Poonawalla Fincorp - Associate Vice President - IT Governance

Roles and Responsibilities:

- Manage all IT audits: Plan, manage all IT audits which includes ISO 27001, Internal Audit group, RBI/ ReBIT, Compliance, ICOFR / ICFR /IFC etc.

- Fore fronting all the audits and act as POC for all escalations for any audit related activities.

- Plan the audit in advance and schedule the audits for stakeholders

- Manage regulatory framework driven reviews conducted by external auditors /regulatory bodies

- Manage and train the team to handle architecture review, network/infra reviews, configuration audits, review of system controls (ITGC /ITAC controls), cloud infrastructure. Prepare and train team members to liaise with auditors to explain infosec posture, infosec org structure, physical /logical security, data center reviews, MSSP reviews, Soc reviews etc.

- Review of policies and procedures on a periodic basis or whenever there is change and place it to Operational Compliance for approvals on a timely fashion.

- Interpret IT control requirements from regulatory guidelines and circulars and provide feedback from an audit perspective to the stakeholders.

- Ensure that IT regulatory requirements are tracked and continuously monitored.

- Provide status of audit findings, implementation of controls as per audit recommendations and ensure all audit observations are taken to closure.

- Vendor Risk Management/TPRM Process

Requirements :

- Minimum 10 to 12 years of experience in sourcing or procurement, preferably in corporate.

- CISA / CISM / IT Auditor

- 8-10 years of experience in relevant field in audit departments or Internal controls division,

- Standard specific compliance reviews and implementation experience in ISO 27001/ cobit

- Reasonable understanding of information security framework like ISO 27001, IT act, RBI regulations etc

- Project management skills

- The role requires deep technical know-how and strong experience in guiding teams during external audits

- A collaborative approach to problem-solving

- Strong understanding of IT / infosec controls and regulations of financial services products

- Delivers concise and effective communications with authority

- Highly adaptable in dynamic environments Integrity, capable of rigorous analytical approach and result oriented

- Flexible and stress-resistant

- Ability to organize and prioritize

- Perseverance in the analysis of issues