Manager - IT Internal Audit - CISA/CISSP/CEH

Manager - IT Internal Audit (CISA/ CISSP / CEH)

JOB SUMMARY

- Perform independent appraisals of the adequacy and effectiveness of Technology controls.

- Review controls in the areas such as Network Security, Cloud Technology, IT Infrastructure, IT Application controls, Cyber Security, Business continuity & Disaster recovery, IT Architecture, DevOps etc.

- Provide timely reports to the Head of Department on the results of audits, examinations and investigations of IT function.

KEY RESPONSIBILITIES

Internal Audit Plan

- Conduct technology focused audits independently.

- Ensure timely completion of audits based on annual audit

- Plan and adhoc reviews with adequate risk coverage.

- Understand systems and processes to identify risks.

- Control design adequacy and operating effectiveness

- Assessment as per standard process

- Report audit findings to stakeholders and agree on action plans.

- Monitoring and tracking closure of open audit observations

- Help stakeholders with recommendations to mitigate risks / issues identified

- Maintain audit documentation as per established processes.

- Contribute to the continuous improvement of Internal Audit and control processes

Stakeholder Management

- Collaborate with the teams / stakeholders for better understanding of the business and smooth execution of audit deliverables

- Coordination with Enterprise Risk Management team (2nd line of defense)

Measures of Success

- Ensure quality and effective reporting of observations.

- Results of other external audits consistent with the Internal Audit work with minimum material differences

- Provide specific and practical recommendation for effective closure of the issues and mitigation of risks.

- 100% adherence to 'Audit Plan' for the Internal Audits assigned as per timelines and defined process in IA manual.

- Monthly monitoring & escalation of past due items and adherence to follow-up process timelines.

- Provide timely update and contribute towards Quarterly Audit Committee and Management Risk Committee

Key competencies/skills required

- Proven ability to collaborate broadly with flexible, positive attitude and ability to get results

- Exceptional oral and written communication skills; ability to communicate to the senior executive level

- In -depth knowledge of IT audit principles and internal controls

- Relevant experience in financial services/insurance sector is desirable

Desired qualification and experience

- B. Tech. with Post Graduate Diploma / MCA/ MBA in Information Technology

- CISA/ CISSP / CEH preferred

- At least 5-7 years of IT Internal audit or related experience to review risks and assess controls in areas such as Cyber Security, Business Continuity & Disaster recovery, ITGC, IT infrastructure, Cloud Technology, ISO27001 etc.