Skills & Competencies:

Technical Competencies:

- Strong understanding of Information Security, Cyber Security, ITGC, Cloud Computing, Network Architecture, Databases, Operating Systems, and Digital Platforms.

- Knowledge of regulatory frameworks (RBI, CERT-In, SEBI), global standards (ISO 27001, NIST, COBIT), and cyber security practices.

- Hands-on experience with audit/test tools, analytics platforms, and automated evidence gathering.

Behavioral Competencies:

- Strong leadership, team management, and people development skills. - Excellent communication, negotiation, and stakeholder engagement abilities.

- Analytical thinking, risk-based approach, and problem-solving mindset.

- Ability to work under pressure with tight timelines.

Educational Qualifications:

- Bachelors degree in engineering, IT, Computers, Electronics, or equivalent, Professional degree in IT related area.

- Preferred: Masters degree in IT/CS/Cyber Security/MBA (Systems).

Professional Certifications (Preferred):

- CISA, CISSP, CISM , CRISC, ISO 27001 Lead Auditor, CEH / other cyber security certifications, Cloud certifications (AWS, Azure, GCP) added advantage

Experience:

- 15+ years of relevant experience in IS Audit, Cyber Security Audit, IT Risk Management, or Technology Assurance roles.

- Prior experience in leading audit teams in BFSI/FinTech/Technology domain is preferred.