Internal Audit Specialist - Information System - Bank

Organisation : Bandhan Bank

Department: Internal Audit

Role: Internal Audit Specialist - Information System

Job Description/Responsibility:

- Understand the IS environment to determine the size and complexity of the systems/applications and the extent of dependence on information systems by the bank.

- To prepare the I. S. audit reports as to put up the same to the top Management as well as Audit Sub-Committee of Executives (ASCE)/Audit Committee of Executives (ACE) / Audit Committee of the Board (ACB) and to prepare closure reports after following up for compliance in respect of the irregularities brought out through various audit reports.

- To undertake analysis of audit findings and provide appropriate feedback on an ongoing basis to Bank's Management on the trends observed from the reports received.

- Theme based review (analytics) of key processes and identifying process / control gaps

- Assess Information Security compliance of Third Party service providers.

- Review the Information System Assets Identification, Classifications and perform Risk Assessment.

- Undertake reviews of internal control procedures and security for systems/applications under development and/or enhancements to current systems.

- Perform IT General control reviews for simple to complex information systems in a risk-based manner.

- Conducting Vulnerability Assessment and Penetration Testing of servers / web based applications

- Review of application functional controls relate to transactions, reconciliations and assess its financial and regulatory implications.

- Communicate the audit finding to respective business heads/ senior management and Audit Committee

- Follows-up on audit findings to ensure that management has taken corrective action(s).

Qualification / work experience / Age:

- Desirable CISA/ CISM/ CISSP

- BE/B-Tech/MCA with good analytical skill

- 5+ years of banking experience with at least 2+ years of experience in Information System Audit Department in conducting Information Systems Audit of a Bank/Financial Institution.

- Certifications like CAIIB, ISO27001:2013LA, CEH, ITIL will be add-on

Skill Sets:

- Excellent analytical skill with good understanding of all regulatory guidelines.

- Have a good understanding of various IT Governance frameworks and standards viz COBIT/COSO/ISO/ITIL

-Have good understanding of multi-channel banking operations

- Thorough in banking operations from audit perspective

- Sound knowledge of Core Banking application and scripting on tables

- Proficiency in ACL, SQL, Excel, Analytical Tools etc.,

- Proficiency in using information security audit tools like Nessus, Nipper Studio, Burp Suite etc.

- Good written and presentation skills

- Good logical and reasoning skills

- Ability to work independently and as a team member