Job Details : (Banking sector experience mandatory)
Certifications:- CISA, CAIIB, ISO27001:2013LA, ITIL
Good understanding :-Various IT Governance frameworks viz COBIT/COSO/ISO/ITIL
Working knowledge :- Information Security assessment tools like Nessus, Berp Suite, Nipper, Kali Linux
- Understand the IS environment to determine the size and complexity of the systems/applications and the extent of dependence on information systems .
- Delivers on time high quality audit reports, audit issue validation and (where appropriate, branch reviews, as well as business monitoring and governance committee reporting.
- Produce audit assurance opinion in the form of audit reports to communicate audit findings and conclusions.
- Directs complex audit activities for a component of a product line or function, or theme including a portion of the audit annual plan.
- Executes annual IT Audit Plan, for the Bank in accordance with Internal Audit standards, relevant regulations and Bank policies.
- Analyses audit findings; recommends appropriate interventions where needed. Proposes creative and pragmatic solutions for risk and control problems. Partners with business units to develop approaches for addressing broader corporate emerging issues.
- Applies an in-depth understanding of the inter-relationships of business and support units throughout the Bank and how they impact the overall control environment and the audit approach.
- To undertake Vulnerability Assessment of OS, DB and application manually as well as by using tools. Should be able to analyze VAPT reports.
- Theme based review (analytics) of key processes and identifying process / control gaps
- Assess Information Security compliance of Third Party service providers.
- Review the Information System Assets Identification, Classifications and perform Risk Assessment.
- Undertake reviews of internal control procedures and security for systems/applications under development and/or enhancements to current systems.
- Perform IT General control reviews for simple to complex information systems in a risk-based manner.
- Perform control reviews of applications security to include system development standards, operating procedures, system security, programming controls, communication controls, backup, change management, access management and disaster recovery, and system maintenance.
- Review of application functional controls relate to transactions, reconciliations and assess its financial and regulatory implications.
- Follows-up on audit findings to ensure that management has taken corrective action(s).
Didn’t find the job appropriate? Report this Job