'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Vertical Head - Information Systems Audit
Mumbai/Navi Mumbai- Develop the IS Audits strategy encompassing Information Technology (IT) Infrastructure, Information Security and IT Applications Audits covering the key Information System areas (such as Cyber Security, Applications Security, Data Security, Cloud Security, Vulnerability Assessment & Penetration Testing, Network Security, Data Privacy, Data Centre, Logical and Physical Access Management, IT Infrastructure management, Database & Operating System management, Incident management, Change management, Email management and process review, End point security, IT Disaster Recovery, IT Business Process Continuity Review, IT Helpdesk management, IT Project management and Emerging Digital & Technology Risk) within ABFL
- Develop strategies for identification and assessment of Information System & Security risks across ABFL factoring the diverse lines of business of ABFL, scale of operations and complexities of the business and current maturity level of controls
- Develop IS Audits plan based on risk assessment and the legal, regulatory framework; Ensure use of advanced integrated auditing concepts and extensive use of technology and data analysis for achievement of the audit objectives
- Set up and develop specialised team for conducting IS Audits and assessment of complex and specialised reviews covering key IT Infrastructure, IT Applications and Information System & Security areas (such as Cyber Security, Applications Security, Data Security, Cloud Security, Vulnerability Assessment & Penetration testing, Network Security, Data Privacy, Data Centre, Logical and Physical Access Management, IT infrastructure management, Database & Operating System management, Incident management, Change Management, Email management and process review, End point Security, IT Disaster Recovery, IT Business Process Continuity Review, IT Helpdesk management, IT Project management and Emerging Digital & Technology Risk) across the various lines of business within ABFL
- Execution of Audit Strategy and Plan
- Conduct IT application reviews (covering ~1500+ application controls across all lines of business in ABFL) in line with the nature and complexity of the business; Review the major Information System applications for each line of business within ABFL;
- Perform application vulnerability assessment and recommend systemic improvements for mitigating the Information system & security risk and enhancing the maturity level of the controls
- Conduct IT Process review (covering ~1500+ controls across all lines of business in ABFL) in line with the nature and complexity of the business;
- Review the major Information Technology processes for each line of business within the group;
- Identify the area vulnerable to risk and assess the controls in place for mitigating the Information
technology risk
- Recommend systemic improvements for mitigating the Information technology risk and enhancing the maturity level of the controls
- Conduct Cyber Security/ Cloud Security/ Network Security/ Information Security Audits (~10+) at ABFL
- Recommend improvement areas for enhancing the efficiency of controls toward cyber security
- Conduct Data Security review (~200+ major customer data sensitive applications / processes)
- Assess the process relating to user access and data leakage prevention measures at each data lifecycle stage of data sourcing, data capture, data transfer, data storage, data processing and data deletion
- Conduct review of data centres and third party vendors/ business partners/ channel partners (~1000+ third party vendors/ business partners/channel partners having customer sensitive data) (out of approx. 1 lakh+ business partners/ channel partners/ business partner arrangements) with regards to controls in place at the third party vendors/ business partners/ channel partners in line with the defined SLAs; Assess the data privacy and data leakage risk management framework with regards to processes and controls for assessment of outsourced activities and monitoring and manging of outsourcing risk with regards to data security.
- Conduct user access review and access to information on need-to-know basis based on the role and nature of activities to be performed, nature and complexity of the business, scale and size of the business
- Review the process of access to information and monitoring of data leakage prevention across the ~25,000+ employees
- Review the processes to prevent potential data leakage which may result in detailed inquiry and strict action from Cyber Crime department / other regulators
- Conduct specialised reviews through use of extensive data analysis and advanced forensic techniques on Cyber Security, Cloud Security, emerging digital technology and other aspects relating to Information Security
- Effective management and execution of the audit plan for proactive identification and remediation of Information System & Security risk relating to various business products, processes and units
- Provide effective recommendations for improvements to the organization policies, processes and practices based on leading industry practices and emerging risks
Continuous Monitoring:
- Develop strategies for identification of triggers / risk hotspots and conduct unplanned reviews / investigations based on various triggers/ hot spots, directives received from regulators, board committees and senior management
- Keep abreast of the emerging audit trends and drive key audit initiatives for efficient and effective achievement of the audit objectives
- Implement an effective continuous monitoring framework for ongoing monitoring of risk relating to various business products, processes and units;
- Identify and develop 5000+ automated test for ongoing monitoring of Information System & Security risk across ABFL
Communication and Stakeholder Engagement:
- Active engagement with stakeholders for implementation of recommendations for effective risk mitigations and improvement in the control environment
- Effective communication and reporting to various stakeholders including regulators, board committee and senior management
People Management:
- Develop specialised team for conducting IS Audits and assessment of complex and specialised reviews covering key IT Infrastructure, IT Applications and Information System & Security areas
- Develop, nurture and grow talent through effective employee engagement and management
- Continuous development of self and the team through regular learning and sharing of knowledge / best practices.
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}