Information Security COE Role

Position : Information Technology - COE

Roles & Responsibilities

- Setting up IT Policy framework and ensuring adherence to Internal IT Policy framework and Regulatory compliance

- Co-ordinating with CISO team to ensure appropriate setup of Information Security and its execution.

- Owning the IT Policy, Procedure and Process documents, ensuring its timely review and update.

- Owning the IT Risk Control Matrix, ensuring its timely review and update.

- Testing of IT RCMs by the IT process owners as per Plan

- Successful completion of IT Audits as per the Audit Plan

- Timely compliance to IT Regulatory requirements

- Setup smooth co-ordination between Auditors and IT Process Owners

- Continuous Improvements in the IT Processes

- Ensuring appropriate closure of IT Audit Observations and implementation of improvements suggested in IT Audits

- Ensuring Timely and successful execution of IT Audits.

Desired Skills & Experience

- 08-10 years of career experience in managing Information Technology / Information Security Audit.

- Experience with Big4 IT audit will be preferred along with work experience in Banking and Financial Service audits.

- Should have good understanding of IT audit framework like SOX, IFC, COSO, COBIT

- Experience on front ending IT Audits from IT side.

- Experience in forming, setting up Organisation Policies and Procedure framework for Information Technology and Information Security.

- Experience in Managing Risk Control Matrix for Information Technology and business Processes in Banking and NBFC domain.

- Experience in Documenting Information Technology Processes

- Driving Internal Process Improvements.

- Experience in developing IT Security Strategy, implementation of IT security Controls and Managing VAPT

Qualification

- Full time Bachelor's / Master's degree (or equivalent) from known institution in Technology

- Specialized IT qualifications CISA / DISA / CIMA will be preferred.