AVP -Team Lead Information Security Audit with a Large Private Bank

PURPOSE OF THE JOB

• Lead a team of auditors (at minimum 3 audit staff to a maximum of 4) in carrying out audit of IT General Controls and Information Security Controls
• Assess compliance of the Banks IT operations and security with Banks IT related policies and regulatory guidelines.
• Assess the current processes followed in the bank against international best practices.
• Undertake Special assignments and management audits as per the needs of the Senior management from timetotime.
• Identify areas of Automation within the IS Audit domain and get those projects executed

Job Responsibilities

Supervising the team to ensure audits/ adhoc work assigned done accurately with the given TAT

• Ensure that Audits are performed as per the Quarterly Audit calendar
• Guide the audit staff in the team and supervise the progress of the audit assignments
• Ensure timely completion of audits
• Review the audit findings and discuss with senior auditee staff at Function Head levels
• Resolve disputes of issue ownership between various Audit Teams
• Supervise the team in auxiliary tasks related to ISAudit e.g. organizing evidence collection followup with auditee for status of audit recommendations till closure of the reports MIS on audit assignments etc.
• Provide guidance to various business groups (IT BPRG Admin ISG ITGovernance etc.) from IS Audit perspective
• Prepare IS Audit Key Risk Indicators for highlighting to GHIA on a monthlybasis
• Liaise with External Auditors (RBI Inspectors Statutory Auditors SOX Auditors ISO 27001 Auditors ISO 22301) as needed
• Review and finalize MIS reports on IS audits for various purposes for submission to HeadIS Audit
• Review and finalize Work done notes for Audit Committee of the Board for submission to HeadIS Audit

Educational Qualifications

• At least a Bachelor of Science Bachelor of Engineering/Technology Master of Computer Application/Computer Science or Master in Business Admin/Post Graduate Diploma in Business Administration/Post Graduate Program in Management in Computer Science/Information Technology or equivalent
• Should have a certification such as CISA / CISSP

Key Skills

• Should have deep knowledge of IT General Controls international acts such as SOX IT Governance Frameworks such as COBIT standards such as ISO 27001 BS 15000 / ISO 20000 / ITIL BS25999 Payment Cards Industry Data Security Standard (PCI DSS) etc.
• Should have excellent drafting and communication and presentation skills.

Experience Required

At least 10 years of working experience in IS audit or related field is required for this position.

Candidate Profile: Looking for a candidate with good expertise in IS Audit with either CISA / CISSP certification which is mandatory.

audit,auditor,IS Audit,information security audit,information system audit,IT Auditor,security audit,ITGC