Senior Auditor - Technology - Investment Bank

The Role :

If your expertise lies in technology (infrastructure & applications) audits, IT risk management or IT Security, a position as Senior Auditor is ideal for you.

 In this role, you will be responsible for providing quality, efficient and effective assurances and influencing business managers to improve controls. You will contribute to the independent engagement assurance by undertaking allocated talks within the engagement life cycle.

To qualify for this role, you need to have experience in IT auditing, IT/Information Security, and Technology Risk Management preferably with auditing certifications such as CISA, CISSP, SANS-GIAC or CISM.

What the Business Does :

This role is based in the Internal Audit function reporting to the Head of Audit (Bangalore)

Internal Audit's vision is to be an excellent Audit function providing independent assurance and Opinions that have impact and influence. RBS operates a 3 Line of Defence Model. IA acts as the 3rd line of defence to provide independent, objective assurance to ensure that the controls over the key business processes are adequate and effective to manage the key business risks.

Your Responsibilities :

As Senior Auditor, your responsibilities will include :

- Contributing to assurance planning and undertake effective process mapping

- Assessing risks and controls and undertake testing effectively

- Contributing to continuous monitoring by undertaking analysis of MI or review of risk information under direction by the SAM/AM

- To occasionally lead engagements, driving the delivery of efficient and effective assurance

- Leveraging IA's industry leading audit methodology and tools to comply with Global Methodology and use tools and resources appropriately

- To be an ambassador for IA, demonstrating professional behaviours and helping to build on the reputation and integrity of the function

Skills you need :

- Sound knowledge of infrastructure audits or security testing on platforms/OS (UNIX, Windows, Mainframe-iSeries/AS400), Database/DBMS (Oracle, SQL, Sybase, MySQL), network (switches, routers, firewall, IDS/IPS), middleware, messaging, batch scheduling/management technologies

- Strong knowledge of application auditing controls such as authentication, authorization, audit trails, role based access controls, application interfaces, data integrity, segregation of duties, and business logic/banking domain knowledge

- Comprehensive knowledge of IT General Control testing methodology/techniques

- Good understanding of Information Security components such as IAM (identity & access management), single-sign on, vulnerability assessment/penetration testing, DLP (data loss prevention) and disaster recovery

- Understanding of IT/Information Security standards, regulations and best practices including IIA, CoBIT, ISACA, NIST, PCI-DSS