Head - Internal Audit - Technology - Bank

Our client is a leading Bank and the position is Mumbai based reporting to the Country Head of Internal Audit

Key Objective : Primarily responsible for Technology audit of the Bank and provide support on all Business / Functions audit

Key Responsibilities :

- Oversee / Lead audits of Technology area covering all aspects i.e. Infrastructure, Applications, Databases e.t.c.

- Plan, design and implement risk based audit plans to ensure safety and soundness of the Bank.

- Support Business audits for coverage of Technology risks.

- Ensure completion of assigned audits and documentation of work papers on time.

- Track status of issues reported.

- Keep relevant processes benchmarked to Best Practices and peer banks.

- Keep Audit Procedure Manual and checklists current and updated.

- Examine and provide comfort to Head - Internal Audit on all new developments in the Technology area so as to provide assurance on regulatory and other control requirements of the Bank. Simultaneously devise audit checklists for use of internal/concurrent Auditors and test processes/procedures to foresee pitfall and bottlenecks and ensure these are audited/resolved.

- To provide suggestions for improvement to existing process / systems to line management

Essential Competencies :

- Expert knowledge of Technology Security audits or Line Technology Security responsibility.

- Knowledge of bank audit procedures.

- Hands on experience of approximately 10-15 years both at operational and supervisory level.

- Knowledge of other areas of banking would be an added advantage.

- Should be a clear thinker and excellent communicator

- Good team player to provide able support to Country Head- Internal Audit, should have leadership and people management skills to guide team mates, peers and auditees.

Qualifications and Relevant Experience

- B.Tech / M.Tech from a reputed institute.

- Should possess CISA/CISSP or equivalent certification

- Possess good knowledge of one or more multiple standards such as BS 7799/ISO 17799 or COBIT or SANS or ISO 15408

- Should be familiar or have expertise on OWASP or OSSTMM

- Excellent understanding and knowledge of IS security controls and Regulatory guidelines from bodies such as the RBI.

- Experience in performing Information Security audits or Line experience as a Information Security Officer roles in a Banking or Financial sector organization would be preferred.

- Knowledge / understanding on implementation of security products & standards

- Solid network foundation and integration skills along with understanding how security mechanisms work together to provide the required level of protection

- Possess working knowledge of Firewalls, Perimeter Security, VPN, IPS/IDS technologies, encompassing remote access devices, data encryption, wireless products

- Possess working knowledge of hardening of various Operating Systems / Platforms.

- Knowledge of how to perform vulnerability and penetration tests, understanding of current security technologies, current weaknesses and vulnerabilities within operating systems and networking products, and an understanding of the current agreed upon best practices within the security field

- 10-15 years post qualification experience in Financial Services / Audit Firm / IT Security Firm /Info Sec role / environment in a reputable organisation.

- Impeccable integrity and risk consciousness.

\Monika