'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
AU Small Finance Bank - IT Internal Controls - CISA/CISSP
JaipurSECTION I: JOB PURPOSE
To contribute significantly to the IT Internal Control division, actively drive end to end IT risk management, assurance reviews/audits and coordinate internal & external audits.
SECTION II: KEY RESPONSIBILITIES
Key Responsibilities: Core Responsibilities:
- Assess the effectiveness of IT operational controls for internal processes & third-party suppliers by audits and ensuring audit standards & practices are in accordance with internal and external requirements
- Custodian of IT Risk Register and ensure an end to end IT Risk Management
- Advise and provide recommendations to stakeholders on risk and control issues
- Monitoring and reporting of IT risk for operational purpose or in various risk committees
- Experience in maturing various IT operational processes to increase their efficiency and effectiveness by providing recommendations
- Determines security violations, design gaps, and inefficiencies by conducting periodic audits, incident investigations
- Plan and drive the external and internal audits for IT/ information security, liaising with stakeholders, report the findings to senior leadership
- Drive the information risk management activities: Risk analysis, identifying mitigation controls, tracking remediation, closure validation, drawing and updating BCPs.
- Introduce new security practices to enhance the security framework, risk management framework and its effectiveness with new/upcoming technologies/frameworks/standards/regulations
- Work security solutions e.g.: Designing security for processes, technology
- Perform process and supplier assurance/ due diligence.
- Update and review IT Policies and Procedures in line with regulatory requirements and industry best practices
- Stakeholders management of business & internal stakeholders
SECTION III: KNOWLEDGE, SKILLS & COMPETENCIES
Educational Qualifications - Bachelor's Degree in Computer Science/ Information Technology (B. E/ B.Tech) from a premier institute. Master's degrees is preferable.
- A minimum of following certifications: CISA/ CRISC/ CISM/ CISSP (two preferred)
Desired Skills - At least 5+ years of experience in Information Security, Cyber Security, IT Audits and IT Risk Management in Banking/BFSI industry. IT/IS Audit experience is a big plus.
- Must have thorough knowledge and experience in implementing Regulatory and best practices in Cyber Security Framework such as NIST, CERT, ISF, CoBIT5
- Candidate should have an ability to perform an independent analysis of reported Cyber Security incidents, carry out root cause analysis and recommend remedial measures.
- Must have knowledge and understanding of SIEM technologies, DLP, IDS/IPS, Secured gateway, firewall, Security orchestration tools, Change/configuration management technologies.
- Knowledge in auditing of Financials systems including CBS, banking products, and services will be a big plus
- Experience in people management & performance evaluation is an advantage
- Strong interpersonal, Organizational and communication, written and oral communication skills
- Knowledge of risk assessment of IT processes, BCP/ DR, projects etc. and developing suitable mitigation plans for the same
- Knowledge and Sound understanding of Advanced Persistent Threats (APT), SIEM, Log Management solutions, Secured Web Gateways, Policy Orchestrators, SCCM, IDS/IPS, Firewall, Identity & Access Management, Privileged Identity and Access Management, Data Security products such as Data Loss Prevention (DLP), Digital Rights Management (DRM), Data Base Activity Monitoring (DAM), etc.
- Exposure to ERP, CBS system testing
- Exposure to software license management and compliance processes
- Sound understanding of Data, Application security and secure SDLC framework
- Proficient in MS Office Suite skills
- Knowledge of GRC tools and automation of risk management processes
Desired Attributes - Highly flexible and quick learner to adopt and apply new methodologies/ approaches
- Strong communication, presentation and inter-personal skills
- Team management and development capability
- Right balance of creative thinking and process orientation
Language Skills
- Strong English language skills (written and spoken)
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}