1. Post Name: Principal Auditor, Systems Audit
2. Job Description: The individual shall
i. Possess in-depth knowledge of Cyber-security and technology related regulatory circulars and guidelines
ii. Demonstrate Cyber-security domain expertise
iii. Possess hard-core auditing skills
iv. Excellent report writing capabilities
v. Strong communication and interpersonal skills
vi. Stakeholder engagement and presentation skills
vii. Able to work with external stakeholders independently with minimal supervision and lead team of auditors.
3. Education: B.E/B. Tech/MCA
4. Experience (years):
i. Must possess 9-11 years of experience in Information Security Audits and Information Security Risk assessment services
ii. Must have at least 5 years of experience in leading Information Technology, Information Security Control Assessment and Audit
iii. Must possess strong cyber security subject matter expertise
iv. Hands-on experience in Information Security Audit processes design/framework and implementation
v. Must have experience in managing the audit work for high quality deliverables.
vi. Must possess knowledge and exposure in
vii. ITGC processes and Governance, Risk, and compliance
viii. Emerging Technologies – Cloud, Virtualization, Software Defined Network, Robotic Process Automation, Artificial Intelligence likewise
ix. Banking Technologies - FinTech, Financial systems, Digital payments and fraud risk tools likewise
x. Must possess experience in global standard audit and compliances like PCI-DSS, ISO ISMS, BCMS, Data Privacy
xi. Must possess experience in Regulatory audit and compliances
xii. Must have strong analytical and communication skills
xiii. Excellent interpersonal, organizational written, oral communication and presentation skills
xiv. Ability to work effectively under pressure without compromising professional standards or quality of the work being performed
5. Responsibilities:
i. Perform the day-to-day activities of audit engagements and support the execution of a high-quality audit
ii. Understand and apply ReBIT’s Audit Methodology while preparing clear, well-structured, and effective audit documentation
iii. Perform risk-based audits focusing on Test of Design (ToD)
6. Skills and Qualifications:
i. Proficient in Oracle administrative and monitoring tools.
ii. Strong Experience in UNIX/Linux operations.
iii. Strong Experience in database internals.
iv. Experience in performance analysis and/or performance optimizations.
v. Ability to initiate and drive projects to completion with minimal guidance.
vi. Strong experience in Database modeling and designing, SQL and Test of operating Effectiveness (ToE) of deployed controls to establish consistency in audit outcomes
v. Identify and communicate potential issues and opportunities for audit efficiencies and process improvement
vi. Participate in stakeholder interactions in a professional manner, including properly conveying information gathered from the auditing exercise
vii. Monitor progress, manage risk and confirm key stakeholders are kept informed about progress and expected outcomes.
viii. Lead audit operational initiative to enable greater adoptability and usability of advanced technology during the audit
ix. Stay current on emerging technologies, auditing methodologies and BFSI sector specific developments.
x. Understand the BFSI's industry and recognize key technology driven risk drivers and cyber risk trends.
xi. Deal effectively with ambiguous, unstructured problems and situations.
xii. Contribute technical knowledge in area of specialization.
xiii. Provide technical guidance and support in cyber security and emerging technologies to team members
xiv. Demonstrate integrity and strict adherence to code of ethics
xv. Ability and willingness to travel extensively within Mumbai and across country
7. Preferred Certifications:
i. Technology Certification – Cloud, Virtualisation, CEH
ii. CISM/CISSP
iii. CISA /DCPLA/ ISO Lead auditor certified