HR Manager at ANS - Placements
Views:111 Applications:17 Rec. Actions:Recruiter Actions:4
Information Security Auditor - Banking Sector (6-13 yrs)
Job Details : (Banking sector experience mandatory)
Certifications:- CISA, CAIIB, ISO27001:2013LA, ITIL
Good understanding :-Various IT Governance frameworks viz COBIT/COSO/ISO/ITIL
Working knowledge :- Information Security assessment tools like Nessus, Berp Suite, Nipper, Kali Linux
- Understand the IS environment to determine the size and complexity of the systems/applications and the extent of dependence on information systems .
- Delivers on time high quality audit reports, audit issue validation and (where appropriate, branch reviews, as well as business monitoring and governance committee reporting.
- Produce audit assurance opinion in the form of audit reports to communicate audit findings and conclusions.
- Directs complex audit activities for a component of a product line or function, or theme including a portion of the audit annual plan.
- Executes annual IT Audit Plan, for the Bank in accordance with Internal Audit standards, relevant regulations and Bank policies.
- Analyses audit findings; recommends appropriate interventions where needed. Proposes creative and pragmatic solutions for risk and control problems. Partners with business units to develop approaches for addressing broader corporate emerging issues.
- Applies an in-depth understanding of the inter-relationships of business and support units throughout the Bank and how they impact the overall control environment and the audit approach.
- To undertake Vulnerability Assessment of OS, DB and application manually as well as by using tools. Should be able to analyze VAPT reports.
- Theme based review (analytics) of key processes and identifying process / control gaps
- Assess Information Security compliance of Third Party service providers.
- Review the Information System Assets Identification, Classifications and perform Risk Assessment.
- Undertake reviews of internal control procedures and security for systems/applications under development and/or enhancements to current systems.
- Perform IT General control reviews for simple to complex information systems in a risk-based manner.
- Perform control reviews of applications security to include system development standards, operating procedures, system security, programming controls, communication controls, backup, change management, access management and disaster recovery, and system maintenance.
- Review of application functional controls relate to transactions, reconciliations and assess its financial and regulatory implications.
- Follows-up on audit findings to ensure that management has taken corrective action(s).
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.